Tag Archives: varnish

Introducing hitch – a scalable TLS terminating proxy.

The last couple of weeks we’ve been pretty busy making SSL/TLS support for Varnish Cache Plus 4. Now that the news is out, I can follow up with some notes here. The setup will be a TLS terminating proxy in … Continue reading

Posted in varnish | Tagged , , | Leave a comment

PROXY protocol in Varnish

Dag has been working implementing support for HAProxy’s PROXY protocol[1] in Varnish. This is a protocol adds a small header on each incoming TCP connection that describes who the real client is, added by (for example) an SSL terminating process. … Continue reading

Advertisement

Posted in varnish | Tagged , , , , , | Leave a comment

Announcing libvmod-tcp: Adjust Varnish congestion control algorithm.

I’ve uploaded my new TCP VMOD for Varnish 4 to github, you can find it here: http://github.com/lkarsten/libvmod-tcp. This VMOD allows you to get the estimated client socket round trip time, and then let you change the TCP connection’s congestion control … Continue reading

Posted in varnish | Tagged , , , | Leave a comment

What happened to ban.url in Varnish 4.0?

tl;dr; when using Varnish 4 and bans via varnishadm, instead of “ban.url EXPRESSION”, use “ban req.url ~ EXPRESSION”. In Varnish 3.0 we had the ban.url command in the varnishadm CLI. This was a shortcut function expanding to the a bit cryptic (but powerful) … Continue reading

Posted in stuff | Tagged , , | 1 Comment

Converting a Varnish 3.0 VMOD to 4.0

So we’re getting closer to releasing the first proper 4.0 version of Varnish Cache. One of the things we need to fix is to get all the vmod writers to make sure their vmod works with the new version. Here … Continue reading

Posted in Uncategorized | Tagged , , | 2 Comments

DNS RBL test address for development

If you are writing code that checks a DNS real-time blockhole list (RBL), it looks like 127.0.0.2 is the standard address that is always in the black/white -list. This is probably know for most sysadmins/security people and whatnot, but wasn’t … Continue reading

Posted in stuff | Tagged , , , , | Leave a comment

Varnish and Ghost blogging software

So there is a new shiny blogging platform out called Ghost. Looks pretty good to me. If you want to run it behind Varnish, you’ll soon notice it has the usual problem of setting session cookies everywhere leading to 0% … Continue reading

Posted in stuff | Tagged , , | 1 Comment

Building a Varnish VMOD on Debian

From the tutorials department, here are some quick notes on how to install a Varnish VMOD from source. This is slightly complicated because Varnish demands that a VMOD must be built against the same git commit (or release) as the … Continue reading

Posted in stuff | Tagged , , , , | 7 Comments

Setting client.ip in Varnish VCL with libvmod-ipcast

I’ve written a new Varnish 3.0 VMOD called ipcast. It has a single function; ipcast.clientip(ipstring) which sets the internal Varnish variable client.ip to whatever IPv4/IPv6 address you give as the argument. You need this if you want to do ACL checks … Continue reading

Posted in stuff | Tagged , , , , | Leave a comment

libvmod-cookie; simpler cookie handling in Varnish VCL

I’ve written a Varnish module (VMOD) to simplify handling of HTTP cookies in Varnish VCL. In essence it does the usual stuff you’d usually do with regular expressions, but with much simpler syntax and readability. It works by parsing the … Continue reading

Posted in Uncategorized | Tagged , , , , | 7 Comments