how to configure varnish to drop a connection instead of sending 503?

Peter Jacobs Peter.Jacobs at
Wed Aug 28 12:46:24 CEST 2013

Excerpts from James Pearson's message :
> Why can't you install Varnish on your load balancer?
These load balancers run other unrelated critical services, and Varnish cache is still new for us, so we find it risky to install and maintain it on those machines for now. 

> Have you considered replacing Apache with a dedicated load balancer, like HAProxy?
We will definitely replace it with a dedicated load balancer with more functionality. But that takes some more testing. 
It would be nice to have a fix now and I was hoping that I missed a simple command to drop a connection.

> libvmod-shield may do what you want, but this seems like an XY problem - the proper solution is to change your architecture.
Absolutely true! As I told in the original mail, that is our plan but that will take some time...

Thanks for the critical feedback :-)

And thanks to Lasse Karstensen for pointing me to this vmod, it may be the solution after some code change (at the moment it only works in vcl_recv, for us it should be activated in vcl_fetch after getting a timeout from the backend.)


More information about the varnish-misc mailing list