Hi,
How about the following:
syslog senders MUST NOT disable UDP checksums. syslog senders SHOULD
use UDP checksums when sending messages over IPv4. syslog senders MUST
use UDP checksums when sending messages over IPv6.
syslog receivers should be lenient in what they receive. IPv4
receivers SHOULD check the UDP checksums. They SHOULD accept a
syslog message with a zero checksum. They MAY discard messages
with invalid checksums, or they MAY accept them and attempt to process
them. IPv6 receivers MUST check the UDP checksums and MUST discard UDP
packets containing a zero checksum.
As a point to this, does anyone actually control the UDP subprocess so
that their syslogd will receive corrupt syslog messages? That third
sentence of the second paragraph could use some scrutiny.
Thanks,
Chris
On Thu, 5 Jul 2007, Rainer Gerhards wrote:
[Strictly speaking as an implementor, not as a draft editor]
I second Juergen's point of view.
I go even further. When receiving, I take great care not to loose any
message. Under stress conditions (e.g. low system memory), I accept lage
deformations of the message. Checksums are my least concern and I
wouldn't discard a message "just" because the checksum is invalid. I
will defintely ignore any such MUST in a RFC, at least by default. I
may, however, flag this message as being in error (which possibly means
it ends up in a different bin). The reasoning behind all this is that a
vital message might be lost forever and it is better to receive it in
some degraded state. At least this is what my *actual* users are
requesting.
Rainer
-----Original Message-----
From: Juergen Schoenwaelder
[mailto:[EMAIL PROTECTED]
Sent: Thursday, July 05, 2007 9:24 PM
To: Chris Lonvick
Cc: [EMAIL PROTECTED]
Subject: Re: [Syslog] Discuss - UDP Checksum
On Thu, Jul 05, 2007 at 11:51:13AM -0700, Chris Lonvick wrote:
Which brings us back to our original question. Is the
proposed language
below what the WG wants?
As an implementor, I have a problem with the statement
syslog senders MUST use UDP checksums when sending messages
over IPv4
since on several platforms, I simply can't ensure this when I write a
portable SYSLOG implementation. So I can either claim my code to be
RFC compliant while in a real deployment it might not behave
conforming to the RFC (depending on the kernel settings for example),
or I tell the truth that I can never guarantee compliant behaviour of
my implementation.
So if we need to have language at all, what about
syslog senders MUST NOT disable UDP checksums
This is something I can implement much more easily since the default
seems to be enabled on those platforms I am familiar with. ;-)
Or alternatively go back to SHOULD
syslog senders SHOULD use UDP checksums when sending
messages over IPv4
with the likely non-obvious interpretation that you should enable /
not disable checksums in your code but if the kernel bites you, you
are still fine.
My point is that if we put out requirements for implementations, lets
do this in a way that a coder can reasonably implement them.
/js
[No, I am not implementing SYSLOG right now - but I am familiar with
other protocols running over UDP and hence this got my attention.]
--
Juergen Schoenwaelder Jacobs University Bremen gGmbH
Phone: +49 421 200 3587 Campus Ring 1, 28759 Bremen, Germany
Fax: +49 421 200 3103 <http://www.jacobs-university.de/>
_______________________________________________
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog
_______________________________________________
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog
