1VARNISHD(1) VARNISHD(1)
2
6 varnishd - HTTP accelerator daemon
7
9 varnishd [-a
10 [name=][address][:port][,PROTO][,user=<user>][,group=<group>][,mode=<mode>]]
11 [-b [host[:port]|path]] [-C] [-d] [-F] [-f config] [-h type[,options]]
12 [-I clifile] [-i identity] [-j jail[,jailoptions]] [-l vsl] [-M
13 address:port] [-n name] [-P file] [-p param=value] [-r
14 param[,param...]] [-S secret-file] [-s [name=]kind[,options]] [-T
15 address[:port]] [-t TTL] [-V] [-W waiter]
16 varnishd [-x parameter|vsl|cli|builtin|optstring]
18 varnishd [-?]
20
22 The varnishd daemon accepts HTTP requests from clients, passes them on
23 to a backend server and caches the returned documents to better satisfy
24 future requests for the same document.
25
27 Basic options
28 -a
29 <[name=][address][:port][,PROTO][,user=<user>][,group=<group>][,mode=<mode>]>
30 Listen for client requests on the specified address and port. The
31 address can be a host name ("localhost"), an IPv4 dotted-quad
32 ("127.0.0.1"), an IPv6 address enclosed in square brackets
33 ("[::1]"), or a path beginning with a '/' for a Unix domain socket
34 ("/path/to/listen.sock"). If address is not specified, varnishd will
35 listen on all available IPv4 and IPv6 interfaces. If port is not
36 specified, port 80 (http) is used. At least one of address or port
37 is required.
38 If a Unix domain socket is specified as the listen address, then the
40 user, group and mode sub-arguments may be used to specify the per‐
41 missions of the socket file -- use names for user and group, and a
42 3-digit octal value for mode. These sub-arguments are not permitted
43 if an IP address is specified. When Unix domain socket listeners are
44 in use, all VCL configurations must have version >= 4.1.
45 Name is referenced in logs. If name is not specified, "a0", "a1",
47 etc. is used. An additional protocol type can be set for the listen‐
48 ing socket with PROTO. Valid protocol types are: HTTP (default), and
49 PROXY.
50 Multiple listening addresses can be specified by using different -a
52 arguments.
53 -b <[host[:port]|path]>
55 Use the specified host as backend server. If port is not speci‐
56 fied, the default is 8080.
57 If the value of -b begins with /, it is interpreted as the abso‐
59 lute path of a Unix domain socket to which Varnish connects. In
60 that case, the value of -b must satisfy the conditions required
61 for the .path field of a backend declaration, see vcl(7). Back‐
62 ends with Unix socket addresses may only be used with VCL ver‐
63 sions >= 4.1.
64 -b can be used only once, and not together with f.
66 -f config
68 Use the specified VCL configuration file instead of the builtin
69 default. See vcl(7) for details on VCL syntax.
70 If a single -f option is used, then the VCL instance loaded from
72 the file is named "boot" and immediately becomes active. If more
73 than one -f option is used, the VCL instances are named "boot0",
74 "boot1" and so forth, in the order corresponding to the -f argu‐
75 ments, and the last one is named "boot", which becomes active.
76 Either -b or one or more -f options must be specified, but not
78 both, and they cannot both be left out, unless -d is used to
79 start varnishd in debugging mode. If the empty string is speci‐
80 fied as the sole -f option, then varnishd starts without start‐
81 ing the worker process, and the management process will accept
82 CLI commands. You can also combine an empty -f option with an
83 initialization script (-I option) and the child process will be
84 started if there is an active VCL at the end of the initializa‐
85 tion.
86 When used with a relative file name, config is searched in the
88 vcl_path. It is possible to set this path prior to using -f
89 options with a -p option. During startup, varnishd doesn't com‐
90 plain about unsafe VCL paths: unlike the varnish-cli(7) that
91 could later be accessed remotely, starting varnishd requires
92 local privileges.
93 -n name
95 Specify the name for this instance. This name is used to con‐
96 struct the name of the directory in which varnishd keeps tempo‐
97 rary files and persistent state. If the specified name begins
98 with a forward slash, it is interpreted as the absolute path to
99 the directory.
100 Documentation options
102 For these options, varnishd prints information to standard output and
103 exits. When a -x option is used, it must be the only option (it outputs
104 documentation in reStructuredText, aka RST).
105 -?
107 Print the usage message.
108 -x parameter
110 Print documentation of the runtime parameters (-p options), see
111 List of Parameters.
112 -x vsl Print documentation of the tags used in the Varnish shared mem‐
114 ory log, see vsl(7).
115 -x cli Print documentation of the command line interface, see var‐
117 nish-cli(7).
118 -x builtin
120 Print the contents of the default VCL program builtin.vcl.
121 -x optstring
123 Print the optstring parameter to getopt(3) to help writing wrap‐
124 per scripts.
125 Operations options
127 -F Do not fork, run in the foreground. Only one of -F or -d can be
128 specified, and -F cannot be used together with -C.
129 -T <address[:port]>
131 Offer a management interface on the specified address and port.
132 See varnish-cli(7) for documentation of the management commands.
133 To disable the management interface use none.
134 -M <address:port>
136 Connect to this port and offer the command line interface.
137 Think of it as a reverse shell. When running with -M and there
138 is no backend defined the child process (the cache) will not
139 start initially.
140 -P file
142 Write the PID of the process to the specified file.
143 -i identity
145 Specify the identity of the Varnish server. This can be accessed
146 using server.identity from VCL and with VSM_Name() from utili‐
147 ties. If not specified the output of gethostname(3) is used.
148 -I clifile
150 Execute the management commands in the file given as clifile
151 before the the worker process starts, see CLI Command File.
152 Tuning options
154 -t TTL Specifies the default time to live (TTL) for cached objects.
155 This is a shortcut for specifying the default_ttl run-time
156 parameter.
157 -p <param=value>
159 Set the parameter specified by param to the specified value, see
160 List of Parameters for details. This option can be used multiple
161 times to specify multiple parameters.
162 -s <[name=]type[,options]>
164 Use the specified storage backend. See Storage Backend section.
165 This option can be used multiple times to specify multiple stor‐
167 age files. Name is referenced in logs, VCL, statistics, etc. If
168 name is not specified, "s0", "s1" and so forth is used.
169 -l <vsl>
171 Specifies size of the space for the VSL records, shorthand for
172 -p vsl_space=<vsl>. Scaling suffixes like 'K' and 'M' can be
173 used up to (G)igabytes. See vsl_space for more information.
