introduce propagation stopper

gateway/gateway.go

@@ -448,17 +448,21 @@ func (g *Gateway) Run(ctx context.Context) error {
 		return serrors.WrapStr("unable to generate TLS config", err)
 	}
 
-	// scionNetwork is the network for all SCION connections, with the exception of the QUIC server
-	// connection.
-	scionNetwork := &snet.SCIONNetwork{
+	// scionNetworkNoSCMP is the network for the QUIC server connection. Because SCMP errors
+	// will cause the server's accepts to fail, we ignore SCMP.
+	scionNetworkNoSCMP := &snet.SCIONNetwork{
 		LocalIA: localIA,
 		Dispatcher: &snet.DefaultPacketDispatcherService{
 			// Enable transparent reconnections to the dispatcher
 			Dispatcher: reconnectingDispatcher,
-			// Forward revocations to Daemon
-			SCMPHandler: snet.DefaultSCMPHandler{
-				RevocationHandler: revocationHandler,
-				SCMPErrors:        g.Metrics.SCMPErrors,
+			// Discard all SCMP propagation, to avoid accept/read errors on the
+			// QUIC server/client.
+			SCMPHandler: snet.SCMPPropagationStopper{
+				Handler: snet.DefaultSCMPHandler{
+					RevocationHandler: revocationHandler,
+					SCMPErrors:        g.Metrics.SCMPErrors,
+				},
+				Log: log.FromCtx(ctx).Debug,
 			},
 			SCIONPacketConnMetrics: g.Metrics.SCIONPacketConnMetrics,
 		},
@@ -467,7 +471,7 @@ func (g *Gateway) Run(ctx context.Context) error {
 
 	// Initialize the UDP/SCION QUIC conn for outgoing Gateway Discovery RPCs and outgoing Prefix
 	// Fetching. Open up a random high port for this.
-	clientConn, err := scionNetwork.Listen(
+	clientConn, err := scionNetworkNoSCMP.Listen(
 		context.TODO(),
 		"udp",
 		&net.UDPAddr{IP: g.ControlClientIP},
@@ -511,6 +515,23 @@ func (g *Gateway) Run(ctx context.Context) error {
 				"remote_isd_as", ia.String())
 		}
 	}
+
+	// scionNetwork is the network for all SCION connections, with the exception of the QUIC server
+	// and client connection.
+	scionNetwork := &snet.SCIONNetwork{
+		LocalIA: localIA,
+		Dispatcher: &snet.DefaultPacketDispatcherService{
+			// Enable transparent reconnections to the dispatcher
+			Dispatcher: reconnectingDispatcher,
+			// Forward revocations to Daemon
+			SCMPHandler: snet.DefaultSCMPHandler{
+				RevocationHandler: revocationHandler,
+				SCMPErrors:        g.Metrics.SCMPErrors,
+			},
+			SCIONPacketConnMetrics: g.Metrics.SCIONPacketConnMetrics,
+		},
+		Metrics: g.Metrics.SCIONNetworkMetrics,
+	}
 	remoteMonitor := &control.RemoteMonitor{
 		IAs:                   remoteIAsChannel,
 		RemotesMonitored:      rmMetric,
@@ -550,19 +571,6 @@ func (g *Gateway) Run(ctx context.Context) error {
 	}()
 	logger.Debug("Remote monitor started.")
 
-	// scionNetworkNoSCMP is the network for the QUIC server connection. Because SCMP errors
-	// will cause the server's accepts to fail, we ignore SCMP.
-	scionNetworkNoSCMP := &snet.SCIONNetwork{
-		LocalIA: localIA,
-		Dispatcher: &snet.DefaultPacketDispatcherService{
-			// Enable transparent reconnections to the dispatcher
-			Dispatcher: reconnectingDispatcher,
-			// Discard all SCMP, to avoid accept errors on the QUIC server.
-			SCMPHandler:            ignoreSCMP{},
-			SCIONPacketConnMetrics: g.Metrics.SCIONPacketConnMetrics,
-		},
-		Metrics: g.Metrics.SCIONNetworkMetrics,
-	}
 	serverConn, err := scionNetworkNoSCMP.Listen(
 		context.TODO(),
 		"udp",

pkg/snet/dispatcher.go

@@ -143,3 +143,24 @@ func (h *DefaultSCMPHandler) handleSCMPRev(typeCode slayers.SCMPTypeCode,
 	}
 	return &OpError{typeCode: typeCode, revInfo: revInfo}
 }
+
+// SCMPPropagationStopper wraps an SCMP handler and stops propagation of the
+// SCMP errors up the stack. This can be necessary if the client code aborts on
+// unexpected errors. This is a temporary solution until we address
+// https://github.com/scionproto/scion/issues/4389.
+//
+// EXPERIMENTAL: This handler is experimental and may be removed in the future.
+type SCMPPropagationStopper struct {
+	// Handler is the wrapped handler.
+	Handler SCMPHandler
+	// Log is an optional function that is called when the wrapped handler
+	// returns an error and propagation is stopped.
+	Log func(msg string, ctx ...any)
+}
+
+func (h SCMPPropagationStopper) Handle(pkt *Packet) error {
+	if err := h.Handler.Handle(pkt); err != nil && h.Log != nil {
+		h.Log("Stopped SCMP error propagation", "err", err)
+	}
+	return nil
+}

pkg/snet/squic/net.go

@@ -350,6 +350,12 @@ type ConnDialer struct {
 	// Conn is the transport to initiate QUIC Sessions on. It can be shared
 	// between clients and servers, because QUIC connection IDs are used to
 	// demux the packets.
+	//
+	// Note: When creating the transport, ensure that the SCMP errors are not
+	// propagated. You can for example use
+	// [github.com/scionproto/scion/pkg/snet.SCMPPropagationStopper]. Otherwise,
+	// the QUIC transport will close the listening side on SCMP errors and enter
+	// a broken state.
 	Transport *quic.Transport
 	// TLSConfig is the client's TLS configuration for starting QUIC connections.
 	TLSConfig *tls.Config

private/app/appnet/infraenv.go

@@ -339,8 +339,13 @@ func (nc *NetworkConfig) initQUICSockets() (net.PacketConn, net.PacketConn, erro
 	clientNet := &snet.SCIONNetwork{
 		LocalIA: nc.IA,
 		Dispatcher: &snet.DefaultPacketDispatcherService{
-			Dispatcher:             dispatcherService,
-			SCMPHandler:            nc.SCMPHandler,
+			Dispatcher: dispatcherService,
+			// Discard all SCMP propagation, to avoid read errors on the QUIC
+			// client.
+			SCMPHandler: snet.SCMPPropagationStopper{
+				Handler: nc.SCMPHandler,
+				Log:     log.Debug,
+			},
 			SCIONPacketConnMetrics: nc.SCIONPacketConnMetrics,
 		},
 		Metrics: nc.SCIONNetworkMetrics,

scion-pki/certs/renew.go

@@ -745,8 +745,11 @@ func (r *renewer) requestRemote(
 		LocalIA: local.IA,
 		Dispatcher: &snet.DefaultPacketDispatcherService{
 			Dispatcher: reliable.NewDispatcher(r.Disatcher),
-			SCMPHandler: snet.DefaultSCMPHandler{
-				RevocationHandler: daemon.RevHandler{Connector: r.Daemon},
+			SCMPHandler: snet.SCMPPropagationStopper{
+				Handler: snet.DefaultSCMPHandler{
+					RevocationHandler: daemon.RevHandler{Connector: r.Daemon},
+				},
+				Log: log.FromCtx(ctx).Debug,
 			},
 		},
 	}