Connecting to remote host

Guillaume Quintard guillaume at varnish-software.com
Thu Dec 19 13:17:29 UTC 2019 

varnish doesn't generate 502s, that's your backend misbehaving. Again, look
at what you are sending to it using varnishlog, and understand what is
happening, but at this time, this is not a varnish issue.
-- 
Guillaume Quintard


On Thu, Dec 19, 2019 at 1:59 PM Varun Nath <varunnath86 at gmail.com> wrote:

> I am getting 502 Operation not permitted error. The log is as below:
>
> ObjStatus      502
> ObjReason      Operation not permitted
>
> Sorry for the inconvenience ��
>
> On Thu, Dec 19, 2019 at 6:15 PM Guillaume Quintard <
> guillaume at varnish-software.com> wrote:
>
>> you need to understand what is going on why the backend is replying with
>> 403, then we can fix the vcl.
>>
>> --
>> Guillaume Quintard
>>
>>
>> On Thu, Dec 19, 2019 at 1:18 PM Varun Nath <varunnath86 at gmail.com> wrote:
>>
>>> Thank You. Could you please confirm whether the VCL config I have shared
>>> if fine?
>>>
>>> On Thu, Dec 19, 2019 at 5:46 PM Guillaume Quintard <
>>> guillaume at varnish-software.com> wrote:
>>>
>>>> check the backend transaction, and understand why your origin is
>>>> sending back a 403. This is due to your backend configuration and I can't
>>>> help you with that.
>>>>
>>>> --
>>>> Guillaume Quintard
>>>>
>>>>
>>>> On Thu, Dec 19, 2019 at 1:03 PM Varun Nath <varunnath86 at gmail.com>
>>>> wrote:
>>>>
>>>>> This is the VCL file am using:
>>>>>
>>>>> Note: Host is not a valid one
>>>>>
>>>>> vcl 4.0;
>>>>> import std;
>>>>> import directors;
>>>>>
>>>>> # Default backend definition. Set this to point to your content server.
>>>>> backend default {
>>>>>     .host = "remote.host.com";
>>>>>     .port = "80";
>>>>> }
>>>>>
>>>>> sub vcl_init {
>>>>> new vdir = directors.round_robin();
>>>>> vdir.add_backend(default);
>>>>> }
>>>>>
>>>>> sub vcl_recv {
>>>>>     unset req.http.proxy;
>>>>>     unset req.http.cookie;
>>>>>     set req.http.x-host = "http://remote.host.com";
>>>>>     set req.http.x-clientip = client.ip;
>>>>>     set req.http.x-serverip = server.ip;
>>>>>     set req.http.x-localip = local.ip;
>>>>>     set req.http.x-remoteip = remote.ip;
>>>>>     unset req.http.X-Forwarded-For;
>>>>>     set req.http.x-forwarded-for = client.ip;
>>>>>     return(pass);
>>>>> }
>>>>>
>>>>> sub vcl_backend_response {
>>>>>     # Happens after we have read the response headers from the backend.
>>>>>     #
>>>>>     # Here you clean the response headers, removing silly Set-Cookie
>>>>> headers
>>>>>     # and other mistakes your backend does.
>>>>> }
>>>>>
>>>>> sub vcl_deliver {
>>>>>     # Happens when we have all the pieces we need, and are about to
>>>>> send the
>>>>>     # response to the client.
>>>>> }
>>>>>
>>>>> Please let me know if I need to add something more to make the remote
>>>>> host caching from localhost varnish
>>>>>
>>>>> On Thu, Dec 19, 2019 at 5:05 PM Varun Nath <varunnath86 at gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hello,
>>>>>> I got some response via CURL. But getting 403 Forbidden message. Log
>>>>>> is as below:
>>>>>> * BerespStatus   403*
>>>>>> * BerespReason   Forbidden*
>>>>>> Also tried setting
>>>>>>
>>>>>> *remove req.http.X-Forwarded-For;set req.http.x-forwarded-for =
>>>>>> client.ip;*
>>>>>> But didnt work.
>>>>>> Could you please share your thoughts?
>>>>>>
>>>>>> On Thu, Dec 19, 2019 at 3:00 PM Varun Nath <varunnath86 at gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Thank You so much for your support. Will try this and let you know
