I think I'd need a little more information to determine the exact cuase of problems in this AS2 set-up.
Recommendations: 1. If at all possible, get the Internet service provider to set up a Static IP address. Even cut-rate DSL service from AT&T is available with a Static IP address for $49.95 per month. 2. I like Zone Edit (www.zoneedit.com) if you need to host DNS externally. If you can get a static IP, you don't need to worry quite as much about the canonical (non-numeric) name of your AS2 server. However... some firewalls look up DNS and may refuse the connection if the forward and reverse resolution don't math. That is to say you claim you are wonder-as2.abc.com and that resolves to 64.217.208.6. The firewall then resolves 64.217.208.6 back and gets the answer host6-dsl.denver.sbc.com (This is a ficticious example for illustration only). Since host6-dsl.denver.sbc.com doesn't match wonder-as2.abc.com, the firewall drops the connection. I beleive Zoneedit still allows you to tailor some of your domain's SOA (start of authority) record vaules, such as the time-to-live and mandatory refresh interval. Some proxy/firewalls and some Windows products ignore the SOA values and cache DNS data for whatever interval they like. In particualr, I've seen problems wiht Win2k applicaitons where Windows itself may properly honor the SOA, but the application caches DNS data separately from the O/S. There isn't much you can do to fix broken behavior. I've usually seen the check for forward/reverse DNS matching used priamrily on mail servers, since e-mail has essentially no authentication. The idea is that spammers are too lazy to get properly registered DNS for the PCs they've co-opted for their networks. The firewall administrator might have turned on the DNS check for all services, not just e-mail. 3. Be sure your in-bound and out-bound firewall rules are correct. The firewall administrator for either side might have ranges of excluded ports that you or the other side are hitting some of the time when opening out-bound connections. 4. On the AS2 scene, try setting your MDNs to synchronous. This is handny if your IP address is bound to move unexpectedly. The initating AS2 server will maintain the initial TCP connection open until the recipient issues the MDN response. Part of the headers have the reply-to address written in, so if you have an IP address written into the header, and it changes, then without synchronous MDNs, the repsonse may go back to the wrong IP address. This can lead to weird errors, and I've seen Drummond certified servers exhibit various behaviors. In the case of an async MDN and IP moving, the receiver may try to connect back to what it thinks is the correct address, but nobody is there. I've seen one product consider trying to deliver an MDN as sufficient, whether or not the sender got the reply. Meanwhile, the sender never gets the MDN, and keeps re-sending the same message. Using AS2 doesn't prevent duplicates in such a case; lesson always check your document control numbers! Even if you have synchronous MDNs, you may still encounter problems. Again, it depends on the particular AS2 software running at the recipient. Some implementations don't bother to look at the reply-to address if the MDN request is synchronous. Other implementations will send a negative MDN and reject the data if the reply-to address doesn't match where the connection is actually coming from. For something that is allegedly standardized, AS2 has too many configuration options and despite the fact (or becuase of the fact) it has an IETF RFC, it is too easy to mess up the configuration. Here is another real-world thing I've run into a few times. Some AS2 implementations seem very sensitive to dropped packets. I had one big retail partner that failed almost every attempt to pass data. I worked with their Internet person and tried lots of things without success. What finally made the connection work reliably was to enable compression. Go figure. Some AS2 software suites are easier to work with than others. Many AS2 users are fixated on Drummond certification, which requires you to plunk down a lot of money for a certified product. By the time you find out you don't like your AS2 hub, the money is spent. If you can, set up a lab with a few servers, and try several competing AS2 product trial versions before you commit to a vendor. -- Bill Mayhew --- In [email protected], Earl Wertheimer <[EMAIL PROTECTED]> wrote: > > Pete > > > Or, if you can assign the address to be non-numeric, you can *very* > > inexpensively pick up an account with an IP forwarding company. No-ip.com > > or DNS2GO.com work just fine. > > No, that's exactly the problem we are having. We ARE using DNS2GO, but there > seems to be a very long delay for the TP's DNS servers to get the new IP. > > What I need to know is if there is a way to force their DNS server to refresh > the IP sooner... DNS2Go can update the IP on their own DNS servers almost > immediately because of the client software that is always checking and > reporting any changes. > > There is still a propagation delay amongst all the other DNS servers, > especially if the TP has their own DNS