<div><br></div><div>Sven -</div><div><br></div><div>The error I'm getting is "<span class="s1">java.io.IOException</span>: Connection reset by peer" on the 1017th connection.</div>
<div><br></div><div>"ulimit -n" shows:</div><div><br></div><div><font face="courier new, monospace">999999</font></div><div><br></div><div>"lsof -n -p 6595" shows:</div><div><br></div><div><font face="courier new, monospace">COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME</font></div>
<div><font face="courier new, monospace">stunnel 6595 ec2-user cwd DIR 202,1 4096 2 /</font></div><div><font face="courier new, monospace">stunnel 6595 ec2-user rtd DIR 202,1 4096 2 /</font></div>
<div><font face="courier new, monospace">stunnel 6595 ec2-user txt REG 202,1 2510282 8807 /usr/local/bin/stunnel</font></div><div><font face="courier new, monospace">stunnel 6595 ec2-user mem REG 202,1 1903208 7619 /lib64/<a href="http://libc-2.12.so">libc-2.12.so</a></font></div>
<div><font face="courier new, monospace">stunnel 6595 ec2-user mem REG 202,1 138328 7643 /lib64/<a href="http://libpthread-2.12.so">libpthread-2.12.so</a></font></div><div><font face="courier new, monospace">stunnel 6595 ec2-user mem REG 202,1 113432 7629 /lib64/<a href="http://libnsl-2.12.so">libnsl-2.12.so</a></font></div>
<div><font face="courier new, monospace">stunnel 6595 ec2-user mem REG 202,1 14584 7651 /lib64/<a href="http://libutil-2.12.so">libutil-2.12.so</a></font></div><div><font face="courier new, monospace">stunnel 6595 ec2-user mem REG 202,1 19536 7625 /lib64/<a href="http://libdl-2.12.so">libdl-2.12.so</a></font></div>
<div><font face="courier new, monospace">stunnel 6595 ec2-user mem REG 202,1 154464 17671 /lib64/<a href="http://ld-2.12.so">ld-2.12.so</a></font></div><div><font face="courier new, monospace">stunnel 6595 ec2-user 0u CHR 1,3 0t0 19 /dev/null</font></div>
<div><font face="courier new, monospace">stunnel 6595 ec2-user 1u CHR 1,3 0t0 19 /dev/null</font></div><div><font face="courier new, monospace">stunnel 6595 ec2-user 2u CHR 1,3 0t0 19 /dev/null</font></div>
<div><font face="courier new, monospace">stunnel 6595 ec2-user 4r FIFO 0,8 0t0 534916 pipe</font></div><div><font face="courier new, monospace">stunnel 6595 ec2-user 5w FIFO 0,8 0t0 534916 pipe</font></div>
<div><font face="courier new, monospace">stunnel 6595 ec2-user 6u unix 0xffff880001d26900 0t0 534919 socket</font></div><div><font face="courier new, monospace">stunnel 6595 ec2-user 7u IPv4 534920 0t0 TCP *:commplex-link (LISTEN)</font></div>
<div><br></div><div>"cat /etc/security/limits.conf" shows:</div><div><br></div><div><font face="courier new, monospace"># /etc/security/limits.conf</font></div><div><div><font face="courier new, monospace">#</font></div>
<div><font face="courier new, monospace">#Each line describes a limit for a user in the form:</font></div><div><font face="courier new, monospace">#</font></div><div><font face="courier new, monospace">#<domain> <type> <item> <value></font></div>
<div><font face="courier new, monospace">#</font></div><div><font face="courier new, monospace">#Where:</font></div><div><font face="courier new, monospace">#<domain> can be:</font></div><div><font face="courier new, monospace"># - an user name</font></div>
<div><font face="courier new, monospace"># - a group name, with @group syntax</font></div><div><font face="courier new, monospace"># - the wildcard *, for default entry</font></div><div><font face="courier new, monospace"># - the wildcard %, can be also used with %group syntax,</font></div>
<div><font face="courier new, monospace"># for maxlogin limit</font></div><div><font face="courier new, monospace">#</font></div><div><font face="courier new, monospace">#<type> can have the two values:</font></div>
<div><font face="courier new, monospace"># - "soft" for enforcing the soft limits</font></div><div><font face="courier new, monospace"># - "hard" for enforcing hard limits</font></div><div>
<font face="courier new, monospace">#</font></div><div><font face="courier new, monospace">#<item> can be one of the following:</font></div><div><font face="courier new, monospace"># - core - limits the core file size (KB)</font></div>
