Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

xds nonce is reused between xds streams #30155

Closed
kyessenov opened this issue Oct 12, 2023 · 1 comment · Fixed by #30206
Closed

xds nonce is reused between xds streams #30155

kyessenov opened this issue Oct 12, 2023 · 1 comment · Fixed by #30206
Labels
area/xds bug

Comments

@kyessenov
Copy link
Contributor

kyessenov commented Oct 12, 2023
edited
Loading

Using SotW xDS:


[client 19:55:28.305][296173][debug][router] [external/envoy/source/common/router/router.cc:520] [Tags: "ConnectionId":"0","StreamId":"5851133085805278286"] cluster 'xds_cluster' match for URL '/envoy.service.discovery.v3.AggregatedDiscoveryService/StreamAggregatedResources'
[client 19:55:28.306][296173][debug][router] [external/envoy/source/common/router/router.cc:732] [Tags: "ConnectionId":"0","StreamId":"5851133085805278286"] router decoding headers:
':method', 'POST'
':path', '/envoy.service.discovery.v3.AggregatedDiscoveryService/StreamAggregatedResources'
':authority', 'xds_cluster'
':scheme', 'http'
'te', 'trailers'
'content-type', 'application/grpc'
'x-envoy-internal', 'true'
'x-forwarded-for', '192.168.97.199'

[client 19:55:28.306][296173][debug][pool] [external/envoy/source/common/conn_pool/conn_pool_base.cc:265] [Tags: "ConnectionId":"0"] using existing fully connected connection
[client 19:55:28.306][296173][debug][pool] [external/envoy/source/common/conn_pool/conn_pool_base.cc:182] [Tags: "ConnectionId":"0"] creating stream
[client 19:55:28.306][296173][debug][router] [external/envoy/source/common/router/upstream_request.cc:563] [Tags: "ConnectionId":"0","StreamId":"5851133085805278286"] pool ready
[client 19:55:28.306][296173][trace][pool] [external/envoy/source/common/conn_pool/conn_pool_base.cc:131] not creating a new connection, shouldCreateNewConnection returned false.
[client 19:55:28.306][296173][trace][router] [external/envoy/source/common/router/upstream_codec_filter.cc:61] [Tags: "ConnectionId":"0","StreamId":"5851133085805278286"] proxying headers
[client 19:55:28.306][296173][trace][http2] [external/envoy/source/common/http/http2/codec_impl.cc:1315] [Tags: "ConnectionId":"0"] about to send frame type=1, flags=4
[client 19:55:28.306][296173][trace][http2] [external/envoy/source/common/http/http2/codec_impl.cc:1337] [Tags: "ConnectionId":"0"] send data: bytes=75
[client 19:55:28.306][296173][trace][connection] [external/envoy/source/common/network/connection_impl.cc:529] [Tags: "ConnectionId":"0"] writing 75 bytes, end_stream false
[client 19:55:28.306][296173][trace][http2] [external/envoy/source/common/http/http2/codec_impl.cc:1208] [Tags: "ConnectionId":"0"] sent frame type=1, stream_id=3, length=66
[client 19:55:28.306][296173][trace][http] [external/envoy/source/common/http/filter_manager.cc:572] [Tags: "ConnectionId":"0","StreamId":"5851133085805278286"] decode headers called: filter=envoy.filters.http.upstream_codec status=0
[client 19:55:28.310][296173][trace][config] [external/envoy/source/extensions/config_subscription/grpc/grpc_mux_impl.cc:123] Sending DiscoveryRequest for type.googleapis.com/envoy.config.cluster.v3.Cluster: version_info: "0"  type_url: "type.googleapis.com/envoy.config.cluster.v3.Cluster" response_nonce: "1"
[client 19:55:28.311][296173][trace][router] [external/envoy/source/common/router/upstream_codec_filter.cc:93] [Tags: "ConnectionId":"0","StreamId":"5851133085805278286"] proxying 34156 bytes```

As you can see on re-connect, response_nonce is set to "1" which is from the previous xDS stream. This is a violation of xDS which states that nonce does not survive stream restarts.

CC @adisuissa
@kyessenov kyessenov added bug triage Issue requires triage area/xds and removed triage Issue requires triage labels Oct 12, 2023
@kyessenov
Copy link
Contributor Author

Probably related to #15767

@kyessenov kyessenov mentioned this issue Oct 13, 2023
Closed
12 tasks
@adisuissa adisuissa mentioned this issue Oct 14, 2023
Merged
htuch pushed a commit that referenced this issue Oct 18, 2023
@adisuissa
xds-sotw: reset nonce when reconnecting (#30206)
525b1d2 
Similar to #16037, this PR resets the nonce after reconnection for SotW.
This change is a bug fix that ensures SotW behaves according to the xDS protocol.

Risk Level: low
Testing: Added a test.
Docs Changes: N/A.
Release Notes: Added.

Fixes: #30155

Signed-off-by: Adi Suissa-Peleg <adip@google.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/xds bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

xds-sotw: reset nonce when reconnecting adisuissa/envoy
1 participant
@kyessenov