XMPP Service Operators - 2024-02-07

  1. Polarian

    Jabber.de Connectivity Check Wed Feb 7 10:40:01 UTC 2024 xmpp-client jabber.de. 5222 Priority: 0 Weight: 5 IP: 2001:4ba0:ffa4:628:: Connection: [Not OK] dial tcp6 [2001:4ba0:ffa4:628::]:5222: i/o timeout IP: Connection: [OK] StartTLS: [OK] Certificate: [OK] xmpps-client jabber.de. 5223 Priority: 20 Weight: 1 IP: 2001:4ba0:ffa4:628:: Connection: [Not OK] dial tcp6 [2001:4ba0:ffa4:628::]:5223: i/o timeout IP: Connection: [OK] TLS: [OK] Certificate: [OK] xmpps-client jabber.de. 443 Priority: 25 Weight: 1 IP: 2001:4ba0:ffa4:628:: Connection: [Not OK] dial tcp6 [2001:4ba0:ffa4:628::]:443: i/o timeout IP: Connection: [OK]

  2. Polarian

    appears its an IPv6 issue

  3. Polarian

    lemme try peering with them

  4. Polarian

    peering worked fine, IPv6 too so I don;t know

  5. Polarian

    their status page is wrong I guess...

  6. Menel

    I get no timeout, all green

  7. Menel

    (beside client over 443, but that has the least priority anyway)

  8. Polarian

    moparisthebest, hey are you able to connect to DivestOS MUC rooms?

  9. Polarian

    because I can't

  10. Polarian

    Menel, do you use prosody?

  11. Licaon_Kter

    Polarian: divest server is restarted a lot

  12. Polarian


  13. Polarian


  14. Menel


  15. Licaon_Kter

    "Apply update" We get this daily at least ¯\_(ツ)_/¯

  16. Polarian

    Menel, try to join xmpp:testing2@muc.icebound.dev

  17. Polarian

    what does prosody try to connect to?

  18. Menel

    Polarian: the ip where this address points to doesn't have an xmpp server serving that muc component

  19. Menel

    > (This host does not serve muc.icebound.dev)

  20. Menel

    You forgot SRV s2s records for that muc

  21. Polarian


  22. Polarian

    I realised but it doesn't seem namecheap allows me to

  23. Polarian

    sticking in _tcp.muc isn't working

  24. Polarian

    fucking abstraction actually makes DNS management hardee

  25. Polarian

    I need to bump self hosting DNS up the list, because I am done with the agony of dealing with namecheap and other DNS providers

  26. Menel

    Or use standard portd

  27. Polarian

    I can't :)

  28. Polarian

    polarian.dev has them

  29. Menel

    Serve s2s on 5269

  30. Menel

    Isn't that the same machine serving the rooms?

  31. Polarian

    openfire stole the DirectTLS ports though :P

  32. Polarian

    Menel, yes.. but I host two XMPP servers on the same network

  33. Polarian

    because I am stingy with my /29 block of IPv4 I make them share the same IP

  34. Polarian

    ok I will give it 30 mins to propagate and for the TTL to be exceeded and then it should work (hopefully)

  35. Menel

    I've exactly one ipv4 for three networks... But only one xmpp server and the ability to set proper dns records

  36. Polarian

    you use prosody though, it handles multi-network

  37. Polarian

    well multi-domains that is

  38. Polarian

    I am running one Openfire and one prosody

  39. moparisthebest

    Polarian: sslh can listen on the port and send the request the the correct backend

  40. Polarian

    > Polarian: sslh can listen on the port and send the request the the correct backend meh

  41. Polarian

    SRV records serve the purpose they were designed for

  42. Menel

    There are provider with working records..

  43. moparisthebest

    Oh I thought you said you couldn't set them?

  44. HuppiFluppi

    Hi all... I'm an Avaya Specialist from Germany and working on the following problem: A customer is using a matrix server for internal chat communication. The new Avaya solution provides a Presence Server which is able to receive XMPP connections. I found the "Bifröst" tool which acts like an "translator" for Matrix and XMPP, but I'm not able to configure it and I don't know how to use it then... is there anybody here who can help me?

  45. MattJ

    HuppiFluppi, running Bifrost requires setting up both a Matrix server and an XMPP server, and then Bifrost. It's a bunch of work... I'm not sure if it's what you want

  46. MattJ

    Just ask Maranda[x] 😃

  47. MattJ

    (Maranda forked Bifrost and fixed a bunch of issues at https://github.com/maranda/matrix-bifrost )

  48. HuppiFluppi

    I have a Matrix Sever and an XMPP server running, but how to connect them? I know that for XMPP if you should chat to "someone@somewhere.dom" the DNS of "somewhere.dom" has to point to the XMPP Server, right? But how does Matrix do this?!?