>>>>>>>
>>>>>>> On Thu, Dec 19, 2019 at 2:49 PM Guillaume Quintard <
>>>>>>> guillaume at varnish-software.com> wrote:
>>>>>>>
>>>>>>>> The backend portion of the vcl only handles the TCP part of the
>>>>>>>> equation. If your backend expect a specific host, you need to either have
>>>>>>>> the client give it, or have varnish override it.
>>>>>>>>
>>>>>>>> Try curl -I localhost/your/file -H "host: whatever.your.host.is.com
>>>>>>>> "
>>>>>>>>
>>>>>>>> On Thu, Dec 19, 2019, 09:02 Varun Nath <varunnath86 at gmail.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Yes, I tried with http://locahost, but that is expected, right?
>>>>>>>>> since the backend server is configured in VCL file. Sorry if I am wrong
>>>>>>>>>
>>>>>>>>> On Thu, Dec 19, 2019 at 2:29 PM Guillaume Quintard <
>>>>>>>>> guillaume at varnish-software.com> wrote:
>>>>>>>>>
>>>>>>>>>> Note: please keep the mailing list CC'd
>>>>>>>>>>
>>>>>>>>>> Check the host header you are sending to the backend. Usually, a
>>>>>>>>>> 404 arises because the URL and/or the host wrong.
>>>>>>>>>>
>>>>>>>>>> I'm thinking you possibly tested varnish requesting something
>>>>>>>>>> like http://localhost/your/test/file, but your backend isn't
>>>>>>>>>> configured to reply to the "localhost" host
>>>>>>>>>>
>>>>>>>>>> On Thu, Dec 19, 2019, 08:55 Varun Nath <varunnath86 at gmail.com>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> Thanks again for the quick response.
>>>>>>>>>>> I have checked the log and getting the expected IP address in *BackendStart
>>>>>>>>>>> *parameter.  Sorry I didnt get what you mean by  you need to
>>>>>>>>>>> change *the host header before sending the request to the
>>>>>>>>>>> backend. *Could you please elaborate a little bit?
>>>>>>>>>>>
>>>>>>>>>>> On Thu, Dec 19, 2019 at 2:20 PM Guillaume Quintard <
>>>>>>>>>>> guillaume at varnish-software.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hi,
>>>>>>>>>>>>
>>>>>>>>>>>> Use varnishlog -b (with possibly -d) to see the backend
>>>>>>>>>>>> transactions and see what IP is being used (is it the right one). It could
>>>>>>>>>>>> also be that you need to change the host header before sending the request
>>>>>>>>>>>> to the backend.
>>>>>>>>>>>>
>>>>>>>>>>>> Cheers,
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On Thu, Dec 19, 2019, 08:39 Varun Nath <varunnath86 at gmail.com>
>>>>>>>>>>>> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Hello,
>>>>>>>>>>>>> I need to connect to a remote host from local VCL config file.
>>>>>>>>>>>>> I have added the backend config as below
>>>>>>>>>>>>>
>>>>>>>>>>>>> backend default {
>>>>>>>>>>>>>     .host = "remote.host.com";
>>>>>>>>>>>>> }
>>>>>>>>>>>>>
>>>>>>>>>>>>> But am getting Page not available message. Do I miss something?
>>>>>>>>>>>>> Thanks in advance
>>>>>>>>>>>>>
>>>>>>>>>>>>> --
>>>>>>>>>>>>> VARUN NATH A V
>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>> varnish-misc mailing list
>>>>>>>>>>>>> varnish-misc at varnish-cache.org
>>>>>>>>>>>>>
>>>>>>>>>>>>> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> VARUN NATH A V
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> VARUN NATH A V
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> VARUN NATH A V
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> VARUN NATH A V
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> VARUN NATH A V
>>>>>
>>>>
>>>
>>> --
>>> VARUN NATH A V
>>>
>>
>
> --
> VARUN NATH A V
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20191219/581658d2/attachment-0001.html>

More information about the varnish-misc mailing list