March 2013 Archives

XMPP connection issues fixed

| No Comments
I'd been having problems with my XMPP server. XMPP is a open chat protocol, that used to be called Jabber. I'm using the ejabberd software and for a long time I've been getting messages in the ejabberd log saying:
=INFO REPORT==== 2013-03-03 10:59:22 ===
I(<0.423.0>:ejabberd_s2s_out:379) : Closing s2s connection: cromp.id.au -> gmail.com (invalid dialback key)

I don't clearly remember when this started occurring, so I hadn't tied these messages to a particular action I'd taken. I had searched the internet for other people that had been having this problem, but only gotten advice that didn't seem to apply to me. I hadn't spent a great deal of time thoroughly investigating it so far.

I assumed that maybe google had done something that made it's XMPP servers incompatible with mine in some fashion. I was running a quite old version of ejabberd (2.1.5). So I upgraded to 2.1.10. But this didn't solve the problem.

I had one contact that was showing was different, ejabberd was saying that contact's server was not found. So as a little experiment, I tried to connect to their server with netcat on tcp port 5269. Netcat is a really simple tool that does a plain TCP connection. Now I doubt many people can type fast enough to simulate an XMPP connection over that, but it's useful to see if the port was open. That connection didn't work, which probably explains why my jabber server is failing to talk to my contacts jabber server.

While playing with this I did a netcat connection to my jabber server, and that also failed. This was quite alarming. So I tried it from another host out on the internet, just to check if something weird was going on with my firewall rules. That connection failed as well. It didn't take me long to find the bug in my firewall ruleset, and to fix it.

Once the Internet was able to reach my jabber server on port 5269, my contacts started to work. It's now clear to me that this problem must have started when I put that firewall into production. It's nice to have finally fixed this, it's been this way since at least September 2012.