IETF Logo Mail Archive

[Sidrops] Re: draft-ietf-sidrops-8210bis-23 is ambiguous session mismatch handling

Tom Harrison <tomh@apnic.net> Tue, 23 December 2025 06:05 UTC

Return-Path: <tomh@apnic.net>
X-Original-To: sidrops@mail2.ietf.org
Delivered-To: sidrops@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id BCD429E2FAA4 for <sidrops@mail2.ietf.org>; Mon, 22 Dec 2025 22:05:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.696
X-Spam-Level:
X-Spam-Status: No, score=-1.696 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=apnic.net
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JrtnOBXcKubh for <sidrops@mail2.ietf.org>; Mon, 22 Dec 2025 22:05:38 -0800 (PST)
Received: from MEUPR01CU001.outbound.protection.outlook.com (mail-australiasoutheastazon11020075.outbound.protection.outlook.com [52.101.152.75]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id CF8369E2FA9B for <sidrops@ietf.org>; Mon, 22 Dec 2025 22:05:36 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=GpCOHhMy97qZzYo2z1VBM7PLUxI6T70CBTG2ua183QCtOjX+OV863Uudj+AzT1Bgbw5bzaIgdRdN6AU3/puJNG8W9UJREQQuQ4ZEKP6POGyOr1JEGI61inwXtZ0ehaeuprT1RCpkcaC55xF91+5lAXrgeQN9xCYCSl4SbU3MB9R/PTOTu6uh0BwnwAWXgFbH9NZH2xVO9yGlwhYrH//h4lwb/FBZ9oLCNOF8g3l83WwNzMJ1hEEs1y8lSTJJ7lp6+UnMmaQA5vLlSpy6ssLV+nmjWSc6DGFKnj08PTT6q3iSgMSFseCVvsTp0eSnEZIZKEJhC61xc+dvBjIz7wBaGA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4XCaV56AK51N6LZEJDMJ6+bm0SM3iOE0dtwLSdv6XCs=; b=OQFTgWwmnr/89gQQJWBXu8nstoWSvRJBPcj/2nky2N/FIFabNhIsbOMcMWcbaM3OnBIDaAuKS0UUilsWiC160u3EySW647eeXifcufs7dayP1LzfrGZwZ37Y5OUH4gtLQGXqyTD2B+wu9vPkJ7He8vPqJOZLg9gs9ZHJWbbSPRQUqRltGRP7xV9U+6tNiD8+xJaVml2i5sfu6Rwg+Ouh/NXMVSSKc2xVOCH+vh7jn+9rukI56kji8SDGdaHoHGH1npnYbjfOekUZ0i1Xt6zB4nvpO38gR8mGAv4C/oQahha3JMaeBibQadPZKVdSkUKpanUXLBcV2/Nz8LmB06SHkA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=apnic.net; dmarc=pass action=none header.from=apnic.net; dkim=pass header.d=apnic.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apnic.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4XCaV56AK51N6LZEJDMJ6+bm0SM3iOE0dtwLSdv6XCs=; b=X4RmWYbEUASb+eiVUk/F/9r/mQziexHM0WFxu3GXaAqjfk1T+F0XmQklnVXcD+304HxhzW50+dz1t6RQuVeMiO5c24cLjrXJseu+T9lzeUb3tjcbOYnMW9GWckuTfvnTZvBgPxdTXuuq6kTX52TiOq0ZOiUynkUc+nIBG72Sp3k=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=apnic.net;
Received: from SYYP282MB0880.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:bc::12) by SY7P282MB4107.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:1f2::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9434.11; Tue, 23 Dec 2025 06:05:26 +0000
Received: from SYYP282MB0880.AUSP282.PROD.OUTLOOK.COM ([fe80::7962:e03e:c34e:92bb]) by SYYP282MB0880.AUSP282.PROD.OUTLOOK.COM ([fe80::7962:e03e:c34e:92bb%3]) with mapi id 15.20.9434.009; Tue, 23 Dec 2025 06:05:26 +0000
Date: Tue, 23 Dec 2025 16:05:25 +1000
From: Tom Harrison <tomh@apnic.net>
To: Ralph Covelli <rcovelli=40he.net@dmarc.ietf.org>
