powered by Jive Software

Openfire server won't connect to another server on child DNS subdomain

Hello everyone;

First off: thank you to everyone who works or has worked to create and maintain Openfire.

I have deployed four Openfire 3.7.1 servers on top of four CentOS 5.6 boxes. These boxes also run the mail servers for each of our DNS domains.

Everything seems to be working, EXCEPT between two particular servers.

Server A is located in the “example.pt” DNS domain and server properties show xmpp.domain to be “example.pt”;

Server B is located in the “hq.example.pt” DNS subdomain and server properties show xmpp.domain to be “hq.example.pt”;

All DNS pre-requesites are go: subdomain delegation, SRV records for xmpp server and client and proper A records. I can manually dig all the needed records from each of the servers - as far as I can tell, this rules DNS problems out;

From each of the servers, I can start a telnet session to the other server, to port 5269. I get response, as well as traffic between the two machines, seen from tcpdumps on our gateways - IP routing and TCP firewall rule problems are out of the way too, apparently;

A user logged in to server “B” can send add contact requests AND messages to a user logged in to server “A”. I see traffic through tcpdump, and pop-ups on the server “A” user’s xmpp client, BUT;

Any attempt, by a server “A” logged in user, to add a contact from server “B” will not produce any network traffic. Server “A” never tries to reach server “B”. info.log will show several org.jivesoftware.openfire.IQRouter - Packet sent to unreachable address <iq type=“set” id=“879-59”.

What am I missing?

Thanks, in advance.

EDIT: Server “A” gets user info and accounts from an AD domain. AD domain name and DNS name are different, for historical reasons, but I suppose this is not reason enough for this setup not to work.

Message was edited by: Paulo Costa

Hello Paulo.

Now, i’m in the same situation. And expected exactly the same trouble.

I’ve made some debug job and found that server A thinks that domain of server B is it’s own domain and don’t want to route message outside.

Also in “Server Sessions” there is only one record about “Incoming” session from Server B. It was added when Server B sends messages to Server A.

The next one trouble that I have exactly the same usernames on both domains. But now it’s not the root of issue. I’ve try to send messages to faked users in domain B and server A try to route it localy. =(((

Do you have a fix for this situation? May be we need send a bug report?

i’ve recently had a very similar experience:

there was a bug for this, in 2008 - and fixed in 3.5.1:


but given this thread, my experience, and another thread:

i’m wondering if there may have been a regression.