[stunnel-users] Question about 'delay = yes' and DNS cache

Michal Trojnara Michal.Trojnara at mirt.net
Thu Jan 16 21:09:54 CET 2014

On 2014-01-16 19:32, John Chow wrote:
> I have a question about the /delay = yes/ config flag and whether or
> not it caches the resolved IP after the initial connection? To give
> context, I want my load balancer (Haproxy) to forward requests to an
> app on Heroku, and I'm using stunnel on my LB box to proxy to Heroku
> via HTTPS. Since the IP for my app's endpoint could potentially change
> (60s DNS TTL), stunnel caching resolved IPs would be a problem.

I specifically introduced the "delay" option to deal with dynamic IP
addresses.  Stunnel does not attempt to cache the IP addresses with
"delay = yes".  The local library may cache them, but it should honor
the TTL.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20140116/90a2e049/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: OpenPGP digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20140116/90a2e049/attachment.sig>

More information about the stunnel-users mailing list