IETF Logo Mail Archive

[Sidrops] Re: draft-ietf-sidrops-8210bis-23 is ambiguous session mismatch handling

Tom Harrison <tomh@apnic.net> Mon, 22 December 2025 23:46 UTC

Return-Path: <tomh@apnic.net>
X-Original-To: sidrops@mail2.ietf.org
Delivered-To: sidrops@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id CCC639E12F0A for <sidrops@mail2.ietf.org>; Mon, 22 Dec 2025 15:46:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.696
X-Spam-Level:
X-Spam-Status: No, score=-1.696 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=apnic.net
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zXgILeY3a447 for <sidrops@mail2.ietf.org>; Mon, 22 Dec 2025 15:46:46 -0800 (PST)
Received: from SY5PR01CU010.outbound.protection.outlook.com (mail-australiaeastazon11022102.outbound.protection.outlook.com [40.107.40.102]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id C33269E12EFF for <sidrops@ietf.org>; Mon, 22 Dec 2025 15:46:45 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=lcVpbOrnLCnHg5il/SoXrGQ0uayNU1Lu55/2BeWOoQDM0b+z4zFt/hb1XdKgTL7d1Ago2SHpQwr51GVp0rNwonZpBbTuY/uIuRK6REVkWVZq5usvoOM5OSwb0tdcL8kw9rxSaUp3zCSN82Iq5hvFjnP27MiOUcA4FquofNZ4ZBIfrCrBlrih8MRnlwM1XvlcBOTfKko8D0qrRMT/1QqLYXRmv6jgCusRb/ObUA57qcqKIGG3zUmEIVW0sY1O9IIQURB+F0W4+poXFLIowAb/rObe1TK71CUCcO7SXz9ZBSLRPz7SqH+SpFXJTXd3vy9yushmbpbBI0dtMpcTnCbY1g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=fXea18dy+khCd9A5Iv4E6gAPE8avthgl+XvS+EuvT48=; b=kKMgoVxaHYyjoAXlaMYXYu1ntYk7iJHY8EHPioCT5FYg9zLenyfA63pSc+guOO8AWUfZp1X9QMpHlZBOFAVEoki0Ez8GyNEovXWMNZNEiDhiy+cDEO0EpBLAQ3fJlWRpftSyfulab3AJDnzQxRCAXmIBHyW40+eI/BjZi601OMiJGkRn2iewROGbHNFVxoSo/9LocsJ/wEzHkVQqRSJzoy6K2MZr6t5CESacRcEvzl3LW9dlW0KiHLqalxBfIZy6MDEGNB98OKoznU71lEEgO4WhLTj1TD/hjy/PMltvMyuMVZBDp9tGqpevNRCiF/6J39cjbx31meuDKuXMekgbnA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=apnic.net; dmarc=pass action=none header.from=apnic.net; dkim=pass header.d=apnic.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apnic.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fXea18dy+khCd9A5Iv4E6gAPE8avthgl+XvS+EuvT48=; b=UuL4GJbeT1xhvTXxU6rYXhwNB9mIfo76DbKldWM6O1TjnLmkjYLrFqJleNqGFjbGtaeROB1wLo97Y8z2QFxYqt7PPzK+4rhA7aoYOR3KBqVuP/UBzAoE+xeSRjokBhl/THEDhDFg4op8a8vQ2dYO6mQT9pZMB1Ar6DwUqOApCgg=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=apnic.net;
Received: from SYYP282MB0880.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:bc::12) by SYYP282MB0861.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:bb::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9434.11; Mon, 22 Dec 2025 23:46:35 +0000
Received: from SYYP282MB0880.AUSP282.PROD.OUTLOOK.COM ([fe80::7962:e03e:c34e:92bb]) by SYYP282MB0880.AUSP282.PROD.OUTLOOK.COM ([fe80::7962:e03e:c34e:92bb%3]) with mapi id 15.20.9434.009; Mon, 22 Dec 2025 23:46:35 +0000
Date: Tue, 23 Dec 2025 09:46:33 +1000
From: Tom Harrison <tomh@apnic.net>
To: Ralph Covelli <rcovelli=40he.net@dmarc.ietf.org>
Message-ID: <aUnYWRZyaefsrsOq@TomH-498551.lan>
