Lately I’ve been having connectivity issues on both AIM and ICQ. (I couldn’t remember the last time I was actually logged on.) If you don’t care about the debugging story, skip to the conclusions below.
The first thing I saw is the server accepting my connection (10 seconds after the first SYN), sending me the first AIM packet, and 12 seconds later forcefully dropping the connection (RST). Look at the timestamps:
Thinking I was simply dealing with a really laggy server, I asked Eli to check what server he’s connected to (by running netstat -an | find “5190”). He gave me two servers, and trying them revealed they don’t even answer my SYN packets. (It worked just fine for him.)
There are three possible reasons:
1. The router (due to misconfigured NAT or port forwarding?) or modem is blocking outbound connections to port 5190.
2. My ISP is blocking my traffic to the AIM server.
3. The AIM server’s firewall is rejecting my IP address.
1 is unlikely, but just to check, I had Eli run a Python socket server on port 5190, and tried to connect to it – it worked.
2 is unlikely, and there’s nothing much I can do to check it.
3 is possible though. To test this theory, I rebooted my modem to change IP address.
On my first try, I stayed within the same subnet (22.214.171.124/16) and got the same result.
On my second try, I moved to a different subnet (126.96.36.199/16) and this time, I got a different result:
Like in the first attempt, the server is accepting my connection and answering it, but forcefully disconnecting soon (and this time very quickly, so lag is out of the question).
This proves that the previous subnet I was on is blocked on the server’s side, probably with a firewall such as iptables. But what’s wrong now?
I remembered that the server IPs I got from Eli were on a completely different subnet than the one my ISP’s DNS server had returned. This leads to the theory of nazi load balancing – only certain ISPs can connect to certain AIM servers, and those ISP’s DNS servers are configured accordingly.
Indeed, returning the client configuration to the default “login.oscar.aol.com” solved the problem and I finally managed to connect to both AIM and ICQ.
1. If you’re unable to connect, perhaps your subnet is banned by the server. Get on a different subnet and try again.
2. Don’t connect to a specific server, because AIM’s load balancing scheme (assuming that’s what it is) might reject you. Just connect to the default “login.oscar.aol.com” (or “login.messaging.aol.com”).