- From: Willy Tarreau <w@1wt.eu>
- Date: Fri, 8 Apr 2011 21:56:27 +0200
- To: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Cc: Andreas Petersson <andreas@sbin.se>, Mark Nottingham <mnot@mnot.net>, "Thomson, Martin" <Martin.Thomson@commscope.com>, Karl Dubost <karld@opera.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
On Fri, Apr 08, 2011 at 07:42:54PM +0000, Poul-Henning Kamp wrote: > In message <20110408161232.GE13348@1wt.eu>, Willy Tarreau writes: > > >Except that you will hardly find a product which logs a source port which > >is randomly choosen by either the system or the lower layers for an outgoing > >connection. > > ... unless the owners happen to know that they are under a legal > obligation to be able to produce logging records for the next two > years detailing such communications. I am not talking about configurations but equipment capabilities. Most people would not even know that their LB connects from the original IP with another port, and blindly logging that info without being aware of this could result in pointing the finger at the wrong session on a remote end. I'm not saying the info is useless, I'm saying it's almost always wrong, which is worse. Logging wrong information is worse than not logging it by default, because the people who will want to log it will be concerned about its contents. > >> So we should log the port number, always. > > > >I simply disagree here with "always". > > Please remember that we are talking about a SHOULD item, and that > the definition allows you to write "FOOBAR" if you want to. The SHOULD was for us to encourage pushing the format. I'm discussing the proposed format. I'd rather see : src-IP [ ':' src-port ] [ '/' dst-IP ':' dst-port ] Which also happens to be compatible with current uses. Regards, Willy
Received on Friday, 8 April 2011 19:57:14 UTC