[JDEV] jabberd behind NAT fails s2s interoperation

Justin Georgeson jgeorgeson at unboundtech.com
Wed Sep 25 17:59:27 CDT 2002 

Dialback works by the sending server giving the receiving server a key. 
The receiving server does a DNS lookup and contacts the returned IP 
address. Then the key is verified. If the verification if succsessful, 
the receiving server tells the sending server it's ok to proceed. While 
trying to figure out the internals I noticed that the process seems to 
start again in the middle when the receiving server contacts the looked 
up IP to verify the key. This contact marks the beginning of a dialback 
connection where the sending server becomes a receiving server. It all 
got very confusing trying to look at all the packets in the log file and 
trace it by hand.

 From the error message, I would say it is definitely a dialback issue, 
and it is probably the server on the other end not being able to verify 
the server behind the NAT. Run the server in debug mode and capture the 
output ( jabberd .... -D > debug.log 2>&1). Then look for entries in 
dialback*.c

matthew c. mead wrote:
> Anybody?
> 
> Anyone familiar with how dial back works?  I have to assume
> that's what's failing...
> 
> 
> -matt
> 
> On Wed, Sep 25, 2002 at 09:41:03AM -0400, matthew c. mead wrote:
> 
>>I've asked on JADMIN but haven't gotten any response.  I'm hoping
>>someone here has more knowledge of the issues involved:
>>
>>I just recently installed a jabber server at goof.com.
>>Unfortunately, I cannot get it to interoperate with other jabber
>>servers using s2s.
>>
>>I do not have control over the PTR record for the external ip
>>addresses my server answers.
>>
>>Is there some way to get s2s working despite this?  Sending from
>>goof.com to external servers yields a connect failure.  Sending
>>from external servers to goof.com yields that the remote server
>>does not have permission to respond with the specified ip
>>address.
>>
>>My NAT box allows all outbound connections.  It has forwarding
>>rules to forward inbound packets it receives for TCP ports 5222,
>>5223, 5269, and 7000 to the machine running the jabber server.
>>
>>Any ideas?
>>
>>Thanks!
>>
>>
>>
>>-matt
>>
>>-- 
>>matthew c. mead
>>
>>http://www.goof.com/~mmead/
>>_______________________________________________
>>jdev mailing list
>>jdev at jabber.org
>>http://mailman.jabber.org/listinfo/jdev
>>
> 
> 

-- 
Justin Georgeson
UnBound Technologies, Inc.
http://www.unboundtech.com
Main   713.329.9330
Fax    713.460.4051
Mobile 512.789.1962

5295 Hollister Road
Houston, TX 77040
Real Applications using Real Wireless Intelligence(tm)

More information about the JDev mailing list