[stunnel-users] Accept on same port to ethernet aliases

John Morrison jmorriso at hotmail.com
Wed Jun 27 18:01:36 CEST 2012 

Hi,

Is it possible to configure stunnel to use the same port on different IP addresses that are Ethernet aliases?

I have successfully set up a configuration file accepting SSL connections. Firstly I did this on all IP addresses by using the following configuration lines:

accept  = 443
connect = 80

This worked correctly.

I then attempted to setup a second configuration file on an aliased Ethernet address.

The configuration file settings are:

test1.conf
accept  = 10.168.1.132:443
connect = 10.168.1.132:80

test2.conf
accept  = 10.168.1.133:443
connect = 10.168.1.133:80


Stunnel is able to start the first configuration file, but not the second. The error message I can see when I run the second configuration file in the foreground is:

accept socket: FD=11 allocated (non-blocking mode)
Option SO_REUSEADDR set on accept socket
Error binding https to 10.168.1.133:443
bind: Address already in use (98)

and if I telnet to 10.168.1.133 on port 443 the connection is accepted.

I have attempted to use the binding socket options in the configuration files as described in the manual:

socket = a:SO_BINDTODEVICE=eth0:0
and
socket = a:SO_BINDTODEVICE=eth0:1


However in this case stunnel will not start either configuration file. The error message I receive is:
Option SO_REUSEADDR set on accept socket
SO_BINDTODEVICE: No such device (19)

Is there a different way to configure stunnel to allow this to work? My ipconfig settings are below.

I am running the ubuntu 10.04 version of stunnel. The version output is:

stunnel 4.35 on x86_64-pc-linux-gnu with OpenSSL 1.0.0e 6 Sep 2011
Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP


Thanks,

John


eth0:0    Link encap:Ethernet  HWaddr 3c:4a:92:6d:0b:08
          inet addr:10.168.1.132  Bcast:10.168.1.132  Mask:255.255.255.255
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:16 Memory:f4000000-f4012800

eth0:1    Link encap:Ethernet  HWaddr 3c:4a:92:6d:0b:08
          inet addr:10.168.1.133  Bcast:10.168.1.133  Mask:255.255.255.255
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:16 Memory:f4000000-f4012800

More information about the stunnel-users mailing list