[stunnel-users] Effect of SIGHUP on connections
Philippe Anctil
philippe.anctil at gmail.com
Thu Feb 11 21:10:03 CET 2016
Hello,
I have been testing if sending sighup to stunnel has adverse effects on
existing connections (in fork mode, v5.19). I have found new connections
may fail to complete.
In real world scenarios it is not a big issue. First you will reload only
once. Second, you will probably do it during slow hours. Chances to impact
someone are very low.
In any case, I wanted to understand the circumstances leading to failed
connections.
My test is simple. I try to establish 10 connections at 1 second interval.
At the same time, I generate a lot of sighup signals. At least one
connection fails every time.
Even with debug turned on, I can't find any indication of failed
connections in stunnel log.
But the real mystery is this. If I run a tcp capture, I will see
established connections.
29 2016-02-10 12:07:14.304987 0.000000 142.168.148.114
142.168.66.111 TCP 66 56572→4443 [SYN] Seq=0 Win=8192 Len=0
MSS=1260 WS=256 SACK_PERM=1
30 2016-02-10 12:07:14.305001 0.000014 142.168.66.111
142.168.148.114 TCP 66 4443→56572 [SYN, ACK] Seq=0 Ack=1
Win=5840 Len=0 MSS=1460 SACK_PERM=1 WS=128
31 2016-02-10 12:07:14.312908 0.007907 142.168.148.114
142.168.66.111 TCP 60 56572→4443 [ACK] Seq=1 Ack=1
Win=66560 Len=0
32 2016-02-10 12:07:14.312918 0.000010 142.168.66.111
142.168.148.114 TCP 54 4443→56572 [RST] Seq=1 Win=0 Len=0
33 2016-02-10 12:07:14.313097 0.000179 142.168.148.114
142.168.66.111 SSL 371 Client Hello
34 2016-02-10 12:07:14.313102 0.000005 142.168.66.111
142.168.148.114 TCP 54 4443→56572 [RST] Seq=1 Win=0 Len=0
How could a tcp connection be established and yet find no indication of
that in stunnel.log?
Thanks!
--
Philippe Anctil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20160211/7dfc195c/attachment.html>
More information about the stunnel-users
mailing list