[stunnel-users] MySQL replication with stunnel, connection closed after some time

Michal Trojnara Michal.Trojnara at mobi-com.net
Thu Oct 15 15:51:43 CEST 2009


Marcel Kirsch wrote:
> Is there any way to
> configure stunnel to keep the connection between the to servers alive
> even after an hour of zero traffic? I thought that TIMEOUTidle would be
> the answer to my problem, but it had no effect.
[cut]
> 2009.10.09 09:53:48 LOG3[31073:1091389776]: SSL_read: Connection reset
> by peer (104)

I'm pretty sure there is a network device (some kind of statefull firewall
or NAT) between these machines.  I think the timeout is caused by the TCP
state expired rater than by stunnel.

I think enabling TCP keepalives could be an effective workaround:

socket = l:SO_KEEPALIVE=1
socket = r:SO_KEEPALIVE=1

The trick is to generate some traffic on an idle connection to convince the
network device that this TCP connection is not dead.

An alternative solution would be to increase the TCP state timeout on the
network device.

Best regards,
Mike



More information about the stunnel-users mailing list