174 Security options
176 -r <param[,param...]>
177 Make the listed parameters read only. This gives the system
178 administrator a way to limit what the Varnish CLI can do. Con‐
179 sider making parameters such as cc_command, vcc_allow_inline_c
180 and vmod_path read only as these can potentially be used to
181 escalate privileges from the CLI.
182 -S secret-file
184 Path to a file containing a secret used for authorizing access
185 to the management port. To disable authentication use none.
186 If this argument is not provided, a secret drawn from the system
188 PRNG will be written to a file called _.secret in the working
189 directory (see opt_n) with default ownership and permissions of
190 the user having started varnish.
191 Thus, users wishing to delegate control over varnish will proba‐
193 bly want to create a custom secret file with appropriate permis‐
194 sions (ie. readable by a unix group to delegate control to).
195 -j <jail[,jailoptions]>
197 Specify the jailing mechanism to use. See Jail section.
198 Advanced, development and debugging options
200 -d Enables debugging mode: The parent process runs in the fore‐
201 ground with a CLI connection on stdin/stdout, and the child
202 process must be started explicitly with a CLI command. Terminat‐
203 ing the parent process will also terminate the child.
204 Only one of -d or -F can be specified, and -d cannot be used
206 together with -C.
207 -C Print VCL code compiled to C language and exit. Specify the VCL
209 file to compile with the -f option. Either -f or -b must be used
210 with -C, and -C cannot be used with -F or -d.
211 -V Display the version number and exit. This must be the only
213 option.
214 -h <type[,options]>
216 Specifies the hash algorithm. See Hash Algorithm section for a
217 list of supported algorithms.
218 -W waiter
220 Specifies the waiter type to use.
221 Hash Algorithm
223 The following hash algorithms are available:
224 -h critbit
226 self-scaling tree structure. The default hash algorithm in Var‐
227 nish Cache 2.1 and onwards. In comparison to a more traditional
228 B tree the critbit tree is almost completely lockless. Do not
229 change this unless you are certain what you're doing.
230 -h simple_list
232 A simple doubly-linked list. Not recommended for production
233 use.
234 -h <classic[,buckets]>
236 A standard hash table. The hash key is the CRC32 of the object's
237 URL modulo the size of the hash table. Each table entry points
238 to a list of elements which share the same hash key. The buckets
239 parameter specifies the number of entries in the hash table.
240 The default is 16383.
241 Storage Backend
243 The following storage types are available:
244 -s <default[,size]>
246 The default storage type resolves to umem where available and
247 malloc otherwise.
248 -s <malloc[,size]>
250 malloc is a memory based backend.
251 -s <umem[,size]>
253 umem is a storage backend which is more efficient than malloc on
254 platforms where it is available.
255 See the section on umem in chapter Storage backends of The Var‐
257 nish Users Guide for details.
258 -s <file,path[,size[,granularity[,advice]]]>
260 The file backend stores data in a file on disk. The file will be
261 accessed using mmap. Note that this storage provide no cache
262 persistence.
263 The path is mandatory. If path points to a directory, a tempo‐
265 rary file will be created in that directory and immediately
266 unlinked. If path points to a non-existing file, the file will
267 be created.
268 If size is omitted, and path points to an existing file with a
270 size greater than zero, the size of that file will be used. If
271 not, an error is reported.
272 Granularity sets the allocation block size. Defaults to the sys‐
274 tem page size or the filesystem block size, whichever is larger.
275 Advice tells the kernel how varnishd expects to use this mapped
277 region so that the kernel can choose the appropriate read-ahead
278 and caching techniques. Possible values are normal, random and
279 sequential, corresponding to MADV_NORMAL, MADV_RANDOM and
280 MADV_SEQUENTIAL madvise() advice argument, respectively.
281 Defaults to random.
282 -s <persistent,path,size>
284 Persistent storage. Varnish will store objects in a file in a
285 manner that will secure the survival of most of the objects in
286 the event of a planned or unplanned shutdown of Varnish. The
287 persistent storage backend has multiple issues with it and will
288 likely be removed from a future version of Varnish.
289 You can also prefix the type with NAME= to explicitly name a storage:
291 -s myStorage=malloc,5G
293 This allows to address it more easily in VCL:
295 set beresp.storage = storage.myStorage;
297 If the name is omitted, Varnish will name storages sN, starting with s0
299 and incrementing N for every new storage.
300 Jail
302 Varnish jails are a generalization over various platform specific meth‐
303 ods to reduce the privileges of varnish processes. They may have spe‐
304 cific options. Available jails are:
305 -j solaris
307 Reduce privileges(5) for varnishd and sub-process to the mini‐
308 mally required set. Only available on platforms which have the
309 setppriv(2) call.
310 -j <unix[,user=`user`][,ccgroup=`group`][,workuser=`user`]>
312 Default on all other platforms when varnishd is started with an
313 effective uid of 0 ("as root").
314 With the unix jail mechanism activated, varnish will switch to
316 an alternative user for subprocesses and change the effective
317 uid of the master process whenever possible.
318 The optional user argument specifies which alternative user to
320 use. It defaults to varnish.
321 The optional ccgroup argument specifies a group to add to var‐
323 nish subprocesses requiring access to a c-compiler. There is no
324 default.
325 The optional workuser argument specifies an alternative user to
327 use for the worker process. It defaults to vcache.
328 -j none
330 last resort jail choice: With jail mechanism none, varnish will
331 run all processes with the privileges it was started with.
332 Management Interface
334 If the -T option was specified, varnishd will offer a command-line man‐
335 agement interface on the specified address and port. The recommended
336 way of connecting to the command-line management interface is through
337 varnishadm(1).
338 The commands available are documented in varnish-cli(7).
340 CLI Command File
342 The -I option makes it possible to run arbitrary management commands
343 when varnishd is launched, before the worker process is started. In
344 particular, this is the way to load configurations, apply labels to
345 them, and make a VCL instance active that uses those labels on startup:
346 vcl.load panic /etc/varnish_panic.vcl
348 vcl.load siteA0 /etc/varnish_siteA.vcl
349 vcl.load siteB0 /etc/varnish_siteB.vcl
350 vcl.load siteC0 /etc/varnish_siteC.vcl
351 vcl.label siteA siteA0
352 vcl.label siteB siteB0
353 vcl.label siteC siteC0
354 vcl.load main /etc/varnish_main.vcl
355 vcl.use main
356 Every line in the file, including the last line, must be terminated by
358 a newline or carriage return.
