XMPP Federation with Presence 8

nandocesar · ‎07-21-2010

Hi,

I would like to know if it´s possible to federate Presence 8 with Spark IM via XMPP?

Anyone already done that?

Thanks,

Fernando

MICHAEL HUNTER · ‎11-04-2010

I am trying to do the same thing here with CUPS version 8.0.2.10000-30. Please let me know if you get an answer back on this one. We are trying to integrate with Spark and do some beta testing for Cisco.

Thanks - Mike

Joseph Hardy · ‎05-20-2013

CUPS can federate with any XMPP compliant server. However it is important to know which have been officially tested.

Supported Federations with IM and Presence Service Release 9.1(1)

http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/im_presence/compatibility/9_1_1/IM_P_Compatibility.html#wp171300

I can also confirm at least 3 other customers have interdomain XMPP federation working with Spark Openfire server.

There is a case senstivity bug in 8.0 to watch out for.

CSCti98431 - Make startup scripts case insensitive when querying processnode tbl

cowherjohn · ‎02-27-2014

We have been trying for a month to federate CUPS 9.1 with a business partner running the latest Openfire 3.9.1. We have never seen any presence via our clients on either end.

We have a DMZ intercluster peer, connecting to our internal cups server, we federate with Cisco and two other partners.

The new partner with Openfire has an external listening IP address natting thru netscaler to the internal Openfire server IP.

New parnter outbound xmpp traffic is sent via a second- external - sending IP address.

We have wireshark on the Openfire server and see traffic from our DMZ Cups server, we can see traffic by doing captures on our cups server

we can resolve them on our cups servers both, with the utils network host and xmpp srv , and they can resolve our records on their server,

Can anyone share Openfire config, ?

Joseph Hardy · ‎02-27-2014

I don't have access to Openfire and can't help with it's configuraiton.

The fact that XMPP federation is working with other enterprises, tells my your CUP/IMP server and DNS is configured correctly and the problem must be on the Openfire side.

My best guess here is the dialback for sever verification is failing. The dialback secret is a password, it can be anything. To over simplify, the recieving XMPP server verifies the identity of the connectinig server by comparing the dial back secret provided in the initial connection with the dialback secret provided by DNS lookup and a return connection. If they match it is very likely the connection is from a legitmate server.

Reference:

http://xmpp.org/extensions/xep-0220.html

Do you see a successful dialback connection in your packet capture?

Next step will be looking at logs to determine what is going wrong. I suggest opening a service request for assistance with this.

cowherjohn · ‎02-28-2014

External/DMZ Cups capture Openfire IP is 66.192.59.27

From DMZ cups :

6144 Mbytes RAM

admin:utils network capture host all 66.192.59.27

Executing command with options:

size=128 count=1000 interface=eth0

src= dest= port=

ip=66.192.59.27

11:36:41.446808 IP SDDMZCUPS01.advance-auto.com.36225 > im.gpi.com.xmpp-server: S 2299544096:2299544096(0) win 5840

11:36:41.474214 IP im.gpi.com.xmpp-server > SDDMZCUPS01.advance-auto.com.36225: S 655306752:655306752(0) ack 2299544097 win 8190

11:36:41.474237 IP SDDMZCUPS01.advance-auto.com.36225 > im.gpi.com.xmpp-server: . ack 1 win 5840

11:36:41.474376 IP SDDMZCUPS01.advance-auto.com.36225 > im.gpi.com.xmpp-server: P 1:197(196) ack 1 win 5840

11:36:41.502241 IP im.gpi.com.xmpp-server > SDDMZCUPS01.advance-auto.com.36225: . ack 197 win 10914

11:36:56.307951 IP SDDMZCUPS01.advance-auto.com.36225 > im.gpi.com.xmpp-server: F 197:197(0) ack 1 win 5840

11:36:56.308244 IP SDDMZCUPS01.advance-auto.com.36239 > im.gpi.com.xmpp-server: S 1312879172:1312879172(0) win 5840

11:36:56.358497 IP im.gpi.com.xmpp-server > SDDMZCUPS01.advance-auto.com.36239: S 2886681851:2886681851(0) ack 1312879173 win 8190

11:36:56.358529 IP SDDMZCUPS01.advance-auto.com.36239 > im.gpi.com.xmpp-server: . ack 1 win 5840

11:36:56.358712 IP SDDMZCUPS01.advance-auto.com.36239 > im.gpi.com.xmpp-server: P 1:197(196) ack 1 win 5840

11:36:56.401292 IP im.gpi.com.xmpp-server > SDDMZCUPS01.advance-auto.com.36239: . ack 197 win 10914

11:36:56.464071 IP im.gpi.com.xmpp-server > SDDMZCUPS01.advance-auto.com.36225: . ack 198 win 10914

11:37:08.797172 IP im.gpi.com.xmpp-server > SDDMZCUPS01.advance-auto.com.36225: F 1:1(0) ack 198 win 10914

11:37:08.797221 IP SDDMZCUPS01.advance-auto.com.36225 > im.gpi.com.xmpp-server: . ack 2 win 5840

11:37:08.797174 IP im.gpi.com.xmpp-server > SDDMZCUPS01.advance-auto.com.36225: R 2:2(0) ack 198 win 9300

Internal Cups Capture:

From internal cups:

admin:utils network capture host all 66.192.59.27

Executing command with options:

size=128 count=1000 interface=eth0

src= dest= port=

ip=66.192.59.27

11:15:12.015648 IP SDCUPSPRD01.corp.advancestores.com.49228 > im.gpi.com.xmpp-server: S 829070194:829070194(0) win 5840

