Kristian, <br><br>Sorry about that. I'm cc'ing to varnish-misc.<br><br><br><div class="gmail_quote">On Tue, Apr 7, 2009 at 3:19 AM, Kristian Lyngstol <span dir="ltr"><<a href="mailto:kristian@redpill-linpro.com">kristian@redpill-linpro.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="im">On Tue, Apr 07, 2009 at 02:55:13AM -0700, Jauder Ho wrote:<br>
> I just downloaded the new 2.0.4 release and noticed that a couple of things<br>
> had changed causing my existing config to stop working. Therefore, I had a<br>
> couple of questions that I'm hoping that you can help answer.<br>
><br>
> a) Is beresp.ttl basically replacing obj.ttl? If so, I should be able to do<br>
> the following right in vcl_fetch?<br>
><br>
> if (beresp.ttl < 300s) {<br>
> set beresp.ttl = 300s;<br>
> }<br>
<br>
</div>Yes, for all intents and purposes, beresp is obj. The name change is<br>
reflecting some underlying changes that doesn't really affect how you write<br>
VCL - yet.</blockquote><div><br>FYI, beresp.ttl does not work on varnish 2.0.4. It does work on -trunk though.<br><br>Error msg from varnish-2.0.4 upon startup:<br>Message from VCC-compiler:<br>Unknown variable 'beresp.ttl'<br>
At: (input Line 128 Pos 7)<br> if (beresp.ttl < 300s) {<br>------##########----------<br>Running VCC-compiler failed, exit 1<br>VCL compilation failed<br> </div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
<div class="im"><br>
> b) With the change above, it looks like<br>
> <a href="http://varnish.projects.linpro.no/wiki/FAQ#HowdoIaddaHTTPheader" target="_blank">http://varnish.projects.linpro.no/wiki/FAQ#HowdoIaddaHTTPheader</a> is invalid<br>
> as obj is not valid in vcl_fetch. Just wanted to confirm that<br>
> beresp.http.X-Varnish-IP; works as expected.<br>
<br>
</div>See the above answer (yes, it's valid).<br>
<div class="im"><br>
> c) Lastly, I have a config of user > nginx1 > varnish > nginx2 > php-fpm and<br>
> noticed that the IP being logged on nginx2 is the internal IP. nginx1 has<br>
> X-Forwarded-For set. Using the wiki's suggestion at<br>
> <a href="http://varnish.projects.linpro.no/wiki/FAQ#HowcanIlogtheclientIPaddressonthebackend" target="_blank">http://varnish.projects.linpro.no/wiki/FAQ#HowcanIlogtheclientIPaddressonthebackend</a>,<br>
><br>
><br>
> sub vcl_recv {<br>
> # Add a unique header containing the client address<br>
> remove req.http.X-Forwarded-For;<br>
> set req.http.X-Forwarded-For = client.ip;<br>
> # [...]<br>
> }<br>
><br>
> This does not seem to work to show the user IP on nginx2 so any suggestions<br>
> would be appreciated as I'm wondering if the changes 2.0.4 affect this.<br>
> Thanks!<br>
<br>
</div>If your first nginx sets X-Forwarded-For, then setting<br>
req.http.X-Forwarded-For = client.ip; will overwrite it with nginx1's IP.<br>
So don't set X-Forwarded-For in vcl_recv and it will pass straight through<br>
Varnish. 2.0.4 does not affect this compared to 2.0.3.<br>
</blockquote><div><br>Right now, only nginx1 sets X-Forwarded-For; varnish does not set X-Forwarded-For; nginx2 is a fastcgi frontend and does not set X-Forwarded-For.<br><br>With this config (and using -trunk), nginx2 still logs the gateway IP so something strange is going on here. <br>
<br>--Jauder<br> </div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><br>
By the way, this discussion belongs on one of the mailing lists.<br>
<font color="#888888"><br>
--<br>
Kristian Lyngstøl<br>
Redpill Linpro AS<br>
Tlf: +47 21544179<br>
Mob: +47 99014497<br>
</font></blockquote></div><br>