Advertisement

Priority Based Delivery of PR-SCTP Messages in a Syslog Context

  • Mohammad Rajiullah
  • Anna Brunstrom
  • Stefan Lindskog
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 63)

Abstract

Unquestionably, syslog provides the most popular and easily manageable computer system logging environment. In a computer network, syslog messages are used for several purposes such as for optimizing system performance, logging user’s actions and investigating malicious activities. Due to all these essential utilities, a competent transport service for syslog messages becomes important. Most of the current syslog implementations use either the unreliable UDP protocol or the more costly reliable TCP protocol. Neither of these protocols can provide both timeliness and reliability, while transporting inherently prioritized syslog messages in a congested network. In this paper, we both propose and evaluate the use of PR-SCTP, an existing partial reliability extension of the SCTP transport protocol, as a candidate transport service for the next generation syslog standard. In our emulation based experimental results, PR-SCTP shows better performance than TCP in terms of average delay for message transfer. Furthermore, PR-SCTP exhibits less average packet loss than UDP. In both cases, PR-SCTP exploits priority properties of syslog messages during loss recovery.

Keywords

Syslog PR-SCTP performance evaluations transport service 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Lonvick, C.: The BSD Syslog Protocol. RFC 3164 (August 2001)Google Scholar
  2. 2.
    Postel, J.: User Datagram Protocol. RFC 768 (August 1980)Google Scholar
  3. 3.
    New, D., Rose, M.: Reliable Delivery for syslog. RFC 3195 (November 2001)Google Scholar
  4. 4.
    Postel, J.: Transmission Control Protocol. RFC 793 (September 1981)Google Scholar
  5. 5.
    Stewart, R., et al.: Stream Control Transmission Protocol (SCTP) Partial Reliability Extension. RFC 3758 (May 2004)Google Scholar
  6. 6.
    Stewart, R.: Stream Control Transmission Protocol. RFC 4960 (September 2007)Google Scholar
  7. 7.
    Tsunoda, H., et al.: A Prioritized Retransmission Mechanism for Reliable and Efficient Delivery of Syslog Messages. In: Proceedings of Seventh Annual Communication and Services Research Conference, Washington, DC, USA, pp. 158–165 (2009)Google Scholar
  8. 8.
    Gerhards, R., et al.: The syslog Protocol. RFC 5424 (March 2009)Google Scholar
  9. 9.
    Okmianski, A.: Transmission of Syslog Messages over UDP. RFC 5426 (March 2009)Google Scholar
  10. 10.
    Syslog New Generation (Syslog-ng), http://www.balabit.com/network-security/syslog-ng/ (visited September 20, 2010)
  11. 11.
    Marco, G.D., et al.: SCTP as a transport for SIP: a case study. In: 7th World Multiconference on Systemics, Cybernetics and Informatics (SCI), Orlando, FL, USA, July 2003, pp. 284–289 (2003)Google Scholar
  12. 12.
    Eddy, W.: TCP SYN Flooding Attacks and Common Mitigations. RFC 4987 (August 2007)Google Scholar
  13. 13.
    Miao, F., et al.: Transport Layer Security (TLS) Transport Mapping for Syslog. RFC 5425 (March 2009)Google Scholar
  14. 14.
    Salowey, J., et al.: Datagram Transport Layer Security (DTLS) Transport Mapping for Syslog, draft-ietf-syslog-dtls-06.txt(work in progress) (expires: January 9, 2011)Google Scholar
  15. 15.
    Fu, S., et al.: SCTP: State of the art in research, products, and technical challenges. Communications Magazine, IEEE 42(4), 64–76 (2004)CrossRefGoogle Scholar
  16. 16.
    Tuxen, M., et al.: Authenticated Chunks for the Stream Control Transmission Protocol (SCTP). RFC 4895 (August 2007)Google Scholar
  17. 17.
    Rizzo, L.: Dummynet: A simple approach to the evaluation of network protocols. ACM SIGCOMM Computer Communication Review 27(1), 31–41 (1997)CrossRefGoogle Scholar

Copyright information

© ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering 2011

Authors and Affiliations

  • Mohammad Rajiullah
    • 1
  • Anna Brunstrom
    • 1
  • Stefan Lindskog
    • 1
  1. 1.Department of Computer ScienceKarlstad UniversityKarlstadSweden

Personalised recommendations