server... > > I haven't checked if DNS2GO had any problems, but I've been able to use the URL > for remote access and AS2 tests, so I don't think that they are the problem. > > > > > > -----Original Message----- > > From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of Earl > > Wertheimer > > Sent: Thursday, April 05, 2007 1:34 PM > > To: Mary DeGroot; [email protected] > > Subject: Re: [EDI-L] AS2 and Dynamic IPs > > > > Dale & Mary, > > > > thanks > > > > The TP is claiming that the dynamic IP is the problem. > > > > I 'ping' client AS2 servers regularly, to make sure that they are online. > > If > > they are not, then an email is sent to the admin... > > > > I suspect some kind of 'caching' problem. I am not familiar with the DNS > > TTL > > (Time To Live) settings, but it may be possible that the TP is storing the > > current IP in their DNS server, and when the client's IP changes, the TP is > > still pointing to the old (and incorrect) IP. > > > > They have limited control over their DNS server, so I have to be sure about > > the > > problem and possible solutions. > > > > I would like to resolve the problem without involving the TP too much, if > > possible. > > > > The last resort would be to tell my client to obtain a fixed IP... > > > > > > > > -------------- Original message --------------- > > Date sent: Thu, 05 Apr 2007 11:06:58 -0500 > > From: "Mary DeGroot" <[EMAIL PROTECTED]> > > To: "Earl Wertheimer" <[EMAIL PROTECTED]> > > Send reply to: [EMAIL PROTECTED] > > Subject: Re: [EDI-L] AS2 and Dynamic IPs > > > > > > If BizLink is not using an HTTP proxy, it is using the DNS services on the > > local machine to resolve the URL to an IP address. In this case, the TP > > should go to the BizLink machine and try to access your URL. Take BizLink > > out of the picture by trying these things: > > 1. Try to access the URL through a browser window. The AS2 servers that I > > have used will usually come back with a splash screen or some sort of > > indication that you've hit an AS2 server when using a browser. If it goes > > through with the browser on the BizLink machine, then it's a BizLink > > problem. The problem might be with how they entered the URL into BizLink > > since the only difference in resolving the URL would be with the URL > > entered. If you can't get through via the browser, it's probably a DNS > > service/network issue. > > 2. Try to ping or tracert the URL from the BizLink machine. Ping should at > > least resolve to your current IP address even if ping is turned off on your > > server. Tracert should go through to your current IP address. Again, if it > > doesn't go through they probably have a DNS services / network issue. > > > > If the BizLink machine is pointing to a forward HTTP proxy, then they need > > to do the above tests from the HTTP proxy machine. They should also try to > > access the URL from a browser on the BizLink machine. The browser needs to > > be configured to use the forward HTTP proxy that the BizLink machine is > > using. Make sure that they can get through their proxy and to your URL. They > > need to make sure that the HTTP proxy is set up properly (proxy URL, proxy > > User ID, proxy password) in BizLink and that the outbound transport for you > > is configured to use the proxy. > > > > HTH > > Mary > > > > > > > > > > > > > Has anyone had problem using Dynamic DNS redirection for AS2? > > > > > > One of our clients is using DNS2GO to redirect their URL > > > (www.coname.dns2go.com) to their current IP address. > > > > > > We do this because their ISP does not give them a fixed IP (which is much > > > cheaper). > > > > > > For the last week, one of their TPs has been unable to connect. > > > The TP is using Inovis Bizlink for their AS2. Our client is using > > IP*Works. > > > > > > We have never had problems before... > > > > > > comments??? > > > > > > Earl Wertheimer > > > [EMAIL PROTECTED] > > > http://www.spe-edi.com > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Earl Wertheimer > > [EMAIL PROTECTED] > > http://www.spe-edi.com > > > > > > > > ... > > Please use the following Message Identifiers as your subject prefix: > > <SALES>, <JOBS>, <LIST>, <TECH>, <MISC>, <EVENT>, <OFF-TOPIC> > > > > Job postings are welcome, but for job postings or requests for work: <JOBS> > > IS REQUIRED in the subject line as a prefix. > > Yahoo! Groups Links > > > > > > > > > > > > > > > > __________ NOD32 2169 (20070405) Information __________ > > > > This message was checked by NOD32 antivirus system. > > http://www.eset.com > > > > > > > > -- Earl Wertheimer / [EMAIL PROTECTED] / http://www.spe-edi.com > ... Please use the following Message Identifiers as your subject prefix: <SALES>, <JOBS>, <LIST>, <TECH>, <MISC>, <EVENT>, <OFF-TOPIC> Job postings are welcome, but for job postings or requests for work: <JOBS> IS REQUIRED in the subject line as a prefix. Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/EDI-L/ <*> Your email settings: Individual Email | Traditional <*> To change settings online go to: http://groups.yahoo.com/group/EDI-L/join (Yahoo! ID required) <*> To change settings via email: mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
