IETF Logo Mail Archive

[Sidrops] Re: draft-ietf-sidrops-8210bis-23 is ambiguous session mismatch handling

Ralph Covelli <rcovelli@he.net> Mon, 22 December 2025 22:00 UTC

Return-Path: <rcovelli@he.net>
X-Original-To: sidrops@mail2.ietf.org
Delivered-To: sidrops@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id F40E69E0C53A for <sidrops@mail2.ietf.org>; Mon, 22 Dec 2025 14:00:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=he.net
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6bC739urcj5v for <sidrops@mail2.ietf.org>; Mon, 22 Dec 2025 14:00:24 -0800 (PST)
Received: from mailhost.lightning.net (mailhost.lightning.net [209.51.160.9]) by mail2.ietf.org (Postfix) with SMTP id 7A3739E0C52F for <sidrops@ietf.org>; Mon, 22 Dec 2025 14:00:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=he.net; s=lightning; x=1767045624; i=rcovelli@he.net; h=Received: Received:Content-Type:Message-ID:Date:MIME-Version:User-Agent: Subject:To:References:Content-Language:From:In-Reply-To; bh=SYZQ iiDSve/24OCRrN5tg1Q5cuxTCURC+U9/1ae0r88=; b=b/REaKLCFdCheZWP0P3B SY0ad8qz5pj3ZSpTUqQ8Y4AdFvjQ4+bYOoF11TzczVs53j7I7wlLCGi8wXfKTt// P2z+D9v+BAA6s8MAvSkiOzxK00lw5stC72XLYV//6gdAgI0iXFm7ZUej5s5IXvBf Ujxr5DQBuG3S0J4/6u+DVSI=
Received: (qmail 15012 invoked from network); 22 Dec 2025 22:00:24 -0000
Received: from traffic.lightning.net (HELO ?172.16.2.5?) (ralph@lightning.net@209.51.160.8) by mailhost.lightning.net with ESMTPA; 22 Dec 2025 22:00:24 -0000
Content-Type: multipart/alternative; boundary="------------j2Qn9Zfd4YBISBMyCkPM9ADg"
Message-ID: <30747a48-1408-492b-bbc0-77f7526a3cb0@he.net>
Date: Mon, 22 Dec 2025 17:00:23 -0500
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: sidrops@ietf.org
References: <CAO367rWV4rsnSM9jYG3N1hfPjq8mhqn36m0SLzO9eF6QZAgQ9g@mail.gmail.com> <ab35bfd7-4ac8-4a0f-990c-f4f66bbb9627@he.net> <c2c4ef74-8c26-4a42-b667-555acbbf3532@he.net> <228ff33f-ddb0-46c5-aadf-7b742554165e@he.net> <4df00da3-0ffd-4b58-8671-9aa28ac14fb7@he.net> <ff478e6b-ba0d-47a2-92b7-7b94f7124756@he.net> <aUjTEw4hDo1Xji2t@TomH-498551.lan> <7fc574e2-5781-404b-b0d4-d2fabb9666b2@he.net> <2aa62837-b672-4b1b-8755-c9a7cfd6d7a7@he.net>
Content-Language: en-US
From: Ralph Covelli <rcovelli@he.net>
In-Reply-To: <2aa62837-b672-4b1b-8755-c9a7cfd6d7a7@he.net>
Message-ID-Hash: MSU2GMCJVKW3DUR7C24XZ66APVXDWDZY
X-Message-ID-Hash: MSU2GMCJVKW3DUR7C24XZ66APVXDWDZY
X-MailFrom: rcovelli@he.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-sidrops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is ambiguous session mismatch handling
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/kgmmepLSzGd8GBu0GWj72cMdTxs>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Owner: <mailto:sidrops-owner@ietf.org>
List-Post: <mailto:sidrops@ietf.org>
List-Subscribe: <mailto:sidrops-join@ietf.org>
List-Unsubscribe: <mailto:sidrops-leave@ietf.org>

Correction:

Whenever you are willing to RESET your serial number you should also be 
willing to RESET your session ID number.

