RPKI protocol is loop starting if the min version is not available

Mon Dec 16 17:23:46 CET 2024

On Mon, Dec 16, 2024 at 01:31:03PM +0100, Alarig Le Lay via Bird-users wrote:
> Hello,
> 
> Following the 2.16 release with ASPA support, I tried to play with it.
> So I tried to connect a bird instance to a RTR server with version 2 as
> stated by https://bird.network.cz/?get_doc&v=20&f=bird-6.html#ss6.16
> > The same protocol, since version 2, also receives and maintains a set
> > of ASPAs. You can then validate AS paths using function aspa_check()
> > in (import) filters.
> 
> It seems that I misconfigured my routinator, but instead of an error
> with a timer, it tries to reconnect right away, which fail again, etc.

Hello

So if i undestand it correctly, if you put both 'min version 2' and
'max version 2', it failed? (that is expected if the peer does not support
version 2)

If you remove that option or put lower number it worked?

I see here two issues:

1) There should be some timeout between retries.

2) The RPKI protocol outline in documentation should not contain 'min
version 2' but 'min version <num>' as it is just an outline of options,
not an example.

Is that what you mean?

Also it is funny that Routinator answered with:
'only versions 0 up to and including MAX_VERSION supported'
without stating what is the MAX_VERSION.

> Here are the logs:
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3: Connected
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3.roa4: State changed to UP
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3.roa6: State changed to UP
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3.aspa: State changed to UP
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3: State changed to up
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3: Changing from Connecting to Sync-Start state
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3: Sending Reset Query packet
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3: Received Error packet (Unsupported-Protocol-Version: 'only versions 0 up to and including MAX_VERSION supported', Reset Query packet: 02 02 00 00 00 00 00 08)
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3: Client uses unsupported protocol version
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3: Got UNSUPPORTED_PROTOCOL_VER error PDU with invalid values, current version: 2, PDU version: 1
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3: Changing from Sync-Start to Fatal-Protocol-Error state
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3.roa4: State changed to FLUSHING
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3.roa6: State changed to FLUSHING
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3.aspa: State changed to FLUSHING
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3: State changed to flush
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3.roa4: State changed to DOWN
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3.roa6: State changed to DOWN
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3.aspa: State changed to DOWN
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3: State changed to down
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3: Starting
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3: Changing from Down to Connecting state
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3: Opening a connection
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3: State changed to start
> Dec 16 13:27:54 edge03-stolon bird: rpki_rr3: Connected
> 
> And here is the config I used:
> protocol rpki rpki_rr3 {
>         debug all;
>         roa4 { table r4; };
>         roa6 { table r6; };
>         aspa { table at; };
> 
>         remote "rr3.swordarmor.fr";
>         min version 2;
>         max version 2;
>         disabled;
> }
> 
> -- 
> Alarig

-- 
Elen sila lumenn' omentielvo

Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
"To err is human -- to blame it on a computer is even more so."