From local to internet and back

Openfire Openfire Support
1

Hello!

Do not think that I address to you at once, not having tried to look ? I really searched for the decision of this problem on a forum, but and could not adjust normally all at myself.

Essence of a problem:

Is available Wildfire 3.1.0 on server JABBER.MY.DOMEN and it works under name MY.DOMEN. Users can communicate among themselves, write personal messages, use conferences.

As in a network there is a proxy-server on program basis Kerio WinRoute Pro 4.2.5 on server PROXY.MY.DOMEN which has 2 network interfaces (192.168.1.3 - a local network (proxy.my.domen), 81.81.81.81 - a network of the provider (MYNAME.PROVIDER.DOMEN)).

In a program proxy I have adjusted ports-mapping at entering connection on the external interface on ports 5222-5223, 5269 redirect on the same ports on JABBER.MY.DOMEN address. Thus if I from a computer which is being a network the Internet (for example with home PC) am connected to a server - that connection pass the personal computer normally.

If I in a local network try to enter on conference of other server working in a network the Internet, or I try to add contact to other server - that I receive a mistake. Thus my server is isolated from an external world. Prompt, please, how it is possible to adjust Wildfire for work through a proxy.

Error.log:

2006.10.17 10:00:38 org.jivesoftware.wildfire.server.OutgoingServerSession.createOutgoingSession(Out goingServerSession.java:259) Error trying to connect to remote server: ru(DNS lookup: ru:5269)

java.net.UnknownHostException: ru

at java.net.PlainSocketImpl.connect(Unknown Source)

at java.net.SocksSocketImpl.connect(Unknown Source)

at java.net.Socket.connect(Unknown Source)

at org.jivesoftware.wildfire.server.OutgoingServerSession.createOutgoingSession(Ou tgoingServerSession.java:254)

at org.jivesoftware.wildfire.server.OutgoingServerSession.authenticateDomain(Outgo ingServerSession.java:183)

at org.jivesoftware.wildfire.server.OutgoingSessionPromise.createSessionAndSendPac ket(OutgoingSessionPromise.java:130)

at org.jivesoftware.wildfire.server.OutgoingSessionPromise.access$300(OutgoingSess ionPromise.java:40)

at org.jivesoftware.wildfire.server.OutgoingSessionPromise$1$1.run(OutgoingSession Promise.java:95)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

at java.lang.Thread.run(Unknown Source)

2

Hi,

if MYNAME.PROVIDER.DOMEN is the name one can resolve using DNS then this must also be configure as xmpp.domain within Wildfire. If you don’'t do this then your Wildfire server tries to connect to a server with the xmpp.domain MYNAME.PROVIDER.DOMEN and this will of course fail as it does not exist.

It’'s not possible to define an alias name for xmpp.domain.

LG

3

Hi! Thanks that answer…

I have not absolutely understood thanks for the answer that is available in view of, however I shall try to describe a situation in more detail:

MYNAME.PROVIDER.DOMEN has 81.81.81.81 IP-address, both are registered at the provider in DNS, access to DNS the provider is not available.

PROXY.MY.DOMEN registrants in local DNS local Windows-domain MY.DOMEN in which, having access, I as have registered following records:

jabber.tcp SRV 0 0 5269 jabber.my.domen.

xmpp-client.tcp SRV 0 0 5222 jabber.my.domen.

xmpp-server.tcp SRV 0 0 5269 jabber.my.domen.

Value of a variable “xmpp.domain” is established as “my.domain”

PROXY.MY.DOMEN - Workstation attached to domain MY.DOMEN

JABBER.MY.DOMEN - the controller of the domain on which it is installed Wildfire

4

Hi,

if I understand you right you are using as xmpp.domain another name as the one which matches your external IP address.

I did never try Smack Spark’'s advanced options, but maybe they can solve your problem. So may want to use the same “Server” value for the clients in the internet but configure Settings: Host and Port to match your external DNS name and port 5222.

LG

Message was edited by: it2000

5

Stop, stop, stop!

At what here Smack? I speak about what even from local server JABBER.MY.DOMEN I can not be connected to conferences on other servers, and communicate with the users registered not on local Wildfire.

6

Hi,

sorry for Smack, I mean Spark or any other client which supports to specify a JID (Username and Server) to use and the server where to connect to.

LG

7

I am sorry for clumsy translation by the compiler into English my ideas. I Shall begin once again? an essence of a question in how to force my local jabber-server to cooperate with other servers which are being in the Internet. Thus at me it is impossible to adjust a server-2-server connection and users of other servers cannot talk in conferences of my server.

