Discuss - UDP Checksum
===
Magnus:
Discuss [2007-06-19]:
UDP transport:
Section 3.6:
It is RECOMMENDED that syslog senders use valid UDP checksums when
sending messages over IPv4 and IPv6.
It is RECOMMENDED that syslog receivers check the checksums whenever
they are present (i.e. the UDP header checksum field value is not 0)
and discard messages with incorrect checksums. Note that this is
typically accomplished by the UDP layer implementation, and some UDP
implementations allow for checksum validation to be enabled or
disabled.
Why isn't these MUST? For IPv6 it is an MUST and for IPv4 does there exist
a single reason not to use the UDP checksum?
===
Lars:
draft-ietf-syslog-transport-udp-09, Section 3.6., paragraph 2:
It is RECOMMENDED that syslog senders use valid UDP checksums when
sending messages over IPv4 and IPv6.
Agree with Tim's DISCUSS - this language weakens the MUST for IPv6.
===
Tim:
Discuss [2007-06-19]:
In syslog-transport-udp-09, Section 3.6 (UDP Checksums):
The second and third paragraphs could be read as relaxing the
requirements (specified in RFC 2460) for IPv6 nodes to generate
and verify UDP checksums.
It would be clearer if the text described the recommendations for IPv4
independently, and then noted the requirements inherited from
RFC 2460 with respect to IPv6.
===
Discussion w/ Magnus:
If I understand this correctly the issue that the first paragraph tries to
address is the usage of the UDP checksum,
rather than people setting checksums not matching the content of the
packet. Because of that I would like to replace
"valid" with "the" and remove the plural on checksums.
By this response I assume that you had no motivation why one shouldn't use
the checksum. If that is true, I would
recommend staying at MUST strength. In fact I would probably prefer to
have the RECOMMENDED to be a MUST also. Unless you
have a reason why one wouldn't checksum the UDP syslog packets I would
strongly recommend that it is turned on.
Our motivation was to not get too far into the way that UDP is known to
work. If the proper way to write the document is to say that UDP MUST
be
checked then we'll gladly do that.
Well, UDP for IPv4 does have this option of turning of the checksum.
However, I am a strong believer that in most cases it
is not the right thing to do. In the syslog case, bit-errors in the text
message part may be fine. However, you don't want
to have errors in the priority field. Thus throwing away thus packet is
probably better than to have them end up in the
wrong queue.
As I see it moving form RECOMMENDED to MUST will probably not make much
difference. You anyway need to write syslog
receivers that are handling malformed messages. But it does allow a sender
to not use the checksum if they want to. And if
the WG is fine with that, having understood the potential issues with that
then I am fine. I simply want to ensure that
you are aware of the implications of what you write.
Proposed resolution (Anton)
Ok. If syslog receiver MUST check checksums, we need to also say what it
must do in two cases:
(a) checksum is not there (value 0) and
(b) checksum is wrong.
We used to recommend discard only for case B (when it is present and
wrong) like this:
"It is RECOMMENDED that syslog receivers check the checksums whenever
they are present (i.e. the UDP header checksum field value is not 0)
and discard messages with incorrect checksums. "
I suggest we say something stronger in line with a MUST:
syslog senders MUST use UDP checksums when sending messages over IPv4.
syslog senders MUST use UDP checksums when sending messages over IPv6.
syslog receivers MUST check the checksums and MUST discard messages
with missing or incorrect checksums. Note that this is typically
accomplished by the UDP layer implementation, and some UDP
implementations allow for checksum validation to be enabled or
disabled.
Agreed?
_______________________________________________
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog
