Clever Redirect

Paul A. Procacci pprocacci at datapipe.com
Mon Jul 26 09:38:37 CEST 2010 

On Mon, Jul 26, 2010 at 02:40:26AM -0400, Stephen Nelson-Smith wrote:
> Hello,
>
> I might be trying to do this entirely the wrong way, but here's the plan:
>
> I have a large number of machines on a private VLAN, behind a
> firewall, and without publicly routeable IP addresses.  I want to be
> able to hit a page (the same page) on each of them, from a known,
> remote location.  I don't wish to set up 90 different IPs on the
> external firewall.  What I thought I could do was something like this:
>
> * Have varnish listening on a machine with an external IP address.
> * Hit http://varnish-server.com/$servername
> * Have varnish go to http://$servername/mypage.xml and return it to
> the initial requestor

This is entirely feasable.  First you define your backends:

backend virdomain1 {
.host = "10.5.21.1";;
.port = "80";
}

backend virdomain1 {
.host = "10.5.21.2";
.port = "80";
}

.....

Then in vcl_recv, you look for what it is you exactly want to match against:

if (req.url ~ "^/(www\.)?virtdomain1\.com/?$" ){
        set req.http.host = "www.virtdomain1.com";
        set req.backend = host1;
        set req.url = "/mypage.xml";

} elseif {
  #ETC
} else {
  # Use default
}

.......


This is a lot of typing for a lot of hosts, but to my knowledge, there is no way to to do tihs dynamically.  A potential example that would have been nice:

if (req.url ~ "^/(www\.)?([^\/])\/?$") {
        set req.http.host = "www.$2";
        set req.backend = $2;
        set req.url = "/mypage.xml";
}

if(!defined(req.backend)){              # Perl'ism
  backend = default;
}

.......

With that said, maybe the "quick and dirty" way is possible and I'm not up to speed.

> I have this working with a nasty cgi script, but it seems to me as if
> this could be done via Varnish.  Am I right?  If so, how would I go
> about it?

To answer the question, yes it's possible with varnish.  Cleanly however?  I guess that depends on what you consider clean.

> Thanks,
>
> S.

~Paul

This message may contain confidential or privileged information.  If you are not the intended recipient, please advise us immediately and delete this message.  See http://www.datapipe.com/about-us-legal-email-disclaimer.htm for further information on confidentiality and the risks of non-secure electronic communication. If you cannot access these links, please notify us by reply message and we will send the contents to you.

More information about the varnish-misc mailing list