[JDEV] s2s/dialback/SOCKS

Adrian Rapa adrian at dtedu.net
Tue Mar 25 15:22:27 CST 2003 

microsoft will gone kill u :) jabber_dev at hotmail.com .... ha ah ha ha

:))))


Adrian Rapa

Pe Tue, 25 Mar 2003 13:13:30 -0800
"Ragavan S" <jabber_dev at hotmail.com> a scris:

> Hello,
> 
> I am trying to setup s2s communications between 2 jabber 1.4.2 servers
> on Linux machines with static IP addresses -- one on the internet and
> the other on a company intranet (behind a firewall).
> 
> Using ssh port forwards and iptables, I am able to establish network 
> connectivity between these two machines. So, for example, from the
> external server (jabber-external.company.com), I am able to telnet to
> port 5269 of the internal server (jabber-internal.company.com) and
> similarly, from the internal server I am able to telnet out (using
> SOCKS).
> 
> I run the jabberd process on the external machine in a straightforward
> manner, while I socksify the jabberd process on the internal machine
> (so it can go outside).
> 
> However, the dialback protocol seems to fail. Thus, even though the
> two servers have network connectivity going both sides, the actual
> dialback process doesn't get validated and I get a Server Connect
> Failed error. A look at the jabberd debug logs reveals that the
> external server stops with a <db:result>33345..</db:result> exchange
> while the internal server's last exchange seems to be a
> <db:verify>33345..</db:verify> before it reports a <stream:error>I
> guess we're trying to use the wrong name, sorry</stream:error>.
> 
> So, I am curious to find out if people have successfully gotten s2s 
> communications working in such a scenario (inside/outside firewall),
> and if so, was there anything other than having bi-directional network
> connectivity open? Also, does anyone know if having a SOCKS server in
> between affect the dialback process (if the SOCKS server doesn't do
> any form of DNS function).
> 
> If this does have something to do with the dialback protocol itself,
> besides the upcoming SASL support for s2s in jabberd2, are there other
> options I can look at?
> 
> By the way, I can post the detailed debug logs if that would be more 
> helpful, but I wanted to figure out if someone already has such a
> setup working well for them. I will also continue looking into this
> (maybe strace or tcpdump).
> 
> Thanks in advance for any insights, and let me know if you need more 
> clarifications.
> 
> Ragavan
> 
> _________________________________________________________________
> Add photos to your e-mail with MSN 8. Get 2 months FREE*.  
> http://join.msn.com/?page=features/featuredemail
> 
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mailman.jabber.org/listinfo/jdev
>

More information about the JDev mailing list