PROXY protocol

Martin Blix Grydeland martin at varnish-software.com
Wed Dec 12 16:14:31 CET 2012


Hi Roger,

Please find answers in-line.

Regards,
Martin Blix Grydeland

On Wed, Dec 12, 2012 at 3:27 PM, Roger Nesbitt <roger at seriousorange.com>wrote:

> Hi Martin,
>
> Thanks for the comments.  I agree your strategy is a cleaner one.  It's
> going to mean that I have to understand the Varnish code to a greater
> depth, but I've got some time free so I'm happy to do that.
>

> How would you suggest that the user configures a particular port so that
> it uses the PROXY handler instead of the HTTP one?  Maybe this is a new
> feature that I'm not aware of.  Any docs or code you can point me at would
> be greatly appreciated.
>

My first thought is to add some optional prefix with the protocol selection
in front on the listening options to varnishd, defaulting to http1 if not
present. A bit like how the -s option is handled. E.g. "-a localhost:80 -a
proxy,localhost:444 -a http1,:8080"

Some indirection should be on the listening socket structs to determine
which function then should get called to set up the connection for
processing by the correct fsm. Also some pointer on the session struct to
point to the fsm handling the connection will be needed. Note that this is
plugging code not yet existing that will have to be added as well.

We don't handle any other protocols than regular HTTP1(.1) at this time.
Though the changes into two fsm's in master, one for the connection
(cache_http1_fsm.c) and one for the requests (cache_req_fsm.c) should make
it easier to add the PROXY support as well. So I'm thinking having a
cache_proxy_fsm.c to handle the PROXY part, where the PROXY line should be
read and parsed, and then changing to cache_http1_fsm.c when all has been
processed and verified is the way to go. (FSM here is finite-state-machine)

Disclaimer: This is based on my understanding of Poul-Henning's vision of
how the multiprotocol support will be in Varnish, so this may not be sound
advice ;-)


>
> A summary document of the abbreviations used in the code would help too, I
> looked through the wiki but didn't find anything that explains all the
> three- and four-letter acronyms.
>

https://www.varnish-cache.org/trac/wiki/VTLA is the only documentation
available for those, but I guess it isn't completely up-to-date.


>
> Thanks,
> Roger
>
>
> --
<http://varnish-software.com>*Martin Blix Grydeland*
Senior Developer | Varnish Software AS
Cell: +47 21 98 92 60
We Make Websites Fly!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-dev/attachments/20121212/34009738/attachment.html>


More information about the varnish-dev mailing list