Kacper Wysocki kacperw at
Mon Mar 14 12:05:27 CET 2011

On Mon, Mar 14, 2011 at 9:34 AM, Gerhard Schmidt <schmidt at> wrote:
> Am 14.03.2011 08:55, schrieb Poul-Henning Kamp:
>> In message <4D7DC782.6050300 at>, Gerhard Schmidt writes:
>>> stunnel has the disatwantage that we loose the clientIP information.
>> Doesn't it set a header with this information ?
> It's a tunnel. It doesn't change the stream. As I said, we use pound because
> it sets the header. But its another daemon to run and to setup. Another
> component that could fail. Integrating SSL in varnish would reduce the
> complexity.

What you meant to say is "integrating SSL in Varnish would increase
Putting that component inside varnish doesn't automatically make it
infallable. As an added bonus, if SSL is in a separate process it
won't bring the whole server down if it fails, if that's the kind of
stuff you're worried about.

Employ no technique to gain supreme enlightment.
- Mar pa Chos kyi blos gros

More information about the varnish-misc mailing list