[Sidrops] Re: draft-ietf-sidrops-8210bis-23 is ambiguous session mismatch handling
Ralph Covelli <rcovelli@he.net> Tue, 23 December 2025 03:27 UTC
Return-Path: <rcovelli@he.net>
X-Original-To: sidrops@mail2.ietf.org
Delivered-To: sidrops@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 3CB5B9E265E8 for <sidrops@mail2.ietf.org>; Mon, 22 Dec 2025 19:27:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=he.net
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SPxprHm9kuQx for <sidrops@mail2.ietf.org>; Mon, 22 Dec 2025 19:27:11 -0800 (PST)
Received: from mailhost.lightning.net (mailhost.lightning.net [209.51.160.9]) by mail2.ietf.org (Postfix) with SMTP id BDBE79E265E1 for <sidrops@ietf.org>; Mon, 22 Dec 2025 19:27:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=he.net; s=lightning; x=1767065225; i=rcovelli@he.net; h=Received: Received:Message-ID:Date:MIME-Version:User-Agent:Subject:To: References:Content-Language:From:In-Reply-To:Content-Type: Content-Transfer-Encoding; bh=TSzHNjrkUImshKp2/SRxqHp7fAyudOFFbs +8KwcBP44=; b=0rU86Souxn2b5x5Aq7khuihMZ6i266Nj6b77Yfny0OIqNtiE6I buEyKXT9vaVsP/8rEj3sNSgh2FANYuwT6YJfCcDi5zfTjpFRKPPTURyTJBsc7tJ6 SOKGhHtFGHUuKNUiN+v/cU0lL/KmwvGsWfNLK+YaD43JwtuR1qHehKFFI=
Received: (qmail 2332 invoked from network); 23 Dec 2025 03:27:05 -0000
Received: from traffic.lightning.net (HELO ?172.16.2.4?) (ralph@lightning.net@209.51.160.8) by mailhost.lightning.net with ESMTPA; 23 Dec 2025 03:27:05 -0000
Message-ID: <88f1cf70-94e7-41b1-b4bb-1e88fd88f319@he.net>
Date: Mon, 22 Dec 2025 22:28:28 -0500
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: sidrops@ietf.org
References: <CAO367rWV4rsnSM9jYG3N1hfPjq8mhqn36m0SLzO9eF6QZAgQ9g@mail.gmail.com> <ab35bfd7-4ac8-4a0f-990c-f4f66bbb9627@he.net> <c2c4ef74-8c26-4a42-b667-555acbbf3532@he.net> <228ff33f-ddb0-46c5-aadf-7b742554165e@he.net> <4df00da3-0ffd-4b58-8671-9aa28ac14fb7@he.net> <ff478e6b-ba0d-47a2-92b7-7b94f7124756@he.net> <aUjTEw4hDo1Xji2t@TomH-498551.lan> <7fc574e2-5781-404b-b0d4-d2fabb9666b2@he.net> <2aa62837-b672-4b1b-8755-c9a7cfd6d7a7@he.net> <30747a48-1408-492b-bbc0-77f7526a3cb0@he.net> <aUnYWRZyaefsrsOq@TomH-498551.lan>
Content-Language: en-US
From: Ralph Covelli <rcovelli@he.net>
In-Reply-To: <aUnYWRZyaefsrsOq@TomH-498551.lan>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Message-ID-Hash: ILHCDLW2B3MATLLHC7RKV6BOAYVPK2DZ
X-Message-ID-Hash: ILHCDLW2B3MATLLHC7RKV6BOAYVPK2DZ
X-MailFrom: rcovelli@he.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-sidrops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is ambiguous session mismatch handling
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/vdhUwUmx_8N8cp2Y21d4cJdgjGo>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Owner: <mailto:sidrops-owner@ietf.org>
List-Post: <mailto:sidrops@ietf.org>
List-Subscribe: <mailto:sidrops-join@ietf.org>
List-Unsubscribe: <mailto:sidrops-leave@ietf.org>
Hi Tom!
I should point out that this wording was not added by me. I pointed out
the hole in the logic to Randy Bush and he added the wording.
The problem is that the "existing behavior" is *not* clearly defined in
this case. Your testing confirms this. (thank you for taking the time
to look)
If you treat this condition as an error you will wind up unnecessarily
killing all of your router connections every time you reset the RTR cache.
