Varnish only working with ports 80, 8080 and 9080

Werner Randelshofer werner.randelshofer at fibermail.ch
Wed Apr 17 11:49:53 CEST 2013


Hi Paul,

I have stopped the iptables service, so there is no firewall running.

When I start the varnish service, say with port 9000, then the service will not launch, and thus the port is not bound.

I have tried now starting the varnish service with port 80, and setting the port to 9000 with varnishadm.
I get an error 300 "Could not open sockets" as shown below. Port 80 works fine though.


$ varnishadm

param.set listen_address :9000
200

start
300
Could not open sockets

param.set listen_address :80
200

start
200


My backends work fine. I can access them with Konqueror with any port number that I want.
Telnet also works fine.

I am stuck. 

Thanks,
Werner


On 16.04.2013, at 15:33, Paul A. Procacci <pprocacci at datapipe.com> wrote:

>> When I use a different port number in VARNISH_LISTEN_PORT, then varnishd does not start.
>> I made sure that the port number is not taken using the command netstat -nltp
> 
> Do you have a firewall that is preventing tcp syn's from
> making it to the ports that you specify in your config?
> (Either a hardware or software firewall)
> 
> If you don't, when you change the VARNISH_LISTEN_PORT and
> start varnish, does the service show as bound via the
> netstat command that you ran?
> 
> If it is bound, can you telnet to the port and issue
> http requests?
> 
> If it isn't bound, they'll be logs in your system log
> detailing why it couldn't be bound.  What do those logs say?
> 
> 
>> Also when I use a different port number as backend, then Varnish tells me that the service is unavailable, and tells me that probing fails. However the backend is fully functional, when I connect to its port number.
> 
> Are you sure your attempting to connect to the right backend?
> Specifically, 127.0.0.1:8080 is not <ip>:8080 where <ip> is
> the primary ip address of the machine.
> 
> Is there a software/hardware firewall preventing the tcp syn's
> from making it to their destination?
> 
> Can you telent to the port from the varnish machine and induce
> an http conversation?
> 
> ~Paul
> 
> ________________________________
> 
> This message may contain confidential or privileged information. If you are not the intended recipient, please advise us immediately and delete this message. See http://www.datapipe.com/legal/email_disclaimer/ for further information on confidentiality and the risks of non-secure electronic communication. If you cannot access these links, please notify us by reply message and we will send the contents to you.
> 





More information about the varnish-misc mailing list