Hi, I installed openfire on a home Linux machine last night got everything going creating users installing inverse jsxc pade (which wasn’t supported with the latest version message stated). So, logged in to the inverse, jsxc as well as pidgin no issues, however when otheres in the household try to go to the address provided browser says site not found. so, Is it possible to run it locally? https://127.0.0.1:9090 & https://192.168.0.118 is the ip address on the machine running openfire. I’ve read a few threads here on ignite realtime and there was mention of having to use a Fully qualifying domain (FQDN). Also opened up port 5222, 7443. Is there anything else I can check? Thanks!
Not using a FQDN for a xmpp.domainname breaks down in a hurry when considering things like the MUC conference address. If you are on a LAN, you should either
- Have some sort of DNS service for your LAN, where you can enter FQDNs or
- Edit each of your LAN machine’s host file to put in your local network addresses
Your life with Openfire will be much better.
1 Like
You are clear in what you have said, i just am not a server expert or should i say networking engineer or IT person either just thought it would be a great item to have running locally on the home network. Do i need to do both of these options if so, what do you mean exactly about having some sort of DNS service for the LAN that allows me to enter FQDN? Also, I have added the ip address to the etc/hosts file on this local running machine, and able to get to the address for the admin page, inverse as well as jxsc with one user than in a virtual machine I can reach the page as well so… I see the other user but when i send a message to the user it says the following: “Sorry, an error occurred while trying to send your message.” In the virtual machine i did not add the address to the etc/hosts file either, so… I’m sure it’s possible just don’t know if i have enough time to research it, been busy with life, but at some point maybe I’ll get back to it but for now i’ll leave to the real IT crowd. Hope to maybe have time this weekend to search out where to put the ip address in the FQDN field using some DNS service for the LAN software i find I do appreciate your response and time. Thanks!
Hello,
Firstly let me expand the naming: (apologies in advanced, am not very good at explaining)
Domain name - A domain name, example.com
FQDN (Fully Qualified Domain Name) - The full/sub domain, say conference.example.com.
Openfire only needs a single domain name, however it uses multiple FQDN’s to differentiate between services, for example conference.example.com differentiates the MUC’s from the users.
Without a domain name, XMPP struggles to differentiate between services, because it was built with the idea of micro-services in mind if I remember correctly.
What akrherz has recommended is two options on how to get a “domain name” on your LAN, on the WAN (aka internet) you need a registrar to register a domain name, this costs money of course. You then set records pointing to the IP address of your server, however for a LAN (ONLY) deployment this would be redundant and also wouldn’t work as you need the DNS server to point to your internal IP addresses (RFC 1918 range of private IP addresses).
Let me explain both options they gave:
Have some sort of DNS service for your LAN, where you can enter FQDNs
You would need a local DNS server, you can do this with unbound, unbound is a recursive DNS server, I will not go into the details but it does what 1.1.1.1 or 8.8.8.8 does (or your ISP DNS server), it finds the IP addresses of the domains for you and caches them to save bandwidth. However unbound also gives you the ability to define local domains, lets say example.com. You can then add records like normal, example.com A 192.168.0.118, or a SRV record. It acts the same as if you bought a domain from a registrar, the issue is all devices who want to be able to reach your XMPP server will need to have this DNS server set, also this will not work on the WAN because you would need to port forward port 53 and most ISPs block the port, and also this is also unadvised due to DNS amplification attacks.
Edit each of your LAN machine’s host file to put in your local network addresses
/etc/hosts on *nix systems defines hostnames and the addresses they are bound to, see hosts(5) for more information.
You can add a line here 192.168.0.118 example.com to /etc/hosts to tell the machine that the hostname example.com is IP address 192.168.0.118 however this is local to the machine, therefore each device needs to have this edited, this will also not work on windows.
Both have their pros and cons, however one of them will be required to have a fully functional XMPP server.
My recommendation would be the first option if you have multiple devices which you want to use the XMPP server on, plus you can use unbound to set other domain names, such as your own TLD’s (Top Level Domains), for example I could define .polarian as my own TLD and call my server server.polarian and then I could do ssh server.polarian instead of the IP address (provided I added an A (Address) record pointing to the IP address of the server). There is a lot of fun stuff you can do with your own local DNS server.
If you are only using the XMPP server on a single machine (which is highly unlikely unless you are a developer and debugging Openfire), then using the second option is likely better.
In any case, you will need to pick on of the options I am happy to walk you through it if you wish.
Hope this helps!