  49. MattJ

    Or rather, it looks like that moved to https://github.com/arianetwork/bifrost

  50. MattJ

    Pretty much the same way

  51. HuppiFluppi

    There is not very much detailed documentation available on how to connect Matrix with XMPP 😞

  52. MattJ

    You may be looking for https://github.com/matrix-org/matrix-bifrost/wiki/Address-syntax

  53. MattJ

    On that page you would replace 'matrix.org' with the address of the Bifrost bridge (they run a public one on matrix.org, there is also one on aria-net.org)

  54. Menel

    The aria fork has this syntax: https://archon.im/arianet/matrix-homeserver/services/

  55. jonas-l

    > SRV records serve the purpose they were designed for I filter the outgoing ports from my xmpp server; due to srv records, I had to allow specific ports for specific s2s connections

  56. jonas’

    yeah, filtering outbound ports is not a great idea if you want to interoperate with XMPP.

  57. jonas’

    at least your xmppd should get an exemption

  58. lbocquet

    HuppiFluppi: You can talk with Maranda here: xmpp:grimoire@muc.metronome.im?join

  59. neutrino

    > I disagree, and it irks me to see unhelpful/harmful comments from the peanut gallery > > if you aren't happy with someone else's volunteer server, run your own huge public server if you know exactly the right way to do it, I wish you the best of luck, just don't harass those already doing it moparisthebest: > from the peanut gallery strikes me as personal attack. From the channel guidelines: > it is also a place for the wider XMPP community (including end-users and operators of non-federated servers) to get in touch with operators to resolve issues, report abuse (see below for important notes on that!) or any other service related topic. I am here to observe operator discussions, and if needed, report or ask about issues. I find your demand for silencing such to be off putting and contrary. With all due respect.

  60. jonas’

    "peanut gallery" has been kind of a commonly used term in the XSF community, mostly used self-ironically (not in this case obviously), I'm sure it wasn't meant as defamatory. In any case, I do agree with moparisthebest that the discussions in context of jabber.de tend to get out of hand and transmute into (implicit, active or passive) attacks on the operators.

  61. jonas’

    If I put myself in the shoes of a jabber.de operator, I'd stay away from this place, because I'd be afraid of getting hated at. Pushing back against that kind of atmosphere is a good thing, IMO.

  62. Guus


  63. neutrino

    >> Competence and multiple outages for multiple days are a strange combination > The fact you think this just shows you are super inexperienced and should keep quiet More non defamation??

  64. MSavoritias (fae,ve)

    agreed. this is not a place to "rate" servers or to shame people that maintain servers on their spare time

  65. Polarian

    fuck namecheap

  66. Polarian

    I'm having severe issues with DNS propagation

  67. jonas’

    neutrino, I hadn't seen that and I agree with you that that was ... not a great choice of words.

  68. Polarian

    it treats two srv records as the same

  69. jonas’

    neutrino, I'll talk to them, thanks for bringing this up.

  70. Guus

    Polarian: I once used a confusing UI (elsewhere) that forced me to add _all_ records of the same type in the same input field. Maybe you're running into a similar issue?

  71. Guus

    (I was overwriting previous records when I intended to add a new ones of the same type)

  72. Polarian

    similar yes

  73. Polarian

    but _tcp.muc

  74. Polarian

    doesn't appear right

  75. Polarian

    they don't render the sub domain

  76. Polarian

    and it meant I fucked the srv records

  77. Polarian

    had to purge them

  78. Polarian

    and now wait for it to propagate

  79. Polarian

    meanwhile hoping my friends phone reconnects

  80. jonas’

    are you missing the _xmpp-server in front of _tcp, or is this a different issue?

  81. Polarian

    so I can talk to him

  82. Polarian

    > are you missing the _xmpp-server in front of _tcp, or is this a different issue? different idsue

  83. jonas’


  84. Polarian

    OK should be working, got to wait 30 mins and desperately hope namecheap interface did what I entered

  85. savagepeanut

    If you feel like switching registrars prokbun is pretty nice. desec.io is good for hosting, but the UI is a little confusing at times

  86. neutrino

    Recently considered porkbun but they look like relative newbies with temporary lower prices, to be increased soon.

