Connecting to remote host

Varun Nath varunnath86 at gmail.com
Thu Dec 19 12:59:35 UTC 2019 

I am getting 502 Operation not permitted error. The log is as below:

ObjStatus      502
ObjReason      Operation not permitted

Sorry for the inconvenience ��

On Thu, Dec 19, 2019 at 6:15 PM Guillaume Quintard <
guillaume at varnish-software.com> wrote:

> you need to understand what is going on why the backend is replying with
> 403, then we can fix the vcl.
>
> --
> Guillaume Quintard
>
>
> On Thu, Dec 19, 2019 at 1:18 PM Varun Nath <varunnath86 at gmail.com> wrote:
>
>> Thank You. Could you please confirm whether the VCL config I have shared
>> if fine?
>>
>> On Thu, Dec 19, 2019 at 5:46 PM Guillaume Quintard <
>> guillaume at varnish-software.com> wrote:
>>
>>> check the backend transaction, and understand why your origin is sending
>>> back a 403. This is due to your backend configuration and I can't help you
>>> with that.
>>>
>>> --
>>> Guillaume Quintard
>>>
>>>
>>> On Thu, Dec 19, 2019 at 1:03 PM Varun Nath <varunnath86 at gmail.com>
>>> wrote:
>>>
>>>> This is the VCL file am using:
>>>>
>>>> Note: Host is not a valid one
>>>>
>>>> vcl 4.0;
>>>> import std;
>>>> import directors;
>>>>
>>>> # Default backend definition. Set this to point to your content server.
>>>> backend default {
>>>>     .host = "remote.host.com";
>>>>     .port = "80";
>>>> }
>>>>
>>>> sub vcl_init {
>>>> new vdir = directors.round_robin();
>>>> vdir.add_backend(default);
>>>> }
>>>>
>>>> sub vcl_recv {
>>>>     unset req.http.proxy;
>>>>     unset req.http.cookie;
>>>>     set req.http.x-host = "http://remote.host.com";
>>>>     set req.http.x-clientip = client.ip;
>>>>     set req.http.x-serverip = server.ip;
>>>>     set req.http.x-localip = local.ip;
>>>>     set req.http.x-remoteip = remote.ip;
>>>>     unset req.http.X-Forwarded-For;
>>>>     set req.http.x-forwarded-for = client.ip;
>>>>     return(pass);
>>>> }
>>>>
>>>> sub vcl_backend_response {
>>>>     # Happens after we have read the response headers from the backend.
>>>>     #
>>>>     # Here you clean the response headers, removing silly Set-Cookie
>>>> headers
>>>>     # and other mistakes your backend does.
>>>> }
>>>>
>>>> sub vcl_deliver {
>>>>     # Happens when we have all the pieces we need, and are about to
>>>> send the
>>>>     # response to the client.
>>>> }
>>>>
>>>> Please let me know if I need to add something more to make the remote
>>>> host caching from localhost varnish
>>>>
>>>> On Thu, Dec 19, 2019 at 5:05 PM Varun Nath <varunnath86 at gmail.com>
>>>> wrote:
>>>>
>>>>> Hello,
>>>>> I got some response via CURL. But getting 403 Forbidden message. Log
>>>>> is as below:
>>>>> * BerespStatus   403*
>>>>> * BerespReason   Forbidden*
>>>>> Also tried setting
>>>>>
>>>>> *remove req.http.X-Forwarded-For;set req.http.x-forwarded-for =
>>>>> client.ip;*
>>>>> But didnt work.
>>>>> Could you please share your thoughts?
>>>>>
>>>>> On Thu, Dec 19, 2019 at 3:00 PM Varun Nath <varunnath86 at gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Thank You so much for your support. Will try this and let you know
>>>>>>
>>>>>> On Thu, Dec 19, 2019 at 2:49 PM Guillaume Quintard <
>>>>>> guillaume at varnish-software.com> wrote:
>>>>>>
>>>>>>> The backend portion of the vcl only handles the TCP part of the
>>>>>>> equation. If your backend expect a specific host, you need to either have
>>>>>>> the client give it, or have varnish override it.
>>>>>>>
>>>>>>> Try curl -I localhost/your/file -H "host: whatever.your.host.is.com"
>>>>>>>
>>>>>>> On Thu, Dec 19, 2019, 09:02 Varun Nath <varunnath86 at gmail.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Yes, I tried with http://locahost, but that is expected, right?
>>>>>>>> since the backend server is configured in VCL file. Sorry if I am wrong
>>>>>>>>
>>>>>>>> On Thu, Dec 19, 2019 at 2:29 PM Guillaume Quintard <
>>>>>>>> guillaume at varnish-software.com> wrote:
>>>>>>>>
>>>>>>>>> Note: please keep the mailing list CC'd
>>>>>>>>>
>>>>>>>>> Check the host header you are sending to the backend. Usually, a
>>>>>>>>> 404 arises because the URL and/or the host wrong.
>>>>>>>>>
>>>>>>>>> I'm thinking you possibly tested varnish requesting something like
>>>>>>>>> http://localhost/your/test/file, but your backend isn't
>>>>>>>>> configured to reply to the "localhost" host
>>>>>>>>>
>>>>>>>>> On Thu, Dec 19, 2019, 08:55 Varun Nath <varunnath86 at gmail.com>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> Thanks again for the quick response.
>>>>>>>>>> I have checked the log and getting the expected IP address in *BackendStart
>>>>>>>>>> *parameter.  Sorry I didnt get what you mean by  you need to
>>>>>>>>>> change *the host header before sending the request to the
>>>>>>>>>> backend. *Could you please elaborate a little bit?
>>>>>>>>>>
>>>>>>>>>> On Thu, Dec 19, 2019 at 2:20 PM Guillaume Quintard <
>>>>>>>>>> guillaume at varnish-software.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hi,
>>>>>>>>>>>
>>>>>>>>>>> Use varnishlog -b (with possibly -d) to see the backend
>>>>>>>>>>> transactions and see what IP is being used (is it the right one). It could
>>>>>>>>>>> also be that you need to change the host header before sending the request
>>>>>>>>>>> to the backend.
>>>>>>>>>>>
>>>>>>>>>>> Cheers,
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Thu, Dec 19, 2019, 08:39 Varun Nath <varunnath86 at gmail.com>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hello,
>>>>>>>>>>>> I need to connect to a remote host from local VCL config file.
>>>>>>>>>>>> I have added the backend config as below
>>>>>>>>>>>>
>>>>>>>>>>>> backend default {
>>>>>>>>>>>>     .host = "remote.host.com";
>>>>>>>>>>>> }
>>>>>>>>>>>>
>>>>>>>>>>>> But am getting Page not available message. Do I miss something?
>>>>>>>>>>>> Thanks in advance
>>>>>>>>>>>>
>>>>>>>>>>>> --
>>>>>>>>>>>> VARUN NATH A V
>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>> varnish-misc mailing list
>>>>>>>>>>>> varnish-misc at varnish-cache.org
>>>>>>>>>>>>
>>>>>>>>>>>> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> VARUN NATH A V
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> VARUN NATH A V
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> VARUN NATH A V
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> VARUN NATH A V
>>>>>
>>>>
>>>>
>>>> --
>>>> VARUN NATH A V
>>>>
>>>
>>
>> --
>> VARUN NATH A V
>>
>

-- 
VARUN NATH A V
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20191219/75fad744/attachment.html>

More information about the varnish-misc mailing list