[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TransportDomain. Was: Re: [Syslog] Submission ofdraft-ietf-syslog-device-mib-12.txt

I am not convinced that the proposed solutions match the underlying problem.

Syslog:
 - can be -protocol or RFC3164 (or RFC3164bis or ...)
 - may be signed.
 - may be secured with TLS (or SSH or DTLS or  ...)
 - could run over UDP or TCP (or SCTP or ..)

What we have then done is to bind -protocol to TLS to TCP in a package and asked
IANA for a port number less that 1024 for that combination

So I think that trying to analyse it in terms of, eg, InetAddressType,
InetAddress, InetPortNumber and SyslogEncapsulation won't work.

Tom Petch

----- Original Message -----
From: "Juergen Schoenwaelder" <j.schoenwaelder@iu-bremen.de>
To: "Glenn M. Keeni" <glenn@cysols.com>
Cc: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>; <syslog@ietf.org>
Sent: Friday, December 22, 2006 10:34 AM
Subject: Re: TransportDomain. Was: Re: [Syslog] Submission
ofdraft-ietf-syslog-device-mib-12.txt


> On Fri, Dec 22, 2006 at 11:24:10AM +0900, Glenn M. Keeni wrote:
>
> > >- How do I find out which encapsulations are supported (plain, beep,
> > >  tls, ...)?
> > That is the problem we are trying to solve.
> > Can that be done by defining appropriate domains for
> >     syslog transport over TLS
> >     syslog transport over beep etc. ?
>
> Option a):
>
>   You use a four tuple consisting of:
>
>   (InetAddressType, InetAddress, InetPortNumer, SyslogEncapsulation)
>
> Option b):
>
>   You use a three tuple consisting of:
>
>   (TransportAddressType, TransportAddress, SyslogEncapsulation)
>
> In both cases, you need to define a TC SyslogEncapsulation which
> enumerates the syslog encapsulations (or transport mappings) such as {
> other(0), plain(1), tls(2), beep(3), ... }.
>
> InetAddress identifies Internet network layer endpoints while
> TransportAddress identifies Internet transport layer endpoints, no
> more no less. If you want to move to a two tuple, the only option in
> principle is:
>
> Option c):
>
>   You use a two tuple consisting of
>
>   (SyslogAddressType, SyslogAddress)
>
>   where SyslogAddressType combines the address type with the
>   encapsulation (this is essentially what a TDomain does for SNMP)
>
> /js
>
> --
> Juergen Schoenwaelder {International|Jacobs} University Bremen
> <http://www.eecs.iu-bremen.de/> P.O. Box 750 561, 28725 Bremen, Germany
>
> _______________________________________________
> Syslog mailing list
> Syslog@lists.ietf.org
> https://www1.ietf.org/mailman/listinfo/syslog