varnish 2.0.4 and new config changes

Kristian Lyngstol kristian at redpill-linpro.com
Tue Apr 7 13:46:42 CEST 2009


On Tue, Apr 07, 2009 at 04:11:04AM -0700, Jauder Ho wrote:
> On Tue, Apr 7, 2009 at 3:19 AM, Kristian Lyngstol
> <kristian at redpill-linpro.com> wrote:
> > On Tue, Apr 07, 2009 at 02:55:13AM -0700, Jauder Ho wrote:
> > > I just downloaded the new 2.0.4 release and noticed that a couple of
> > > things had changed causing my existing config to stop working.
> > > Therefore, I had a couple of questions that I'm hoping that you can
> > > help answer.
> > >
> > > a) Is beresp.ttl basically replacing obj.ttl? If so, I should be able
> > > to do the following right in vcl_fetch?
> > >
> > >   if (beresp.ttl < 300s) {
> > >     set beresp.ttl = 300s;
> > >   }
> >
> > Yes, for all intents and purposes, beresp is obj. The name change is
> > reflecting some underlying changes that doesn't really affect how you write
> > VCL - yet.
> 
> FYI, beresp.ttl does not work on varnish 2.0.4. It does work on -trunk
> though.

It would seem I was mistaken. It doesn't look like the obj to beresp
commits made it into 2.0.4 after a quick check. So that's only relevant to
trunk.

> > > c) Lastly, I have a config of user > nginx1 > varnish > nginx2 >
> > > php-fpm and noticed that the IP being logged on nginx2 is the
> > > internal IP. nginx1 has X-Forwarded-For set. 

(...)

> > If your first nginx sets X-Forwarded-For, then setting
> > req.http.X-Forwarded-For = client.ip; will overwrite it with nginx1's IP.
> > So don't set X-Forwarded-For in vcl_recv and it will pass straight through
> > Varnish. 2.0.4 does not affect this compared to 2.0.3.
> 
> Right now, only nginx1 sets X-Forwarded-For; varnish does not set
> X-Forwarded-For; nginx2 is a fastcgi frontend and does not set
> X-Forwarded-For.
> 
> With this config (and using -trunk), nginx2 still logs the gateway IP so
> something strange is going on here.

I'm not familiar with how nginx logs, but I'd start by verifying: 
1. That the X-Forwarded-For does indeed reach the relevant server.
2. That the entity that logs honors X-Forwarded-For.

-- 
Kristian Lyngstøl
Redpill Linpro AS
Tlf: +47 21544179
Mob: +47 99014497
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20090407/a38dc473/attachment-0003.pgp>


More information about the varnish-misc mailing list