Message-ID: <aUoxJe4HNCxe6jaY@TomH-498551.lan>
Mail-Followup-To: Ralph Covelli <rcovelli=40he.net@dmarc.ietf.org>, sidrops@ietf.org
References: <228ff33f-ddb0-46c5-aadf-7b742554165e@he.net> <4df00da3-0ffd-4b58-8671-9aa28ac14fb7@he.net> <ff478e6b-ba0d-47a2-92b7-7b94f7124756@he.net> <aUjTEw4hDo1Xji2t@TomH-498551.lan> <7fc574e2-5781-404b-b0d4-d2fabb9666b2@he.net> <2aa62837-b672-4b1b-8755-c9a7cfd6d7a7@he.net> <30747a48-1408-492b-bbc0-77f7526a3cb0@he.net> <aUnYWRZyaefsrsOq@TomH-498551.lan> <88f1cf70-94e7-41b1-b4bb-1e88fd88f319@he.net> <d063ed77-588d-409c-ac52-71a1a27aa5f6@he.net>
Content-Type: text/plain; charset="iso-8859-1"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <d063ed77-588d-409c-ac52-71a1a27aa5f6@he.net>
X-ClientProxiedBy: SY5P300CA0016.AUSP300.PROD.OUTLOOK.COM (2603:10c6:10:1ff::7) To SYYP282MB0880.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:bc::12)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: SYYP282MB0880:EE_|SY7P282MB4107:EE_
X-MS-Office365-Filtering-Correlation-Id: 5d469148-5b4f-4864-ed4c-08de41e94454
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;ARA:13230040|10070799003|1800799024|366016|376014;
X-Microsoft-Antispam-Message-Info: 8IHahnwwpWpA0cS5w1tYDo92q18wYoU1LLH1b31CiBpHqo342Sbdrh/m1D8ZMEzVXINhs23ZqFTzZJiP+Fw6KaHQ24ov/MLb2EQJovmCj9htp/KsWMSs+3cTFvrLG9Hofiks3jQJaNlOlJNCHipwf7LEQdbupDGRE/rm9kanASnmEKyiLMEAPwopR1PhKbqVc7l4JXH2EOv8n9UhNn1850TT69ncUFDRqrrsqiazzB8vZJbxsTxKlWMxuTXsPMbmUk+eSU3ZbS0V+BLEFRPJtHVL5XMbY9oudOA/xUoQbNf526+j32JTZ764ZU2B+H/8ajtcBX/2e18O+YQ+/PX+opXssXc2LaQT5zI/8jYpnkN1PxwgpySDd6bj9lC4XQ5n9QGa83Szz92CfHfL7RGl2rADpfFJQFwBJLOEslKOXYbGdsD6Tfsy5iOfMWC9VvRkrpw32HFYx91ngI1WUoajR7CfviRRiJdE8HkkcHInvwWABtSdoUBY8uaStAW+5rBP7OCbqnxW2Izw/PFuf57uVvQi1fIsuek4gVRDSwY+ZDZ5d3eVnEpdgFHxCS06ctfvjmHtoJSuVSzhvUWIAWuty2GD1jCVUGgxMF2bGRwWp4dACOCHC0xzBve0a7n89oUR0VFdTlFOnJaUu4EZ6I7iiJYWpRf5G/ydNtpOXkgarhldD8yj3aKbvEBkiFNOFdfGDs6naF1imT3VcNG0VVC8/6jdt3Ij0JqYz/QNB0BOAOCcWJI2CdSXidVeXbr1I2gfcQv7HxqlfPUCYgrjAjQUjF8vPQaG+HiVst6qwKrlxKRs63EuUeJGhXJtLFY1/li/bs681T0TgDQYl+ulKE/AvGinZKZPek6NkGy8++UzgTyvXfQi2G4ZUgifZDzKppgkPccbaKe6Dysv6SwVuk7aA7oh1vmZfLIQQNfsCLJXPwzCzDKo3vR7WLNtA7Fu2Ga2olIE4WmSLhgKwg/Fk3/zWRVZDHCFVB8DjZa1Ix/FzPDTCLASPZvUQ5CpR5JGBn7C/a37ZGMLPYCOW6i9RSDN+reHolNTMhiB6oLvHL5f8ksTVrVD/zXdeeJQ3I6+kNhSf1tHsX5h6hZjmPk7gF8Hmx6C2PzDWOafB6c97ADNNBYGjcPD+aimhYjRIY4Yt6hStZPxuGCWAjG4jFCr+QzoRlO3VWGDfqRYfQswvNwzYqBGo+T/TAhGDqY+LWUEy2KECuTQTvyQxnjgQv2PeymbG1aetTeNYN/nrBBXsdeuWIPnZCHRjNXzEuyluGA1ZVuegV+VYQ2Vw/Aat8joMNvkN4OUWEq3Yi0iETF9Kq3vpLCC2v3al41ZJ+AH5pkLOKrtrAHJt10ejymjXGgputMzC2RKUBFny+H++1xVe3XGqJmhoV0Zc8XG+0BsohzoNgh6HSwhUytcugdE4be57Nd6Vav30YExjGjlMdPdXyppeKzTBFU+r9CK7cqa6m9M/Dgy6onYer9X/8DwSwWoKu5M3A==
