<br><br><div class="gmail_quote">On Tue, Apr 7, 2009 at 4:46 AM, Kristian Lyngstol <span dir="ltr"><<a href="mailto:kristian@redpill-linpro.com" target="_blank">kristian@redpill-linpro.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>On Tue, Apr 07, 2009 at 04:11:04AM -0700, Jauder Ho wrote:<br>
<br>
> FYI, beresp.ttl does not work on varnish 2.0.4. It does work on -trunk<br>
> though.<br>
<br>
</div>It would seem I was mistaken. It doesn't look like the obj to beresp<br>
commits made it into 2.0.4 after a quick check. So that's only relevant to<br>
trunk.<br>
<div></div></blockquote><div><br>That could be a problem for some people as obj.ttl is not available in vcl_fetch in 2.0.4 and beresp.ttl is not available until trunk.<br><br>
</div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div><br>
><br>
> Right now, only nginx1 sets X-Forwarded-For; varnish does not set<br>
> X-Forwarded-For; nginx2 is a fastcgi frontend and does not set<br>
> X-Forwarded-For.<br>
><br>
> With this config (and using -trunk), nginx2 still logs the gateway IP so<br>
> something strange is going on here.<br>
<br>
</div>I'm not familiar with how nginx logs, but I'd start by verifying:<br>
1. That the X-Forwarded-For does indeed reach the relevant server.<br>
2. That the entity that logs honors X-Forwarded-For.<br>
<font color="#888888"></font></blockquote><div><br>Looking at varnishlog (which covers the incoming request from nginx1 and response from nginx2.<br><br>It looks like X-Forwarded-For is properly set on nginx1. However on the response, it looks like there are 2(?) X-Forwarded-For headers instead of being chained as in <a href="http://en.wikipedia.org/wiki/X-Forwarded-For#Format">http://en.wikipedia.org/wiki/X-Forwarded-For#Format</a><br>
<br> 10 SessionOpen c 192.168.1.20 33406 <a href="http://192.168.1.20:7777">192.168.1.20:7777</a><br> 10 ReqStart c 192.168.1.20 33406 1768153962<br> 10 RxRequest c HEAD<br> 10 RxURL c /<br> 10 RxProtocol c HTTP/1.0<br>
10 RxHeader c X-Real-IP: 208.69.40.136<br> 10 RxHeader c X-Forwarded-For: 208.69.40.136<br> 10 RxHeader c Host: <a href="http://shop.carumba.org">shop.carumba.org</a><br> 10 RxHeader c Connection: close<br>
10 RxHeader c User-Agent: curl/7.18.2 (x86_64-pc-linux-gnu) libcurl/7.18.2 OpenSSL/0.9.8g zlib/<a href="http://1.2.3.3">1.2.3.3</a> libidn/1.10 libssh2/0.18<br> 10 RxHeader c Accept: */*<br> 10 VCL_call c recv<br>
10 VCL_return c lookup<br> 10 VCL_call c hash<br> 10 VCL_return c hash<br> 10 VCL_call c miss<br> 10 VCL_return c fetch<br> 11 BackendClose - default<br> 11 BackendOpen b default 192.168.1.20 54829 67.180.237.183 9999<br>
10 Backend c 11 default default<br> 11 TxRequest b GET<br> 11 TxURL b /<br> 11 TxProtocol b HTTP/1.1<br> 11 TxHeader b X-Real-IP: 208.69.40.136<br> 11 TxHeader b X-Forwarded-For: 208.69.40.136<br>
