varnish doesn't generate 502s, that's your backend misbehaving. Again, look at what you are sending to it using varnishlog, and understand what is happening, but at this time, this is not a varnish issue. -- Guillaume Quintard
On Thu, Dec 19, 2019 at 1:59 PM Varun Nath <[email protected]> wrote: > I am getting 502 Operation not permitted error. The log is as below: > > ObjStatus 502 > ObjReason Operation not permitted > > Sorry for the inconvenience 🙏 > > On Thu, Dec 19, 2019 at 6:15 PM Guillaume Quintard < > [email protected]> wrote: > >> you need to understand what is going on why the backend is replying with >> 403, then we can fix the vcl. >> >> -- >> Guillaume Quintard >> >> >> On Thu, Dec 19, 2019 at 1:18 PM Varun Nath <[email protected]> wrote: >> >>> Thank You. Could you please confirm whether the VCL config I have shared >>> if fine? >>> >>> On Thu, Dec 19, 2019 at 5:46 PM Guillaume Quintard < >>> [email protected]> wrote: >>> >>>> check the backend transaction, and understand why your origin is >>>> sending back a 403. This is due to your backend configuration and I can't >>>> help you with that. >>>> >>>> -- >>>> Guillaume Quintard >>>> >>>> >>>> On Thu, Dec 19, 2019 at 1:03 PM Varun Nath <[email protected]> >>>> wrote: >>>> >>>>> This is the VCL file am using: >>>>> >>>>> Note: Host is not a valid one >>>>> >>>>> vcl 4.0; >>>>> import std; >>>>> import directors; >>>>> >>>>> # Default backend definition. Set this to point to your content server. >>>>> backend default { >>>>> .host = "remote.host.com"; >>>>> .port = "80"; >>>>> } >>>>> >>>>> sub vcl_init { >>>>> new vdir = directors.round_robin(); >>>>> vdir.add_backend(default); >>>>> } >>>>> >>>>> sub vcl_recv { >>>>> unset req.http.proxy; >>>>> unset req.http.cookie; >>>>> set req.http.x-host = "http://remote.host.com";; >>>>> set req.http.x-clientip = client.ip; >>>>> set req.http.x-serverip = server.ip; >>>>> set req.http.x-localip = local.ip; >>>>> set req.http.x-remoteip = remote.ip; >>>>> unset req.http.X-Forwarded-For; >>>>> set req.http.x-forwarded-for = client.ip; >>>>> return(pass); >>>>> } >>>>> >>>>> sub vcl_backend_response { >>>>> # Happens after we have read the response headers from the backend. >>>>> # >>>>> # Here you clean the response headers, removing silly Set-Cookie >>>>> headers >>>>> # and other mistakes your backend does. >>>>> } >>>>> >>>>> sub vcl_deliver { >>>>> # Happens when we have all the pieces we need, and are about to >>>>> send the >>>>> # response to the client. >>>>> } >>>>> >>>>> Please let me know if I need to add something more to make the remote >>>>> host caching from localhost varnish >>>>> >>>>> On Thu, Dec 19, 2019 at 5:05 PM Varun Nath <[email protected]> >>>>> wrote: >>>>> >>>>>> Hello, >>>>>> I got some response via CURL. But getting 403 Forbidden message. Log >>>>>> is as below: >>>>>> * BerespStatus 403* >>>>>> * BerespReason Forbidden* >>>>>> Also tried setting >>>>>> >>>>>> *remove req.http.X-Forwarded-For;set req.http.x-forwarded-for = >>>>>> client.ip;* >>>>>> But didnt work. >>>>>> Could you please share your thoughts? >>>>>> >>>>>> On Thu, Dec 19, 2019 at 3:00 PM Varun Nath <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Thank You so much for your support. Will try this and let you know >>>>>>> >>>>>>> On Thu, Dec 19, 2019 at 2:49 PM Guillaume Quintard < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> The backend portion of the vcl only handles the TCP part of the >>>>>>>> equation. If your backend expect a specific host, you need to either >>>>>>>> have >>>>>>>> the client give it, or have varnish override it. >>>>>>>> >>>>>>>> Try curl -I localhost/your/file -H "host: whatever.your.host.is.com >>>>>>>> " >>>>>>>> >>>>>>>> On Thu, Dec 19, 2019, 09:02 Varun Nath <[email protected]> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> Yes, I tried with http://locahost, but that is expected, right? >>>>>>>>> since the backend server is configured in VCL file. Sorry if I am >>>>>>>>> wrong >>>>>>>>> >>>>>>>>> On Thu, Dec 19, 2019 at 2:29 PM Guillaume Quintard < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> Note: please keep the mailing list CC'd >>>>>>>>>> >>>>>>>>>> Check the host header you are sending to the backend. Usually, a >>>>>>>>>> 404 arises because the URL and/or the host wrong. >>>>>>>>>> >>>>>>>>>> I'm thinking you possibly tested varnish requesting something >>>>>>>>>> like http://localhost/your/test/file, but your backend isn't >>>>>>>>>> configured to reply to the "localhost" host >>>>>>>>>> >>>>>>>>>> On Thu, Dec 19, 2019, 08:55 Varun Nath <[email protected]> >>>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>>> Thanks again for the quick response. >>>>>>>>>>> I have checked the log and getting the expected IP address in >>>>>>>>>>> *BackendStart >>>>>>>>>>> *parameter. Sorry I didnt get what you mean by you need to >>>>>>>>>>> change *the host header before sending the request to the >>>>>>>>>>> backend. *Could you please elaborate a little bit? >>>>>>>>>>> >>>>>>>>>>> On Thu, Dec 19, 2019 at 2:20 PM Guillaume Quintard < >>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>>> Hi, >>>>>>>>>>>> >>>>>>>>>>>> Use varnishlog -b (with possibly -d) to see the backend >>>>>>>>>>>> transactions and see what IP is being used (is it the right one). >>>>>>>>>>>> It could >>>>>>>>>>>> also be that you need to change the host header before sending the >>>>>>>>>>>> request >>>>>>>>>>>> to the backend. >>>>>>>>>>>> >>>>>>>>>>>> Cheers, >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> On Thu, Dec 19, 2019, 08:39 Varun Nath <[email protected]> >>>>>>>>>>>> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> Hello, >>>>>>>>>>>>> I need to connect to a remote host from local VCL config file. >>>>>>>>>>>>> I have added the backend config as below >>>>>>>>>>>>> >>>>>>>>>>>>> backend default { >>>>>>>>>>>>> .host = "remote.host.com"; >>>>>>>>>>>>> } >>>>>>>>>>>>> >>>>>>>>>>>>> But am getting Page not available message. Do I miss something? >>>>>>>>>>>>> Thanks in advance >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> VARUN NATH A V >>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>> varnish-misc mailing list >>>>>>>>>>>>> [email protected] >>>>>>>>>>>>> >>>>>>>>>>>>> https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> VARUN NATH A V >>>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> VARUN NATH A V >>>>>>>>> >>>>>>>> >>>>>>> >>>>>>> -- >>>>>>> VARUN NATH A V >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> VARUN NATH A V >>>>>> >>>>> >>>>> >>>>> -- >>>>> VARUN NATH A V >>>>> >>>> >>> >>> -- >>> VARUN NATH A V >>> >> > > -- > VARUN NATH A V >
_______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
