Hey folks --
Can anyone tell me where the max number of clients is configured in 4.21? I'm running okay for a while, but then I end up with repeated messages as below in the logs:
2008.11.18 19:13:33 LOG7[26491:46912520933328]: https accepted FD=512 from xx.xx.xx.xx:xxxxx
2008.11.18 19:13:33 LOG4[26491:46912520933328]: Connection rejected: too many clients (>=500)
2008.11.18 19:13:33 LOG7[26491:46912520933328]: https accepted FD=512 from xx.xx.xx.xx:xxxxx
2008.11.18 19:13:33 LOG4[26491:46912520933328]: Connection rejected: too many clients (>=500)
2008.11.18 19:13:33 LOG7[26491:46912520933328]: https accepted FD=512 from xx.xx.xx.xx:xxxxx
2008.11.18 19:13:33 LOG4[26491:46912520933328]: Connection rejected: too many clients (>=500)
[...]
I've only seen reports of this problem, but no solution. Anyone out there who can help?
Thanks in advance!
-Chris
------------- Config below -----------------
ulimit
unlimited
stunnel -version
stunnel 4.21 on x86_64-pc-linux-gnu with OpenSSL 0.9.8g 19 Oct 2007
Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
Global options
debug = 5
pid = /var/run/stunnel4.pid
RNDbytes = 64
RNDfile = /dev/urandom
RNDoverwrite = yes
Service-level options
cert = /etc/stunnel/stunnel.pem
ciphers = AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH
key = /etc/stunnel/stunnel.pem
session = 300 seconds
sslVersion = SSLv3 for client, all for server
TIMEOUTbusy = 300 seconds
TIMEOUTclose = 60 seconds
TIMEOUTconnect = 10 seconds
TIMEOUTidle = 43200 seconds
verify = none
uname -a
Linux domU-12-31-39-01-61-B2 2.6.21.7-2.fc8xen #1 SMP Fri Feb 15 12:34:28 EST 2008 x86_64 GNU/Linux
stunnel -sockets
Socket option defaults:
Option Accept Local Remote OS default
SO_DEBUG -- -- -- 0
SO_DONTROUTE -- -- -- 0
SO_KEEPALIVE -- -- -- 0
SO_LINGER -- -- -- 0:0
SO_OOBINLINE -- -- -- 0
SO_RCVBUF -- -- -- 87380
SO_SNDBUF -- -- -- 16384
SO_RCVLOWAT -- -- -- 1
SO_SNDLOWAT -- -- -- 1
SO_RCVTIMEO -- -- -- 0:0
SO_SNDTIMEO -- -- -- 0:0
SO_REUSEADDR 1 -- -- 0
SO_BINDTODEVICE -- -- -- --
IP_TOS -- -- -- 0
IP_TTL -- -- -- 64
TCP_NODELAY -- -- -- 0
gcc -v
Using built-in specs.
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --enable-languages=c,c++,fortran,objc,obj-c++,treelang --prefix=/usr --enable-shared --with-system-zlib --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --enable-nls --with-gxx-include-dir=/usr/include/c++/4.2 --program-suffix=-4.2 --enable-clocale=gnu --enable-libstdcxx-debug --enable-objc-gc --enable-mpfr --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 4.2.3 (Ubuntu 4.2.3-2ubuntu7)
openssl version
OpenSSL 0.9.8g 19 Oct 2007