> >>>>> "Mark" == Mark Andrews <Mark_Andrews@xxxxxxx> writes: > > >> - 'The syslog Protocol ' <draft-ietf-syslog-protocol-19.txt> as > >> a Proposed Standard > > Mark> draft-ietf-syslog-protocol-19.txt recommends using a > Mark> reliable protocol. Existing implementations of syslog do > Mark> this and deadlock with nameservers which are logging via > Mark> syslog. > > > Please explain the deadlock in more detail. One of the primary > reasons for the syslog working group is reliable syslog, so I think we > need to focus on how to avoid the deadlock in other ways rather than > avoiding reliability. nameserver logs to syslog. syslog trys to resolve a address which requires the nameserver to succeed. syslog() uses a reliable transport to talk to syslogd. This pipe fills up. syslog() then blocks waiting on syslogd which is waiting on the nameserver .... There are two way to break this. 1. use a lossy transport 2. don't attempt to resolve names/addresses in syslogd. You can reduce the problem by always logging using IP addresses. However it doesn't remove the problem completely as you still need to look up addresses for forwarding purposes. Similarly if syslogd is using a reliable transport to talk to another syslogd. That too can block which will eventualy lead to blockages to applications / memory exhaustion. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@xxxxxxx _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf