varnish (plus) http/2 and websockets, server sent events
Tom Anheyer | BerlinOnline
Tom.Anheyer at berlinonline.de
Tue Jun 24 13:34:39 UTC 2025
Hello Guillaume,
You are right - it should work and :drumroll: it works!
I've enabled nearly all debug settings and see:
327685 VCL_call b BACKEND_RESPONSE
327685 TTL b VCL -1 3600 0 1750771561 uncacheable
327685 TTL b VCL -1 3600 300 1750771561 uncacheable
327685 VCL_Log b server_sent_events_vcl_backend_response
327685 VCL_return b pass
327685 VCL_call b VHA_INTERNAL
327685 VCL_return b ok
327685 Timestamp b Process: 1750771560.572744 0.837391 0.000332
327685 BerespHeader b Content-Encoding: gzip
327685 BerespHeader b Vary: Accept-Encoding
327685 Storage b mse s0
327685 Fetch_Body b 2 chunked stream
327685 VCL_call b BACKEND_RESPONSE
327685 TTL b VCL -1 3600 0 1750771561 uncacheable
327685 TTL b VCL -1 3600 300 1750771561 uncacheable
327685 VCL_Log b server_sent_events_vcl_backend_response
327685 VCL_return b pass
327685 VCL_call b VHA_INTERNAL
327685 VCL_return b ok
327685 Timestamp b Process: 1750771560.572744 0.837391 0.000332
327685 BerespHeader b Content-Encoding: gzip
327685 BerespHeader b Vary: Accept-Encoding
327685 Storage b mse s0
327685 Fetch_Body b 2 chunked stream
Varnishd is waiting for compressable bytes and stops the stream. I've added `set
beresp.do_gzip = false;` and it works. Current config looks like:
sub server_sent_events_vcl_recv {
set req.backend_hint = server_sent_events.backend();
unset req.http.Accept-Encoding;
return(pass);
}
sub server_sent_events_vcl_backend_fetch {
if (bereq.backend == server_sent_events.backend()) {
std.log("server_sent_events_vcl_backend_fetch");
set bereq.first_byte_timeout = 30s;
set bereq.between_bytes_timeout = 30s;
}
}
sub server_sent_events_vcl_backend_response {
if (bereq.backend == server_sent_events.backend()) {
if (beresp.http.content-type == "text/event-stream") {
std.log("server_sent_events_vcl_backend_response");
set beresp.do_esi = false;
set beresp.do_gzip = false;
set beresp.do_stream = true;
return (pass);
}
}
}
Thank you
tom
Am Dienstag, dem 24.06.2025 um 09:46 +0200 schrieb Guillaume Quintard:
> Hi Tom,
> I have a hard time believing this doesn't work with pass, but let's check.
> Would you be able to run `varnishlig -g raw` as the transaction is going on ?
> (You don't want extra traffic otherwise things will be hard to follow)
>
> --
> Guillaume Quintard
>
> On Mon, Jun 23, 2025, 08:31 Tom Anheyer | BerlinOnline
> <Tom.Anheyer at berlinonline.de> wrote:
> > Good morning,
> >
> > OK, one more. Server-Sent-Events are streaming GET requests. I've tried
> >
> > sub vcl_recv {
> > …
> > return(pass);
> > }
> >
> > sub vcl_backend_fetch {
> > set bereq.first_byte_timeout = 30s;
> > set bereq.between_bytes_timeout = 30s;
> > }
> >
> > sub vcl_backend_response {
> > set beresp.do_esi = false;
> > set beresp.do_stream = true;
> > }
> >
> >
> > without success. The request is forwarded to the SSE server but comes never
> > back and does not show up in varnishlog. Is there any chance to get this
> > work without `pipe`?
> >
> > thanks in advance
> > tom
> >
> > Am Freitag, dem 20.06.2025 um 15:05 +0200 schrieb Guillaume Quintard:
> > > Always a pleasure! Let us know if you have any further questions!
> > >
> > > --
> > > Guillaume Quintard
> > >
> > > On Fri, Jun 20, 2025, 13:30 Tom Anheyer | BerlinOnline
> > > <Tom.Anheyer at berlinonline.de> wrote:
> > > >
> > > > Hi Guillaume,
> > > >
> > > > thank you for your very quick (as always) and clear answer.
> > > >
> > > > tom
> > > >
> > > > Am Freitag, dem 20.06.2025 um 11:37 +0200 schrieb Guillaume Quintard:
> > > > > Hi Tom,
> > > > > This is a base behavior, so Varnish Enterprise inherits it, but it's
> > > > present
> > > > > in Varnish Cache too.
> > > > > Piping involves foregoing HTTP parsing and just passing all the
> > > > connection
> > > > > bytes back and forth. It's possible on HTTP 1.x since there's only at
> > > > most one
> > > > > request per connection, but this breaks with HTTP2 multiplexing, so
> > > > Varnish
> > > > > does the best thing it can and uses a pass instead.
> > > > > Interestingly, H/2 didn't plan an upgrade path to websockets (or to
> > > > anything
> > > > > else, really) for a relatively sane reason: H/2 requires TLS and TLS
> > > > has ALPN
> > > > > that allows you to go to websockets directly, without the upgrade hop.
> > > > > So, to my (maybe outdated) knowledge of H/2, upgrading to websockets
> > > > isn't
> > > > > possible.
> > > > > Please let me know if I'm not being clear.
> > > > > --
> > > > > Guillaume Quintard
> > > > >
> > > > > On Fri, Jun 20, 2025, 11:15 Tom Anheyer | BerlinOnline
> > > > > <Tom.Anheyer at berlinonline.de> wrote:
> > > > > > Hello,
> > > > > >
> > > > > > I don't know if this is specific to varnish plus:
> > > > > >
> > > > > >
> > > > > > If I enable pipe-mode for server sent events in vcl_recv this way:
> > > > > >
> > > > > > if (…) {
> > > > > > set req.http.connection = "close";
> > > > > > return(pipe);
> > > > > > }
> > > > > >
> > > > > > the log shows:
> > > > > >
> > > > > > - VCL_return pipe
> > > > > > - VCL_call HASH
> > > > > > - VCL_return lookup
> > > > > > - VCL_Error vcl_recv{} returns pipe/connect for HTTP/2
> > > > request.
> > > > > > Doing pass.
> > > > > > - VCL_call PASS
> > > > > >
> > > > > >
> > > > > > Is it possible to use server sent events, websockets with http/2
> > > > requests?
> > > > > >
> > > > > >
> > > > > > I've opened a varnish software ticket but I thin [1]k that's public
> > > > interest.
> > > > > >
> > > > > > tom
> > > > > >
> > > >
> >
> >
--
Tom Anheyer
Senior Developer
BerlinOnline GmbH
Stefan-Heym-Platz 1
10367 Berlin
Germany
Tel.: +49-30-5771180-62
Fax: +49 30 5771180-95
E-Mail: tom.anheyer at berlinonline.de
berlin.de | berlinonline.net
Amtsgericht Berlin-Charlottenburg, HRB 266384
Sitz der Gesellschaft: Berlin, Deutschland
USt.-IdNr.: DE219483549
Geschäftsführung: Andreas Mängel, Katrin Dorgeist
Vorsitzender des Aufsichtsrats: Nicolas Zimmer
[1] pened a varnish software ticket but I thin
https://www.google.com/maps/search/pened+a+varnish+software+ticket+but+I+thin?entry=gmail&source=g
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20250624/30d3608d/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20250624/30d3608d/attachment-0001.bin>
More information about the varnish-misc
mailing list