Ralph Covelli
Network Engineer
Hurricane Electric / AS6939

On 12/22/2025 4:55 PM, Ralph Covelli wrote:
>
> Also to simplify things on the router side you could do things like this:
>
> Whenever you are willing to update your serial number you should also 
> be willing to update your session ID number.
>
> Its harmless in the case of the session ID not changing and it catches 
> the change when an RTR cache server has restarted while you were 
> disconnected from it.
>
> Thanks!
>
> Ralph Covelli
> Network Engineer
> Hurricane Electric / AS6939
> On 12/22/2025 4:14 PM, Ralph Covelli wrote:
>>
>> Hi Tom!
>>
>> Big fan of your section 11 changes! :-)
>>
>> If you remove the wording you leave a hole behind.
>>
>> Section 5.1:
>>
>>        ... If, at any time after the
>>        protocol version has been negotiated (Section 7), either the
>>        router or the cache finds that the value of the Session ID is not
>>        the same as the other's, the party which detects the mismatch MUST
>>        immediately terminate the session with an Error Report PDU with
>>        code 0 ("Corrupt Data"), and the router MUST flush all data
>>        learned from that cache.
>>
>> If the session ID changes *after* protocol negotiations something has 
>> gone horribly wrong and we should error and terminate.  I agree with 
>> this.
>>
>> What do we do if session ID's do not match DURING negotiations?  It's 
>> never stated what to do.
>>
>> A session ID changing in the middle of a session is a bad thing and 
>> shouldn't happen.  However session IDs changing BETWEEN sessions is 
>> NOT a protocol violation.  It means the RTR cache restarted while you 
>> were disconnected from it.
>>
>> This is a Cache Reset condition similar to falling out of the 
>> sequence window, NOT a protocol violation.
>>
>> Thanks!
>>
>> Ralph Covelli
>> Network Engineer
>> Hurricane Electric / AS6939
>> On 12/22/2025 12:11 AM, Tom Harrison wrote:
>>> On Sat, Dec 20, 2025 at 09:41:46PM -0500, Ralph Covelli wrote:
>>>> On 12/20/2025 9:29 PM, Ralph Covelli wrote:
>>>>> On 12/20/2025 9:05 PM, Ralph Covelli wrote:
>>>>>> On 12/20/2025 8:54 PM, Ralph Covelli wrote:
>>>>>>> On 12/17/2025 1:46 PM, Ralph Covelli wrote:
>>>>>>>> On 12/17/2025 8:38 AM, Marco Marzetti wrote:
>>>>>>>>> Dear members of the SIDROPS WG,
>>>>>>>>>
>>>>>>>>> I am working on a Python implementation of a RTR Cache,
>>>>>>>>> and I noticed some ambiguity around how session mismatch
>>>>>>>>> should be handled.
>>>>>>>>>
>>>>>>>>> At 5.1. (Fields of a PDU) the draft states that:
>>>>>>>>>
>>>>>>>>>      If, at any time after the
>>>>>>>>>      protocol version has been negotiated (Section 7), either the
>>>>>>>>>      router or the cache finds that the value of the Session ID is not
>>>>>>>>>      the same as the other's, the party which detects the mismatch MUST
>>>>>>>>>      immediately terminate the session with an Error Report PDU with
>>>>>>>>>      code 0 ("Corrupt Data"), and the router MUST flush all data
>>>>>>>>>      learned from that cache.
>>>>>>>>>
>>>>>>>>> While at 5.3. (Serial Query), the it states:
>>>>>>>>>
>>>>>>>>>     The Session ID tells the cache what instance the router expects to
>>>>>>>>>     ensure that the Serial Numbers are commensurate, i.e., the cache
>>>>>>>>>     session has not been changed.  If the Session ID does not match, the
>>>>>>>>>     cache MUST respond with a Cache Reset.
>>>>>>>>>
>>>>>>>>> Does that mean that the Cache should send the Error
>>>>>>>>> Report PDU in all cases but not in response to a Serial
>>>>>>>>> Query?
>>>>>>>> The 5.3 wording was added because of me.  Perhaps it can use
>>>>>>>> a little more tweaking.
>>>>>>>>
>>>>>>>> Both Reset Queries and Serial Queries can be the first command issued.
>>>>>>>>
>>>>>>>> When the Serial Query is the *first command issued* and the
>>>>>>>> session ID numbers do not match the RTR cache, then the RTR
>>>>>>>> cache should send a Cache Reset.
>>>>>>>>
>>>>>>>> If a later Serial Query is issued and the session ID number
>>>>>>>> somehow changes the RTR cache must terminate the session.
>>> I think the extra text that was added in 5.3 should instead be
>>> removed, for a few reasons:
>>>
>>>   - It's more consistent with RFC 8210.
>>>   - It simplifies the implementation for both the client and the
>>>     server, since there is no need to distinguish different session ID
>>>     mismatch scenarios.
>>>   - If a cache or a router sees an unexpected session ID, then some
>>>     sort of error has occurred (e.g. cache has lost the data for a
>>>     previously-established session).  Compare e.g. a serial query for a
>>>     serial number that is no longer available due to the removal of
>>>     stale data, which is not an error as such.
>>>   - It is not clear what advantage is gained by having the cache send
>>>     a Cache Reset when it receives an unexpected/unknown session ID.
>>>
>>> -Tom
>>>
>>> _______________________________________________
>>> Sidrops mailing list --sidrops@ietf.org
>>> To unsubscribe send an email tosidrops-leave@ietf.org
>>
>> _______________________________________________
>> Sidrops mailing list --sidrops@ietf.org
>> To unsubscribe send an email tosidrops-leave@ietf.org
>
> _______________________________________________
> Sidrops mailing list --sidrops@ietf.org
> To unsubscribe send an email tosidrops-leave@ietf.org

v2.39.1 | Report a Bug | By Email | System Status