[syslog-ng] 'network' Destination With Hostname Resolution (IPv4 vs IPv6)

David Hauck davidh at netacquire.com
Thu Sep 20 16:02:58 UTC 2018 

Hi Balazs,
 
On Wednesday, September 19, 2018 9:21 PM, syslog-ng <syslog-ng-bounces at lists.balabit.hu> On Behalf Of Balazs Scheidler wrote:
> Ip protocol v6 should support both ipv4 and v6. So if you use that and 
> the name resolves to a v4 address or should work.

OK, interesting.

For a different reason it would also be good if I could always specify ip-protocol(6) (non-default) for any value of "myhost" below - i.e., even when this is an explicit IPv4 or IPv6 address string. Would this also work? And if this were to work (I see no reason why it wouldn't if what you say about hostname resolution above) then I guess there is no value in specifying ip-protocol() at all, right (i.e., syslog-ng could also just know to do the right thing in these cases)?

Thanks,
-David
 
> On Wed, Sep 19, 2018, 19:23 David Hauck <davidh at netacquire.com <mailto:davidh at netacquire.com>
>> wrote:
> 
> 	Hi,
> 
> 	Thought I would reach out again to see if anyone had any thoughts on the item below.
> 
> 	Thanks for the consideration,
> 	-David
> 
> 	On Wednesday, September 12, 2018 3:39 PM, syslog-ng <syslog-ng-bounces at lists.balabit.hu
> <mailto:syslog-ng-bounces at lists.balabit.hu> > On Behalf Of David Hauck
> wrote: 	> Hi, 	> 	> I have a question regarding how to specify a network
> destination when using a hostname when the 	> hostname can be resolved
> to either IPv4 or IPv6. In particular what should be specified by the
> ip- 	> protocol() parameter? There are some configuration scenarios
> and/or target installations that don't 	> know a priori whether the DNS
> configuration will resolve to an IPv4 or IPv6 address. 	> 	> E.g., 	> 	>
> destination d_tcp6 { 	>     network( 	>         "myhost" 	>        
> port(514) 	>         transport(udp) 	>         ip-protocol(6 or 4 or ??)
> 	>         ); 	> }; 	> 	> It seems like it would simple enough to have
> syslog-ng simply validate the resulting IP address string to 	>
> determine which of ip-protocol(4) or ip-protocol(6) is actually needed.
> In fact, I would argue that 	> specifying an IP address string (as the
> "<destination-address>" value) could result in the same 	> determination
> (the address string necessarily unambiguously determines whether the
> reference is an 	> IPv4 or an IPv6 address and I would think there is a
> 1-1 relationship between this determination and 	> whether
> ip-protocol(4) or ip-protocol(6) is used - (in other words it would
> never make sense to have 	> these mixed: "::1" and ip-protocol(4) would
> be invalid). 	> 	> Thanks, -David 	>

More information about the syslog-ng mailing list