When I use either of these two versions of stunnel the round-robin for “connect” only sends connections to the first host listed on the configuration file. However the round-robin works in Stunnel 4.56,4.55,4.54 and 4.53. Anyone else have this issue?
Thank you,
Pete Sangas
./stunnel -version
stunnel 5.00 on x86_64-unknown-linux-gnu platform
Compiled/running with OpenSSL 1.0.1g 7 Apr 2014
Threading:PTHREAD Sockets:POLL,IPv6 SSL:ENGINE,OCSP,FIPS
Global options:
debug = daemon.notice
RNDbytes = 64
RNDfile = /dev/urandom
RNDoverwrite = yes
Service-level options:
ciphers = FIPS (with "fips = yes")
ciphers = HIGH:MEDIUM:+3DES:+DH:!aNULL:!SSLv2 (with "fips = no")
curve = prime256v1
sessionCacheSize = 1000
sessionCacheTimeout = 300 seconds
sslVersion = TLSv1 (with "fips = yes")
sslVersion = TLSv1 for client, all for server (with "fips = no")
stack = 65536 bytes
TIMEOUTbusy = 300 seconds
TIMEOUTclose = 60 seconds
TIMEOUTconnect = 10 seconds
TIMEOUTidle = 43200 seconds
verify = none
Config file :
CApath = /xxx/certs/trusted
CAfile = /yyy/cacert.pem
ciphers = RC4-SHA
debug = daemon.7
pid = /zzz/stunnel.pid
options = NO_SSLv2
foreground = yes
setgid = gid1
setuid = uid1
delay = no
fips=no
[stunnel]
TIMEOUTidle=86400
verify = 3
cert = /path/servercert.pem
accept = 443
failover=rr
connect = 10.1.1.50:23
connect = 10.1.1.60:23