Mail-Followup-To: Ralph Covelli <rcovelli=40he.net@dmarc.ietf.org>, sidrops@ietf.org
References: <CAO367rWV4rsnSM9jYG3N1hfPjq8mhqn36m0SLzO9eF6QZAgQ9g@mail.gmail.com> <ab35bfd7-4ac8-4a0f-990c-f4f66bbb9627@he.net> <c2c4ef74-8c26-4a42-b667-555acbbf3532@he.net> <228ff33f-ddb0-46c5-aadf-7b742554165e@he.net> <4df00da3-0ffd-4b58-8671-9aa28ac14fb7@he.net> <ff478e6b-ba0d-47a2-92b7-7b94f7124756@he.net> <aUjTEw4hDo1Xji2t@TomH-498551.lan> <7fc574e2-5781-404b-b0d4-d2fabb9666b2@he.net> <2aa62837-b672-4b1b-8755-c9a7cfd6d7a7@he.net> <30747a48-1408-492b-bbc0-77f7526a3cb0@he.net>
Content-Type: text/plain; charset="iso-8859-1"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <30747a48-1408-492b-bbc0-77f7526a3cb0@he.net>
X-ClientProxiedBy: SY6PR01CA0055.ausprd01.prod.outlook.com (2603:10c6:10:ea::6) To SYYP282MB0880.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:bc::12)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: SYYP282MB0880:EE_|SYYP282MB0861:EE_
X-MS-Office365-Filtering-Correlation-Id: fffa38f3-ad6b-4129-d899-08de41b45777
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;ARA:13230040|10070799003|1800799024|366016|376014;
X-Microsoft-Antispam-Message-Info: qZw6KIZRESdnRaJvd96Gksz1XhUrXTBrimxdmolrqZ83y13q8CZcuTNubjHi2zSWRW8XowrmKXDMQkWcuLCZc9wa3qn4nSu4NFfM70urhHP75gHYh95rRc2ENfStQFwqZGnN6O/orHfSUX0eAnNyBO3HBcdFHBGsuz+FpXuUe0mN62r9ag6FjSDMHe97RO0QJNzNbiHaRc2CTggZnBSVP35kKE1UsBov9cs86h39l4QjB32itRHEo2YUUWcqlr/TShdVbKFlnMiDWUoJxVoVnZ7UZyJiXxYqq4ZkXlXZNIqDBCGvMgx2Ov36yC0R11FUjs98rJNRu0bpde+Pw+xya1K+8hVpS4tUoqmKre0eYgz7LvHIoGRPK2zPWIWUafO1WtydJdbsxN3lCA4sGUSn4cptilV1CrtnTGKAeY+ePeDyE8s2k2x9jDU54nBhFiRxAenY8LgcGLu6RgyZfldHnQTYd9FrAxpXB9EPU3UYv1lbCl3Kko0eqOyr5txDvUgfYDGPIGmpCQfD+P1ISxgKuXaZN1eVzLlR4/7eopPRjYlANc61/2m0olkrkaAGF2pAR+i673yb9yAO7ebxlvJKxC6oixAFX46rahAqNUGenyLy/4wUoJmcgejqZ6n9nKb55jdCsCWEFdqcEvMRAFOPiSnXnPqjI/LrbOFqvIg44ws2B3rdlKzj/eYe2OdwE7TYW+jV8DU/ynLK9chBprD91hG79v9nx+Uhj8C7wrm6Fw4mJdDPEpluna0lGQkEMQnXwsWcVAJg3gbcJLIBcMw/710yAJKLnqcD19HHypnfzDu2+1bcN26DFWomUET3ib5z/bxQ/xlXQEFNu0w80D44p+aDKvt01EEvDvFO2toL71zTBklQSky9XL77cbWmB9e7WhrJg0b4hNVDmR0BvLwSKrQvKp5bc9lf8KzvcDKQcgquRSUQ2yEw8PuGTNTJ4F/mEdCI/1xu2uyv10dmWFtmio8q4Fz5vOEt1p2kfAioA99VEz+sZ+bvbkxiDgMge3VqRMJZ0dC1euEf1WARO3L9ScATaMn4M4hvimuhFk7qLo4WKHj+vMVh7qlhR0oAloHRRNfJQFCWsEY2DXWX7p2+/G+D7AWdO4wmuJ7VIdDGzvLwYxdM8mAi86UuXQTW49cTg03SrYo5ABtTLnui59Ep2EoeyTFKmmFDDPg49T+zxt1+t6aVAQIDvdyiVkRFjpu4H//+upTpJM7algp6s5eMbkhK+Xcrjas0vRX5gXiL3eddo2m7hhuuJUCwOc6d4m0PIVBALnyogBKCkKFmX5Vt2aH8pEb5ajbS5nJyB2UZKQWeW3UwkdCbvTt9iHG1KLu2DCuSUShmdB+hG6Zm+a4KqQGTP6y3RikRTXU6hnGaGnX0ibyqbqf/tDJqyhsXp2FrVertDRASvo1RoS7pYhBUSeodkM5rJ+f42jLBfLnr+CPM/jRVSn2WMegogS3bzQII
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SYYP282MB0880.AUSP282.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(10070799003)(1800799024)(366016)(376014);DIR:OUT;SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2