If I come home, I am connected to the Internet and in adjustments of the client (Pandion) I specify a name of the user “MAVr@MY.DOMEN”, the password “MYPASS”, the address of a server “MYNAME.PROVIDER.DOMEN” Pandion I am connected also can freely communicate with the local users (for example with VASYA@MY.DOMEN) to come into local conferences (I@CONFERENCE.MY.DOMEN). But I cannot talk for example with it2000@jivesoftware.com, or make the review of conferences conference.jivesoftware.com

8

Hi,

for s2s to work you need to set the xmpp.domain to MYNAME.PROVIDER.DOMEN because Wildfire will send the value of xmpp.domain, in your case “MY.DOMEN” and the remote server will fail to resolve an IP address for this name while it tries to verify your IP address.

LG

9

Correct for me if I have not correctly understood:

  1. I should a variable “xmpp.domain” establish value “MYNAME.PROVIDER.DOMEN”

  2. in local DNS to register for services “_jabber._tcp”, “_xmpp-client._tcp”, “_xmpp-server._tcp” value “JABBER.MY.DOMEN”

  3. organize on proxy-computer rejecting the packages coming on external IP (ports 5222-5223 and 5269) on server Wildfire (ports 5222-5223 and 5269)

These actions for my part will be enough that the user "IT2000@JIVESOFTWARE.COM" could be connected to conference “MYCONF@CONFERENCE.MY.DOMEN” which it can find out at the review of a server “MYNAME.PROVIDER.DOMEN”?

10

Hi,

your translation engine is really evil.

Iif you want s2s get to work you need to get rid of “MY.DOMEN” completely and change it to “MYNAME.PROVIDER.DOMEN”. Your conference service will then be named “conference.MYNAME.PROVIDER.DOMEN”.

LG

11

Hi, it2000!

Your advice really have helped me ? but only partially. I am very grateful to you for helped and attention.

Variable “xmpp.domain” I to establish value “MYNAME.PROVIDER.DOMEN”; in local DNS I have registered for services “_jabber._tcp”, “_xmpp-client._tcp”, “_xmpp-server._tcp” value “MYNAME.PROVIDER.DOMEN”; has organized on proxy-computer rejecting the packages coming on external IP (ports 5222-5223 and 5269) on server Wildfire (ports 5222-5223 and 5269)

Now local users can be connected to conferences on other servers, communicate with users not belonging a local server. But thus the users registered on other servers cannot see the list of my local server and join conference? is informed that “the server is not found”

12

Hi,

if s2s is working it should indeed work both ways.

For s2s only port 5269 is needed.

Port 5222 and 5223 are for the clients, so if you don’'t want external clients to connect to your server directly you may want to block them.

Do you see errors in the log files or maybe something in the debug log file after activating it?

LG

13

The question such is available 2 servers wildfire 3.1.0 in different subnet both united and are adjusted for work through MySQL. Files, messages reach normally. But I can not come into conference created on other server.

In the debug

On server with which try be connected

2006.10.21 22:48:06 OS - Going to try connecting using server dialback with: 10.0.3.3

2006.10.21 22:48:06 OS - Trying to connect to 10.0.3.3:5269(DNS lookup: 10.0.3.3:5269)

2006.10.21 22:48:06 OS - Connection to 10.0.3.3:5269 successful

2006.10.21 22:48:06 OS - Sent dialback key to host: 10.0.3.3 id: be28ef90 from domain: conference.10.10.1.7

2006.10.21 22:48:06 OS - Unexpected answer in validation from: 10.0.3.3 id: be28ef90 for domain: conference.10.10.1.7 answer:

java.lang.Exception: Failed to create connection to remote server

at org.jivesoftware.wildfire.server.OutgoingSessionPromise.createSessionAndSendPac ket(OutgoingSessionPromise.java:143)

at org.jivesoftware.wildfire.server.OutgoingSessionPromise.access$300(OutgoingSess ionPromise.java:40)

at org.jivesoftware.wildfire.server.OutgoingSessionPromise$1$1.run(OutgoingSession Promise.java:95)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

at java.lang.Thread.run(Unknown Source)

On server where is created conference

2006.10.21 22:41:54 Connect Socket[addr=/10.10.1.7,port=1392,localport=5269]

2006.10.21 22:41:54 RS - Received dialback key from host: conference.10.10.1.7 to: 10.0.3.3

2006.10.21 22:41:54 RS - Trying to connect to Authoritative Server: conference.10.10.1.7:5269(DNS lookup: conference.10.10.1.7:5269)

2006.10.21 22:41:54 Connection closed before session established

Socket[addr=/10.10.1.7,port=1392,localport=5269]

I use Pandion 2.5

14

Hi,

one should post a new thread for new questions.

It seems that you logs do not match or you should synchronize the clock of the servers. I did never try s2s with IP addresses instead of domain names so I wonder if this could be the case for the problem you get.

LG