vmod-named does not support host header with port
Daniel Parthey
pada at posteo.de
Tue Apr 26 22:48:48 CEST 2016
Hi,
with varnish 3.0 we use the dns director to look up the requested
host header and redirect it back to our loadbalancer on the same IP
as the request came in, but port 81 where our webserver is running.
Curretly we are in the process of migrating to varnish 4.1.
AFAIR, the DNS director has been removed from varnish4 core,
because it did not support IPv6 properly.
Fortunately, there is this really useful module from Dridi,
which brings back this functionality into varnish4:
A DNS director for Varnish 4.1
https://github.com/Dridi/libvmod-named
After patching configure.ac file of libvmod-named with
https://github.com/varnish/libvmod-example/commit/ad96d3b
it even compiled under CentOS 7.2.
After installing and importing vmod named in varnish 4.1 under
CentOS 7.2, I discovered that it does not support Host headers
with ports the same way like varnish3 dns director did:
https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
Section 14.23 - Host - describes the Host Header syntax:
Host = "Host" ":" host [ ":" port ]
Unfortunately, vmod named seems to obtain the hostname for the DNS
lookup directly from the req.http.host or bereq.http.host header,
but if the http user agent sends the following request header:
Host: www.example.org:80
The vmod named seems to be unable to look it up and the backend
fetch will fail, if you provide a port number in the host header:
----------------------------------------------------------------------
$ curl -v -s -o /dev/null -H "Host: www.example.org:80" localhost:6081
* About to connect() to localhost port 6081 (#0)
* Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 6081 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.29.0
> Accept: */*
> Host: www.example.org:80
>
< HTTP/1.1 503 Backend fetch failed
< Date: Tue, 26 Apr 2016 17:35:41 GMT
< Server: Varnish
< Content-Type: text/html; charset=utf-8
< Age: 0
< Via: 1.1 varnish-test
< X-Cache: MISS from varnish-test
< Content-Length: 340
< Connection: keep-alive
<
{ [data not shown]
* Connection #0 to host localhost left intact
----------------------------------------------------------------------
What would you recommend to support Host Headers including port numbers?
Should I write some regsub() VCL to extract the hostname from req.http.host
or bereq.http.host and pass it to the director, or should the source code
of libvmod-named be changed to support RFC 2616 Host Headers with ports?
Kind regards
Daniel
--
https://emailselfdefense.fsf.org
https://pgp.mit.edu/pks/lookup?op=get&search=0xB4DD34660B6F0F1B
https://pgp.key-server.io/0xB4DD34660B6F0F1B
Fingerprint: 366C BC38 B09B 4BFC 38A7 3CBC B4DD 3466 0B6F 0F1B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20160426/4150b66e/attachment.pgp>
More information about the varnish-misc
mailing list