And maybe:

delay = yes | no

delay DNS lookup for the connect option

This option is useful for dynamic DNS, or when DNS is not available during stunnel startup (road warrior VPN, dial-up configurations).

Delayed resolver mode is automatically engaged when stunnel fails to resolve on startup any of the connect targets for a service.

Delayed resolver inflicts failover = prio.

default: no 

So it looks up each connect and notices the change. Actually a very nice feature!

Aaron West

Loadbalancer.org Ltd.

www.loadbalancer.org
+1 888 867 9504 / +44 (0)330 380 1064

LEAVE A REVIEW | DEPLOYMENT GUIDES | BLOG



On Sat, 22 Aug 2020 at 11:35, tayyib ahmed <tayyib76@gmail.com> wrote:
Failover= re option would help you

On Fri, Aug 21, 2020, 22:30 Peter Zhao <pzhao@paymentus.com> wrote:
Hi,

We are trying to use DNS load balance in a stunnel client with round-robin algorithm.  service.example.com is mapping to two ips. But when we update DNS to remove one of ips for   service.example.com stunnel client still forward requests to both ips. How to make stunnel client to resolve domain name and refresh its cache? 


Here is stunnel configuration.
sslVersion=TLSv1.2
cert = /etc/stunnel/stunnel.pem
output=/var/log/stunnel.log

[service-client]
client = yes
accept = localhost:4680
connect = service.example.com:4680

[service-server]
client = no
accept = 10.10.0.16:4680
connect = loclhost:80

Here is the resolving result for service.example.com.
;; ANSWER SECTION:
service.example.com.        5       IN      A       10.10.0.16
service.example.com.        5       IN      A       10.10.0.8


_______________________________________________
stunnel-users mailing list
stunnel-users@stunnel.org
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
_______________________________________________
stunnel-users mailing list
stunnel-users@stunnel.org
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users