vcl 4.0;
# set default backend if no server cluster specified
backend default {
.host = "127.0.0.1";
.port = "80";
}
backend test {
.host = "127.0.0.1";
.port = "81";
}


# access control list for "purge": open to only localhost and other local nodes
acl purge {
"127.0.0.1";
}

# vcl_recv is called whenever a request is received
sub vcl_recv {
# Serve objects up to 2 minutes past their expiry if the backend
# is slow to respond.
# set req.grace = 120s;
if(req.http.host ~ "a.cn"){
set req.http.host = "a.cn";
set req.backend_hint = default;
}
if(req.http.host ~ "b.cn"){
set req.http.host = "b.cn";
set req.backend_hint = test;
set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
set req.backend_hint= default;

# This uses the ACL action called "purge". Basically if a request to
# PURGE the cache comes from anywhere other than localhost, ignore it.
if (req.method == "PURGE") {
if (!client.ip ~ purge) {
return (synth(405, "Not allowed."));
} else {
return (purge);
}
}

# Pass any requests that Varnish does not understand straight to the backend.
if (req.method != "GET" && req.method != "HEAD" &&
req.method != "PUT" && req.method != "POST" &&
req.method != "TRACE" && req.method != "OPTIONS" &&
req.method != "DELETE") {
return (pipe);
} /* Non-RFC2616 or CONNECT which is weird. */

# Pass anything other than GET and HEAD directly.
if (req.method != "GET" && req.method != "HEAD") {
return (pass);
} /* We only deal with GET and HEAD by default */

# Pass requests from logged-in users directly.
# Only detect cookies with "session" and "Token" in file name, otherwise nothing get cached.
if (req.http.Authorization || req.http.Cookie ~ "session" || req.http.Cookie ~ "Token") {
return (pass);
} /* Not cacheable by default */

# normalize Accept-Encoding to reduce vary
if (req.http.Accept-Encoding) {
if (req.http.User-Agent ~ "MSIE 6") {
unset req.http.Accept-Encoding;
} elsif (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} elsif (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
} else {
unset req.http.Accept-Encoding;
}
}

return (hash);
}


sub vcl_pipe {
# Note that only the first request to the backend will have
# X-Forwarded-For set. If you use X-Forwarded-For and want to
# have it set for all requests, make sure to have:
# set req.http.connection = "close";

# This is otherwise not necessary if you do not do any request rewriting.

set req.http.connection = "close";
}

# Called if the cache has a copy of the page.
sub vcl_hit {
if (!obj.ttl > 0s) {
return (pass);
}

# Force lookup if the request is a no-cache request from the client.
if (req.http.Cache-Control ~ "no-cache") {
return (miss);
}
}

# Called after a document has been successfully retrieved from the backend.
sub vcl_backend_response {
# set minimum timeouts to auto-discard stored objects
set beresp.grace = 120s;

if (beresp.ttl < 48h) {
set beresp.ttl = 48h;
}

if (!beresp.ttl > 0s) {
set beresp.uncacheable = true;
return (deliver);
}

if (beresp.http.Set-Cookie) {
set beresp.uncacheable = true;
return (deliver);
}

# if (beresp.http.Cache-Control ~ "(private|no-cache|no-store)") {
# set beresp.uncacheable = true;
# return (deliver);
# }

if (beresp.http.Authorization && !beresp.http.Cache-Control ~ "public") {
set beresp.uncacheable = true;
return (deliver);
}

return (deliver);
}

更正一下,目前是下面这个才对,上面那个忘记改一个地方了

vcl 4.0;
# set default backend if no server cluster specified
backend default {
.host = "127.0.0.1";
.port = "80";
}
backend test {
.host = "127.0.0.1";
.port = "81";
}


# access control list for "purge": open to only localhost and other local nodes
acl purge {
"127.0.0.1";
}

# vcl_recv is called whenever a request is received
sub vcl_recv {
# Serve objects up to 2 minutes past their expiry if the backend
# is slow to respond.
# set req.grace = 120s;
if(req.http.host ~ "a.com"){
set req.http.host = "a.com";
set req.backend_hint = default;
}
if(req.http.host ~ "b.com"){
set req.http.host = "b.com";
set req.backend_hint = blog;
set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
set req.backend_hint= default;

# This uses the ACL action called "purge". Basically if a request to
# PURGE the cache comes from anywhere other than localhost, ignore it.
if (req.method == "PURGE") {
if (!client.ip ~ purge) {
return (synth(405, "Not allowed."));
} else {
return (purge);
}
}

# Pass any requests that Varnish does not understand straight to the backend.
if (req.method != "GET" && req.method != "HEAD" &&
req.method != "PUT" && req.method != "POST" &&
req.method != "TRACE" && req.method != "OPTIONS" &&
req.method != "DELETE") {
return (pipe);
} /* Non-RFC2616 or CONNECT which is weird. */