359 If a command in the file is prefixed with '-', failure will not abort
361 the startup.
362
364 Run Time Parameter Flags
365 Runtime parameters are marked with shorthand flags to avoid repeating
366 the same text over and over in the table below. The meaning of the
367 flags are:
368 · experimental
370 We have no solid information about good/bad/optimal values for this
372 parameter. Feedback with experience and observations are most wel‐
373 come.
374 · delayed
376 This parameter can be changed on the fly, but will not take effect
378 immediately.
379 · restart
381 The worker process must be stopped and restarted, before this parame‐
383 ter takes effect.
384 · reload
386 The VCL programs must be reloaded for this parameter to take effect.
388 · experimental
390 We're not really sure about this parameter, tell us what you find.
392 · wizard
394 Do not touch unless you really know what you're doing.
396 · only_root
398 Only works if varnishd is running as root.
400 Default Value Exceptions on 32 bit Systems
402 Be aware that on 32 bit systems, certain default values are reduced
403 relative to the values listed below, in order to conserve VM space:
404 · workspace_client: 24k
406 · workspace_backend: 20k
408 · http_resp_size: 8k
410 · http_req_size: 12k
412 · gzip_buffer: 4k
414 · vsl_space: 1G
416 · thread_pool_stack: 52k
418 List of Parameters
420 This text is produced from the same text you will find in the CLI if
421 you use the param.show command:
422 accept_filter
424 NB: This parameter depends on a feature which is not available on all
425 platforms.
426 · Units: bool
428 · Default: off
430 · Flags:
432 Enable kernel accept-filters.
434 acceptor_sleep_decay
436 · Default: 0.9
437 · Minimum: 0
439 · Maximum: 1
441 · Flags: experimental
443 If we run out of resources, such as file descriptors or worker threads,
445 the acceptor will sleep between accepts. This parameter (multiplica‐
446 tively) reduce the sleep duration for each successful accept. (ie: 0.9
447 = reduce by 10%)
448 acceptor_sleep_incr
450 · Units: seconds
451 · Default: 0.000
453 · Minimum: 0.000
455 · Maximum: 1.000
457 · Flags: experimental
459 If we run out of resources, such as file descriptors or worker threads,
461 the acceptor will sleep between accepts. This parameter control how
462 much longer we sleep, each time we fail to accept a new connection.
463 acceptor_sleep_max
465 · Units: seconds
466 · Default: 0.050
468 · Minimum: 0.000
470 · Maximum: 10.000
472 · Flags: experimental
474 If we run out of resources, such as file descriptors or worker threads,
476 the acceptor will sleep between accepts. This parameter limits how
477 long it can sleep between attempts to accept new connections.
478 auto_restart
480 · Units: bool
481 · Default: on
483 Automatically restart the child/worker process if it dies.
485 backend_idle_timeout
487 · Units: seconds
488 · Default: 60.000
490 · Minimum: 1.000
492 Timeout before we close unused backend connections.
494 backend_local_error_holddown
496 · Units: seconds
497 · Default: 10.000
499 · Minimum: 0.000
501 · Flags: experimental
503 When connecting to backends, certain error codes (EADDRNOTAVAIL, EAC‐
505 CESS, EPERM) signal a local resource shortage or configuration issue
506 for which retrying connection attempts may worsen the situation due to
507 the complexity of the operations involved in the kernel. This parame‐
508 ter prevents repeated connection attempts for the configured duration.
509 backend_remote_error_holddown
511 · Units: seconds
512 · Default: 0.250
514 · Minimum: 0.000
516 · Flags: experimental
518 When connecting to backends, certain error codes (ECONNREFUSED, ENETUN‐
520 REACH) signal fundamental connection issues such as the backend not
521 accepting connections or routing problems for which repeated connection
522 attempts are considered useless This parameter prevents repeated con‐
523 nection attempts for the configured duration.
524 ban_cutoff
526 · Units: bans
527 · Default: 0
529 · Minimum: 0
531 · Flags: experimental
533 Expurge long tail content from the cache to keep the number of bans
535 below this value. 0 disables.
536 When this parameter is set to a non-zero value, the ban lurker contin‐
538 ues to work the ban list as usual top to bottom, but when it reaches
539 the ban_cutoff-th ban, it treats all objects as if they matched a ban
540 and expurges them from cache. As actively used objects get tested
541 against the ban list at request time and thus are likely to be associ‐
542 ated with bans near the top of the ban list, with ban_cutoff, least
543 recently accessed objects (the "long tail") are removed.
544 This parameter is a safety net to avoid bad response times due to bans
546 being tested at lookup time. Setting a cutoff trades response time for
547 cache efficiency. The recommended value is proportional to
548 rate(bans_lurker_tests_tested) / n_objects while the ban lurker is
549 working, which is the number of bans the system can sustain. The addi‐
550 tional latency due to request ban testing is in the order of ban_cutoff
551 / rate(bans_lurker_tests_tested). For example, for
552 rate(bans_lurker_tests_tested) = 2M/s and a tolerable latency of 100ms,
553 a good value for ban_cutoff may be 200K.
554 ban_dups
556 · Units: bool
557 · Default: on
559 Eliminate older identical bans when a new ban is added. This saves CPU
561 cycles by not comparing objects to identical bans. This is a waste of
562 time if you have many bans which are never identical.
563 ban_lurker_age
565 · Units: seconds
566 · Default: 60.000
568 · Minimum: 0.000
570 The ban lurker will ignore bans until they are this old. When a ban is
572 added, the active traffic will be tested against it as part of object
573 lookup. Because many applications issue bans in bursts, this parameter
574 holds the ban-lurker off until the rush is over. This should be set to
575 the approximate time which a ban-burst takes.
576 ban_lurker_batch
578 · Default: 1000
579 · Minimum: 1
581 The ban lurker sleeps ${ban_lurker_sleep} after examining this many
583 objects. Use this to pace the ban-lurker if it eats too many
584 resources.
585 ban_lurker_holdoff
587 · Units: seconds
588 · Default: 0.010
590 · Minimum: 0.000
592 · Flags: experimental
594 How long the ban lurker sleeps when giving way to lookup due to lock
596 contention.
597 ban_lurker_sleep
599 · Units: seconds
600 · Default: 0.010
602 · Minimum: 0.000
604 How long the ban lurker sleeps after examining ${ban_lurker_batch}
606 objects. Use this to pace the ban-lurker if it eats too many
607 resources. A value of zero will disable the ban lurker entirely.
