Brian
As I said you can reproduce this with stunnel "client = no" , telnet to "accept" port and tcpdump. As soon as you hit ^] and type "q" to close connection you will see "RST" coming from stunnel.
I understand that tcp/ip is not part of stunnel. Theres got to be some way to close() socket and have OS send RST.
Its very old BigIP version 3.3.1
===== bigip.conf =====
pool appgen_1.1.1.69.8843 {
lb_method least_conn
member 2.2.2.140:8843 ratio 1 priority 1
member 2.2.2.150:8843 ratio 1 priority 1
}
pool appgen_1.1.1.69.8844 {
lb_method least_conn
member 2.2.2.140:8844 ratio 1 priority 1
member 2.2.2.150:8844 ratio 1 priority 1
}
vip
1.1.1.69:8843 unit 1 {
netmask 255.255.255.0 broadcast 1.1.1.255
use pool appgen_1.1.1.69.8843
}
vip
1.1.1.69:8844 unit 1 {
netmask 255.255.255.0 broadcast 1.1.1.255
use pool appgen_1.1.1.69.8844
}
=========== stunnel.conf ============
setuid = nobody
setgid = nogroup
CApath = /usr/local/etc/stunnel/certs
cert = /usr/local/etc/stunnel/cacert.pem
key = /usr/local/etc/stunnel/privkey-nopass.pem
debug = 2
output = /var/log/stunnel.log
client = no
verify = 1
delay = yes
[something1]
accept = 8843
connect = 127.0.0.1:11111
TIMEOUTclose = 0
[something2]
accept = 8844
connect =
127.0.0.1:22222
TIMEOUTclose = 0