Varnish won't start because backend host resolves to too many addresses, but they are all identical IPs
Guillaume Quintard
guillaume.quintard at gmail.com
Wed Apr 19 14:42:23 UTC 2023
The fact the IPs are identical is weird, but I wouldn't be surprised if the
dns entry actually contained 3 identical IPs.
> Shouldn't Varnish be able to figure out that in that case it can just
choose any one and it will work as expected?
Shouldn't your DNS entries be clean? ;-)
Honestly, if the IP(s) behind the service name is liable to change, you
shouldn't use a dynamic backend because Varnish resolves the IP when the
VCL is loaded, so if the IP changes behind your back, Varnish won't follow
it, and you'll be screwed.
Instead, you should use dynamic backends, of which there are a handful:
- dynamic <https://github.com/nigoroll/libvmod-dynamic>, by UPLEX: it's
been around for ages, it's battle-tested, and it's included in the oficial
Varnish Docker image <https://hub.docker.com/_/varnish>
- udo+activedns
<https://docs.varnish-software.com/varnish-enterprise/vmods/udo/#subscribe>,
by Varnish Software: the design is slightly different and allows you to
specify pretty much any load-balancing policy you might need. You'll need a
subscription but you'll get excellent support (disclaimer, I'm an ex
employee)
- reqwest
<https://github.com/gquintard/vmod_reqwest#backend-https-following-up-to-5-redirect-hops-and-brotli-auto-decompression>,
by yours truly: the interface focuses on providing a simple experience and
a few bells and whistles (HTTPS, HTTP2, brotli, following redirects)
As you can see, the static backend's reluctance to fully handle DNS has
been a fertile ground for vmods :-)
--
Guillaume Quintard
On Wed, Apr 19, 2023 at 1:49 AM Batanun B <batanun at hotmail.com> wrote:
> All of the sudden Varnish fails to start in my development environment,
> and gives me the following error message:
>
> Message from VCC-compiler:
> Backend host "redacted-hostname": resolves to too many addresses.
> Only one IPv4 and one IPv6 are allowed.
> Please specify which exact address you want to use, we found all of these:
> 555.123.123.3:80
> 555.123.123.3:80
> 555.123.123.3:80
>
> I have changed the hostname and the IP above to not expose our server, but
> all three IP numbers are 100% identical. Shouldn't Varnish be able to
> figure out that in that case it can just choose any one and it will work as
> expected? It really should remove duplicates, and only if there are more
> than one non-duplicate IP then it should fail.
>
> The problem is that the backend host is a so called "app service" in
> Microsoft Azure, which is basically a platform as a service (PaaS), where
> Microsoft handles the networking including the domain name (no user access
> it directly). I have no idea why it suddenly resolves to multiple duplicate
> IPs.
> _______________________________________________
> varnish-misc mailing list
> varnish-misc at varnish-cache.org
> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20230419/580ec47d/attachment-0001.html>
More information about the varnish-misc
mailing list