Hi, >> > There's anything need syslog-dtls to do to support it? what's your >> consideration? >> >> Not sure. We have not tried the corresponding OpenSSL patch yet. Maybe >> the application (e.g. syslog) has to trigger the Heartbeat. >> > yeah, I see that in source code has not yet support trigger for application. > What I considered are the issues for dtls-udp. I don't know too much of ipfix, > are there more than one exporter need export data to one collector?
Yes, there may be multiple Exporters sending to one Collector. The definition of IPFIX Transport Sessions allows to distinguish the different sessions. In the case of UDP, the Transport Session is defined by the IP-5-Tuple plus the Observation Domain ID, which is a field in the IPFIX message header. In the case of DTLS/UDP, the Collector needs to maintain the DTLS state for each Exporter. A good question is when to remove the DTLS state because there is no connection termination. We remove it after a certain time without receiving any packets from the Exporter. However, we cannot be sure if the Exporter has also deleted its DTLS state :( This is another situation where DTLS Heartbeat extension is useful. > There may many syslog sender send logs to one receiver, which brings up an > issue of dtls-udp. > I wrote it in my proposal, in 5.3 as session demultiplexing. > > I think if the ipfix collector need support multiple exporter, ipfix need > also support session demultiplexing, > but I didn't see that in your proposal, what's your consideration? You talk about draft-mentz-ipfix-dtls-recommendations-00? Note that this draft does not play the same role as draft-feng-syslog-transport-dtls-01 because IPFIX over DTLS/UDP is already standardized in RFC5101. draft-mentz-ipfix-dtls-recommendations-00 only covers DTLS specific implementation problems and might be considered as an update of RFC 5153 (IPFIX Implementation Guidelines). Gerhard
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
