Routing State Errors State machines rely on er_NoRSM error messages to trigger recovery from some failure conditions E.g. lost Confirm messages However, er_NoRSM can happen in more pathological cases where the recovery described doesn’t work E.g. peer node reboots aren’t handled right in a number of cases Probably need to do a simple ‘clean start’ on er_NoRSM, i.e. go back to initial Query Some discussion on security impacts How much do we care that er_NoRSM allows a node to inventory what routing state exists How to avoid DoS attacks (cf. TCP RST or ICMP unreach) Depends on SID randomness |