11:15:12.084275 IP im.gpi.com.xmpp-server > SDCUPSPRD01.corp.advancestores.com.49228: S 2385419654:2385419654(0) ack 829070195 win 8190

11:15:12.084309 IP SDCUPSPRD01.corp.advancestores.com.49228 > im.gpi.com.xmpp-server: . ack 1 win 5840

11:15:12.084537 IP SDCUPSPRD01.corp.advancestores.com.49228 > im.gpi.com.xmpp-server: P 1:199(198) ack 1 win 5840

11:15:12.158564 IP im.gpi.com.xmpp-server > SDCUPSPRD01.corp.advancestores.com.49228: . ack 199 win 10912

11:15:26.807876 IP SDCUPSPRD01.corp.advancestores.com.49228 > im.gpi.com.xmpp-server: F 199:199(0) ack 1 win 5840

11:15:26.808714 IP SDCUPSPRD01.corp.advancestores.com.49239 > im.gpi.com.xmpp-server: S 1531433294:1531433294(0) win 5840

11:15:26.866636 IP im.gpi.com.xmpp-server > SDCUPSPRD01.corp.advancestores.com.49239: S 1126490627:1126490627(0) ack 1531433295 win 8190

11:15:26.866671 IP SDCUPSPRD01.corp.advancestores.com.49239 > im.gpi.com.xmpp-server: . ack 1 win 5840

11:15:26.866808 IP SDCUPSPRD01.corp.advancestores.com.49239 > im.gpi.com.xmpp-server: P 1:199(198) ack 1 win 5840

11:15:26.937532 IP im.gpi.com.xmpp-server > SDCUPSPRD01.corp.advancestores.com.49239: . ack 199 win 10912

11:15:26.980225 IP im.gpi.com.xmpp-server > SDCUPSPRD01.corp.advancestores.com.49228: . ack 200 win 10912

11:15:41.917295 IP SDCUPSPRD01.corp.advancestores.com.49239 > im.gpi.com.xmpp-server: F 199:199(0) ack 1 win 5840

11:15:42.079636 IP im.gpi.com.xmpp-server > SDCUPSPRD01.corp.advancestores.com.49239: . ack 200 win 10912

11:16:12.189414 IP SDCUPSPRD01.corp.advancestores.com.49280 > im.gpi.com.xmpp-server: S 3697954360:3697954360(0) win 5840

11:16:12.240962 IP im.gpi.com.xmpp-server > SDCUPSPRD01.corp.advancestores.com.49280: S 1241659010:1241659010(0) ack 3697954361 win 8190

11:16:12.240992 IP SDCUPSPRD01.corp.advancestores.com.49280 > im.gpi.com.xmpp-server: . ack 1 win 5840

11:16:12.241116 IP SDCUPSPRD01.corp.advancestores.com.49280 > im.gpi.com.xmpp-server: P 1:199(198) ack 1 win 5840

11:16:12.280779 IP im.gpi.com.xmpp-server > SDCUPSPRD01.corp.advancestores.com.49280: . ack 199 win 10912

This from openfire log:

openfire.server.ServerDialback - ServerDialback: OS - Ignoring unexpected answer in validation from: advance-auto.com id: 2A4F48A7CC12 for domain: im.gpi.com answer:http://etherx.jabber.org/streams">

Their openfire server name is im.gpi.com

I think you are right on the money with dialback failing I just cannot figure out where.

Joseph Hardy · ‎02-28-2014

I think the problem here is outbound XMPP traffic is not relayed through the inter-cluster peer.

Try configuring the same dialback secret on SDCUPSPRD01 and SDDMZCUPS01.

cowherjohn · ‎02-28-2014

The dialback secrets were the same, but I just re-entered them to assure that was the case.

Seeing same warning in logs on Openfire server.. Still no presence either way.

cowherjohn · ‎02-28-2014

From the internal cups xmpp federation logs we can see the connection make and then timeout:

debug| SSCommandProcessor.cpp:1650 Trying next rule: Host: im.gpi.com, Director: cm-4-xmpp-fed-s2s-outd, SRV: (nil), Port: 5269

09:12:38.594 |b3d4cb90| info| XMPPServerOutDir Resolved 'im.gpi.com' using port 5269.

09:12:38.594 |b3d4cb90| debug| XMPPServerOutDir No SASL configuration.

09:12:38.594 |b3d4cb90| debug| XMPPSoutTranscoder{28B509D539AF} New outgoing xcoder: 28B509D539AF

09:12:38.594 |b3d4cb90| debug| XMPPServerOutDir.cpp:615 Adding Connection: host - im.gpi.com, transcoder - 28B509D539AF

09:12:38.594 |b44cfb90| debug| BasicSocket.cpp:251 connect fd 47 from 68.70.98.23:56152 to 66.192.59.27:5269 EINPROGRESS

09:12:38.618 |b44cfb90| debug| XMPPSoutTranscoder{28B509D539AF} onSocketConnect

09:12:38.618 |b44cfb90| debug| XMPPStream.cpp:1323 onConnected - starting timeout for stream:stream element

09:12:41.614 |b454fb90| debug| XMPPStream.cpp:2267 timeout waiting for stream:stream element

09:12:41.614 |b454fb90| debug| XMPPStream.cpp:1343 onClose. XML Stream is gone. 0

09:12:41.614 |b454fb90| debug| XMPPStream.cpp:1368 Firing onClose event