X-MS-Exchange-AntiSpam-MessageData-0: LPvGX8CrNYftZTaTuyrV0J6xhraoxubYssBJ2SxpkWwgdpDn1WgF4pYp6k/alzcV3kMmmCteGYROqxJVXxZPM4Tn3sjl25eJn1CICb3tJArJ4061t+ASpv6utb4jHz1wni4Zl+2tVLrIenRDQK2RhQTo4Kz0lWFTbQJBEU1KaxRMx55+bk9Qjo3t/L3R21dPuGc1w++7SUPi2KhVO5zKnpl8rjF0zY6fLfFC0plCPsHpp9mWL508DeervkLqxch2DULIjO6ouf9o31sTvP3CHpXeg2tW9V65NbzQKZ4/jiS4TxvgyAX5WiOgnyFARzQxyskUGW6i999sWk2OCbLvFrKo4aPDT15gjxNbph5q24PfdlE4FHF9PGhKoixTJ1swfhwxvWphdR1i0e343z5e2jxQ1ces/4QnENz7rZ+RtUTnYPRXsRC1z0G8x2HlGKJXZOskwVcehiiUCSxhghA+XFfUBmmfFIopZ1WeGcwpKif+jPsfS0Wb/DOeFaSEUdTwOIdHohEWqqmYmIZNpklhXlo/xbfwcPzMQoZ3Cpr9YSDx7fCkZpB7eReHmeUiHSVtDVdRKVjfgtflnGGfTbVl+kenf9/XKeY5K5dr5vl2c1DH3vFDB52jD2Z620jVby67/vIJQhUmumCkfO7DviF/75dBJyfFcvH9qoK5BJUFOQzNWtx5XJJN5PS5DIiGnWvBN7Db3hoeg9p5AngMVizFKy0p7vFio38BVTOaNvOMTK6cdtQ2Kfop3iXdGTSqlsXaUD1tEqwvsKcLnDKKdWImnwpswNaLE591oJHd2aqEQaXn9liJAa8ckbITVW+bX5koofkKVSElAGxjHOncmBH9TN7RLv5hxLlYyHIHXHrkl2OOIM60uG50ZhLaVZxVb5JANS4n2vNiTqzYZZ341HI9VNxUCxLbHtcb6LM0F+0nOZQ0Ngq1ih7TZvtgfjXsXNrEmIG3FsFVn87v3XAaRkhIm49bwODpWnSia3C8J3EKXdPfEdEO87Vu51araApnF2Nt43xJ95PUdfUz27yEjymnZ/7SIhuzp7CL+mYwLgWEV1CWA/o7aaLRj1+Gux+gGS8psOsNGfS9Jz6xSJyleN+edZ9njua7ZERSycAh017XUD1C9yZslveeT3xOkX6DYZoOsJalkU2AeOyxOdLLUabaI1daRnLNl0MuOTLdCtBJRxTLxB3uf1QQ11gV17bYihnMkenyOiRo0p0a9EowJpxL1lW+88VCx8rHpc7Jl74FZ8WjHyGWYu8CYBPFIi8yMnO/BP6MzrY1ypfE7V0UD0M+CKoLci8p7Y6A/I9nIsFFHxTsK9f+tKF8rVClT1mHn30lwwHmRQAO0Ck/Sp89kSR2OAUTPGffHSjZudQ6jVmVZAkkTe5xgPwRF+zEnCCrG0zY4pEZwzGabFWTinSKSExOcqznx0UEF96bjg5Dss7dm0HDwDN6xr24U1I2mN6/n8NiihqSux7lFAohgcZl6SB5BxGqUNXjj8OoDLZ3E+wt5fbETk266HMnOJLfMeUdRHmt24XK0F7DrcfFcIxC6FLjsfyOZ/IHwOAEddAAx2tdYaWUP3AoQIpklxLII5r9snFPDyjoBDx7OozFp7zpNeF1rEgPawrKF4p6RWPkUHrgSR0nEPrwc4mbxZKMNk72YTeo23shG3fE2+6FoRRbbe/Yr4EV6K/l+ONbrSLHCAIpVQhL6H6ioogD5VEdmOHy04noe0WJBdhNLTp8belAfApAevR2GVvc82dZhp9M5RheZHdBGROro++ZXsGTQYdsU3RbnHs+TtNi
X-MS-Exchange-AntiSpam-MessageData-1: XOKwC6M2VnZQHQ==
X-OriginatorOrg: apnic.net
X-MS-Exchange-CrossTenant-Network-Message-Id: fffa38f3-ad6b-4129-d899-08de41b45777
X-MS-Exchange-CrossTenant-AuthSource: SYYP282MB0880.AUSP282.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Dec 2025 23:46:35.1660 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 127d8d0d-7ccf-473d-ab09-6e44ad752ded
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: LQK55xXms+AzZPszLc+//7artQt6qk1hJk3vgM5Al1pkgKIR3F5aYfvfwcyZYt2r
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SYYP282MB0861
Message-ID-Hash: WARZ4GPUPJW4DUNOQKFNTB4CTJ7V7V2R
X-Message-ID-Hash: WARZ4GPUPJW4DUNOQKFNTB4CTJ7V7V2R
X-MailFrom: tomh@apnic.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-sidrops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: sidrops@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is ambiguous session mismatch handling
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/f-sLh_Tz99lmSFIuFAjKhiXGWJ0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Owner: <mailto:sidrops-owner@ietf.org>
List-Post: <mailto:sidrops@ietf.org>
List-Subscribe: <mailto:sidrops-join@ietf.org>
List-Unsubscribe: <mailto:sidrops-leave@ietf.org>

