Home

transports no longer open for all

Submitted by jeroen on Mon, 2008-05-05 16:34

Hi,

We've just migrated our jabber services from jabberd-1.4.4 to ejabberd 2.0.0 (jabber.anywise.com, jabber.cn, 12jabber.com, jabber.asia, jabber.mobi, xmpp.us and several other hostnames). The transports for MSN, AIM and ICQ have been left with jabberd-1.4.4 on the old server. Ejabberd's config has the default syntax for linking to these transports.

Users with a JID on our server can browse/discover the transports and use them.
Users from other jabber servers (like jabber.org) can browse jabber.anywise.com but cannot use the transports. This is not intended, we always had the transports available for the world.

I'd like to know how to restore the old behaviour in such a way that all jabber users (regardless if they have their JID on our or on another public jabber server) can browse and use our transports.

Any help would be appreciated.

Jeroen

Check DNS and firewall

Submitted by mfoss on Mon, 2008-05-05 20:55.

The problem is probably not related to external transports, but related to services. Specifically the DNS configuration for those services.

I can connect from my home machine to the jabber server:

$ telnet jabber.anywise.com 5269
Trying 81.175.86.202...
Connected to jabber.anywise.com.
Escape character is '^]'.

But I can't connect to the MUC service, for example:

$ telnet conference.jabber.anywise.com 5269
Trying 81.175.86.226...
telnet: Unable to connect to remote host: Connection refused

Check this FAQ: Users from Other Servers Cannot Reach my Components

»

same problem after DNS correction

Submitted by jeroen on Mon, 2008-05-05 21:51.

Ok, my DNS now contains:

For the server running the transport services:
msn.jabber.anywise.com > 81.175.86.226
aim-icq.jabber.anywise.com > 81.175.86.226
jit-icq.jabber.anywise.com > 81.175.86.226

For the jabber server:
jabber.anywise.com > 81.175.86.202
*.jabber.anywise.com > 81.175.86.202

Still, when I discover services from an account on this jabber server I can see and use the transport. When I do this from another account (I tried jabber.org and jabber.se and browsed jabber.anywise.com) I see the transports listed but they are not available. Reply from the server (using Psi):

[iq from= msn.jabber.anywise.com type=error xml:lang=en to=jeroen@jabber.se/Macintosh-2 id=ab76a ]
[query xmlns=jabber:iq:agents/]
[error type=cancel code=404 ]
[remote-server-not-found xmlns=urn:ietf:params:xml:ns:xmpp-stanzas/]
[/error]
[/iq]

»

solved

Submitted by jeroen on Thu, 2008-05-29 19:52.

We have solved this issue. The FQDN of the transport must be equal to the IP of the Jabber server, not the IP of the transport server. In ejabberd.cfg the hostname of the transport is used (in the ejabberd_service statement). This is a bit confusing because one may wonder how the jabber server will know where the transport server is. I assume that the transport connects through the defined port with the password set in ejabberd.cfg and that's how the jabber server identifies the transport server.
When the transport server is on the same machine as the jabber server one will not have any transport configuration problems because then it's very straightforward.

»
Syndicate content

User login