<div><font face="courier new, monospace"># - data - max data size (KB)</font></div><div><font face="courier new, monospace"># - fsize - maximum filesize (KB)</font></div><div><font face="courier new, monospace"># - memlock - max locked-in-memory address space (KB)</font></div>
<div><font face="courier new, monospace"># - nofile - max number of open files</font></div><div><font face="courier new, monospace"># - rss - max resident set size (KB)</font></div><div><font face="courier new, monospace"># - stack - max stack size (KB)</font></div>
<div><font face="courier new, monospace"># - cpu - max CPU time (MIN)</font></div><div><font face="courier new, monospace"># - nproc - max number of processes</font></div><div><font face="courier new, monospace"># - as - address space limit (KB)</font></div>
<div><font face="courier new, monospace"># - maxlogins - max number of logins for this user</font></div><div><font face="courier new, monospace"># - maxsyslogins - max number of logins on the system</font></div>
<div><font face="courier new, monospace"># - priority - the priority to run user process with</font></div><div><font face="courier new, monospace"># - locks - max number of file locks the user can hold</font></div>
<div><font face="courier new, monospace"># - sigpending - max number of pending signals</font></div><div><font face="courier new, monospace"># - msgqueue - max memory used by POSIX message queues (bytes)</font></div>
<div><font face="courier new, monospace"># - nice - max nice priority allowed to raise to values: [-20, 19]</font></div><div><font face="courier new, monospace"># - rtprio - max realtime priority</font></div>
<div><font face="courier new, monospace">#</font></div><div><font face="courier new, monospace">#<domain> <type> <item> <value></font></div><div><font face="courier new, monospace">#</font></div>
<div><font face="courier new, monospace"><br></font></div><div><font face="courier new, monospace">#* soft core 0</font></div><div><font face="courier new, monospace">#* hard rss 10000</font></div>
<div><font face="courier new, monospace">#@student hard nproc 20</font></div><div><font face="courier new, monospace">#@faculty soft nproc 20</font></div><div><font face="courier new, monospace">#@faculty hard nproc 50</font></div>
<div><font face="courier new, monospace">#ftp hard nproc 0</font></div><div><font face="courier new, monospace">#@student - maxlogins 4</font></div><div><font face="courier new, monospace">* - nofile 999999</font></div>
<div><font face="courier new, monospace"><br></font></div><div><font face="courier new, monospace"># End of file</font></div></div><div><br></div><div><br></div><div>I believe that these settings should all allow way more than 1016 connections.</div>
<div><br></div><div>Any other clues for me?</div><div><br></div><div>Cheers,</div><div><br></div><div>- Trent</div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div class="gmail_quote">
On Mon, Jul 2, 2012 at 6:06 AM, Sven Ulland <span dir="ltr"><<a href="mailto:sveniu@opera.com" target="_blank">sveniu@opera.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On 07/02/2012 05:21 AM, Trenton Ashburn wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
My client that's connecting to my server behind stunnel just gets<br>
it's connection attempts refused.<br>
</blockquote>
<br>
You're sure it's refused, not a timeout? Is the stunnel process<br>
running into the max limit of open file descriptors (default is likely<br>
to be 1024)? See 'ulimit -n', 'lsof -n -p <pid_of_stunnel>',<br>
/etc/security/limits.conf, etc.<br>
<br>
Sven<br>
______________________________<u></u>_________________<br>
stunnel-users mailing list<br>
<a href="mailto:stunnel-users@stunnel.org" target="_blank">stunnel-users@stunnel.org</a><br>
<a href="http://stunnel.mirt.net/mailman/listinfo/stunnel-users" target="_blank">http://stunnel.mirt.net/<u></u>mailman/listinfo/stunnel-users</a><br>
</blockquote></div><br>