I run two Openfire 3.6.0a servers. One is my personal domain, the other is my corporate domain. Both systems are using Debian Etch 4.0 with the latest patches, no iptables running, Openfire 3.6.0a, same plugin set minus fastpath on the corporate domain.
For the life of me, I can’t get these two domains to talk to each other. I had this working with 3.5.2 implementations but I haven’t been able to get server to server communication working with Openfire 3.6.0a as of yet. Here’s an interesting excerpt from the logs of both servers:
**openfire 3.6.0a warn.log
**
servepath.com:
2008.10.08 01:36:25 Error returning error to sender. Original packet:
org.jivesoftware.openfire.PacketException: Cannot route packet of type IQ or Presence to bare JID:
at org.jivesoftware.openfire.spi.RoutingTableImpl.routePacket(RoutingTableImpl.jav a:217)
at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.return ErrorToSender(OutgoingSessionPromise.java:285)
at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.run(Ou tgoingSessionPromise.java:219)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java: 885)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:907)
at java.lang.Thread.run(Thread.java:619)
2008.10.08 01:27:40 Missing type info for saveSettings(1<0>). Assuming this is a map with String keys. Please add to in dwr.xml
2008.10.08 01:27:40 Missing type info for saveSettings(1<1>). Assuming this is a map with String keys. Please add to in dwr.xml
2008.10.08 01:34:54 Error returning error to sender. Original packet:
d4dd5f4f4bc22f57e55af7cbd356577f325192a2
d4dd5f4f4bc22f57e55af7cbd356577f325192a2
org.jivesoftware.openfire.PacketException: Cannot route packet of type IQ or Presence to bare JID:
at org.jivesoftware.openfire.spi.RoutingTableImpl.routePacket(RoutingTableImpl.jav a:217)
at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.return ErrorToSender(OutgoingSessionPromise.java:285)
at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.run(Ou tgoingSessionPromise.java:219)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java: 885)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:907)
at java.lang.Thread.run(Thread.java:619)
I’m not sure why its thinking that it cannot route:
**neutral server doing DIG
**
; <<>> DiG 9.2.1 <<>> -t SRV _xmpp-server._tcp.cat6wired.net @4.2.2.2
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50507
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;_xmpp-server._tcp.cat6wired.net. IN SRV
;; ANSWER SECTION:
_xmpp-server._tcp.cat6wired.net. 3600 IN SRV 0 0 5269 secure.cat6wired.net.
;; Query time: 101 msec
;; SERVER: 4.2.2.2#53(4.2.2.2)
;; WHEN: Wed Oct 8 01:35:52 2008
;; MSG SIZE rcvd: 89
[01:35:52][bmenges@x~]$ dig -t SRV _xmpp-server._tcp.servepath.com @4.2.2.2
; <<>> DiG 9.2.1 <<>> -t SRV _xmpp-server._tcp.servepath.com @4.2.2.2
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 484
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;_xmpp-server._tcp.servepath.com. IN SRV
;; ANSWER SECTION:
_xmpp-server._tcp.servepath.com. 60 IN SRV 10 0 5269 jabber2.servepath.com.
;; Query time: 259 msec
;; SERVER: 4.2.2.2#53(4.2.2.2)
;; WHEN: Wed Oct 8 01:36:08 2008
;; MSG SIZE rcvd: 90
[01:36:08][bmenges@sysmon ~]$ dig -t A secure.cat6wired.net @4.2.2.2
; <<>> DiG 9.2.1 <<>> -t A secure.cat6wired.net @4.2.2.2
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57400
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;secure.cat6wired.net. IN A
;; ANSWER SECTION:
secure.cat6wired.net. 21600 IN A 64.151.74.252
;; Query time: 115 msec
;; SERVER: 4.2.2.2#53(4.2.2.2)
;; WHEN: Wed Oct 8 01:37:17 2008
;; MSG SIZE rcvd: 54
[01:37:18][bmenges@sysmon ~]$ dig -t A jabber2.servepath.com @4.2.2.2
; <<>> DiG 9.2.1 <<>> -t A jabber2.servepath.com @4.2.2.2
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48376
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;jabber2.servepath.com. IN A
;; ANSWER SECTION:
jabber2.servepath.com. 60 IN A 69.59.136.177
;; Query time: 170 msec
;; SERVER: 4.2.2.2#53(4.2.2.2)
;; WHEN: Wed Oct 8 01:37:29 2008
;; MSG SIZE rcvd: 55
So the SRV records are correct, and they point to the right IPs. I can prove this because I can connect to both servers individually and they work fine. The only exception to this is that the corporate has a server to server whitelist, but I’ve entered in cat6wired.net so this should be allowed. Some help in diagnosing would be great, as I cannot figure out why beyond layer 3 this isn’t working…
Searching for “Cannot route packet of type IQ or Presence to bare JID” gets me an old bug back in core 1.1.0… http://www.igniterealtime.org/community/message/169668 from 4/29/2008 was no help as there’s no resolution. Server security isn’t optional in my case.
Both servers are certified through a wildcard certificate through GoDaddy.
So, I decided to go one step further… since I have a jabber.org account. This works just fine?! So what is it about these two domains that I’m missing here? I have full SRV records, and so far as I know all the IP access that the servers need for this kind of connectivity. If I can message jabber.org users just fine, why can’t my two openfire servers talk to each other?