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SYYP282MB0880.AUSP282.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(10070799003)(1800799024)(366016)(376014);DIR:OUT;SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 1EEJmEw0x3/2T0I7drcr0Qf0qOFGl5S+jvqurZX48V/wpejYUCqIT4yhM0voRkc2oLkxTk9+QgPRuNyDmwMa+zlWm+OwdwS+2edG8rAk8oYGmJI8gyLC/TueVx0OhERBua5tmUr4iA9+ZvDE5Qf6b+8rSOdLZeC37seAcnE+/nodjYeat4Sd84aR2hj1l8v++oLYbQTY85GC/gmew+c0yRr2xqrOzMzBpRE3HnsfJS9pUwmIDGehDhTCyjRfPZCu7aJ9F7L8WBX8zOYV5B4p0gYnyVn2Cr0v+Hm/x0ezobstd+ym7O3b7jN4md6grm2w+vZbx9tblzZjyK2Skn823MiWKjdkvAKaHjeGqUVv9cCO5qRjrPZFNVJfSL1FPzpaG+pjlPU60fmq3SaBdyc/EIjIoYuvDGq18V+FUnBhLJ8GPznQmpJtyN+PASjzC/e4nI8JsTKr65+wPksAIf1WAs4G2n1WNtK8y5I4YmTvF2bSwXCEmJtMWpFGqIGyuZlxP4m9NWsKUaV2rleGzSOhwZVlJ9bjGkTB1FIRx5b7Q2S3EQodqzvsyXTWLWDM5Qh3W1C0aZ1L8HXoHwwmKGGy7wMMuET2TVC5UjsuZulYFh6p5IpdvcNAhEqE66G5vBp5dtQ0GYTQEi3FmLEvE6EEYbgrTNy4vtR14NFzWaHckLwVaSlkQBsloQNt12FaQc88UBi0xI8iD+l68R8EkdPOzu9sN5H1HF1vouvSHaf/UVo6hYOTjBj0LjuXnX0WSYykB2vgmJ3G0376ICRkR5Hs7UlW8GMhjXB7/XvsNzgNvQBbkF/WLi5327bK3SjQ8HiPN5vd+GDSUG3hJBGw+8BD0O2sdJFwC1qi76Rp2WPJTyNQ2UQb3iDz8yT5SeQ7Gz9jPUkQZOiMsA/nspi/ZMddxxZ7Yvs8LCANHrTUZyMIMBWAqQ+IZM2aiQD8WQfuNt8nfq/gnBLH6JEa18iTt/8TnTFAtza3kaYAN0/yKciZGTCSnRFazVDFspccZFte9Ff9rGWXL0FvODvt+NvIDI5Z6C8JlGja9AUjFC749RLKXE616qDE1tPIijGIyqomx9V/bT41SOsMWpYpJqgvvjp8wEOVVaFhSXJXNzLix5el5rzW9SiQvwTPVq5D7e+w/no6+BePM/f2hIob9Ig24Or9KEb4ZLw2uAA5Br9lRCvt+Dsp4CRzcvqQYTQmVlfVDGuyOU7B/uFyJu4NQKBadGw43vGHq093LINt7DaLYKubjgYBTgrhlqTCxlQcnW252H1xUEL/erx43XFCL29jbdb7GYPQYX6KR5357VTamtH5J1v/RVcwtGXPqZkBnlPrrbmhcDozJi11rR/0zkX3crNwyfY7gdOyNy45A0tvwUF9i1Y9H5bXlZjBsYMVKMAaJzNP24H/ZvMoWIfWIAwVI18YnDIidK5YaUpYv9yUUYq2nxo8OCsfOIBIVYMBTNJMr26z0qFB/B3h0tpUfMO0m7dRM0jSJeMDPUJLQocoNMJoM4odzMnWNStiD+4jLJxa4VGvsj01goPdURaIkdAviOlpwEUBcGFc6RMSmqQRr8iECS8UA7/5RetTq3U9vxVJnQ5VC4/LuzeHc6WVqhPPXWeJqjkc3/cUf/ddXbLEjjLd62LEqcyrjxFJFyYOWsySHMo4NLZ9RqZLFZuE4w0LaWgoBD97FqiWTdPtM8P/ynyLGEq23FvwuOCErynXj5NWYX1USyixmaSS1bnpXJCZs4bBfXyHMnuoqYoDhEysGz5ms+kTD8E0hRRQ3gkF64gLAfgO
X-OriginatorOrg: apnic.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 5d469148-5b4f-4864-ed4c-08de41e94454
X-MS-Exchange-CrossTenant-AuthSource: SYYP282MB0880.AUSP282.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Dec 2025 06:05:26.3634 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 127d8d0d-7ccf-473d-ab09-6e44ad752ded
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 71RQzlCjEAWh4dQKQ/HkU9I7VNIiCqs1AncqUT5EsGi2WMMm8gMgfOUmJXiNZlU0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SY7P282MB4107
Message-ID-Hash: W57VYHTVS3J5IAL263U5REWR3LJPFDON
X-Message-ID-Hash: W57VYHTVS3J5IAL263U5REWR3LJPFDON
X-MailFrom: tomh@apnic.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-sidrops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: sidrops@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is ambiguous session mismatch handling
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/RHRaVXVsrCL65lQlnOOxfXUVrAk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Owner: <mailto:sidrops-owner@ietf.org>
List-Post: <mailto:sidrops@ietf.org>
List-Subscribe: <mailto:sidrops-join@ietf.org>
List-Unsubscribe: <mailto:sidrops-leave@ietf.org>

