Can you implement some features? 1) Load balancing leastconn (like leastconn in haproxy) 2) UDT transport between stunnel instances(with several congestion controls which are already implemented for UDT) 3) SCTP transport between stunnel instances (if can be done in userspace)
P.S. I'm using 400mbit WAN with 55-90ms latency+0-10%packet loss and on one end I can't control TCP settings at all (remote end is on OpenVZ VPS).
On 2013-07-17 16:23, Death Master wrote:
Can you implement some features?
- Load balancing leastconn (like leastconn in haproxy)
leastconn strategy should be fairly easy to implement. I'm adding it to my TODO list: https://www.stunnel.org/sdf_todo.html
- UDT transport between stunnel instances(with several congestion
controls which are already implemented for UDT)
I guess what you want is something like: http://sourceforge.net/projects/udtgate/ IMHO it is a very bad idea to add this functionality in stunnel. According to the KISS principle it should rather be implemented as a separate proxy.
- SCTP transport between stunnel instances (if can be done in userspace)
SSL/TLS requires a data stream as its transport layer. SCTP only provides message-based communication without strict data ordering. Of course it is possible to emulate data stream on top of SCTP, but this would defeat all the advantages of SCTP.
Mike
-
Death Master -
Michal Trojnara