Tag Archives: varnish

Introducing hitch – a scalable TLS terminating proxy.

Posted on 2015-05-15 by Lasse Karstensen

The last couple of weeks we’ve been pretty busy making SSL/TLS support for Varnish Cache Plus 4. Now that the news is out, I can follow up with some notes here. The setup will be a TLS terminating proxy in … Continue reading →

Posted in varnish | Tagged ssl, tls, varnish | Leave a comment

PROXY protocol in Varnish

Posted on 2015-01-19 by Lasse Karstensen

Dag has been working implementing support for HAProxy’s PROXY protocol[1] in Varnish. This is a protocol adds a small header on each incoming TCP connection that describes who the real client is, added by (for example) an SSL terminating process. … Continue reading →

Posted in varnish | Tagged english, haproxy, proxy, ssl, varnish, work | Leave a comment

Announcing libvmod-tcp: Adjust Varnish congestion control algorithm.

Posted on 2014-10-03 by Lasse Karstensen

I’ve uploaded my new TCP VMOD for Varnish 4 to github, you can find it here: http://github.com/lkarsten/libvmod-tcp. This VMOD allows you to get the estimated client socket round trip time, and then let you change the TCP connection’s congestion control … Continue reading →

Posted in varnish | Tagged tcp, varnish, varnish4, vmod | Leave a comment

What happened to ban.url in Varnish 4.0?

Posted on 2014-06-03 by Lasse Karstensen

tl;dr; when using Varnish 4 and bans via varnishadm, instead of “ban.url EXPRESSION”, use “ban req.url ~ EXPRESSION”. In Varnish 3.0 we had the ban.url command in the varnishadm CLI. This was a shortcut function expanding to the a bit cryptic (but powerful) … Continue reading →

Posted in stuff | Tagged english, varnish, work | 1 Comment

Converting a Varnish 3.0 VMOD to 4.0

Posted on 2013-12-19 by Lasse Karstensen

So we’re getting closer to releasing the first proper 4.0 version of Varnish Cache. One of the things we need to fix is to get all the vmod writers to make sure their vmod works with the new version. Here … Continue reading →

Posted in Uncategorized | Tagged varnish, varnish4, vmod | 2 Comments

DNS RBL test address for development

Posted on 2013-12-11 by Lasse Karstensen

If you are writing code that checks a DNS real-time blockhole list (RBL), it looks like 127.0.0.2 is the standard address that is always in the black/white -list. This is probably know for most sysadmins/security people and whatnot, but wasn’t … Continue reading →

Posted in stuff | Tagged dns, dnsrbl, linux, sorbs, varnish | Leave a comment

Varnish and Ghost blogging software

Posted on 2013-09-25 by Lasse Karstensen

So there is a new shiny blogging platform out called Ghost. Looks pretty good to me. If you want to run it behind Varnish, you’ll soon notice it has the usual problem of setting session cookies everywhere leading to 0% … Continue reading →

Posted in stuff | Tagged ghost, varnish, vcl | 1 Comment

Setting client.ip in Varnish VCL with libvmod-ipcast

Posted on 2013-07-22 by Lasse Karstensen

I’ve written a new Varnish 3.0 VMOD called ipcast. It has a single function; ipcast.clientip(ipstring) which sets the internal Varnish variable client.ip to whatever IPv4/IPv6 address you give as the argument. You need this if you want to do ACL checks … Continue reading →

Posted in stuff | Tagged ssl, varnish, vcl, vmod, work | Leave a comment

libvmod-cookie; simpler cookie handling in Varnish VCL

Posted on 2013-07-15 by Lasse Karstensen

I’ve written a Varnish module (VMOD) to simplify handling of HTTP cookies in Varnish VCL. In essence it does the usual stuff you’d usually do with regular expressions, but with much simpler syntax and readability. It works by parsing the … Continue reading →

Posted in Uncategorized | Tagged freebsd, linux, varnish, vmod, work | 7 Comments