608 between_bytes_timeout
610 · Units: seconds
611 · Default: 60.000
613 · Minimum: 0.000
615 We only wait for this many seconds between bytes received from the
617 backend before giving up the fetch. A value of zero means never give
618 up. VCL values, per backend or per backend request take precedence.
619 This parameter does not apply to pipe'ed requests.
620 cc_command
622 · Default: exec clang -g -O2 -Wall -Werror -Wno-error=unused-result
623 -Werror -Wno-format-y2k -Wstrict-prototypes -Wmissing-proto‐
624 types -Wpointer-arith -Wcast-qual -Wwrite-strings -Wshadow
625 -Wunused-parameter -Wcast-align -Wchar-subscripts
626 -Wnested-externs -Wextra -Wno-sign-compare -fstack-protector
627 -Wno-missing-field-initializers -pthread -fpic -shared -Wl,-x -o
628 %o %s
629 · Flags: must_reload
631 Command used for compiling the C source code to a dlopen(3) loadable
633 object. Any occurrence of %s in the string will be replaced with the
634 source file name, and %o will be replaced with the output file name.
635 cli_limit
637 · Units: bytes
638 · Default: 48k
640 · Minimum: 128b
642 · Maximum: 99999999b
644 Maximum size of CLI response. If the response exceeds this limit, the
646 response code will be 201 instead of 200 and the last line will indi‐
647 cate the truncation.
648 cli_timeout
650 · Units: seconds
651 · Default: 60.000
653 · Minimum: 0.000
655 Timeout for the childs replies to CLI requests from the mgt_param.
657 clock_skew
659 · Units: seconds
660 · Default: 10
662 · Minimum: 0
664 How much clockskew we are willing to accept between the backend and our
666 own clock.
667 clock_step
669 · Units: seconds
670 · Default: 1.000
672 · Minimum: 0.000
674 How much observed clock step we are willing to accept before we panic.
676 connect_timeout
678 · Units: seconds
679 · Default: 3.500
681 · Minimum: 0.000
683 Default connection timeout for backend connections. We only try to con‐
685 nect to the backend for this many seconds before giving up. VCL can
686 override this default value for each backend and backend request.
687 critbit_cooloff
689 · Units: seconds
690 · Default: 180.000
692 · Minimum: 60.000
694 · Maximum: 254.000
696 · Flags: wizard
698 How long the critbit hasher keeps deleted objheads on the cooloff list.
700 debug
702 · Default: none
703 Enable/Disable various kinds of debugging.
705 none Disable all debugging
707 Use +/- prefix to set/reset individual bits:
709 req_state
711 VSL Request state engine
712 workspace
714 VSL Workspace operations
715 waitinglist
717 VSL Waitinglist events
718 syncvsl
720 Make VSL synchronous
721 hashedge
723 Edge cases in Hash
724 vclrel Rapid VCL release
726 lurker VSL Ban lurker
728 esi_chop
730 Chop ESI fetch to bits
731 flush_head
733 Flush after http1 head
734 vtc_mode
736 Varnishtest Mode
737 witness
739 Emit WITNESS lock records
740 vsm_keep
742 Keep the VSM file on restart
743 drop_pools
745 Drop thread pools (testing)
746 slow_acceptor
748 Slow down Acceptor
749 h2_nocheck
751 Disable various H2 checks
752 vmod_so_keep
754 Keep copied VMOD libraries
755 processors
757 Fetch/Deliver processors
758 protocol
760 Protocol debugging
761 vcl_keep
763 Keep VCL C and so files
764 lck Additional lock statistics
766 default_grace
768 · Units: seconds
769 · Default: 10.000
771 · Minimum: 0.000
773 · Flags: obj_sticky
775 Default grace period. We will deliver an object this long after it has
777 expired, provided another thread is attempting to get a new copy.
778 default_keep
780 · Units: seconds
781 · Default: 0.000
783 · Minimum: 0.000
785 · Flags: obj_sticky
787 Default keep period. We will keep a useless object around this long,
789 making it available for conditional backend fetches. That means that
790 the object will be removed from the cache at the end of ttl+grace+keep.
791 default_ttl
793 · Units: seconds
794 · Default: 120.000
796 · Minimum: 0.000
798 · Flags: obj_sticky
800 The TTL assigned to objects if neither the backend nor the VCL code
802 assigns one.
803 feature
805 · Default: none
806 Enable/Disable various minor features.
808 none Disable all features.
810 Use +/- prefix to enable/disable individual feature:
812 short_panic
814 Short panic message.
815 wait_silo
817 Wait for persistent silo.
818 no_coredump
820 No coredumps.
821 esi_ignore_https
823 Treat HTTPS as HTTP in ESI:includes
824 esi_disable_xml_check
826 Don't check of body looks like XML
827 esi_ignore_other_elements
829 Ignore non-esi XML-elements
830 esi_remove_bom
832 Remove UTF-8 BOM
833 https_scheme
835 Also split https URIs
836 http2 Support HTTP/2 protocol
838 http_date_postel
840 Relax parsing of timestamps in HTTP headers
841 fetch_chunksize
843 · Units: bytes
844 · Default: 16k
846 · Minimum: 4k
848 · Flags: experimental
850 The default chunksize used by fetcher. This should be bigger than the
852 majority of objects with short TTLs. Internal limits in the stor‐
853 age_file module makes increases above 128kb a dubious idea.
854 fetch_maxchunksize
856 · Units: bytes
857 · Default: 0.25G
859 · Minimum: 64k
861 · Flags: experimental
863 The maximum chunksize we attempt to allocate from storage. Making this
865 too large may cause delays and storage fragmentation.
866 first_byte_timeout
868 · Units: seconds
869 · Default: 60.000
871 · Minimum: 0.000
873 Default timeout for receiving first byte from backend. We only wait for
875 this many seconds for the first byte before giving up. A value of 0
876 means it will never time out. VCL can override this default value for
877 each backend and backend request. This parameter does not apply to
878 pipe.
879 gzip_buffer
881 · Units: bytes
882 · Default: 32k
884 · Minimum: 2k
886 · Flags: experimental
888 Size of malloc buffer used for gzip processing. These buffers are used
890 for in-transit data, for instance gunzip'ed data being sent to a
891 client.Making this space to small results in more overhead, writes to
892 sockets etc, making it too big is probably just a waste of memory.
