[stunnel-users] more than 1000 concurrent connections?
Trenton Ashburn
tashburn at gmail.com
Tue Jul 3 03:52:59 CEST 2012
Sven -
The error I'm getting is "java.io.IOException: Connection reset by peer" on
the 1017th connection.
"ulimit -n" shows:
999999
"lsof -n -p 6595" shows:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
stunnel 6595 ec2-user cwd DIR 202,1 4096 2 /
stunnel 6595 ec2-user rtd DIR 202,1 4096 2 /
stunnel 6595 ec2-user txt REG 202,1 2510282 8807
/usr/local/bin/stunnel
stunnel 6595 ec2-user mem REG 202,1 1903208 7619 /lib64/
libc-2.12.so
stunnel 6595 ec2-user mem REG 202,1 138328 7643 /lib64/
libpthread-2.12.so
stunnel 6595 ec2-user mem REG 202,1 113432 7629 /lib64/
libnsl-2.12.so
stunnel 6595 ec2-user mem REG 202,1 14584 7651 /lib64/
libutil-2.12.so
stunnel 6595 ec2-user mem REG 202,1 19536 7625 /lib64/
libdl-2.12.so
stunnel 6595 ec2-user mem REG 202,1 154464 17671 /lib64/
ld-2.12.so
stunnel 6595 ec2-user 0u CHR 1,3 0t0 19
/dev/null
stunnel 6595 ec2-user 1u CHR 1,3 0t0 19
/dev/null
stunnel 6595 ec2-user 2u CHR 1,3 0t0 19
/dev/null
stunnel 6595 ec2-user 4r FIFO 0,8 0t0 534916 pipe
stunnel 6595 ec2-user 5w FIFO 0,8 0t0 534916 pipe
stunnel 6595 ec2-user 6u unix 0xffff880001d26900 0t0 534919 socket
stunnel 6595 ec2-user 7u IPv4 534920 0t0 TCP
*:commplex-link (LISTEN)
"cat /etc/security/limits.conf" shows:
# /etc/security/limits.conf
#
#Each line describes a limit for a user in the form:
#
#<domain> <type> <item> <value>
#
#Where:
#<domain> can be:
# - an user name
# - a group name, with @group syntax
# - the wildcard *, for default entry
# - the wildcard %, can be also used with %group syntax,
# for maxlogin limit
#
#<type> can have the two values:
# - "soft" for enforcing the soft limits
# - "hard" for enforcing hard limits
#
#<item> can be one of the following:
# - core - limits the core file size (KB)
# - data - max data size (KB)
# - fsize - maximum filesize (KB)
# - memlock - max locked-in-memory address space (KB)
# - nofile - max number of open files
# - rss - max resident set size (KB)
# - stack - max stack size (KB)
# - cpu - max CPU time (MIN)
# - nproc - max number of processes
# - as - address space limit (KB)
# - maxlogins - max number of logins for this user
# - maxsyslogins - max number of logins on the system
# - priority - the priority to run user process with
# - locks - max number of file locks the user can hold
# - sigpending - max number of pending signals
# - msgqueue - max memory used by POSIX message queues (bytes)
# - nice - max nice priority allowed to raise to values: [-20, 19]
# - rtprio - max realtime priority
#
#<domain> <type> <item> <value>
#
#* soft core 0
#* hard rss 10000
#@student hard nproc 20
#@faculty soft nproc 20
#@faculty hard nproc 50
#ftp hard nproc 0
#@student - maxlogins 4
* - nofile 999999
# End of file
I believe that these settings should all allow way more than 1016
connections.
Any other clues for me?
Cheers,
- Trent
On Mon, Jul 2, 2012 at 6:06 AM, Sven Ulland <sveniu at opera.com> wrote:
> On 07/02/2012 05:21 AM, Trenton Ashburn wrote:
>
>> My client that's connecting to my server behind stunnel just gets
>> it's connection attempts refused.
>>
>
> You're sure it's refused, not a timeout? Is the stunnel process
> running into the max limit of open file descriptors (default is likely
> to be 1024)? See 'ulimit -n', 'lsof -n -p <pid_of_stunnel>',
> /etc/security/limits.conf, etc.
>
> Sven
> ______________________________**_________________
> stunnel-users mailing list
> stunnel-users at stunnel.org
> http://stunnel.mirt.net/**mailman/listinfo/stunnel-users<http://stunnel.mirt.net/mailman/listinfo/stunnel-users>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20120702/8dd7945d/attachment.html>
More information about the stunnel-users
mailing list