Priority Based Delivery of PR-SCTP Messages in a Syslog Context

Rajiullah, Mohammad; Brunstrom, Anna; Lindskog, Stefan

doi:10.1007/978-3-642-20931-4_23

Mohammad Rajiullah¹⁹,
Anna Brunstrom¹⁹ &
Stefan Lindskog¹⁹

Part of the book series: Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering ((LNICST,volume 63))

Included in the following conference series:

International Conference on Access Networks

462 Accesses
3 Citations

Abstract

Unquestionably, syslog provides the most popular and easily manageable computer system logging environment. In a computer network, syslog messages are used for several purposes such as for optimizing system performance, logging user’s actions and investigating malicious activities. Due to all these essential utilities, a competent transport service for syslog messages becomes important. Most of the current syslog implementations use either the unreliable UDP protocol or the more costly reliable TCP protocol. Neither of these protocols can provide both timeliness and reliability, while transporting inherently prioritized syslog messages in a congested network. In this paper, we both propose and evaluate the use of PR-SCTP, an existing partial reliability extension of the SCTP transport protocol, as a candidate transport service for the next generation syslog standard. In our emulation based experimental results, PR-SCTP shows better performance than TCP in terms of average delay for message transfer. Furthermore, PR-SCTP exhibits less average packet loss than UDP. In both cases, PR-SCTP exploits priority properties of syslog messages during loss recovery.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Lonvick, C.: The BSD Syslog Protocol. RFC 3164 (August 2001)
Google Scholar
Postel, J.: User Datagram Protocol. RFC 768 (August 1980)
Google Scholar
New, D., Rose, M.: Reliable Delivery for syslog. RFC 3195 (November 2001)
Google Scholar
Postel, J.: Transmission Control Protocol. RFC 793 (September 1981)
Google Scholar
Stewart, R., et al.: Stream Control Transmission Protocol (SCTP) Partial Reliability Extension. RFC 3758 (May 2004)
Google Scholar
Stewart, R.: Stream Control Transmission Protocol. RFC 4960 (September 2007)
Google Scholar
Tsunoda, H., et al.: A Prioritized Retransmission Mechanism for Reliable and Efficient Delivery of Syslog Messages. In: Proceedings of Seventh Annual Communication and Services Research Conference, Washington, DC, USA, pp. 158–165 (2009)
Google Scholar
Gerhards, R., et al.: The syslog Protocol. RFC 5424 (March 2009)
Google Scholar
Okmianski, A.: Transmission of Syslog Messages over UDP. RFC 5426 (March 2009)
Google Scholar
Syslog New Generation (Syslog-ng), http://www.balabit.com/network-security/syslog-ng/ (visited September 20, 2010)
Marco, G.D., et al.: SCTP as a transport for SIP: a case study. In: 7th World Multiconference on Systemics, Cybernetics and Informatics (SCI), Orlando, FL, USA, July 2003, pp. 284–289 (2003)
Google Scholar
Eddy, W.: TCP SYN Flooding Attacks and Common Mitigations. RFC 4987 (August 2007)
Google Scholar
Miao, F., et al.: Transport Layer Security (TLS) Transport Mapping for Syslog. RFC 5425 (March 2009)
Google Scholar
Salowey, J., et al.: Datagram Transport Layer Security (DTLS) Transport Mapping for Syslog, draft-ietf-syslog-dtls-06.txt(work in progress) (expires: January 9, 2011)
Google Scholar
Fu, S., et al.: SCTP: State of the art in research, products, and technical challenges. Communications Magazine, IEEE 42(4), 64–76 (2004)
Article Google Scholar
Tuxen, M., et al.: Authenticated Chunks for the Stream Control Transmission Protocol (SCTP). RFC 4895 (August 2007)
Google Scholar
Rizzo, L.: Dummynet: A simple approach to the evaluation of network protocols. ACM SIGCOMM Computer Communication Review 27(1), 31–41 (1997)
Article Google Scholar

Download references

Author information

Authors and Affiliations

Department of Computer Science, Karlstad University, SE-651 88, Karlstad, Sweden
Mohammad Rajiullah, Anna Brunstrom & Stefan Lindskog

Authors

Mohammad Rajiullah
View author publications
You can also search for this author in PubMed Google Scholar
Anna Brunstrom
View author publications
You can also search for this author in PubMed Google Scholar
Stefan Lindskog
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

BME, Távözlési és Médiainformatikai Tanszék, Magyar tudósok krt. 2, 117, Budapest, Hungary
Róbert Szabó
ArgonST, Network Systems, 17875 Frondoso Dr., San Diego, CA, USA
Hua Zhu
BME Híradástechnikai Tanszék, Magyar tudósok krt. 2, 117, Budapest, Hungary
Sándor Imre
Fraunhofer FOKUS Institute for Open Communication Systems, Berlin, Germany
Ranganai Chaparadza

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Rajiullah, M., Brunstrom, A., Lindskog, S. (2011). Priority Based Delivery of PR-SCTP Messages in a Syslog Context. In: Szabó, R., Zhu, H., Imre, S., Chaparadza, R. (eds) Access Networks. AccessNets 2010. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 63. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-20931-4_23

Download citation

DOI: https://doi.org/10.1007/978-3-642-20931-4_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-20930-7
Online ISBN: 978-3-642-20931-4
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics