Connecting to remote host

Guillaume Quintard guillaume at varnish-software.com
Thu Dec 19 12:15:36 UTC 2019 

check the backend transaction, and understand why your origin is sending
back a 403. This is due to your backend configuration and I can't help you
with that.

-- 
Guillaume Quintard


On Thu, Dec 19, 2019 at 1:03 PM Varun Nath <varunnath86 at gmail.com> wrote:

> This is the VCL file am using:
>
> Note: Host is not a valid one
>
> vcl 4.0;
> import std;
> import directors;
>
> # Default backend definition. Set this to point to your content server.
> backend default {
>     .host = "remote.host.com";
>     .port = "80";
> }
>
> sub vcl_init {
> new vdir = directors.round_robin();
> vdir.add_backend(default);
> }
>
> sub vcl_recv {
>     unset req.http.proxy;
>     unset req.http.cookie;
>     set req.http.x-host = "http://remote.host.com";
>     set req.http.x-clientip = client.ip;
>     set req.http.x-serverip = server.ip;
>     set req.http.x-localip = local.ip;
>     set req.http.x-remoteip = remote.ip;
>     unset req.http.X-Forwarded-For;
>     set req.http.x-forwarded-for = client.ip;
>     return(pass);
> }
>
> sub vcl_backend_response {
>     # Happens after we have read the response headers from the backend.
>     #
>     # Here you clean the response headers, removing silly Set-Cookie
> headers
>     # and other mistakes your backend does.
> }
>
> sub vcl_deliver {
>     # Happens when we have all the pieces we need, and are about to send
> the
>     # response to the client.
> }
>
> Please let me know if I need to add something more to make the remote host
> caching from localhost varnish
>
> On Thu, Dec 19, 2019 at 5:05 PM Varun Nath <varunnath86 at gmail.com> wrote:
>
>> Hello,
>> I got some response via CURL. But getting 403 Forbidden message. Log is
>> as below:
>> * BerespStatus   403*
>> * BerespReason   Forbidden*
>> Also tried setting
>>
>> *remove req.http.X-Forwarded-For;set req.http.x-forwarded-for =
>> client.ip;*
>> But didnt work.
>> Could you please share your thoughts?
>>
>> On Thu, Dec 19, 2019 at 3:00 PM Varun Nath <varunnath86 at gmail.com> wrote:
>>
>>> Thank You so much for your support. Will try this and let you know
>>>
>>> On Thu, Dec 19, 2019 at 2:49 PM Guillaume Quintard <
>>> guillaume at varnish-software.com> wrote:
>>>
>>>> The backend portion of the vcl only handles the TCP part of the
>>>> equation. If your backend expect a specific host, you need to either have
>>>> the client give it, or have varnish override it.
>>>>
>>>> Try curl -I localhost/your/file -H "host: whatever.your.host.is.com"
>>>>
>>>> On Thu, Dec 19, 2019, 09:02 Varun Nath <varunnath86 at gmail.com> wrote:
>>>>
>>>>> Yes, I tried with http://locahost, but that is expected, right? since
>>>>> the backend server is configured in VCL file. Sorry if I am wrong
>>>>>
>>>>> On Thu, Dec 19, 2019 at 2:29 PM Guillaume Quintard <
>>>>> guillaume at varnish-software.com> wrote:
>>>>>
>>>>>> Note: please keep the mailing list CC'd
>>>>>>
>>>>>> Check the host header you are sending to the backend. Usually, a 404
>>>>>> arises because the URL and/or the host wrong.
>>>>>>
>>>>>> I'm thinking you possibly tested varnish requesting something like
>>>>>> http://localhost/your/test/file, but your backend isn't configured
>>>>>> to reply to the "localhost" host
>>>>>>
>>>>>> On Thu, Dec 19, 2019, 08:55 Varun Nath <varunnath86 at gmail.com> wrote:
>>>>>>
>>>>>>> Thanks again for the quick response.
>>>>>>> I have checked the log and getting the expected IP address in *BackendStart
>>>>>>> *parameter.  Sorry I didnt get what you mean by  you need to change *the
>>>>>>> host header before sending the request to the backend. *Could you
>>>>>>> please elaborate a little bit?
>>>>>>>
>>>>>>> On Thu, Dec 19, 2019 at 2:20 PM Guillaume Quintard <
>>>>>>> guillaume at varnish-software.com> wrote:
>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> Use varnishlog -b (with possibly -d) to see the backend
>>>>>>>> transactions and see what IP is being used (is it the right one). It could
>>>>>>>> also be that you need to change the host header before sending the request
>>>>>>>> to the backend.
>>>>>>>>
>>>>>>>> Cheers,
>>>>>>>>
>>>>>>>>
>>>>>>>> On Thu, Dec 19, 2019, 08:39 Varun Nath <varunnath86 at gmail.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Hello,
>>>>>>>>> I need to connect to a remote host from local VCL config file. I
>>>>>>>>> have added the backend config as below
>>>>>>>>>
>>>>>>>>> backend default {
>>>>>>>>>     .host = "remote.host.com";
>>>>>>>>> }
>>>>>>>>>
>>>>>>>>> But am getting Page not available message. Do I miss something?
>>>>>>>>> Thanks in advance
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> VARUN NATH A V
>>>>>>>>> _______________________________________________
>>>>>>>>> varnish-misc mailing list
>>>>>>>>> varnish-misc at varnish-cache.org
>>>>>>>>> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> VARUN NATH A V
>>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>> VARUN NATH A V
>>>>>
>>>>
>>>
>>> --
>>> VARUN NATH A V
>>>
>>
>>
>> --
>> VARUN NATH A V
>>
>
>
> --
> VARUN NATH A V
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20191219/e3052b2d/attachment-0001.html>

More information about the varnish-misc mailing list