Want to highlight a helpful answer? Upvote!

Did someone help you, or did an answer or User Tip resolve your issue? Upvote by selecting the upvote arrow. Your feedback helps others! Learn more about when to upvote >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: greyman
greyman Author
User level: Level 1
9 points

iChat XMPP Federation with Google

Can someone point me to a documentation that points out was is needed for an iChat server that sits behind a NAT to be able to communicate with Google Talk users through my iChat server.

After looking through all the threads I can not see what I am missing. My internal DNS server shows that I have a working forward and reverse dns (checed using both nslookup and dig) for my hostname I am using both for the server and the chat service. I have added CNAME entries for pubsub.mymachine.mydomain.com. I have checked "Enable XMPP server-to-server federation", and selected "Allow federation with the following domains"

domain added is "talky.l.google.com"

Ports 5222, 5223, 5269 have both NAT and Firewall rules installed.

Any suggestions, pointers, etc are greatly appreciated.

macmini, Mac OS X (10.6.4)

Posted on Aug 12, 2010 4:16 PM

Reply
10 replies
User profile for user: greyman
greyman Author
User level: Level 1
9 points

Aug 17, 2010 8:38 AM in response to greyman

Below are a sample of the logs that I am getting.


Aug 17 10:27:57 mail jabberd/resolver[78850]: [ xmpp-server.tcp.gmail.com] resolved to 74.125.47.125:5269 (300 seconds to live)
Aug 17 10:27:57 mail jabberd/resolver[78850]: [ xmpp-server.tcp.gmail.com] resolved to 74.125.155.125:5269 (1800 seconds to live)
Aug 17 10:27:57 mail jabberd/resolver[78850]: [ xmpp-server.tcp.gmail.com] resolved to 74.125.47.125:5269 (1800 seconds to live)
Aug 17 10:27:57 mail jabberd/resolver[78850]: [ xmpp-server.tcp.gmail.com] resolved to 74.125.45.125:5269 (1800 seconds to live)
Aug 17 10:27:57: --- last message repeated 1 time ---
Aug 17 10:27:57 mail jabberd/s2s[78856]: [7] [74.125.45.125, port=5269] outgoing connection
Aug 17 10:27:57 mail jabberd/s2s[78856]: [7] [74.125.45.125, port=5269] sending dialback auth request for route 'mail.oneinsane.org/gmail.com'
Aug 17 10:27:58 mail jabberd/s2s[78856]: [7] [74.125.45.125, port=5269] outgoing route 'mail.oneinsane.org/gmail.com' is now invalid
Aug 17 10:27:58 mail jabberd/s2s[78856]: [7] [74.125.45.125, port=5269] closing connection
Aug 17 10:27:58 mail jabberd/s2s[78856]: [7] [74.125.45.125, port=5269] disconnect, packets: 1
Reply
User profile for user: Tim Harris
Tim Harris
User level: Level 4
1,481 points

Aug 23, 2010 2:01 AM in response to greyman

Couple of things. Don't restrict which domaines you are wanting to federate with. Unless you are running a truly massive ichat community it's not needed.

Also you DNS is does not look correct.

This is what it see as your reverse:


;; QUESTION SECTION:
;120.107.49.99.in-addr.arpa. IN PTR

;; ANSWER SECTION:
120.107.49.99.in-addr.arpa. 7200 IN PTR 99-49-107-120.lightspeed.hstntx.sbcglobal.net.
Reply
User profile for user: greyman
greyman Author
User level: Level 1
9 points

Aug 23, 2010 6:20 AM in response to Tim Harris

Tim Harris wrote:
Also you DNS is does not look correct.

This is what it see as your reverse:


;; QUESTION SECTION:
;120.107.49.99.in-addr.arpa. IN PTR

;; ANSWER SECTION:
120.107.49.99.in-addr.arpa. 7200 IN PTR 99-49-107-120.lightspeed.hstntx.sbcglobal.net.


That is the one thing that I can not control and I do there is now way my ISP will change the record. So does that mean that I will not be able to do this.

I do not have any restrictions set on who the server federates with.

TIA
Reply
User profile for user: greyman
greyman Author
User level: Level 1
9 points

Sep 22, 2010 1:12 PM in response to greyman

Configuration has been updated and from what I can tell both my forward and reverse dns are correct. but I am still getting the below messages.

Sep 22 15:03:15 mail jabberd/s2s[90485]: [7] [74.125.45.125, port=5269] outgoing connection
Sep 22 15:03:16 mail jabberd/s2s[90485]: [7] [74.125.45.125, port=5269] sending dialback auth request for route 'mail.oneinsane.org/gmail.com'
Sep 22 15:03:16 mail jabberd/s2s[90485]: [7] [74.125.45.125, port=5269] outgoing route 'mail.oneinsane.org/gmail.com' is now invalid
Sep 22 15:03:16 mail jabberd/s2s[90485]: [7] [74.125.45.125, port=5269] closing connection
Sep 22 15:03:16 mail jabberd/s2s[90485]: [7] [74.125.45.125, port=5269] disconnect, packets: 1

What am I missing?

TIA
--
Ron Rosson
ron@oneinsane.org
Reply
User profile for user: Tim Harris
Tim Harris
User level: Level 4
1,481 points

Sep 22, 2010 2:44 PM in response to greyman

Ron,

Assuming your email address is a valid ichat address I have added you as a buddy and the two servers are talking to each other. Did you get an incoming buddy request or any errors in the logs.

The thing that has me confused is this 'now invalid' log entry. Whilst that can happen - it normally happens when the remote server is not sending back the correct details (dialback key) - BUT, there is nothing in the LOG that even acknowledges there is an incoming packet from the google server, so I don't understand what kicks this 'now invalid' message off. Is this a 'live' server, did it used to work and not does not. also, have you change the IP address since your initial post?

Tim
Reply
User profile for user: greyman
greyman Author
User level: Level 1
9 points

Sep 22, 2010 2:55 PM in response to Tim Harris

I saw you server connect but did not see your buddy request. When you tried the buddy request it should be first name at hostname dot domain name (sorry for it being cryptic but want to avoid spammers)

The IP address has moved from a not really static IP to a real static IP. If what you tested ends in .165 you have the correct IP.

What would I use to make a request on your server as a buddy?

P.S. next step if I can figure it out is to drop the host name for the user. 🙂

TIA
-Ron
--
Ron Rosson
ron@oneinsane.org
Reply

iChat XMPP Federation with Google

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up