X-Forwarded-Forand 2 layers of Varnish

pub crawler pubcrawler.com at gmail.com
Fri Jan 22 16:36:03 CET 2010

X-F-F will be nice.

For now our solution on our application layer (where we log IP info)
is to loop through the X-FORWARDED-FOR data and look the for the
actual IP in there, discarding localhost info and any other that are
related to our infrastructure which requests traverse through.

On Fri, Jan 22, 2010 at 9:08 AM, Kristian Lyngstol
<kristian at redpill-linpro.com> wrote:
> (A bit of necroposting, hopefully still relevant)
> On Tue, Dec 01, 2009 at 03:26:35PM -0500, Jean-Christophe Petit wrote:
>> we use 2 layers of Varnish and it proved to be highly scalable and
>> efficient.
>> But on the second layer, we are not able to get the X-Forwarded-For from
>> the first layer to sent it to the Backend (Apache)
>> In fact, on the second layer we have 2 X-Forwarded-For (Visitor + first
>> Varnish layer)
>> Is there something we can do on the first Varnish layer to only transmit
>> the X-Forwarded-For of the visitor ?
> This is "fixed" in trunk, in that X-F-F is moved into the default VCL and
> appends correctly.
> In Varnish 2.0 you could work around it by having the first set
> X-Original-Forwarded-For, then on the second tier, you overwrite
> X-Forwarded-For with X-Original_forwarded-For... It's not horribly pretty,
> but should get you what you want until the trunk-fixes are in a release.
> --
> Kristian Lyngstøl
> Redpill Linpro AS
> Mob: +47 99014497
> _______________________________________________
> varnish-misc mailing list
> varnish-misc at projects.linpro.no
> http://projects.linpro.no/mailman/listinfo/varnish-misc

More information about the varnish-misc mailing list