AW: Connection resets / timout with Varnish 6.0 and HTTP/2

Winkelmann, Thomas (RADIO TELE FFH - Online) t.winkelmann at ffh.de
Thu Jul 12 11:00:10 UTC 2018 

Hello Dridi,

we just managed to clone your git tree and successfully build varnish from source. But the vmods are not found...

>Message from VCC-compiler:
>Could not load VMOD vsthrottle
>        File name: libvmod_vsthrottle.so
>        dlerror: libvarnishapi.so.1: cannot open shared object file: No such file or directory

They were compiled to /usr/local/lib/varnish/vmods/, but varnish seems to search in another directory?

As soon as I have running vsthrottle I can put some traffic to the server...

Thanks,
Thomas

-----Ursprüngliche Nachricht-----
Von: Dridi Boukelmoune [mailto:dridi at varni.sh]
Gesendet: Freitag, 6. Juli 2018 14:34
An: Winkelmann, Thomas (RADIO TELE FFH - Online)
Cc: varnish-misc at varnish-cache.org
Betreff: Re: Connection resets / timout with Varnish 6.0 and HTTP/2

Hello Thomas,

On Wed, Jul 4, 2018 at 10:43 AM, Winkelmann, Thomas (RADIO TELE FFH -
Online) <t.winkelmann at ffh.de> wrote:
> Hello everbody,
>
> finally we got Varnish 6.0 + Vmods + Hitch TLS running on Ubuntu. So
> far everything works fine, also HTTP/2 Support.
>
<snip>
>
> We had some similar problems in the past with HTTPS. We could solve
> them by
> adding:
>
> net.ipv4.ip_local_port_range = 4096 64999 net.ipv4.tcp_tw_reuse = 1
>
> to /etc/sysctl.conf But this seems to be not the problem here.

Thanks again for reporting both your problem and solution.

> As soon as we remove alpn-protos = "h2,http/1.1" from hitch.conf
> everything is working normally.
>
> Are there any limitations regarding HTTP/2 within varnish?
>
<snip>
>
> We already searched on the varnish github account for similar problem,
> but did not found anything...

You may have run into a known worker thread leak [1] that could be caused by either misbehaving browsers or bugs in our h2 stack. Leaking too many threads may put your varnish in a deadlock [2] situation that we have yet to fix (but much less likely in the absence of the aforementioned leak).

Could you please try building from source my 6.0 branch [3] that is work in progress towards a 6.0.1 release? You may still run into a crash but I'm waiting for a test case to be written before resuming the back-porting effort.

You will likely need to rebuild your modules too, because unless I'm confusing you with someone else I'm pretty sure you were referring to our varnish-modules [5] collection of VMODs.

Thanks,
Dridi

[1] https://github.com/varnishcache/varnish-cache/issues/2623
[2] https://github.com/varnishcache/varnish-cache/issues/2418
[3] https://github.com/dridi/varnish-cache/tree/6.0
[4] https://github.com/varnishcache/varnish-cache/issues/2572#issuecomment-402075064
[5] https://github.com/varnish/varnish-modules

RADIO / TELE FFH GmbH & Co. Betriebs-KG
FFH-Platz 1, 61111 Bad Vilbel
HRA - Nr. 26092 Frankfurt/Main
USt.IdNr. DE 112152620
Geschäftsführer / Programmdirektor: Hans-Dieter Hillmoth

More information about the varnish-misc mailing list