Varnish only working with ports 80, 8080 and 9080
Werner Randelshofer
werner.randelshofer at fibermail.ch
Wed Apr 17 11:49:53 CEST 2013
Hi Paul,
I have stopped the iptables service, so there is no firewall running.
When I start the varnish service, say with port 9000, then the service will not launch, and thus the port is not bound.
I have tried now starting the varnish service with port 80, and setting the port to 9000 with varnishadm.
I get an error 300 "Could not open sockets" as shown below. Port 80 works fine though.
$ varnishadm
param.set listen_address :9000
200
start
300
Could not open sockets
param.set listen_address :80
200
start
200
My backends work fine. I can access them with Konqueror with any port number that I want.
Telnet also works fine.
I am stuck.
Thanks,
Werner
On 16.04.2013, at 15:33, Paul A. Procacci <pprocacci at datapipe.com> wrote:
>> When I use a different port number in VARNISH_LISTEN_PORT, then varnishd does not start.
>> I made sure that the port number is not taken using the command netstat -nltp
>
> Do you have a firewall that is preventing tcp syn's from
> making it to the ports that you specify in your config?
> (Either a hardware or software firewall)
>
> If you don't, when you change the VARNISH_LISTEN_PORT and
> start varnish, does the service show as bound via the
> netstat command that you ran?
>
> If it is bound, can you telnet to the port and issue
> http requests?
>
> If it isn't bound, they'll be logs in your system log
> detailing why it couldn't be bound. What do those logs say?
>
>
>> Also when I use a different port number as backend, then Varnish tells me that the service is unavailable, and tells me that probing fails. However the backend is fully functional, when I connect to its port number.
>
> Are you sure your attempting to connect to the right backend?
> Specifically, 127.0.0.1:8080 is not <ip>:8080 where <ip> is
> the primary ip address of the machine.
>
> Is there a software/hardware firewall preventing the tcp syn's
> from making it to their destination?
>
> Can you telent to the port from the varnish machine and induce
> an http conversation?
>
> ~Paul
>
> ________________________________
>
> This message may contain confidential or privileged information. If you are not the intended recipient, please advise us immediately and delete this message. See http://www.datapipe.com/legal/email_disclaimer/ for further information on confidentiality and the risks of non-secure electronic communication. If you cannot access these links, please notify us by reply message and we will send the contents to you.
>
More information about the varnish-misc
mailing list