11 TxHeader b Host: <a href="http://shop.carumba.org">shop.carumba.org</a><br> 11 TxHeader b User-Agent: curl/7.18.2 (x86_64-pc-linux-gnu) libcurl/7.18.2 OpenSSL/0.9.8g zlib/<a href="http://1.2.3.3">1.2.3.3</a> libidn/1.10 libssh2/0.18<br>
11 TxHeader b Accept: */*<br> 11 TxHeader b X-Varnish: 1768153962<br> 11 TxHeader b X-Forwarded-For: 192.168.1.20<br> 11 RxProtocol b HTTP/1.1<br> 11 RxStatus b 200<br> 11 RxResponse b OK<br>
11 RxHeader b Server: nginx<br> 11 RxHeader b Date: Wed, 08 Apr 2009 00:25:35 GMT<br> 11 RxHeader b Content-Type: text/html; charset=UTF-8<br> 11 RxHeader b Transfer-Encoding: chunked<br> 11 RxHeader b Connection: keep-alive<br>
11 RxHeader b Set-Cookie: frontend=c4b996baf5465ad3c2cce532fe0af656; expires=Wed, 08 Apr 2009 01:25:35 GMT; path=/; domain=<a href="http://shop.carumba.org">shop.carumba.org</a>; HttpOnly<br> 11 RxHeader b Expires: Thu, 19 Nov 1981 08:52:00 GMT<br>
11 RxHeader b Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0<br> 11 RxHeader b Pragma: no-cache<br> 10 TTL c 1768153962 RFC 0 1239150335 1239150335 375007920 0 0<br>
10 VCL_call c fetch<br>
10 TTL c 1768153962 VCL 300 1239150335<br> 10 VCL_return c pass<br> 10 ObjProtocol c HTTP/1.1<br> 10 ObjStatus c 200<br> 10 ObjResponse c OK<br> 10 ObjHeader c Server: nginx<br> 10 ObjHeader c Date: Wed, 08 Apr 2009 00:25:35 GMT<br>
10 ObjHeader c Content-Type: text/html; charset=UTF-8<br> 10 ObjHeader c Set-Cookie: frontend=c4b996baf5465ad3c2cce532fe0af656; expires=Wed, 08 Apr 2009 01:25:35 GMT; path=/; domain=<a href="http://shop.carumba.org">shop.carumba.org</a>; HttpOnly<br>
10 ObjHeader c Expires: Thu, 19 Nov 1981 08:52:00 GMT<br> 10 ObjHeader c Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0<br> 10 ObjHeader c Pragma: no-cache<br> 10 ObjHeader c X-Varnish-IP: 192.168.1.20<br>
11 BackendReuse b default<br> 10 Length c 8090<br> 10 VCL_call c deliver<br> 10 VCL_return c deliver<br> 10 TxProtocol c HTTP/1.1<br> 10 TxStatus c 200<br> 10 TxResponse c OK<br> 10 TxHeader c Server: nginx<br>
10 TxHeader c Content-Type: text/html; charset=UTF-8<br> 10 TxHeader c Set-Cookie: frontend=c4b996baf5465ad3c2cce532fe0af656; expires=Wed, 08 Apr 2009 01:25:35 GMT; path=/; domain=<a href="http://shop.carumba.org">shop.carumba.org</a>; HttpOnly<br>
10 TxHeader c Expires: Thu, 19 Nov 1981 08:52:00 GMT<br> 10 TxHeader c Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0<br> 10 TxHeader c Pragma: no-cache<br> 10 TxHeader c X-Varnish-IP: 192.168.1.20<br>
10 TxHeader c Content-Length: 8090<br> 10 TxHeader c Date: Wed, 08 Apr 2009 00:25:35 GMT<br> 10 TxHeader c X-Varnish: 1768153962<br> 10 TxHeader c Age: 0<br> 10 TxHeader c Via: 1.1 varnish<br>
10 TxHeader c Connection: close<br> 10 TxHeader c X-Cache: MISS<br> 10 ReqEnd c 1768153962 1239150335.318713903 1239150335.470498323 0.000048637 0.151728630 0.000055790<br> 10 SessionClose c Connection: close<br>
10 StatSess c 192.168.1.20 33406 0 1 1 0 0 1 518 0<br><br>--Jauder<br><br></div></div>