Varnish serving content from wrong backend

Paulo Paracatu paulo at
Tue Oct 11 18:58:55 CEST 2011

> It's a possibility... I don't know offhand which browsers include the
> port in the host header for standard ports. It might be a good idea to
> use a regsub to delete a trailing :\d+ from the host header on every
> request just to be sure (assuming the port isn't important to you).

Good idea. I'll do it today. Thanks.

> Also I had another thought that you should check your vcl_hash to make
> sure it's including any information you or your backends use to decide
> which content to serve. For example if it wasn't incorporating the
> host header into the hash (only the request path) then the first
> resource with a particular path would be cached by Varnish, and then
> served for any request with the same path, regardless of host.

I'm using the default vcl_hash. I didn't really read about vcl_hash yet.
*sub vcl_hash {*
*    hash_data(req.url);*
*    if ( {*
*        hash_data(;*
*    } else {*
*        hash_data(server.ip);*
*    }*
*    return (hash);*

> Do your backends make use of the X-Sub or X-Host header you add to the
> request? If so, you'd want to make sure they're incorporated into the
> object's hash. If you're only using them temporarily to build
> redirects etc. then that's occurring before the cache lookup, so
> shouldn't be a concern.

> If you're not already, it might also be worthwhile checking the
> request actually includes the host header and displaying an error
> message or something if it's missing. Probably unlikely to be the case
> with any graphical browser in use today, but it never hurts to be
> thorough.
> Lastly, if you can't find a way to reproduce this on demand, then
> getting logs from it may be difficult. It might be worthwhile to set
> up a "dummy" backend as the first one Varnish loads, which should
> never actually be used by any of your sites. That way if it does
> somehow get used, you'll know the request somehow failed to get
> assigned to a backend, and you can log the request (on the dummy
> backend, even) - maybe something about it will stick out as the
> obvious culprit. Plus, it'd avoid accidentally serving certain images
> to unsuspecting users.
> _______________________________________________
> varnish-misc mailing list
> varnish-misc at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the varnish-misc mailing list