In the end all roads lead to convergence:
With Cache Reset:
1) Router disconnects from RTR cache
2) RTR cache server restarts
3) Router connects to RTR cache and sends Serial Query
4) RTR cache sends Cache Reset to Router
5) Router syncs
With terminal Error:
1) Router disconnects from RTR cache
2) RTR cache server restarts
3) Router connects to RTR cache and sends Serial Query
4) RTR cache sends Error to Router and disconnects
5) Router connects to RTR cache and sends Reset Query
6) Router syncs
The Session ID appears to be designed to detect cache changes. This
should work both ways. Router to RTR cache and RTR cache to router.
Weather its treated with a Cache Reset or a Terminal Error, the
specific wording should be added to the document.
Thanks!
On 12/22/2025 6:46 PM, Tom Harrison wrote:
> Hi Ralph,
>
> On Mon, Dec 22, 2025 at 05:00:23PM -0500, Ralph Covelli wrote:
>> On 12/22/2025 4:55 PM, Ralph Covelli wrote:
>>> On Mon, Dec 22, 2025 at 04:14:41PM -0500, Ralph Covelli wrote:
>>>> Big fan of your section 11 changes! :-)
> Thanks, much appreciated.
>
>> If you remove the wording you leave a hole behind.
>>
>> Section 5.1:
>>
>> ... If, at any time after the protocol version has been
>> negotiated (Section 7), either the router or the cache finds
>> that the value of the Session ID is not the same as the
>> other's, the party which detects the mismatch MUST immediately
>> terminate the session with an Error Report PDU with code 0
>> ("Corrupt Data"), and the router MUST flush all data learned
>> from that cache.
>>
>> If the session ID changes *after* protocol negotiations something
>> has gone horribly wrong and we should error and terminate. I agree
>> with this.
>>
>> What do we do if session ID's do not match DURING negotiations? It's
>> never stated what to do.
> My reading of the text is such that version negotiation is complete as
> at the point that the cache has received a Reset Query or Serial Query
> PDU from the router and determined that it is able to support the
> version included in that PDU, because at that point the version to be
> used for further protocol interactions has been finalised. One
> counterargument I can see here is that section 7 includes two
> references to the cache responding with a Cache Response PDU, such
> that the sending of that response might be considered part of
> "protocol version negotiation". However, sections 8.3 and 8.4 make it
> clear that there are scenarios in which the cache is not required to
> respond with a Cache Response PDU, so I think the better reading of
> section 7 in this respect is that the Cache Response PDU references
> are just about describing what usually happens at that point, rather
> than being an attempt to bring the cache's sending of a response PDU
> within the scope of the version negotiation process.
>
> With the above reading, the text of section 5.1 applies as at the
> point where the cache is determining how to respond to the session
> initiation PDU from the router, as well as during subsequent
> interactions between the router and the cache.
>
>> A session ID changing in the middle of a session is a bad thing and
>> shouldn't happen. However session IDs changing BETWEEN sessions is
>> NOT a protocol violation. It means the RTR cache restarted while
>> you were disconnected from it.
>>
>> This is a Cache Reset condition similar to falling out of the
>> sequence window, NOT a protocol violation.
> I agree that a router initiating a session with a session ID unknown
> to the cache is not that far away from a router initiating a session
> with a serial for which the cache cannot provide an incremental
> update. However, for the reasons mentioned in my previous mail, I
> think the case for preserving the existing behaviour (at least per my
> reading) is stronger than the case for changing how this works.
>
> (FWIW, StayRTR 0.6.2 responds with an error PDU on an unknown session
> ID, while RTRTR 0.3 responds with a Cache Reset PDU. I haven't tested
> other implementations.)
>
> -Tom
>
> _______________________________________________
> Sidrops mailing list -- sidrops@ietf.org
> To unsubscribe send an email to sidrops-leave@ietf.org
- [Sidrops] draft-ietf-sidrops-8210bis-23 is ambigu… Marco Marzetti
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Job Snijders
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Ralph Covelli
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Ralph Covelli
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Ralph Covelli
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Ralph Covelli
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Ralph Covelli
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Tom Harrison
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Ralph Covelli
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Ralph Covelli
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Ralph Covelli
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Tom Harrison
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Ralph Covelli
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Ralph Covelli
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Tom Harrison
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Ralph Covelli
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Ralph Covelli
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Tom Harrison
- [Sidrops] Re: draft-ietf-sidrops-8210bis-23 is am… Ralph Covelli