Chris Lonvick
Thu, 05 Jul 2007 14:14:12 -0700
Hi, How about the following: syslog senders MUST NOT disable UDP checksums. syslog senders SHOULD use UDP checksums when sending messages over IPv4. syslog senders MUST use UDP checksums when sending messages over IPv6. syslog receivers should be lenient in what they receive. IPv4 receivers SHOULD check the UDP checksums. They SHOULD accept a syslog message with a zero checksum. They MAY discard messages with invalid checksums, or they MAY accept them and attempt to process them. IPv6 receivers MUST check the UDP checksums and MUST discard UDP packets containing a zero checksum.As a point to this, does anyone actually control the UDP subprocess so that their syslogd will receive corrupt syslog messages? That third sentence of the second paragraph could use some scrutiny.
Thanks, Chris On Thu, 5 Jul 2007, Rainer Gerhards wrote:
[Strictly speaking as an implementor, not as a draft editor] I second Juergen's point of view. I go even further. When receiving, I take great care not to loose any message. Under stress conditions (e.g. low system memory), I accept lage deformations of the message. Checksums are my least concern and I wouldn't discard a message "just" because the checksum is invalid. I will defintely ignore any such MUST in a RFC, at least by default. I may, however, flag this message as being in error (which possibly means it ends up in a different bin). The reasoning behind all this is that a vital message might be lost forever and it is better to receive it in some degraded state. At least this is what my *actual* users are requesting. Rainer-----Original Message----- From: Juergen Schoenwaelder [EMAIL PROTECTED] Sent: Thursday, July 05, 2007 9:24 PM To: Chris Lonvick Cc: [EMAIL PROTECTED] Subject: Re: [Syslog] Discuss - UDP Checksum On Thu, Jul 05, 2007 at 11:51:13AM -0700, Chris Lonvick wrote:Which brings us back to our original question. Is theproposed languagebelow what the WG wants?As an implementor, I have a problem with the statement syslog senders MUST use UDP checksums when sending messages over IPv4 since on several platforms, I simply can't ensure this when I write a portable SYSLOG implementation. So I can either claim my code to be RFC compliant while in a real deployment it might not behave conforming to the RFC (depending on the kernel settings for example), or I tell the truth that I can never guarantee compliant behaviour of my implementation. So if we need to have language at all, what about syslog senders MUST NOT disable UDP checksums This is something I can implement much more easily since the default seems to be enabled on those platforms I am familiar with. ;-) Or alternatively go back to SHOULD syslog senders SHOULD use UDP checksums when sending messages over IPv4 with the likely non-obvious interpretation that you should enable / not disable checksums in your code but if the kernel bites you, you are still fine. My point is that if we put out requirements for implementations, lets do this in a way that a coder can reasonably implement them. /js [No, I am not implementing SYSLOG right now - but I am familiar with other protocols running over UDP and hence this got my attention.] -- Juergen Schoenwaelder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1, 28759 Bremen, Germany Fax: +49 421 200 3103 <http://www.jacobs-university.de/> _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog
_______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog