IETF Logo Mail Archive

[Sidrops] Re: draft-ietf-sidrops-8210bis-23 is ambiguous session mismatch handling

Job Snijders <job@bsd.nl> Wed, 17 December 2025 16:35 UTC

Return-Path: <job@instituut.net>
X-Original-To: sidrops@mail2.ietf.org
Delivered-To: sidrops@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 0A40A9BDFC7A for <sidrops@mail2.ietf.org>; Wed, 17 Dec 2025 08:35:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.877
X-Spam-Level:
X-Spam-Status: No, score=-1.877 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.017, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pLxl_VyRyEor for <sidrops@mail2.ietf.org>; Wed, 17 Dec 2025 08:35:43 -0800 (PST)
Received: from mail-ej1-f52.google.com (mail-ej1-f52.google.com [209.85.218.52]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 9D4919BDFC75 for <sidrops@ietf.org>; Wed, 17 Dec 2025 08:35:43 -0800 (PST)
Received: by mail-ej1-f52.google.com with SMTP id a640c23a62f3a-b7a6e56193cso1095266866b.3 for <sidrops@ietf.org>; Wed, 17 Dec 2025 08:35:43 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1765989337; x=1766594137; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=t58yXwO9eWPPi1jkEMi2S+ezbSYOSjcwuBrhZ0P2Hxk=; b=THMnxyWOxEyRbTva1IhncF+t/Wkrh8IgObc/83q7+wvHcrq566rxFWGrlTZXlHz8YU MYuwRqkxi4HY4APbVC9/hN4I92ZID3U+I5Gd7Awp4HW457a/4BodgC0x3S1KJfv5Hv9N 3vjiq2UsoF4fWgsL97TtX8H3B31ow9zELPtwO90C7IleV39F5fPqTljG8ABqN9bP18+n FhVxcTml6HvASbpPQW9VnvANR/DCJuLk+OJWRACaT0c/9csbwoe7B8Xp/54s5Fhgho8A HvnnmZrrChKr6cL8CBRxHWmDFXve7Id+9ZnFAtUAEuCTXny6J3Zisv8XyAMP8Gyb5Hkh fVuw==
X-Gm-Message-State: AOJu0YySmPVRyOuTUL/bYoo7Vt3ium2jYUI8A/BE3Ho3UJz0qJkKuzyt xHHyv7E1RKAzuEl02APJEmOtQPm8ur4Ld9O/jCtCVf/iyFlvxSrTC+le6iHF4K/c9jepSx/aGNf 7vuhKPOU=
X-Gm-Gg: AY/fxX45f20lGzA7r7zLqcGNqUD6nz4m4HCVnqcP89WVGiqhCFei7VCnu0iniXSy1tf 7ZYQ+RRjdnoayIR9g5Vw1PWiRYweEVUDBpTvDXQPqkTtgXhj1A0UAGile23FBCMPUS8XvvgRN5i kAKiaMaqlmwPjq4A9zVPSsl/9M5IoQ2opUytC+/iRy2ZCgBrHt7BEWRPsKxmHjNG+KbgggRkyxG 2Ci6DLCn4YfOjTr+1ldPC+8N1R6p+JM9PlpnmlxwpuwgI1EG5nkPO3GLZopZea7yQD3LeFbojBU APteTMiF9a2BZjDsEq6jBN9sqtOMwXmXk+885HMapUE6toYxJT3YOxehnUrtkGEk49mGGq4ViQj cQoX8Xfw6jtWmRmbpAyCakV+0BwDu14Jm0Hw7inwZKYb0md5RchdtI3/s8BCjnFHxaH7XMZjFrT L05SOuQY/xJ0OHO9INYSF5N8axFci8PjtgWD9y9Ie7cF26v/VAFH4/BekFxxGusWBUqYSwwBVHz J6uRo/yBMir4r3mtB0IskSWR7/DWXoBJPXnj68nOMyZZlGtLfWbQgtBZ+Sc7qXJcbW9UCwX
X-Google-Smtp-Source: AGHT+IGCJKkvUfV3uIk2AoEwERciRD0PEYaaR5PecjDlnlI8GSV+0i/OXV1lfnlniJOLW5ilNZGUXg==
X-Received: by 2002:a17:907:6eac:b0:b76:f57f:a2c3 with SMTP id a640c23a62f3a-b7d236f781cmr2033218866b.12.1765989337313; Wed, 17 Dec 2025 08:35:37 -0800 (PST)
Received: from feather.sobornost.net ([192.147.168.2]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-b7cfa2e6edesm2048715466b.18.2025.12.17.08.35.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 17 Dec 2025 08:35:36 -0800 (PST)
Date: Wed, 17 Dec 2025 16:35:35 +0000
From: Job Snijders <job@bsd.nl>
To: Marco Marzetti <marco@lamehost.it>
Message-ID: <aULb166QFVxZMGFu@feather.sobornost.net>
References: <CAO367rWV4rsnSM9jYG3N1hfPjq8mhqn36m0SLzO9eF6QZAgQ9g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAO367rWV4rsnSM9jYG3N1hfPjq8mhqn36m0SLzO9eF6QZAgQ9g@mail.gmail.com>
X-Clacks-Overhead: GNU Erik Bais
Message-ID-Hash: FFHLOM42KS7SEPQXEL6DJKTKCP4IGMPW
X-Message-ID-Hash: FFHLOM42KS7SEPQXEL6DJKTKCP4IGMPW
X-MailFrom: job@instituut.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-sidrops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: SIDR Operations WG <sidrops@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is ambiguous session mismatch handling
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/5B_o5c-223IuHhnaPUFo4A1I4vA>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Owner: <mailto:sidrops-owner@ietf.org>
List-Post: <mailto:sidrops@ietf.org>
List-Subscribe: <mailto:sidrops-join@ietf.org>
List-Unsubscribe: <mailto:sidrops-leave@ietf.org>

