How banning in Varnish works?

3
votes

I am not able to understand how banning works in Varnish. From the term and thinking of difference between purge and ban it seems that

  • purge invalidates cache and next request goes to backend and gets cached again.
  • BAN , bans a url. as in it invalidates cache and not just next but all coming requests start going to backend.

Please clarify.

Also, banning algo is defined as

Each object in the cache always points to an entry on the ban-list. This is the entry that they were last checked against. Whenever Varnish retrieves something from the cache, it checks if the objects pointer to the ban list is point to the top of the list. If it does not point to the top of the list, it will test the object against all new entries on the ban list and, if the object did not match any of them, update the pointer of the ban list.

If anyone gets this..please explain. it will be very helpful.

2
cachingvarnishhttp-cachingvarnish-vcl

2 Answers

5
votes

Banning and purging are both methods for invalidating content.

Purging requires that you can identify the single URL you wish to invalidate, and send a HTTP PURGE request for this URL.

Banning is way more configurable, and allows you to set multiple AND-ed expressions (any stored headers) that need to match for a cached object to be invalidated. Bans are evaluated on the next client request, or by an internal job (ban-lurker) that scans the cache periodically. Bans can be added through HTTP or via the varnishadm console.

It is always a one-off invalidation. If a HTTP object has been invalidated by a ban, it won't be matched against that ban when it pops back into cache later on.

The somewhat confusing use of the word "ban" is used because any matching objects are banned from being candidates for delivery when looking up in the cache. Varnish may have multiple versions of a hash key (== hostname + URI) in cache, and needs to decide which to serve on each request.

2
votes

Banning is there for performance reasons when purging a lot of cache objects. Every time a request is received by varnish after the ban list is updated will be checked against the ban list if it exists in the cache. If it matches an item on the banlist it will be removed and a new will be fetched. This request (no matter if it was a direct match or fetched from backend) will then not need another lookup against the ban list until the banlist is updated again.

This makes it possible to purge a lot of objects without having to do it all at once.