893 gzip_level
895 · Default: 6
896 · Minimum: 0
898 · Maximum: 9
900 Gzip compression level: 0=debug, 1=fast, 9=best
902 gzip_memlevel
904 · Default: 8
905 · Minimum: 1
907 · Maximum: 9
909 Gzip memory level 1=slow/least, 9=fast/most compression. Memory impact
911 is 1=1k, 2=2k, ... 9=256k.
912 h2_header_table_size
914 · Units: bytes
915 · Default: 4k
917 · Minimum: 0b
919 HTTP2 header table size. This is the size that will be used for the
921 HPACK dynamic decoding table.
922 h2_initial_window_size
924 · Units: bytes
925 · Default: 65535b
927 · Minimum: 0b
929 · Maximum: 2147483647b
931 HTTP2 initial flow control window size.
933 h2_max_concurrent_streams
935 · Units: streams
936 · Default: 100
938 · Minimum: 0
940 HTTP2 Maximum number of concurrent streams. This is the number of
942 requests that can be active at the same time for a single HTTP2 connec‐
943 tion.
944 h2_max_frame_size
946 · Units: bytes
947 · Default: 16k
949 · Minimum: 16k
951 · Maximum: 16777215b
953 HTTP2 maximum per frame payload size we are willing to accept.
955 h2_max_header_list_size
957 · Units: bytes
958 · Default: 2147483647b
960 · Minimum: 0b
962 HTTP2 maximum size of an uncompressed header list.
964 h2_rx_window_increment
966 · Units: bytes
967 · Default: 1M
969 · Minimum: 1M
971 · Maximum: 1G
973 · Flags: wizard
975 HTTP2 Receive Window Increments. How big credits we send in WIN‐
977 DOW_UPDATE frames Only affects incoming request bodies (ie: POST, PUT
978 etc.)
979 h2_rx_window_low_water
981 · Units: bytes
982 · Default: 10M
984 · Minimum: 65535b
986 · Maximum: 1G
988 · Flags: wizard
990 HTTP2 Receive Window low water mark. We try to keep the window at
992 least this big Only affects incoming request bodies (ie: POST, PUT
993 etc.)
994 http1_iovs
996 · Units: struct iovec (=16 bytes)
997 · Default: 64
999 · Minimum: 5
1001 · Maximum: 1024
1003 · Flags: wizard
1005 Number of io vectors to allocate for HTTP1 protocol transmission. A
1007 HTTP1 header needs 7 + 2 per HTTP header field. Allocated from
1008 workspace_thread.
1009 http_gzip_support
1011 · Units: bool
1012 · Default: on
1014 Enable gzip support. When enabled Varnish request compressed objects
1016 from the backend and store them compressed. If a client does not sup‐
1017 port gzip encoding Varnish will uncompress compressed objects on
1018 demand. Varnish will also rewrite the Accept-Encoding header of clients
1019 indicating support for gzip to:
1020 Accept-Encoding: gzip
1021 Clients that do not support gzip will have their Accept-Encoding header
1023 removed. For more information on how gzip is implemented please see the
1024 chapter on gzip in the Varnish reference.
1025 When gzip support is disabled the variables beresp.do_gzip and
1027 beresp.do_gunzip have no effect in VCL.
1028 http_max_hdr
1030 · Units: header lines
1031 · Default: 64
1033 · Minimum: 32
1035 · Maximum: 65535
1037 Maximum number of HTTP header lines we allow in
1039 {req|resp|bereq|beresp}.http (obj.http is autosized to the exact number
1040 of headers). Cheap, ~20 bytes, in terms of workspace memory. Note
1041 that the first line occupies five header lines.
1042 http_range_support
1044 · Units: bool
1045 · Default: on
1047 Enable support for HTTP Range headers.
1049 http_req_hdr_len
1051 · Units: bytes
1052 · Default: 8k
1054 · Minimum: 40b
1056 Maximum length of any HTTP client request header we will allow. The
1058 limit is inclusive its continuation lines.
1059 http_req_size
1061 · Units: bytes
1062 · Default: 32k
1064 · Minimum: 0.25k
1066 Maximum number of bytes of HTTP client request we will deal with. This
1068 is a limit on all bytes up to the double blank line which ends the HTTP
1069 request. The memory for the request is allocated from the client
1070 workspace (param: workspace_client) and this parameter limits how much
1071 of that the request is allowed to take up.
1072 http_resp_hdr_len
1074 · Units: bytes
1075 · Default: 8k
1077 · Minimum: 40b
1079 Maximum length of any HTTP backend response header we will allow. The
1081 limit is inclusive its continuation lines.
1082 http_resp_size
1084 · Units: bytes
1085 · Default: 32k
1087 · Minimum: 0.25k
1089 Maximum number of bytes of HTTP backend response we will deal with.
1091 This is a limit on all bytes up to the double blank line which ends the
1092 HTTP response. The memory for the response is allocated from the back‐
1093 end workspace (param: workspace_backend) and this parameter limits how
1094 much of that the response is allowed to take up.
1095 idle_send_timeout
1097 · Units: seconds
1098 · Default: 60.000
1100 · Minimum: 0.000
1102 · Flags: delayed
1104 Send timeout for individual pieces of data on client connections. May
1106 get extended if 'send_timeout' applies.
1107 When this timeout is hit, the session is closed.
1109 See the man page for setsockopt(2) under SO_SNDTIMEO for more informa‐
1111 tion.
1112 listen_depth
1114 · Units: connections
1115 · Default: 1024
1117 · Minimum: 0
1119 · Flags: must_restart
1121 Listen queue depth.
1123 lru_interval
1125 · Units: seconds
1126 · Default: 2.000
1128 · Minimum: 0.000
1130 · Flags: experimental
1132 Grace period before object moves on LRU list. Objects are only moved
1134 to the front of the LRU list if they have not been moved there already
1135 inside this timeout period. This reduces the amount of lock operations
1136 necessary for LRU list access.
1137 max_esi_depth
1139 · Units: levels
1140 · Default: 5
1142 · Minimum: 0
1144 Maximum depth of esi:include processing.
1146 max_restarts
1148 · Units: restarts
1149 · Default: 4
1151 · Minimum: 0
1153 Upper limit on how many times a request can restart.
1155 max_retries
1157 · Units: retries
1158 · Default: 4
1160 · Minimum: 0
1162 Upper limit on how many times a backend fetch can retry.
1164 max_vcl
1166 · Default: 100
1167 · Minimum: 0
1169 Threshold of loaded VCL programs. (VCL labels are not counted.)
1171 Parameter max_vcl_handling determines behaviour.
1172 max_vcl_handling
1174 · Default: 1
1175 · Minimum: 0
1177 · Maximum: 2
1179 Behaviour when attempting to exceed max_vcl loaded VCL.
1181 · 0 - Ignore max_vcl parameter.
1183 · 1 - Issue warning.
1185 · 2 - Refuse loading VCLs.
1187 nuke_limit
1189 · Units: allocations
1190 · Default: 50
1192 · Minimum: 0
1194 · Flags: experimental
1196 Maximum number of objects we attempt to nuke in order to make space for
1198 a object body.
1199 pcre_match_limit
1201 · Default: 10000
1202 · Minimum: 1
1204 The limit for the number of calls to the internal match() function in
1206 pcre_exec().
1207 (See: PCRE_EXTRA_MATCH_LIMIT in pcre docs.)
1209 This parameter limits how much CPU time regular expression matching can
1211 soak up.
1212 pcre_match_limit_recursion
1214 · Default: 20
1215 · Minimum: 1
1217 The recursion depth-limit for the internal match() function in a
1219 pcre_exec().
1220 (See: PCRE_EXTRA_MATCH_LIMIT_RECURSION in pcre docs.)
1222 This puts an upper limit on the amount of stack used by PCRE for cer‐
1224 tain classes of regular expressions.
1225 We have set the default value low in order to prevent crashes, at the
1227 cost of possible regexp matching failures.
1228 Matching failures will show up in the log as VCL_Error messages with
1230 regexp errors -27 or -21.
1231 Testcase r01576 can be useful when tuning this parameter.
1233 ping_interval
1235 · Units: seconds
1236 · Default: 3
1238 · Minimum: 0
1240 · Flags: must_restart
1242 Interval between pings from parent to child. Zero will disable pinging
1244 entirely, which makes it possible to attach a debugger to the child.
1245 pipe_sess_max
1247 · Units: connections
1248 · Default: 0
1250 · Minimum: 0
1252 Maximum number of sessions dedicated to pipe transactions.
1254 pipe_timeout
1256 · Units: seconds
1257 · Default: 60.000
1259 · Minimum: 0.000
1261 Idle timeout for PIPE sessions. If nothing have been received in either
1263 direction for this many seconds, the session is closed.
1264 pool_req
1266 · Default: 10,100,10
1267 Parameters for per worker pool request memory pool. The three numbers
1269 are:
1270 min_pool
1272 minimum size of free pool.
1273 max_pool
1275 maximum size of free pool.
1276 max_age
1278 max age of free element.
1279 pool_sess
1281 · Default: 10,100,10
1282 Parameters for per worker pool session memory pool. The three numbers
1284 are:
1285 min_pool
1287 minimum size of free pool.
1288 max_pool
1290 maximum size of free pool.
1291 max_age
1293 max age of free element.
1294 pool_vbo
1296 · Default: 10,100,10
1297 Parameters for backend object fetch memory pool. The three numbers
1299 are:
1300 min_pool
1302 minimum size of free pool.
1303 max_pool
1305 maximum size of free pool.
1306 max_age
1308 max age of free element.
1309 prefer_ipv6
1311 · Units: bool
1312 · Default: off
1314 Prefer IPv6 address when connecting to backends which have both IPv4
1316 and IPv6 addresses.
1317 rush_exponent
1319 · Units: requests per request
1320 · Default: 3
1322 · Minimum: 2
1324 · Flags: experimental
1326 How many parked request we start for each completed request on the
1328 object. NB: Even with the implict delay of delivery, this parameter
1329 controls an exponential increase in number of worker threads.
1330 send_timeout
1332 · Units: seconds
1333 · Default: 600.000
1335 · Minimum: 0.000
1337 · Flags: delayed
1339 Total timeout for ordinary HTTP1 responses. Does not apply to some
1341 internally generated errors and pipe mode.
1342 When 'idle_send_timeout' is hit while sending an HTTP1 response, the
1344 timeout is extended unless the total time already taken for sending the
1345 response in its entirety exceeds this many seconds.
1346 When this timeout is hit, the session is closed
1348 shortlived
1350 · Units: seconds
1351 · Default: 10.000
1353 · Minimum: 0.000
1355 Objects created with (ttl+grace+keep) shorter than this are always put
1357 in transient storage.
1358 sigsegv_handler
1360 · Units: bool
1361 · Default: on
1363 · Flags: must_restart
1365 Install a signal handler which tries to dump debug information on seg‐
1367 mentation faults, bus errors and abort signals.
1368 syslog_cli_traffic
1370 · Units: bool
1371 · Default: on
1373 Log all CLI traffic to syslog(LOG_INFO).
1375 tcp_fastopen
1377 · Units: bool
1378 · Default: off
1380 · Flags: must_restart
1382 Enable TCP Fast Open extension.
1384 tcp_keepalive_intvl
1386 · Units: seconds
1387 · Default: 75.000
1389 · Minimum: 1.000
1391 · Maximum: 100.000
1393 · Flags: experimental
1395 The number of seconds between TCP keep-alive probes. Ignored for Unix
1397 domain sockets.
1398 tcp_keepalive_probes
1400 · Units: probes
1401 · Default: 9
1403 · Minimum: 1
1405 · Maximum: 100
1407 · Flags: experimental
1409 The maximum number of TCP keep-alive probes to send before giving up
1411 and killing the connection if no response is obtained from the other
1412 end. Ignored for Unix domain sockets.
1413 tcp_keepalive_time
1415 · Units: seconds
1416 · Default: 7200.000
1418 · Minimum: 1.000
1420 · Maximum: 7200.000
1422 · Flags: experimental
1424 The number of seconds a connection needs to be idle before TCP begins
1426 sending out keep-alive probes. Ignored for Unix domain sockets.
1427 thread_pool_add_delay
1429 · Units: seconds
1430 · Default: 0.000
1432 · Minimum: 0.000
1434 · Flags: experimental
1436 Wait at least this long after creating a thread.
1438 Some (buggy) systems may need a short (sub-second) delay between creat‐
1440 ing threads. Set this to a few milliseconds if you see the
1441 'threads_failed' counter grow too much.
1442 Setting this too high results in insufficient worker threads.
1444 thread_pool_destroy_delay
1446 · Units: seconds
1447 · Default: 1.000
1449 · Minimum: 0.010
1451 · Flags: delayed, experimental
1453 Wait this long after destroying a thread.
1455 This controls the decay of thread pools when idle(-ish).
1457 thread_pool_fail_delay
1459 · Units: seconds
1460 · Default: 0.200
1462 · Minimum: 0.010
1464 · Flags: experimental
1466 Wait at least this long after a failed thread creation before trying to
1468 create another thread.
1469 Failure to create a worker thread is often a sign that the end is
1471 near, because the process is running out of some resource. This delay
1472 tries to not rush the end on needlessly.
1473 If thread creation failures are a problem, check that thread_pool_max
1475 is not too high.
1476 It may also help to increase thread_pool_timeout and thread_pool_min,
1478 to reduce the rate at which treads are destroyed and later recreated.
1479 thread_pool_max
1481 · Units: threads
1482 · Default: 5000
1484 · Minimum: 100
1486 · Flags: delayed
1488 The maximum number of worker threads in each pool. The minimum value
1490 depends on thread_pool_min.
1491 Do not set this higher than you have to, since excess worker threads
1493 soak up RAM and CPU and generally just get in the way of getting work
1494 done.
1495 thread_pool_min
1497 · Units: threads
1498 · Default: 100
1500 · Maximum: 5000
1502 · Flags: delayed
1504 The minimum number of worker threads in each pool. The maximum value
1506 depends on thread_pool_max.
1507 Increasing this may help ramp up faster from low load situations or
1509 when threads have expired.
1510 Minimum is 10 threads.
1512 thread_pool_reserve
1514 · Units: threads
1515 · Default: 0
1517 · Maximum: 95
1519 · Flags: delayed
1521 The number of worker threads reserved for vital tasks in each pool.
1523 Tasks may require other tasks to complete (for example, client requests
1525 may require backend requests). This reserve is to ensure that such
1526 tasks still get to run even under high load.
1527 Increasing the reserve may help setups with a high number of backend
1529 requests at the expense of client performance. Setting it too high will
1530 waste resources by keeping threads unused.
1531 Default is 0 to auto-tune (currently 5% of thread_pool_min). Minimum
1533 is 1 otherwise, maximum is 95% of thread_pool_min.
1534 thread_pool_stack
1536 · Units: bytes
1537 · Default: 56k
1539 · Minimum: 16k
1541 · Flags: delayed
1543 Worker thread stack size. This will likely be rounded up to a multiple
1545 of 4k (or whatever the page_size might be) by the kernel.
1546 The required stack size is primarily driven by the depth of the
1548 call-tree. The most common relevant determining factors in varnish core
1549 code are GZIP (un)compression, ESI processing and regular expression
1550 matches. VMODs may also require significant amounts of additional
1551 stack. The nesting depth of VCL subs is another factor, although typi‐
1552 cally not predominant.
1553 The stack size is per thread, so the maximum total memory required for
1555 worker thread stacks is in the order of size = thread_pools x
1556 thread_pool_max x thread_pool_stack.
1557 Thus, in particular for setups with many threads, keeping the stack
1559 size at a minimum helps reduce the amount of memory required by Var‐
1560 nish.
1561 On the other hand, thread_pool_stack must be large enough under all
1563 circumstances, otherwise varnish will crash due to a stack overflow.
1564 Usually, a stack overflow manifests itself as a segmentation fault (aka
1565 segfault / SIGSEGV) with the faulting address being near the stack
1566 pointer (sp).
1567 Unless stack usage can be reduced, thread_pool_stack must be increased
1569 when a stack overflow occurs. Setting it in 150%-200% increments is
1570 recommended until stack overflows cease to occur.
1571 thread_pool_timeout
1573 · Units: seconds
1574 · Default: 300.000
1576 · Minimum: 10.000
1578 · Flags: delayed, experimental
1580 Thread idle threshold.
1582 Threads in excess of thread_pool_min, which have been idle for at least
1584 this long, will be destroyed.
1585 thread_pool_watchdog
1587 · Units: seconds
1588 · Default: 60.000
1590 · Minimum: 0.100
1592 · Flags: experimental
1594 Thread queue stuck watchdog.
1596 If no queued work have been released for this long, the worker process
1598 panics itself.
1599 thread_pools
1601 · Units: pools
1602 · Default: 2
1604 · Minimum: 1
1606 · Maximum: 32
1608 · Flags: delayed, experimental
1610 Number of worker thread pools.
1612 Increasing the number of worker pools decreases lock contention. Each
1614 worker pool also has a thread accepting new connections, so for very
1615 high rates of incoming new connections on systems with many cores,
1616 increasing the worker pools may be required.
1617 Too many pools waste CPU and RAM resources, and more than one pool for
1619 each CPU is most likely detrimental to performance.
1620 Can be increased on the fly, but decreases require a restart to take
1622 effect.
1623 thread_queue_limit
1625 · Default: 20
1626 · Minimum: 0
1628 · Flags: experimental
1630 Permitted request queue length per thread-pool.
1632 This sets the number of requests we will queue, waiting for an avail‐
1634 able thread. Above this limit sessions will be dropped instead of
1635 queued.
1636 thread_stats_rate
1638 · Units: requests
1639 · Default: 10
1641 · Minimum: 0
1643 · Flags: experimental
1645 Worker threads accumulate statistics, and dump these into the global
1647 stats counters if the lock is free when they finish a job
1648 (request/fetch etc.) This parameters defines the maximum number of
1649 jobs a worker thread may handle, before it is forced to dump its accu‐
1650 mulated stats into the global counters.
1651 timeout_idle
1653 · Units: seconds
1654 · Default: 5.000
1656 · Minimum: 0.000
1658 Idle timeout for client connections.
1660 A connection is considered idle until we have received the full request
1662 headers.
1663 This parameter is particularly relevant for HTTP1 keepalive connec‐
1665 tions which are closed unless the next request is received before this
1666 timeout is reached.
1667 timeout_linger
1669 · Units: seconds
1670 · Default: 0.050
1672 · Minimum: 0.000
1674 · Flags: experimental
1676 How long the worker thread lingers on an idle session before handing it
1678 over to the waiter. When sessions are reused, as much as half of all
1679 reuses happen within the first 100 msec of the previous request com‐
1680 pleting. Setting this too high results in worker threads not doing
1681 anything for their keep, setting it too low just means that more ses‐
1682 sions take a detour around the waiter.
