Hello list, After some discussion in #haproxy channel about MAX_SYSLOG_LEN, i think we should raise this default value from 1024 to 2048.
Multiple arguments for that, RFC5426 (http://tools.ietf.org/html/rfc5426#section-3.2) encourage all receivers to support up to 2048 and recommend that syslog senders restrict message sizes such that IP datagrams do not exceed the smallest MTU of the network in use. In our case, the network almost all of us use is loopback, as we usually chain on the loopback, then forward log in the wild if we need. Loopback MTU is 16346, so no limitation here. Syslog daemon used by default in GNU/Linux distribution are rsyslog and syslog-ng, RHEL and Debian use rsyslog, SLES use syslog-ng, all daemons support up to 2048, by default 8192 especially for syslog-ng. http://www.rsyslog.com/doc/rsyslog_conf_global.html http://www.balabit.com/sites/default/files/documents/syslog-ng-pe-4.0-guides/en/syslog-ng-pe-v4.0-guide-admin-en/html-single/index.html#idp8428192 Rsyslog guys says "that testing showed that 4k seems to be the typical maximum for UDP based syslog. This is an IP stack restriction. Not always ... but very often" *BSD (FreeBSD/OpenBSD) support is not so nice, base syslogd support up to 1024, so maybe we should stick to 1024 only for us. BTW, i think the best should also be to support configurable value in configuration, like a tune.syslog.maxlength or something like that. Hervé. -- Hervé COMMOWICK Ingénieur systèmes et réseaux. http://www.rezulteo.com by Lizeo Online Media Group <http://www.lizeo-online-media-group.com/> 42 quai Rambaud - 69002 Lyon (France) ⎮ ☎ +33 (0)4 26 99 03 77
