Re: [Syslog] AD review discuss/comments for draft-ietf-syslog-dtls
<Pasi.Eronen@nokia.com> Wed, 26 May 2010 06:27 UTC
Return-Path: <Pasi.Eronen@nokia.com>
X-Original-To: syslog@core3.amsl.com
Delivered-To: syslog@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2EA1A3A6875 for <syslog@core3.amsl.com>; Tue, 25 May 2010 23:27:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.577
X-Spam-Level:
X-Spam-Status: No, score=-5.577 tagged_above=-999 required=5 tests=[AWL=1.022, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w7yDjrKqWxHl for <syslog@core3.amsl.com>; Tue, 25 May 2010 23:27:41 -0700 (PDT)
Received: from mgw-mx06.nokia.com (smtp.nokia.com [192.100.122.233]) by core3.amsl.com (Postfix) with ESMTP id D3BD43A686D for <syslog@ietf.org>; Tue, 25 May 2010 23:27:40 -0700 (PDT)
Received: from esebh106.NOE.Nokia.com (esebh106.ntc.nokia.com [172.21.138.213]) by mgw-mx06.nokia.com (Switch-3.3.3/Switch-3.3.3) with ESMTP id o4Q6R2WI030642; Wed, 26 May 2010 09:27:24 +0300
Received: from vaebh104.NOE.Nokia.com ([10.160.244.30]) by esebh106.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.4675); Wed, 26 May 2010 09:27:19 +0300
Received: from smtp.mgd.nokia.com ([65.54.30.7]) by vaebh104.NOE.Nokia.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.4675); Wed, 26 May 2010 09:27:10 +0300
Received: from NOK-EUMSG-01.mgdnok.nokia.com ([65.54.30.106]) by nok-am1mhub-03.mgdnok.nokia.com ([65.54.30.7]) with mapi; Wed, 26 May 2010 08:27:09 +0200
From: Pasi.Eronen@nokia.com
To: tim@evensweb.com
Date: Wed, 26 May 2010 08:23:41 +0200
Thread-Topic: [Syslog] AD review discuss/comments for draft-ietf-syslog-dtls
Thread-Index: Acr8mxpmoIUcYlqFQ2uHSqHidn60uwAAOGT3
Message-ID: <808FD6E27AD4884E94820BC333B2DB775BC0E0952D@NOK-EUMSG-01.mgdnok.nokia.com>
References: <20100525101440.27134@web2.nyc1.bluetie.com> <808FD6E27AD4884E94820BC333B2DB775BC0E0952B@NOK-EUMSG-01.mgdnok.nokia.com>, <A8E39E1C-FAF8-47BC-BC61-A87A711E14A7@evensweb.com>
In-Reply-To: <A8E39E1C-FAF8-47BC-BC61-A87A711E14A7@evensweb.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginalArrivalTime: 26 May 2010 06:27:10.0404 (UTC) FILETIME=[78BA1840:01CAFC9C]
X-Nokia-AV: Clean
Cc: syslog@ietf.org
Subject: Re: [Syslog] AD review discuss/comments for draft-ietf-syslog-dtls
X-BeenThere: syslog@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Issues in Network Event Logging <syslog.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/syslog>
List-Post: <mailto:syslog@ietf.org>
List-Help: <mailto:syslog-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 May 2010 06:27:42 -0000
RFC 4347 does strongly recommend avoiding IP fragmentation (which doesn't necessarily work all that great through broken middleboxes, and won't lead to good performance), but it does not forbid it. Best regards, Pasi ________________________________________ From: ext Tim Evens [tim@evensweb.com] Sent: Wednesday, May 26, 2010 9:16 AM To: Eronen Pasi (Nokia-NRC/Helsinki) Cc: <turners@ieca.com>; <ietfc@btconnect.com>; <syslog@ietf.org> Subject: Re: [Syslog] AD review discuss/comments for draft-ietf-syslog-dtls Interesting because RFC4347 IMHO states clearly that IP fragmentation (IP not UDP) must be avoided and thus dtls must determine the MTU. ** Sent from my tiny phone keyboard ** On May 25, 2010, at 11:03 PM, <Pasi.Eronen@nokia.com> wrote: > Tim Evens wrote: >> Correct, in RFC5426 the max size is 64K which is the max length in >> UDP. UDP sizes of greater than MTU are only achievable via IP layer >> fragmentation, as you also indicated. I'm under the impression that >> DTLS does NOT support IPv4 fragmentation since in RFC4347 it states >> in Section 4.1.1 "Each DTLS record MUST fit within a single >> datagram." > > AFAIK when running DTLS over UDP, "datagram" here refers to UDP > datagrams, not IP packets (and one UDP datagram can be split > to several IP packets). > > Best regards, > Pasi
- Re: [Syslog] AD review discuss/comments for draft… Tim Evens
- Re: [Syslog] AD review discuss/comments for draft… Pasi.Eronen
- Re: [Syslog] AD review discuss/comments for draft… Tim Evens
- Re: [Syslog] AD review discuss/comments for draft… Tim Evens
- Re: [Syslog] AD review discuss/comments for draft… t.petch
- Re: [Syslog] AD review discuss/comments for draft… Pasi.Eronen
- Re: [Syslog] AD review discuss/comments for draft… Pasi.Eronen
- Re: [Syslog] AD review discuss/comments for draft… Tim Evens
- Re: [Syslog] AD review discuss/comments for draft… Pasi.Eronen
- Re: [Syslog] AD review discuss/comments for draft… Chris Lonvick