[stunnel-users] ephemeral port limit

Frank Liu gfrankliu at gmail.com
Sat Apr 26 19:38:02 CEST 2014


I am trying to use stunnel to add ssl support to my app. My app and linux
server are tuned to accept 200k+ connections without a problem. When adding
stunnel on the same server, the connection stops when it reaches 64k due to
stunnel uses ephemeral ports to connect to my app on the localhost.

Any suggestions how to get around this limit?

One thing I am thinking of is to add 10 virtual interfaces on loopback:
lo0:2, lo0:3, etc with ip, etc. Can stunnel be
configured to cycle through a pool of ip for outbound connection to my app
listening on That would give 10x64k of ephemeral ports. I see
stunnel has "local" to specify outgoing ip, but I am not sure if it
supports a list of ip or use multiple times. If so, will it round robin the

