[stunnel-users] stunnel - connection issue with larger number of connections

Franjo Stipanovic fritzfs at gmail.com
Fri Jun 26 23:35:36 CEST 2009


Hello,

have anyone experienced a issue with stunnel when there's a larger number of
concurrent connections (>50)?

I've got my application service and stress tester for it. I've placed
stunnel in front of application service because I allow clients only to
connect to application service using SSL. When stress tester communicates
directly with application service with 100 concurrent connections (threads)
there's no issue, but when I connect over SSL (thru stunnel) more than 50%
of connections fails with error : connection refused :(

Seems like there's a limit in windows server for number of threads per
process since stunnel does one thread per connection, right?

Any idea on how can I test this further?

stunnel information:
 stunnel 4.22 on x86-pc-mingw32-gnu with OpenSSL 0.9.8g 19 Oct 2007
 Threading:WIN32 SSL:ENGINE Sockets:SELECT,IPv6

 Global options
 debug           = 5
 RNDbytes        = 64
 RNDoverwrite    = yes
 service         = stunnel
 taskbar         = yes

 Service-level options
 cert            = stunnel.pem
 ciphers         = AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH
 key             = stunnel.pem
 session         = 300 seconds
 stack           = 65536 bytes
 sslVersion      = SSLv3 for client, all for server
 TIMEOUTbusy     = 300 seconds
 TIMEOUTclose    = 60 seconds
 TIMEOUTconnect  = 10 seconds
 TIMEOUTidle     = 43200 seconds
 verify          = none

 Socket option defaults:
    Option          Accept    Local     Remote    OS default
    SO_DEBUG            --        --        --             0
    SO_DONTROUTE        --        --        --             0
    SO_KEEPALIVE        --        --        --             0
    SO_LINGER           --        --        --    0:0
    SO_OOBINLINE        --        --        --             0
    SO_RCVBUF           --        --        --          8192
    SO_SNDBUF           --        --        --          8192
    SO_RCVLOWAT         --        --        --        --
    SO_SNDLOWAT         --        --        --        --
    SO_RCVTIMEO         --        --        --         0:0
    SO_SNDTIMEO         --        --        --         0:0
    SO_REUSEADDR             1    --        --             0
    IP_TOS              --        --        --             0
    IP_TTL              --        --        --            32
    TCP_NODELAY         --        --        --             0

Software configuration:
 Windows Server 2003 R2 - Enterprise x64 Edition

Hardware configuration:
 Intel Core 2 Duo
 1 GB RAM

Kind regards,
fritz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20090626/7b00100e/attachment.html>


More information about the stunnel-users mailing list