# Pass anything other than GET and HEAD directly.
if (req.method != "GET" && req.method != "HEAD") {
return (pass);
} /* We only deal with GET and HEAD by default */

# Pass requests from logged-in users directly.
# Only detect cookies with "session" and "Token" in file name, otherwise nothing get cached.
if (req.http.Authorization || req.http.Cookie ~ "session" || req.http.Cookie ~ "Token") {
return (pass);
} /* Not cacheable by default */

# normalize Accept-Encoding to reduce vary
if (req.http.Accept-Encoding) {
if (req.http.User-Agent ~ "MSIE 6") {
unset req.http.Accept-Encoding;
} elsif (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} elsif (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
} else {
unset req.http.Accept-Encoding;
}
}

return (hash);
}


sub vcl_pipe {
# Note that only the first request to the backend will have
# X-Forwarded-For set. If you use X-Forwarded-For and want to
# have it set for all requests, make sure to have:
# set req.http.connection = "close";

# This is otherwise not necessary if you do not do any request rewriting.

set req.http.connection = "close";
}

# Called if the cache has a copy of the page.
sub vcl_hit {
if (!obj.ttl > 0s) {
return (pass);
}

# Force lookup if the request is a no-cache request from the client.
if (req.http.Cache-Control ~ "no-cache") {
return (miss);
}
}

# Called after a document has been successfully retrieved from the backend.
sub vcl_backend_response {
# set minimum timeouts to auto-discard stored objects
set beresp.grace = 120s;

if (beresp.ttl < 48h) {
set beresp.ttl = 48h;
}

if (!beresp.ttl > 0s) {
set beresp.uncacheable = true;
return (deliver);
}

if (beresp.http.Set-Cookie) {
set beresp.uncacheable = true;
return (deliver);
}

# if (beresp.http.Cache-Control ~ "(private|no-cache|no-store)") {
# set beresp.uncacheable = true;
# return (deliver);
# }

if (beresp.http.Authorization && !beresp.http.Cache-Control ~ "public") {
set beresp.uncacheable = true;
return (deliver);
}

return (deliver);
}

@sleepm 我又来请教您了,我昨晚尝试配置了一下多站点,但是出现了一个很奇怪的问题,站点 A,也就是第一个 backend 完全正常,第二个 backend,站点 B 会出现 404 的情况,但是又不是完全 404 强刷一下页面可以出来,但是没点几下又 404 这种,
目前的访问流程是:CDN>varnish>nginx,不排除是我设置写的有问题,不知道能不能帮我看看,谢谢

@sleepm 好的，谢谢

@sleepm 我是直接 访问>varnish>nginx 这样的结构，前面并没有多一层 nginx，这样的话单纯区分两个站的端口可以解决缓存混淆问题吗？

@sleepm 好的谢谢，我研究一下

打捞一下自己 orz

冲！ https://ws4.sinaimg.cn/bmiddle/62e721e4gw1et02g5wksrj200k00k3y9.jpg

论肝的话,GBF 说第二,有别的游戏敢说第一么

@nodin #27 说到心坎里了

[]( https://imgchr.com/i/mXrdC4)

国内+国外啊
DNS 那边分线路就行了,国内的解析到国内的 CDN,国外的解析到国外的 CDN,综合下来价格会实惠一点

只差一个程序员系列?

会不会 T9?就是之前键盘机的那种打字方法? 电脑上也有类似的输入法,家父就是不会拼音只会这个

@GeekCourse #12 感觉还是过于理想化,当然我觉得也和网站的类型有关,不排除是有些站收益高点,自己的站日均 pv 30W,一个月下来 2000 到 3000 块钱不到(RMB)

@1159240458 #5 目前我知道的有百度云和上海云盾是支持 NS 方式的,应该还有其他厂家

个人不是太清楚你的实际用途,
不过我个人感觉 CNAME 方式会更灵活,可以把域名的解析管理和 CDN 这部分分开,比如一些不需要使用 CDN 的二级域名,
而且还可以使用域名解析自带的分线路解析,实现不同地域用户访问使用不同的 CDN,比如国内的用户访问解析到阿里云,国外的访问解析到 Cloudflare

@1159240458 #4 https://ws3.sinaimg.cn/bmiddle/62e721e4gw1et02ek7u61j200k00k3y9.jpg 不客气,主要是弄清楚过程就好了,使用 CDN 之后,正常情况下用户都是访问的 CDN 的节点,所以不需要把域名解析回主机的,中间相当于是被 CDN 隔开了

而且,我试着打开你说的这个 CDN 看了一下,发现是在添加 CDN 的时候,就要求填你服务器的 ip 了,按道理填的话是无法创建的,你既然创建了说明已经填好了,所以只要在域名那边做 Cname 解析到 CDN 提供的地址就行了,不需要额外做 A 解析到源站的