  87. savagepeanut

    That's how it goes. I switched after gandi sold off and decided it wanted to charge me more for what I already paid for

  88. moparisthebest

    >> The fact you think this just shows you are super inexperienced and should keep quiet > More non defamation?? neutrino: If someone thinks downtime == incompetence, they *are* inexperienced and shouldn't say things like this in public, that's not defamation but a fact

  89. MattJ

    moparisthebest, please no

  90. moparisthebest

    > Competence and multiple outages for multiple days are a strange combination This is the quote that was in response to

  91. moparisthebest

    I just don't want anyone to think I'm secretly talking about them behind their back, I will continue calling people out directly for harassing/putting down other service operators because it's highly inappropriate, that's all

  92. MattJ

    We already dealt with that topic, and you resurrected it with an inappropriate remark, despite it being quite clear we don't want to continue such a debate here

  93. MattJ

    We've said everything that needs saying, so please everyone drop it now

  94. Bob Evans

    Thank you.

  95. badmuff

    Is there any way to count xmpp nodes through country?

  96. moparisthebest

    no way to count all, but shodan can count many

  97. badmuff

    That's enough for me. I just need an approximate value.

  98. badmuff


  99. Guus

    Does shodan even list snikket/Prosody?

  100. MattJ

    Why not?

  101. Polarian

    savagepeanut, registrar won't matter when I hold the DNS servers

  102. Polarian

    as long as they support glue records

  103. Polarian

    I won't need to care :)

  104. Guus

    MattJ: because when I tried to search by name, I got 0 results 😊

  105. MattJ

    Yeah, not like that :)

  106. Guus

    Is there a generic 'all xmpp servers please' query?

  107. MattJ

    E.g. https://www.shodan.io/search?query=port%3A5269+http%3A%2F%2Fetherx.jabber.org%2Fstreams

  108. MattJ

    This will get you Prosody servers: https://www.shodan.io/search?query=port%3A5269+%22This+host+does+not+serve%22

  109. Guus

    right - for that I apparently need to log in. Out of curiosity, what's the total count?

  110. Polarian

    Guus, they want all your personal data :P

  111. Polarian

    thats the payment for them giving you the info you desire :P

  112. MattJ

    64,163 XMPP servers with public federation on 5269. 20,136 of those are Prosody.

  113. MattJ

    And the count is IP(v4) addresses, not domains

  114. Guus

    oh, so close to 64k

  115. Polarian

    MattJ, what are the toher 40+k

  116. MattJ

    E.g. I'm hosting over 1000 domains on Snikket, but they would only count as '1' towards this

  117. Polarian

    why do you need to host over 1000 domains

  118. Polarian

    what is the point?

  119. Polarian

    also that must be one beefy server O.O

  120. MattJ

    Because customers want their own domain

  121. Guus

    1000 different domains for 1000 different people

  122. Polarian

    oh right I forgot you sell your services

  123. Polarian

    MattJ, how much do you charge?

  124. MattJ

    It's currently "pay what you want", so it depends :)

  125. Polarian


  126. Polarian


  127. Polarian

    per year...

  128. MattJ

    Off-topic, but feel free to contact me elsewhere if you want to discuss it

  129. badmuff


  130. MattJ

    Guus, possibly Openfire went through some changes, but I can find 117 that look similar to whatever is running on igniterealtime.org

  131. Guus

    igniterealtime is using the latest release, where the network stack got modified. That may have changed a signature

  132. MattJ

    Do you have an example of an older version? (maybe we can take this to PM)

  133. moparisthebest

    Shodan not only only finds servers listening for s2s on 5269, it also only finds ipv4 servers, it used to do really crappy things to find IPv6 but iirc they got shamed and kicked out from doing that :D

  134. moparisthebest

    So it's easy to say there are far more XMPP servers than that, impossible to say how many more

  135. roughnecks

    what is the best tcp port which I should monitor with kuma to have prosody service status?

  136. MattJ

    roughnecks, whatever port your Prosody is listening on - by default that would be 5222 and 5269

  137. moparisthebest

    port listening does not quite equal "service working" though, but it's better than nothing

  138. roughnecks

    yeah, but what about client/server ports? is it the same?

  139. badmuff

    Openmetrics & Prometheus

  140. moparisthebest

    > yeah, but what about client/server ports? is it the same? That's up to you, but by default client is 5222 and server 5269

  141. roughnecks

    I know. Thanks everyone

  142. neutrino

    > MattJ, how much do you charge? Someone asked how much jmp pays for included snikket, but they wouldn't say.

  143. rrbd1957

    > jabber.de seems to be back again Yupp, I can confirm!