I'm trying to hook up stunnel and haproxy to forward https connections through to some backend servers.
I've got haproxy setup right, and I seem to have stunnel set up right. Trouble is that when I hit the setup with a load test after a while I start to see these log entries (I've included the last few entries from proper connections before I started to get the connection rejected error):
2010.05.05 11:23:29 LOG7[3498:3086792368]: https accepted FD=510 from 10.195.158.225:42722
2010.05.05 11:23:29 LOG7[3498:3035233168]: https started
2010.05.05 11:23:29 LOG7[3498:3035233168]: FD 510 in non-blocking mode
2010.05.05 11:23:29 LOG7[3498:3035233168]: TCP_NODELAY option set on local socket
2010.05.05 11:23:29 LOG7[3498:3035233168]: Waiting for a libwrap process
2010.05.05 11:23:29 LOG7[3498:3086792368]: https accepted FD=511 from 10.195.158.225:42723
2010.05.05 11:23:29 LOG7[3498:3035167632]: https started
2010.05.05 11:23:29 LOG7[3498:3035167632]: FD 511 in non-blocking mode
2010.05.05 11:23:29 LOG7[3498:3035167632]: TCP_NODELAY option set on local socket
2010.05.05 11:23:29 LOG7[3498:3035167632]: Waiting for a libwrap process
2010.05.05 11:23:30 LOG7[3498:3086792368]: https accepted FD=512 from 10.195.158.225:42724
2010.05.05 11:23:30 LOG4[3498:3086792368]: Connection rejected: too many clients (>=500)
2010.05.05 11:23:30 LOG7[3498:3086792368]: https accepted FD=512 from 10.195.158.225:42725
2010.05.05 11:23:30 LOG4[3498:3086792368]: Connection rejected: too many clients (>=500)
I guess I've hit a limit somewhere but I wasn't sure how to fix it, there doesn't seem to be a config file option for stunnel to change this.
Does anyone know how to configure stunnel for a potentially large number of connections?