Hi Ralph,

On Mon, Dec 22, 2025 at 05:00:23PM -0500, Ralph Covelli wrote:
> On 12/22/2025 4:55 PM, Ralph Covelli wrote:
>> On Mon, Dec 22, 2025 at 04:14:41PM -0500, Ralph Covelli wrote:
>>> Big fan of your section 11 changes! :-)

Thanks, much appreciated.

> If you remove the wording you leave a hole behind.
> 
> Section 5.1:
> 
>       ... If, at any time after the protocol version has been
>       negotiated (Section 7), either the router or the cache finds
>       that the value of the Session ID is not the same as the
>       other's, the party which detects the mismatch MUST immediately
>       terminate the session with an Error Report PDU with code 0
>       ("Corrupt Data"), and the router MUST flush all data learned
>       from that cache.
> 
> If the session ID changes *after* protocol negotiations something
> has gone horribly wrong and we should error and terminate.  I agree
> with this.
> 
> What do we do if session ID's do not match DURING negotiations? It's
> never stated what to do.

My reading of the text is such that version negotiation is complete as
at the point that the cache has received a Reset Query or Serial Query
PDU from the router and determined that it is able to support the
version included in that PDU, because at that point the version to be
used for further protocol interactions has been finalised.  One
counterargument I can see here is that section 7 includes two
references to the cache responding with a Cache Response PDU, such
that the sending of that response might be considered part of
"protocol version negotiation".  However, sections 8.3 and 8.4 make it
clear that there are scenarios in which the cache is not required to
respond with a Cache Response PDU, so I think the better reading of
section 7 in this respect is that the Cache Response PDU references
are just about describing what usually happens at that point, rather
than being an attempt to bring the cache's sending of a response PDU
within the scope of the version negotiation process.

With the above reading, the text of section 5.1 applies as at the
point where the cache is determining how to respond to the session
initiation PDU from the router, as well as during subsequent
interactions between the router and the cache.

> A session ID changing in the middle of a session is a bad thing and
> shouldn't happen.  However session IDs changing BETWEEN sessions is
> NOT a protocol violation.  It means the RTR cache restarted while
> you were disconnected from it.
> 
> This is a Cache Reset condition similar to falling out of the
> sequence window, NOT a protocol violation.

I agree that a router initiating a session with a session ID unknown
to the cache is not that far away from a router initiating a session
with a serial for which the cache cannot provide an incremental
update.  However, for the reasons mentioned in my previous mail, I
think the case for preserving the existing behaviour (at least per my
reading) is stronger than the case for changing how this works.

(FWIW, StayRTR 0.6.2 responds with an error PDU on an unknown session
ID, while RTRTR 0.3 responds with a Cache Reset PDU.  I haven't tested
other implementations.)

-Tom

v2.39.1 | Report a Bug | By Email | System Status