Hi Marco,

On Wed, Dec 17, 2025 at 02:38:01PM +0100, Marco Marzetti wrote:
> I am working on a Python implementation of a RTR Cache, and I noticed
> some ambiguity around how session mismatch should be handled.

Thank you for your implementation work and document review. I think your
message yet again demonstrates the incredible value of actually
implementing specifications before publishing them as RFC. This is
something other WGs could learn from (looking at you, OPSAWG!).

> At 5.1. (Fields of a PDU) the draft states that:
>       If, at any time after the protocol version has been negotiated
>       (Section 7), either the router or the cache finds that the value
>       of the Session ID is not the same as the other's, the party
>       which detects the mismatch MUST immediately terminate the
>       session with an Error Report PDU with code 0 ("Corrupt Data"),
>       and the router MUST flush all data learned from that cache.
> 
> While at 5.3. (Serial Query), the it states:
>       The Session ID tells the cache what instance the router expects
>       to ensure that the Serial Numbers are commensurate, i.e., the
>       cache session has not been changed.  If the Session ID does not
>       match, the cache MUST respond with a Cache Reset.
> 
> Does that mean that the Cache should send the Error Report PDU in all
> cases but not in response to a Serial Query?

The use of an Error Report forces the Router to flush all data, while on
the other hand the Section 5.3 text makes it so that the data could be
retained - until the Reset procedure is complete, or the Expire Interval
timer is reached.

In other words, AIUI, forcing a reset has a graceful aspect, while an
Error Report causes an immediate deletion of data on the router's side.

If a router is configured to use multiple caches then there likely is
continuity because of the data from other caches, but in case of a
router using a single cache, then a restart of that single cache causes
the validated payload data to first be deleted and then be (re)learned
(if an error report is send instead jumping to the reset procedure).

I believe code 0 ("Corrupt Data") reports primarily are intended for
things that don't neatly fit in any other error report category.

I suspect that the section 5.3 approach causes less churn in the BGP
control-plane.

In any case, I agree with you that there is friction between Section 5.1
and Section 5.3 and that needs resolving.

What do others think?

Kind regards,

Job

v2.39.1 | Report a Bug | By Email | System Status