1683 vcc_allow_inline_c
1685 · Units: bool
1686 · Default: off
1688 Allow inline C code in VCL.
1690 vcc_err_unref
1692 · Units: bool
1693 · Default: on
1695 Unreferenced VCL objects result in error.
1697 vcc_unsafe_path
1699 · Units: bool
1700 · Default: on
1702 Allow '/' in vmod & include paths. Allow 'import ... from ...'.
1704 vcl_cooldown
1706 · Units: seconds
1707 · Default: 600.000
1709 · Minimum: 0.000
1711 How long a VCL is kept warm after being replaced as the active VCL
1713 (granularity approximately 30 seconds).
1714 vcl_path
1716 · Default: /opt/varnish/etc/varnish:/opt/varnish/share/varnish/vcl
1717 Directory (or colon separated list of directories) from which relative
1719 VCL filenames (vcl.load and include) are to be found. By default Var‐
1720 nish searches VCL files in both the system configuration and shared
1721 data directories to allow packages to drop their VCL files in a stan‐
1722 dard location where relative includes would work.
1723 vmod_path
1725 · Default: /opt/varnish/lib/varnish/vmods
1726 Directory (or colon separated list of directories) where VMODs are to
1728 be found.
1729 vsl_buffer
1731 · Units: bytes
1732 · Default: 4k
1734 · Minimum: 267
1736 Bytes of (req-/backend-)workspace dedicated to buffering VSL records.
1738 When this parameter is adjusted, most likely workspace_client and
1739 workspace_backend will have to be adjusted by the same amount.
1740 Setting this too high costs memory, setting it too low will cause more
1742 VSL flushes and likely increase lock-contention on the VSL mutex.
1743 The minimum tracks the vsl_reclen parameter + 12 bytes.
1745 vsl_mask
1747 · Default: -Debug,-ObjProtocol,-ObjStatus,-ObjReason,-Obj‐
1748 Header,-VCL_trace,-Work‐
1749 Thread,-Hash,-VfpAcct,-H2RxHdr,-H2RxBody,-H2TxHdr,-H2TxBody
1750 Mask individual VSL messages from being logged.
1752 default
1754 Set default value
1755 Use +/- prefix in front of VSL tag name, to mask/unmask individual VSL
1757 messages.
1758 vsl_reclen
1760 · Units: bytes
1761 · Default: 255b
1763 · Minimum: 16b
1765 · Maximum: 4084b
1767 Maximum number of bytes in SHM log record.
1769 The maximum tracks the vsl_buffer parameter - 12 bytes.
1771 vsl_space
1773 · Units: bytes
1774 · Default: 80M
1776 · Minimum: 1M
1778 · Maximum: 4G
1780 · Flags: must_restart
1782 The amount of space to allocate for the VSL fifo buffer in the VSM mem‐
1784 ory segment. If you make this too small, varnish{ncsa|log} etc will
1785 not be able to keep up. Making it too large just costs memory
1786 resources.
1787 vsm_free_cooldown
1789 · Units: seconds
1790 · Default: 60.000
1792 · Minimum: 10.000
1794 · Maximum: 600.000
1796 How long VSM memory is kept warm after a deallocation (granularity
1798 approximately 2 seconds).
1799 vsm_space
1801 · Units: bytes
1802 · Default: 1M
1804 · Minimum: 1M
1806 · Maximum: 1G
1808 DEPRECATED: This parameter is ignored. There is no global limit on
1810 amount of shared memory now.
1811 workspace_backend
1813 · Units: bytes
1814 · Default: 64k
1816 · Minimum: 1k
1818 · Flags: delayed
1820 Bytes of HTTP protocol workspace for backend HTTP req/resp. If larger
1822 than 4k, use a multiple of 4k for VM efficiency.
1823 workspace_client
1825 · Units: bytes
1826 · Default: 64k
1828 · Minimum: 9k
1830 · Flags: delayed
1832 Bytes of HTTP protocol workspace for clients HTTP req/resp. Use a mul‐
1834 tiple of 4k for VM efficiency. For HTTP/2 compliance this must be at
1835 least 20k, in order to receive fullsize (=16k) frames from the client.
1836 That usually happens only in POST/PUT bodies. For other traffic-pat‐
1837 terns smaller values work just fine.
1838 workspace_session
1840 · Units: bytes
1841 · Default: 0.50k
1843 · Minimum: 0.25k
1845 · Flags: delayed
1847 Allocation size for session structure and workspace. The workspace
1849 is primarily used for TCP connection addresses. If larger than 4k, use
1850 a multiple of 4k for VM efficiency.
1851 workspace_thread
1853 · Units: bytes
1854 · Default: 2k
1856 · Minimum: 0.25k
1858 · Maximum: 8k
1860 · Flags: delayed
1862 Bytes of auxiliary workspace per thread. This workspace is used for
1864 certain temporary data structures during the operation of a worker
1865 thread. One use is for the IO-vectors used during delivery. Setting
1866 this parameter too low may increase the number of writev() syscalls,
1867 setting it too high just wastes space. ~0.1k + UIO_MAXIOV *
1868 sizeof(struct iovec) (typically = ~16k for 64bit) is considered the
1869 maximum sensible value under any known circumstances (excluding exotic
1870 vmod use).
1871
1873 Varnish and bundled tools will, in most cases, exit with one of the
1874 following codes
1875 · 0 OK
1877 · 1 Some error which could be system-dependent and/or transient
1879 · 2 Serious configuration / parameter error - retrying with the same
1881 configuration / parameters is most likely useless
1882 The varnishd master process may also OR its exit code
1884 · with 0x20 when the varnishd child process died,
1886 · with 0x40 when the varnishd child process was terminated by a signal
1888 and
1889 · with 0x80 when a core was dumped.
1891
1893 · varnishlog(1)
1894 · varnishhist(1)
1896 · varnishncsa(1)
1898 · varnishstat(1)
1900 · varnishtop(1)
1902 · varnish-cli(7)
1904 · vcl(7)
1906
1908 The varnishd daemon was developed by Poul-Henning Kamp in cooperation
1909 with Verdens Gang AS and Varnish Software.
1910 This manual page was written by Dag-Erling Smørgrav with updates by
1912 Stig Sandbeck Mathisen <ssm@debian.org>, Nils Goroll and others.
1913
1915 This document is licensed under the same licence as Varnish itself. See
1916 LICENCE for details.
1917 · Copyright (c) 2007-2015 Varnish Software AS
1919 VARNISHD(1)