[stunnel-users] asymetric difference between Linux and FreeBSD
Joerg F. Wittenberger
Joerg.Wittenberger at softeyes.net
Fri Oct 15 15:01:48 CEST 2004
Hi All,
I'm using stunnel for an Askemos network. This works basically ok,
just on Linux something gets screwed up:
Since both the installations are quite different, I'm asking myself
what to look after for a start. Maybe someone got a better idea than
blindly trying...
The situation:
www.askemos.org:
Linux, openssl 0.9.4, stunnel 3.26
[ Askemos/BALL ] -- stunnel client 3.26 ---> askemos2.tc-mw.de
^ +-> askemos1.tzv.de
|
stunnel 3.26 proxy
|
SSL (port 443)
askemos1.tzv.de and askemos2.tc-mw.de
FreeBSD 4.7, openssl 0.9.7d, stunnel 4.05 proxy, stunnel 3.22 client
[ Askemos/BALL ] -- stunnel client 3.22 ---> askemos2.tc-mw.de
^ +-> askemos1.tzv.de
|
stunnel 4.05 proxy
|
SSL (port 443)
The symptom I'm observing:
The Linux box (garkin) accumulates some threads doing process i/o (all
stunnel clients), which apparently never come to end. But that's only
half the truth, once it has ~20 of them, the old once disappear.
Eventually (today at 2:12) it became unable to open any more
connections (always EOF, wild guess: the ball process ran out of file
descriptors). At 6:26 it stopped to report beeing alive, the watchdog
restarted it and resynchronised to those FreeBSD based machines.
The strange thing is, that all the machines talk (http) to each other
in the byzantine protocol. So how it comes, that
Linux+stunnel-3.26 -> FreeBSD+stunnel-4.05 misses the connection
termination, while
FreeBSD+stunne-3.22 -> {Linux+stunnel-3.26,FreeBSD+stunnel-4.05}
never has a problem?
Any idea/hint will help.
Thanks a lot.
/Jörg
--
The worst of harm may often result from the best of intentions.
More information about the stunnel-users
mailing list