varnish 2.0.4 and new config changes

Jauder Ho jauderho at gmail.com
Wed Apr 8 02:29:23 CEST 2009 

On Tue, Apr 7, 2009 at 4:46 AM, Kristian Lyngstol <
kristian at redpill-linpro.com> wrote:

> On Tue, Apr 07, 2009 at 04:11:04AM -0700, Jauder Ho wrote:
>
> > FYI, beresp.ttl does not work on varnish 2.0.4. It does work on -trunk
> > though.
>
> It would seem I was mistaken. It doesn't look like the obj to beresp
> commits made it into 2.0.4 after a quick check. So that's only relevant to
> trunk.
>

That could be a problem for some people as obj.ttl is not available in
vcl_fetch in 2.0.4 and beresp.ttl is not available until trunk.


> >
> > Right now, only nginx1 sets X-Forwarded-For; varnish does not set
> > X-Forwarded-For; nginx2 is a fastcgi frontend and does not set
> > X-Forwarded-For.
> >
> > With this config (and using -trunk), nginx2 still logs the gateway IP so
> > something strange is going on here.
>
> I'm not familiar with how nginx logs, but I'd start by verifying:
> 1. That the X-Forwarded-For does indeed reach the relevant server.
> 2. That the entity that logs honors X-Forwarded-For.
>

Looking at varnishlog (which covers the incoming request from nginx1 and
response from nginx2.

It looks like X-Forwarded-For is properly set on nginx1. However on the
response, it looks like there are 2(?) X-Forwarded-For headers instead of
being chained as in http://en.wikipedia.org/wiki/X-Forwarded-For#Format

   10 SessionOpen  c 192.168.1.20 33406 192.168.1.20:7777
   10 ReqStart     c 192.168.1.20 33406 1768153962
   10 RxRequest    c HEAD
   10 RxURL        c /
   10 RxProtocol   c HTTP/1.0
   10 RxHeader     c X-Real-IP: 208.69.40.136
   10 RxHeader     c X-Forwarded-For: 208.69.40.136
   10 RxHeader     c Host: shop.carumba.org
   10 RxHeader     c Connection: close
   10 RxHeader     c User-Agent: curl/7.18.2 (x86_64-pc-linux-gnu)
libcurl/7.18.2 OpenSSL/0.9.8g zlib/1.2.3.3 libidn/1.10 libssh2/0.18
   10 RxHeader     c Accept: */*
   10 VCL_call     c recv
   10 VCL_return   c lookup
   10 VCL_call     c hash
   10 VCL_return   c hash
   10 VCL_call     c miss
   10 VCL_return   c fetch
   11 BackendClose - default
   11 BackendOpen  b default 192.168.1.20 54829 67.180.237.183 9999
   10 Backend      c 11 default default
   11 TxRequest    b GET
   11 TxURL        b /
   11 TxProtocol   b HTTP/1.1
   11 TxHeader     b X-Real-IP: 208.69.40.136
   11 TxHeader     b X-Forwarded-For: 208.69.40.136
   11 TxHeader     b Host: shop.carumba.org
   11 TxHeader     b User-Agent: curl/7.18.2 (x86_64-pc-linux-gnu)
libcurl/7.18.2 OpenSSL/0.9.8g zlib/1.2.3.3 libidn/1.10 libssh2/0.18
   11 TxHeader     b Accept: */*
   11 TxHeader     b X-Varnish: 1768153962
   11 TxHeader     b X-Forwarded-For: 192.168.1.20
   11 RxProtocol   b HTTP/1.1
   11 RxStatus     b 200
   11 RxResponse   b OK
   11 RxHeader     b Server: nginx
   11 RxHeader     b Date: Wed, 08 Apr 2009 00:25:35 GMT
   11 RxHeader     b Content-Type: text/html; charset=UTF-8
   11 RxHeader     b Transfer-Encoding: chunked
   11 RxHeader     b Connection: keep-alive
   11 RxHeader     b Set-Cookie: frontend=c4b996baf5465ad3c2cce532fe0af656;
expires=Wed, 08 Apr 2009 01:25:35 GMT; path=/; domain=shop.carumba.org;
HttpOnly
   11 RxHeader     b Expires: Thu, 19 Nov 1981 08:52:00 GMT
   11 RxHeader     b Cache-Control: no-store, no-cache, must-revalidate,
post-check=0, pre-check=0
   11 RxHeader     b Pragma: no-cache
   10 TTL          c 1768153962 RFC 0 1239150335 1239150335 375007920 0 0
   10 VCL_call     c fetch
   10 TTL          c 1768153962 VCL 300 1239150335
   10 VCL_return   c pass
   10 ObjProtocol  c HTTP/1.1
   10 ObjStatus    c 200
   10 ObjResponse  c OK
   10 ObjHeader    c Server: nginx
   10 ObjHeader    c Date: Wed, 08 Apr 2009 00:25:35 GMT
   10 ObjHeader    c Content-Type: text/html; charset=UTF-8
   10 ObjHeader    c Set-Cookie: frontend=c4b996baf5465ad3c2cce532fe0af656;
expires=Wed, 08 Apr 2009 01:25:35 GMT; path=/; domain=shop.carumba.org;
HttpOnly
   10 ObjHeader    c Expires: Thu, 19 Nov 1981 08:52:00 GMT
   10 ObjHeader    c Cache-Control: no-store, no-cache, must-revalidate,
post-check=0, pre-check=0
   10 ObjHeader    c Pragma: no-cache
   10 ObjHeader    c X-Varnish-IP: 192.168.1.20
   11 BackendReuse b default
   10 Length       c 8090
   10 VCL_call     c deliver
   10 VCL_return   c deliver
   10 TxProtocol   c HTTP/1.1
   10 TxStatus     c 200
   10 TxResponse   c OK
   10 TxHeader     c Server: nginx
   10 TxHeader     c Content-Type: text/html; charset=UTF-8
   10 TxHeader     c Set-Cookie: frontend=c4b996baf5465ad3c2cce532fe0af656;
expires=Wed, 08 Apr 2009 01:25:35 GMT; path=/; domain=shop.carumba.org;
HttpOnly
   10 TxHeader     c Expires: Thu, 19 Nov 1981 08:52:00 GMT
   10 TxHeader     c Cache-Control: no-store, no-cache, must-revalidate,
post-check=0, pre-check=0
   10 TxHeader     c Pragma: no-cache
   10 TxHeader     c X-Varnish-IP: 192.168.1.20
   10 TxHeader     c Content-Length: 8090
   10 TxHeader     c Date: Wed, 08 Apr 2009 00:25:35 GMT
   10 TxHeader     c X-Varnish: 1768153962
   10 TxHeader     c Age: 0
   10 TxHeader     c Via: 1.1 varnish
   10 TxHeader     c Connection: close
   10 TxHeader     c X-Cache: MISS
   10 ReqEnd       c 1768153962 1239150335.318713903 1239150335.470498323
0.000048637 0.151728630 0.000055790
   10 SessionClose c Connection: close
   10 StatSess     c 192.168.1.20 33406 0 1 1 0 0 1 518 0

--Jauder
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20090407/feb84f8e/attachment-0001.html>

More information about the varnish-misc mailing list