On Mar 24, 2009, at 2:13 PM, David Harrington wrote:
Hi,
why are we allowing multiple ways to set this?
Since our mission is to define standards, why not standardize one way?
I think there are problems with rollover when using unix time or
snmpBoots.
If we simplify this to use a simple increasing value, then we avoid
that complexity.
You are correct, but there will be the people who will fold in the
other ways as well. If that's okay, that's okay.
There's a problem that simplicity is in the eye of the beholder.
A mere counter is perhaps the simplest, but could lead to operational
issues, especially if you want to tie it together.
A timestamp is simple in the sense that it's easy to get, but has
rollover issues. Those are easy to deal with (including by making it
be a 48-bit base64 value as Kelsey first had it), but you have to deal
with them.
SNMP values are simple if you have an SNMP framework, but not simple
if you don't.
What you said, "simple increasing value" simplifies definition, but
pushes issues off to implementation and operations folks, who will
pick one of the other obvious things -- they're each simple increasing
values. Timestamp is merely sparse.
Arguably even simpler is Kelsey's definition which said it was non-
repeating, as opposed to increasing.
But are they really any different, at the end of the day? The major
debate I can see is whether it should stay a ten-digit decimal number
or go back to a base64 48-bit binary number.
Jon
_______________________________________________
Syslog mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/syslog
