Varnish Probe Interval

bgbearcatfan

Here is my question, in regards to the Varnish package.  I am running three websites behind one public ip.  Because of this, i am running the varnish package so that i can run multiple websites on port 80.  One problem i am running in to is that one site is a secure https site running on port 443.  I have a nat rule setup to redirect 443 to the proper internal ip address.  The server that is running the https site is configured to redirect all http traffic automatically to https.

The problem i have is that varnish will not allow me to set the probe url to an "https://" site.  So in the past, what i did was set the probe url to an http page on that server, temporarily disable the https redirect so that varnish can mark the site as up, then re-enable the https redirect.  Then to prevent varnish from marking the site as being back down again, i set the probe interval to an extremely long interval like 5 years.

Since then, i have upgraded hardware, and reinstalled pfsense including the varnish package.  Now this method is not working.  I don't know if there is a limit now to what you can set the probe interval to, but i'm hoping someone can make a suggestion for me.

THanks for your time.

marcelloc

if you are doing a nat to your https server why do you need to configure it on varnish?  ???

bgbearcatfan

The nat is only for one web server running https on port 443.  I have three other web servers running only port 80, so varnish is for those 3 web servers only running port 80.  Unless there is a way for varnish to handle https traffic as well, which im pretty sure it can't.

marcelloc

@bgbearcatfan:

The nat is only for one web server running https on port 443.  I have three other web servers running only port 80, so varnish is for those 3 web servers only running port 80.

So why you need the https:// on probe url  ???

@bgbearcatfan:

Unless there is a way for varnish to handle https traffic as well, which im pretty sure it can't.

Only on pass through mode, It will be on next package release(depends on free time ).

bgbearcatfan

I need it for the server that does https because we still have port 80 opened on that server as well.  This way people can go to any url at http://mysite.com and automatically be redirected to HTTPS://mysite.com.  Since i only need one 443 port i only need a port forward set up for https, but i still need outside traffic to be able to initially come in on port 80

marcelloc

Varnish needs a probe url on the site it will forward traffic to. This way, find a way to test with http.