RE: [Int-area] Last Call: <draft-ietf-intarea-server-logging-recommendations-02.txt> (Logging recommendations for Internet facing servers) to BCP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear all,

This is a late comment but I think it is worth raising it.

This I-D recommends to log the source port number for internet-facing servers. But due to the presence of load-balancers in the path, the "original" source port may be lost. The source port number that will be passed to the target server may not be accurate and hence does not meet the initial requirement.

Of course, the same issue applies for the source IP address. The only difference is that there are tool to convey the source IP address in application headers for instance. There is nothing equivalent at the IP/transport/application level for the source port.

You don't think it would be valuable to record the issue in the draft?

FWIW, below a text describing this issue.

"
2.1. Preserve Source Port Number

   In order to implement the recommendation documented in
   [I-D.ietf-intarea-server-logging-recommendations], extensions are
   required to preserve the source port number and to avoid this
   information to be lost when load-balancers are involved in the path.
   Examples of mitigation solutions are provided below:

   1.  Extend XFF to convey the port in addition to the IP address

   2.  Define a header similar to XFF to convey the source port

   3.  Extend the TCP Option to convey the source port

   4.  Enable the Proxy Protocol [Proxy]."

Cheers,
Med
 

-----Message d'origine-----
De : int-area-bounces@xxxxxxxx [mailto:int-area-bounces@xxxxxxxx] De la part de The IESG
Envoyé : vendredi 25 février 2011 16:04
À : IETF-Announce
Cc : int-area@xxxxxxxx
Objet : [Int-area] Last Call: <draft-ietf-intarea-server-logging-recommendations-02.txt> (Logging recommendations for Internet facing servers) to BCP


The IESG has received a request from the Internet Area Working Group WG
(intarea) to consider the following document:
- 'Logging recommendations for Internet facing servers'
  <draft-ietf-intarea-server-logging-recommendations-02.txt> as a BCP

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@xxxxxxxx mailing lists by 2011-03-11. Exceptionally, comments may be
sent to iesg@xxxxxxxx instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

The file can be obtained via
http://datatracker.ietf.org/doc/draft-ietf-intarea-server-logging-recommendations/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-ietf-intarea-server-logging-recommendations/



No IPR declarations have been submitted directly on this I-D.
_______________________________________________
Int-area mailing list
Int-area@xxxxxxxx
https://www.ietf.org/mailman/listinfo/int-area
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]