Adamson H wrote:
Hi, stunnel 4.26 solves a number of issues running on FreeBSD. However, a stunnel client still has a problem reconnecting to a host with dynamic DNS service after the host IP has changed. Stunnel client seems unaware of the host update, pointing the dynamic DNS name to the old outdated IP. In order to get reconnected to the host, I have to create a cron script to detect the IP change and restart stunnel on the stunnel client. My client conf file has the following:
[1873] accept = 1873 connect = hostname.dynaip.org:1873
The ip of hostname.dynaip.org changes at a random interval.
The solution is: delay = yes
Best regards, Mike _______________________________________________ stunnel-users mailing list stunnel-users@mirt.net mailto:stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
I added delay = yes to my stunnel client conf file and removed the cron script. The rsync job (873) failed after the IP of the stunnel host had changed. I had to manually restart stunnel to get the job done and put the cron script back again.
delay = yes does not with work with ddns.
Regards, Adamson H
Adamson H wrote:
I added delay = yes to my stunnel client conf file and removed the cron script. The rsync job (873) failed after the IP of the stunnel host had changed. I had to manually restart stunnel to get the job done and put the cron script back again.
delay = yes does not with work with ddns.
That's really strange. The relevant client.c code is:
/* setup address_list */ if(c->opt->option.delayed_lookup) { resolved_list.num=0; if(!name2addrlist(&resolved_list, c->opt->remote_address, DEFAULT_LOOPBACK)){ s_log(LOG_ERR, "No host resolved"); longjmp(c->err, 1); } address_list=&resolved_list; } else /* use pre-resolved addresses */ address_list=&c->opt->remote_addr;
Maybe you use some kind of advanced/broken resolver library that caches IP addresses?
Best regards, Mike
Hi, I have named local resolver enabled on the stunnel client (FreeBSD 7.0). I did a test on the client and found there was no problem with the local resolver.
1. on the stunnel client: dig hostname.dynaip.org --> points to the correct IP of the stunnel host 2. restart ppp on stunnel host to get a new IP 3. on the stunnel client: dig hostname.dynaip.org --> points to the updated IP of the stunnel host
I tested ftp service on the stunnel host without going through stunnel, and it worked before and after the IP change.
Regards, Adamson H
-------- Original Message -------- Subject: Re: [stunnel-users] stunnel client connecting to host with dynamic From: Michal Trojnara Michal.Trojnara@mobi-com.net To: stunnel-users@mirt.net Date: 02/10/2009 10:32 PM
Adamson H wrote:
I added delay = yes to my stunnel client conf file and removed the cron script. The rsync job (873) failed after the IP of the stunnel host had changed. I had to manually restart stunnel to get the job done and put the cron script back again.
delay = yes does not with work with ddns.
That's really strange. The relevant client.c code is:
/* setup address_list */ if(c->opt->option.delayed_lookup) { resolved_list.num=0; if(!name2addrlist(&resolved_list, c->opt->remote_address, DEFAULT_LOOPBACK)){ s_log(LOG_ERR, "No host resolved"); longjmp(c->err, 1); } address_list=&resolved_list; } else /* use pre-resolved addresses */ address_list=&c->opt->remote_addr;Maybe you use some kind of advanced/broken resolver library that caches IP addresses?
Best regards, Mike _______________________________________________ stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
If you watch port 53 (tcpdump, tshark, etc.), do you see a request leave the host and come back with the old name? It sounds to me like you're getting a stale value from the cache somewhere...
Can you run stunnel under strace or gdb and see what it does to get the hostname resolved?
On Tue, Feb 10, 2009 at 11:08:36PM +0800, Adamson H wrote:
Hi, I have named local resolver enabled on the stunnel client (FreeBSD 7.0). I did a test on the client and found there was no problem with the local resolver.
- on the stunnel client: dig hostname.dynaip.org --> points to the
correct IP of the stunnel host 2. restart ppp on stunnel host to get a new IP 3. on the stunnel client: dig hostname.dynaip.org --> points to the updated IP of the stunnel host
I tested ftp service on the stunnel host without going through stunnel, and it worked before and after the IP change.
Regards, Adamson H
-------- Original Message -------- Subject: Re: [stunnel-users] stunnel client connecting to host with dynamic From: Michal Trojnara Michal.Trojnara@mobi-com.net To: stunnel-users@mirt.net Date: 02/10/2009 10:32 PM
Adamson H wrote:
I added delay = yes to my stunnel client conf file and removed the cron script. The rsync job (873) failed after the IP of the stunnel host had changed. I had to manually restart stunnel to get the job done and put the cron script back again.
delay = yes does not with work with ddns.
That's really strange. The relevant client.c code is:
/* setup address_list */ if(c->opt->option.delayed_lookup) { resolved_list.num=0; if(!name2addrlist(&resolved_list, c->opt->remote_address, DEFAULT_LOOPBACK)){ s_log(LOG_ERR, "No host resolved"); longjmp(c->err, 1); } address_list=&resolved_list; } else /* use pre-resolved addresses */ address_list=&c->opt->remote_addr;Maybe you use some kind of advanced/broken resolver library that caches IP addresses?
Best regards, Mike _______________________________________________ stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
Sorry for messing things up. I forgot to restart stunnel after adding relay = yes to the conf file. It works OK for me now.
Regards, Adamson H
-------- Original Message -------- Subject: Re: [stunnel-users] stunnel client connecting to host with dynamic From: C.J. Adams-Collier cjac@colliertech.org To: Adamson H adamson@polycastle.3322.org Date: 02/11/2009 02:59 AM
If you watch port 53 (tcpdump, tshark, etc.), do you see a request leave the host and come back with the old name? It sounds to me like you're getting a stale value from the cache somewhere...
Can you run stunnel under strace or gdb and see what it does to get the hostname resolved?
On Tue, Feb 10, 2009 at 11:08:36PM +0800, Adamson H wrote:
Hi, I have named local resolver enabled on the stunnel client (FreeBSD 7.0). I did a test on the client and found there was no problem with the local resolver.
- on the stunnel client: dig hostname.dynaip.org --> points to the
correct IP of the stunnel host 2. restart ppp on stunnel host to get a new IP 3. on the stunnel client: dig hostname.dynaip.org --> points to the updated IP of the stunnel host
I tested ftp service on the stunnel host without going through stunnel, and it worked before and after the IP change.
Regards, Adamson H
-------- Original Message -------- Subject: Re: [stunnel-users] stunnel client connecting to host with dynamic From: Michal Trojnara Michal.Trojnara@mobi-com.net To: stunnel-users@mirt.net Date: 02/10/2009 10:32 PM
Adamson H wrote:
I added delay = yes to my stunnel client conf file and removed the cron script. The rsync job (873) failed after the IP of the stunnel host had changed. I had to manually restart stunnel to get the job done and put the cron script back again.
delay = yes does not with work with ddns.
That's really strange. The relevant client.c code is:
/* setup address_list */ if(c->opt->option.delayed_lookup) { resolved_list.num=0; if(!name2addrlist(&resolved_list, c->opt->remote_address, DEFAULT_LOOPBACK)){ s_log(LOG_ERR, "No host resolved"); longjmp(c->err, 1); } address_list=&resolved_list; } else /* use pre-resolved addresses */ address_list=&c->opt->remote_addr;Maybe you use some kind of advanced/broken resolver library that caches IP addresses?
Best regards, Mike _______________________________________________ stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
-
Adamson H -
C.J. Adams-Collier -
Michal Trojnara