Hey folks --
Can anyone tell me where the max number of clients is configured in 4.21? I'm running okay for a while, but then I end up with repeated messages as below in the logs:
2008.11.18 19:13:33 LOG7[26491:46912520933328]: https accepted FD=512 from xx.xx.xx.xx:xxxxx 2008.11.18 19:13:33 LOG4[26491:46912520933328]: Connection rejected: too many clients (>=500) 2008.11.18 19:13:33 LOG7[26491:46912520933328]: https accepted FD=512 from xx.xx.xx.xx:xxxxx 2008.11.18 19:13:33 LOG4[26491:46912520933328]: Connection rejected: too many clients (>=500) 2008.11.18 19:13:33 LOG7[26491:46912520933328]: https accepted FD=512 from xx.xx.xx.xx:xxxxx 2008.11.18 19:13:33 LOG4[26491:46912520933328]: Connection rejected: too many clients (>=500) [...]
I've only seen reports of this problem, but no solution. Anyone out there who can help?
Thanks in advance!
-Chris
------------- Config below -----------------
ulimit unlimited
stunnel -version stunnel 4.21 on x86_64-pc-linux-gnu with OpenSSL 0.9.8g 19 Oct 2007 Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
Global options debug = 5 pid = /var/run/stunnel4.pid RNDbytes = 64 RNDfile = /dev/urandom RNDoverwrite = yes
Service-level options cert = /etc/stunnel/stunnel.pem ciphers = AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH key = /etc/stunnel/stunnel.pem session = 300 seconds sslVersion = SSLv3 for client, all for server TIMEOUTbusy = 300 seconds TIMEOUTclose = 60 seconds TIMEOUTconnect = 10 seconds TIMEOUTidle = 43200 seconds verify = none
uname -a Linux domU-12-31-39-01-61-B2 2.6.21.7-2.fc8xen #1 SMP Fri Feb 15 12:34:28 EST 2008 x86_64 GNU/Linux
stunnel -sockets Socket option defaults: Option Accept Local Remote OS default SO_DEBUG -- -- -- 0 SO_DONTROUTE -- -- -- 0 SO_KEEPALIVE -- -- -- 0 SO_LINGER -- -- -- 0:0 SO_OOBINLINE -- -- -- 0 SO_RCVBUF -- -- -- 87380 SO_SNDBUF -- -- -- 16384 SO_RCVLOWAT -- -- -- 1 SO_SNDLOWAT -- -- -- 1 SO_RCVTIMEO -- -- -- 0:0 SO_SNDTIMEO -- -- -- 0:0 SO_REUSEADDR 1 -- -- 0 SO_BINDTODEVICE -- -- -- -- IP_TOS -- -- -- 0 IP_TTL -- -- -- 64 TCP_NODELAY -- -- -- 0
gcc -v Using built-in specs. Target: x86_64-linux-gnu Configured with: ../src/configure -v --enable-languages=c,c++,fortran,objc,obj-c++,treelang --prefix=/usr --enable-shared --with-system-zlib --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --enable-nls --with-gxx-include-dir=/usr/include/c++/4.2 --program-suffix=-4.2 --enable-clocale=gnu --enable-libstdcxx-debug --enable-objc-gc --enable-mpfr --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu Thread model: posix gcc version 4.2.3 (Ubuntu 4.2.3-2ubuntu7)
openssl version OpenSSL 0.9.8g 19 Oct 2007
On Tue, 2008-11-18 11:21:38 -0800, Chris Charman wrote:
Hey folks --
Can anyone tell me where the max number of clients is configured in 4.21? I'm running okay for a while, but then I end up with repeated messages as below in the logs:
[..]
------------- Config below -----------------
ulimit unlimited
Hi Chris,
At least for my bash, 'ulimit' without any options returns the limit for the file size. To get the limit for the number of files, I have to type 'ulimit -n' or 'ulimit -a' (and get 1024).
On our linux box, stunnel logs the following on startup:
FD_SETSIZE=1024, file ulimit=1024 -> 500 clients allowed
which seems to match your observation.
I vaguely remember the limit for the number of open files on linux can be adjusted somewhere in the /proc file system, but I don't really know.
In any case, the limit you are hitting is set by the operating system.
Ludolf
I figured it out, actually. Adding a ulimit -n (some number) to the init script did the trick.
On Tue, Nov 18, 2008 at 12:27 PM, Ludolf Holzheid < lholzheid@bihl-wiedemann.de> wrote:
On Tue, 2008-11-18 11:21:38 -0800, Chris Charman wrote:
Hey folks --
Can anyone tell me where the max number of clients is configured in 4.21? I'm running okay for a while, but then I end up with repeated messages as below in the logs:
[..]
------------- Config below -----------------
ulimit unlimited
Hi Chris,
At least for my bash, 'ulimit' without any options returns the limit for the file size. To get the limit for the number of files, I have to type 'ulimit -n' or 'ulimit -a' (and get 1024).
On our linux box, stunnel logs the following on startup:
FD_SETSIZE=1024, file ulimit=1024 -> 500 clients allowed
which seems to match your observation.
I vaguely remember the limit for the number of open files on linux can be adjusted somewhere in the /proc file system, but I don't really know.
In any case, the limit you are hitting is set by the operating system.
Ludolf
--
Ludolf Holzheid Tel: +49 621 339960 Bihl+Wiedemann GmbH Fax: +49 621 3392239 Floßwörthstraße 41 e-mail: lholzheid@bihl-wiedemann.de D-68199 Mannheim, Germany