Net Panic

The basic criterion for detecting a loop in the net topology is that on a bus, there are two alpha portals, i.e. the bus has either outgoing edges or an outgoing edge and the prime portal in one net tree. It is perhaps not surprising that, after some net topology changes, it can also be the case that a loop exists in the network for which the criterion does not hold: all buses on the loop have exactly one outgoing edge in the net tree but the prime portal itself is not there. This can be recognised by observing the information of the distance of each portal to the root bus in the net tree. There must be at least one bus with an outgoing edge with a larger distance than a corresponding incoming edge. See the following figure.

In this situation, the net update algorithm does not terminate, but keeps being executed on consecutive buses in the loop, and the distances keep increasing. This is a major error. Attempts to fix net update by undirecting the incoming or the outgoing edge failed. Finally, in consultation with the ballot response committee, a separate net panic algorithm was added to the net update functionality, with the property of resetting all information in each bridge portal in the net to the initial values. This means that each bridge is directed in the net tree and one of the two portals in each bridge is the prime portal, and no bus tree is in use. Obviously, when net panic completes and more than one bridge is present in the net, the spanning trees are not correct, hence net update must be started again to sort out the net tree, followed by bus enumeration to span new bus trees. The net panic algorithm consists of the following steps.

0. Stop bridge functionality: The portal presents itself on the bus as though it has no 1394.1 functionality. To step 1, 2 or 3, depending on the net panic start condition (see below).
1. The bus must panic: The portal broadcasts a panic message to all portals on the bus. To step 2.
2. Observe the bus: With IEEE 1394 functionality, the portal observes if all portals have now stopped acting as a bridge. If so, to step 3, otherwise back to step 1.
3. Co-portal must panic: A panic message is sent to the co-portal to inform it that net panic has completed on this bus. To step 4.
4. Co-portal finished: As soon as a panic message has been received from the co-portal as well (this may have happened during an earlier step), the portal initialises all net update information and starts net update.

The net panic algorithm is started whenever one of the following is true.

• Looping condition Upon completion of step 1 of the net update algorithm, it can be determined whether the alternative looping situation mentioned above occurs (this is done by the coordinator). The net panic condition holds if there are two edges with the same net identity, such that one is an outgoing edge and the other is an incoming or undirected edge, and the distance of the former's local portal is larger than the distance of the latter's local portal.
  Net panic is started with step 0, and continued with step 1.
• Unexpected prime If a portal receives a new net identity which is equal to its own unique identity, but the corresponding distance is not 0, then either non-termination of net update will follow (if a loop exists in the topology) or net update will terminate but in an inconsistent state (otherwise). In either case, net panic must remedy the situation. Net panic is started with step 0, and continued with step 1.
• Net size too large In very extreme and rare scenarios, neither of the above two conditions may occur although net update does not terminate. In that case the only way to signal this is the ever-increasing value of the distance to the root bus in the net tree. If during net update, a bridge is adjusted such that its net identity changes, and the distance at the outgoing end exceeds the maximum net size of 1023 buses, net panic must be started. Net panic with is started step 0, and continued with step 1.
• Panic message received If a portal receives a panic message while it is not executing net panic yet, it must do so. If panic was received over the bus, then the distance is copied, net panic is started with step 0, and continued with step 2. If received over the bridge, then the distance is copied and incremented by 1. If the new distance is less than 1023 (maximal net size), then net panic is started with step 0, and continued with step 1, otherwise net panic is started with step 0, and continued with step 3.

Note that the net panic message carries a parameter indicating the distance to the bus on which the algorithm was originally started. In this way the algorithm is guaranteed to stop by respecting the maximum size of the network.