RE: [Syslog] delineated datagrams
"David Harrington" <ietfdbh@comcast.net> Mon, 14 August 2006 22:32 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GCkzQ-00085V-F6; Mon, 14 Aug 2006 18:32:56 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GCkzP-00085Q-II for syslog@ietf.org; Mon, 14 Aug 2006 18:32:55 -0400
Received: from alnrmhc11.comcast.net ([204.127.225.91]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GCkzO-0001yV-0G for syslog@ietf.org; Mon, 14 Aug 2006 18:32:55 -0400
Received: from harrington73653 (c-24-61-222-235.hsd1.nh.comcast.net[24.61.222.235]) by comcast.net (alnrmhc11) with SMTP id <20060814223253b11000r4fhe>; Mon, 14 Aug 2006 22:32:53 +0000
From: David Harrington <ietfdbh@comcast.net>
To: 'Tom Petch' <nwnetworks@dial.pipex.com>, 'Chris Lonvick' <clonvick@cisco.com>, 'Miao Fuyou' <miaofy@huawei.com>
Subject: RE: [Syslog] delineated datagrams
Date: Mon, 14 Aug 2006 18:31:15 -0400
Message-ID: <0a8001c6bff1$5b323b40$0400a8c0@china.huawei.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
In-Reply-To: <068701c6bf8d$a4ac7f60$0601a8c0@pc6>
Thread-Index: Aca/lr8soJ91u7KuQgGHvXqRwAB0OgAUVs+g
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 5011df3e2a27abcc044eaa15befcaa87
Cc: syslog@ietf.org
X-BeenThere: syslog@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Security Issues in Network Event Logging <syslog.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/syslog>
List-Post: <mailto:syslog@lists.ietf.org>
List-Help: <mailto:syslog-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@lists.ietf.org?subject=subscribe>
Errors-To: syslog-bounces@lists.ietf.org
Hi Tom, You're right; I didn't go far enough. I was looking for a framing defined by the netconf protocol, not the separator of messages within a transport. Unfortunately, Netconf uses a number of transport-dependent schemes within the multiple transports it supports, including both octet-counting approaches and terminating character approaches. Sigh. The "]]>]]>" sequence only works in the SSH transport mapping, not the BEEP or SOAP mappings. So much for trying to find consistency. Note that Netconf is considering a design that allows multiple syslog messages to be sent in a netconf notification session. If we used "]]>]]>" as a syslog message delimiter, we would prevent netconf from transporting multiple syslog messages, since netconf can only transport valid XML, and the "]]>]]>" in a syslog message would indicate the end of an <rpc-reply>, causing netconf to lose synchronization? See the Montreal Netconf Interim minutes currently available on the netconf mailing list for more details. David Harrington dharrington@huawei.com dbharrington@comcast.net ietfdbh@comcast.net > -----Original Message----- > From: Tom Petch [mailto:nwnetworks@dial.pipex.com] > Sent: Monday, August 14, 2006 6:36 AM > To: David Harrington; 'Chris Lonvick'; 'Miao Fuyou' > Cc: syslog@ietf.org > Subject: Re: [Syslog] delineated datagrams > > ----- Original Message ----- > From: "David Harrington" <ietfdbh@comcast.net> > To: "'Chris Lonvick'" <clonvick@cisco.com>; "'Miao Fuyou'" > <miaofy@huawei.com> > Cc: <syslog@ietf.org>; "'Tom Petch'" <nwnetworks@dial.pipex.com> > Sent: Friday, August 04, 2006 7:59 PM > Subject: RE: [Syslog] delineated datagrams > > > > > > As you probably know by now, I like to see design reuse > across IETF NM > > solutions, especially across SNMP, syslog, ipfix, and netconf where > > feasible. > > > > As all the IETF NM protocols move toward similar secure transport > > solutions, including moving from datagrams to streams, it would be a > > good thing to use consistent aproaches to framing. > > > > Here is what is happening in the other IETF NM protocols: > > > <snip> > > > > The NETCONF protocol uses an RPC-based communication model. > > From > > http://www.ietf.org/internet-drafts/draft-ietf-netconf-prot-12.txt: > > NETCONF peers use <rpc> and <rpc-reply> elements to provide > > transport > > protocol-independent framing of NETCONF requests and responses. > > Ok as far as it goes but incomplete. As the ssh mapping says, > > " As the previous example illustrates, a special character sequence, > ]]>]]>, MUST be sent by both the client and the server > after each XML > document in the NETCONF exchange. This character sequence cannot > legally appear in an XML document, so it can be > unambigiously used to > indentify the end of the current document in the event of an XML > syntax or parsing error, allowing resynchronization of the NETCONF > exchange." > . > Wishing to promote design reuse across IETF NM solutions, > especially across the > character-based ones, I did propose the same separator for > syslog over tls and > still see it as the technically best solution (even though > our message content > can be anything and so, unlike NETCONF, we cannot rely 100% > on that not > appearing in our message content). > > > > > David Harrington > > dharrington@huawei.com > > dbharrington@comcast.net > > ietfdbh@comcast.net > > > _______________________________________________ Syslog mailing list Syslog@lists.ietf.org https://www1.ietf.org/mailman/listinfo/syslog
- [Syslog] draft-ietf-syslog-transport-tls-01.txt David B Harrington
- RE: [Syslog] draft-ietf-syslog-transport-tls-01.t… Rainer Gerhards
- Re: [Syslog] stream transport was draft-ietf-sysl… Tom Petch
- Re: [Syslog] ciphersuites was draft-ietf-syslog-t… Tom Petch
- RE: [Syslog] ciphersuites was draft-ietf-syslog-t… Miao Fuyou
- RE: [Syslog] stream transport wasdraft-ietf-syslo… Miao Fuyou
- Re: [Syslog] stream transport wasdraft-ietf-syslo… Darren J Moffat
- RE: [Syslog] stream transportwasdraft-ietf-syslog… Rainer Gerhards
- Re: [Syslog] delineated datagrams was draft-ietf-… Tom Petch
- [Syslog] stream transport David Harrington
- RE: [Syslog] delineated datagrams wasdraft-ietf-s… Miao Fuyou
- RE: [Syslog] delineated datagramswasdraft-ietf-sy… Rainer Gerhards
- RE: [Syslog] delineated datagrams Miao Fuyou
- RE: [Syslog] delineated datagrams Chris Lonvick
- RE: [Syslog] delineated datagrams Rainer Gerhards
- RE: [Syslog] delineated datagrams David Harrington
- RE: [Syslog] delineated datagrams Balazs Scheidler
- RE: [Syslog] delineated datagrams John Calcote
- RE: [Syslog] delineated datagrams Balazs Scheidler
- RE: [Syslog] delineated datagrams John Calcote
- RE: [Syslog] delineated datagrams Rainer Gerhards
- RE: [Syslog] delineated datagrams Balazs Scheidler
- RE: [Syslog] delineated datagrams Rainer Gerhards
- Re: [Syslog] delineated datagrams Chris Lonvick
- RE: [Syslog] delineated datagrams Rainer Gerhards
- RE: [Syslog] delineated datagrams David Harrington