ServerDialback: OS - Validation FAILED

Brendan4 · April 21, 2010, 3:45pm

hi,

New user of Openfire (3.6.4 on WinXP) trying to set up connectivitey to GoogleTalk for internal IM users. I’ve followed the instructions from (http://www.igniterealtime.org/community/docs/DOC-1030) and from google on setting up SRV records for my domain (http://www.google.com/support/a/bin/answer.py?hlrm=en&answer=60227) but found i had delete SRV records for xmpp-server4.l.google.com. and xmpp-server3.l.google.com. as i could not telnet to them on 5269 and they were causing problems in Openfire.

2010.04.21 16:06:42 000045 (01/05/00) - Connection #2 tested: OK
2010.04.21 16:06:42 000046 (01/05/00) - Connection #2 tested: OK
2010.04.21 16:06:42 000046 (01/05/00) - Connection #3 tested: OK
2010.04.21 16:06:42 000047 (01/05/00) - Connection #3 tested: OK
2010.04.21 16:06:45 LocalOutgoingServerSession: OS - Trying to connect to gmail.com:5269(DNS lookup: xmpp-server2.l.google.com:5269)
2010.04.21 16:06:45 LocalOutgoingServerSession: OS - Plain connection to gmail.com:5269 successful
2010.04.21 16:06:45 LocalOutgoingServerSession: OS - Going to try connecting using server dialback with: gmail.com
2010.04.21 16:06:45 ServerDialback: OS - Trying to connect to gmail.com:5269(DNS lookup: xmpp-server3.l.google.com:5269)
2010.04.21 16:08:45 ServerDialback: Error connecting to the remote server: gmail.com(DNS lookup: xmpp-server3.l.google.com:5269)
java.net.SocketTimeoutException: connect timed out
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(Unknown Source)
at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at org.jivesoftware.openfire.server.ServerDialback.createOutgoingSession(ServerDia lback.java:192)
at org.jivesoftware.openfire.session.LocalOutgoingServerSession.createOutgoingSess ion(LocalOutgoingServerSession.java:371)
at org.jivesoftware.openfire.session.LocalOutgoingServerSession.authenticateDomain (LocalOutgoingServerSession.java:144)
at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.sendPa cket(OutgoingSessionPromise.java:239)
at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.run(Ou tgoingSessionPromise.java:216)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
2010.04.21 16:08:45 OutgoingSessionPromise: Error sending packet to remote server:

fdfg A2772Q java.lang.Exception: Failed to create connection to remote server at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.sendPa cket(OutgoingSessionPromise.java:252) at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.run(Ou tgoingSessionPromise.java:216) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source)

Since removing them i am now getting a different error on the ServerDialback validation. Server Connection Security is set to Optional

2010.04.21 16:12:38 LocalOutgoingServerSession: OS - Trying to connect to gmail.com:5269(DNS lookup: xmpp-server.l.google.com:5269)
2010.04.21 16:12:38 LocalOutgoingServerSession: OS - Plain connection to gmail.com:5269 successful
2010.04.21 16:12:38 LocalOutgoingServerSession: OS - Going to try connecting using server dialback with: gmail.com
2010.04.21 16:12:38 ServerDialback: OS - Trying to connect to gmail.com:5269(DNS lookup: xmpp-server1.l.google.com:5269)
2010.04.21 16:12:38 ServerDialback: OS - Connection to gmail.com:5269 successful
2010.04.21 16:12:38 ServerDialback: OS - Sent dialback key to host: gmail.com id: 4FA42D4A991FBFC5 from domain: anamdublin.com
2010.04.21 16:12:39 ServerDialback: OS - Validation FAILED from: gmail.com id: 4FA42D4A991FBFC5 for domain: anamdublin.com
2010.04.21 16:12:39 OutgoingSessionPromise: Error sending packet to remote server:

kop A2772Q java.lang.Exception: Failed to create connection to remote server at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.sendPa cket(OutgoingSessionPromise.java:252) at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.run(Ou tgoingSessionPromise.java:216) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source)

Any help would be appreciated!

Brendan4 · May 6, 2010, 3:34pm

I still have not managed to ger Federation with google working.

To prove to myself that I could get Openfire to federate i set up two serperate Openfire servers on two seperate subdomains behind seperate firewalls. I successfully got the two Openfire servers federated and im users on each could talk to each other.

One thing i did note is that the Openfire servers alwas used the configured port 5269 for s2s communication, including dialback validation

From looking at the firewall logs Google talk does not appear to be doing this. Its seems to randomly pick a port and attempte to connect to it.

This poses 2 problems:

all ports need to be open on the Firewall to the google talk ips
Openfire cant be configured to listen on more than 1 port for s2s communications.

Am i missing something here? If its a case that Google have turned off federation support could someone at least tell me that

Are there any other im services like google (yahoo, msn, etc) that i could test with?

Brendan4 · May 12, 2010, 11:34am

I finally got this working

The instructions on http://www.google.com/support/a/bin/answer.py?hlrm=en&answer=60227 were incorrect.

Instead of The following:

"

When you enter the following information, make sure to replace gmail.com with your domain. Don’t replace google.com.

_xmpp-server._tcp.gmail.com. IN SRV 5 0 5269 xmpp-server.l.google.com.

…

_jabber._tcp.gmail.com. IN SRV 5 0 5269 xmpp-server.l.google.com.

…

"

I replaced both **gmail.com **and **xmpp-server.l.google.com. **with my domain. One _xmpp-server and one _jabber record were all that was needed…

Also opened port 5269 to all incoming connections on the filrewall and am using Openfire’s whitelist to control access.

Trillomedia_S.r.l · May 3, 2011, 6:16pm

Hi gribr,

I’ve the same problem your.

I’m trying to add in my gtalk roster, an user of my openfire server…

I used these guides to configure dns of my domain where is installed openfire: http://www.google.com/support/a/bin/answer.py?hl=en&answer=34143 or http://www.dyndnscommunity.com/questions/1136/adding-srv-records-for-google-talk -federation-to-c.html where it is plain that must be replace only gmail.com with own domain, and not also google.com

You said, instead, to replace also google.com with own domain.

Are you sure? It works so?
Thanks.