Hi Ralph,

On Mon, Dec 22, 2025 at 10:35:53PM -0500, Ralph Covelli wrote:
> On 12/22/2025 10:28 PM, Ralph Covelli wrote:
>> The problem is that the "existing behavior" is *not* clearly
>> defined in this case.  Your testing confirms this. (thank you for
>> taking the time to look)
>> 
>> If you treat this condition as an error you will wind up
>> unnecessarily killing all of your router connections every time you
>> reset the RTR cache.

I think these are good points.

>> In the end all roads lead to convergence:
>> 
>> With Cache Reset:
>> 
>> 1) Router disconnects from RTR cache
>> 2) RTR cache server restarts
>> 3) Router connects to RTR cache and sends Serial Query
>> 4) RTR cache sends Cache Reset to Router
>> 5) Router syncs
>> 
>> With terminal Error:
>> 
>> 1) Router disconnects from RTR cache
>> 2) RTR cache server restarts
>> 3) Router connects to RTR cache and sends Serial Query
>> 4) RTR cache sends Error to Router and disconnects
>> 5) Router connects to RTR cache and sends Reset Query
>> 6) Router syncs
>> 
>> The Session ID appears to be designed to detect cache changes. This
>> should work both ways.  Router to RTR cache and RTR cache to
>> router.
> 
> *Whether* its treated with a Cache Reset or a Terminal Error, the
> specific wording should be added to the document.

Although I think clarifying the document and providing some way to
avoid unnecessary connection terminations are useful things, I'm
mindful that there is at least one implementation that operates in
reliance on the reading I described in my previous mail.  I've had a
go at updating the text to address these problems at
https://github.com/APNIC-net/rpki-rtr-demo/commit/dd901d4f98cc3be23b798bc1e04fbd5042001965#diff-ba5205cdbf492fee8c9ee5a7c3afa6ea4f0eb87eb392a0286f9bce7eb783a631.
Do those changes look OK to you? 

-Tom

v2.39.1 | Report a Bug | By Email | System Status