refactor(iroh, iroh-relay)!: Relay should not kill old connections when same endpoint id connects

[Frando]

Description

When the iroh relay receives a connection from an endpoint to which it already has a connection, it currently drops the old one immediately. The old endpoint did not receive any indication as to why its connection was dropped, so it would reconnect again right away. The connection would succeed: Now it was its turn to be accepted, and the other endpoint would be dropped from the relay. This back-and-forth loop would continue infinitely.

This PR changes this in the following way:

• When a relay server receives a connection from an endpoint it for which it already has a connection, the new connection becomes the target for all future messages.
• The old connection however is not dropped. Instead, it is continued until the client stops the connection. The client can still send messages, but it won't receive any further messages.
• When a connection is moved into this "inactive" state, the server sends a final Health message to the client, with a text string informing the client that it is now inactive because another endpoint connected. In iroh, we warn! log this message.
• When an active client disconnects, and there is an inactive client, the lastest inactive client will be promoted to active again

Breaking Changes

• iroh_relay::server::client::RunError variants changed

Notes & open questions

• I'd prefer to add a typed frame for the Health issue. However, adding new frames to the relay protocol currently will break all older clients. Therefore, this uses the stringly health frame for now.
• We might want to discuss further changes, i.e. if the "old" endpoint should maybe do something more heavy than just logging a warn message. It will be in a weird state onwards: It still can send messages to other endpoints over the relay, but will never receive responses. This means that all connection attempts that go over the relay will time out.

Change checklist

• Self-review.
• Documentation updates following the style guide, if relevant.
• Tests if relevant.
• All breaking changes documented.
  • List all breaking changes in the above "Breaking Changes" section.
  • Open an issue or PR on any number0 repos that are affected by this breaking change. Give guidance on how the updates should be handled or do the actual updates themselves. The major ones are:
    • quic-rpc
    • iroh-gossip
    • iroh-blobs
    • dumbpipe
    • sendme

Fixes #3813

[github-actions]

Documentation for this PR has been generated and is available at: https://n0-computer.github.io/iroh/pr/3921/docs/iroh/

Last updated: 2026-02-20T12:16:58Z

[dignifiedquire]

this screams flakiness, can we detect this differently?

[Frando]

Currently, no. Maybe online should only resolve once we're actually connected to the home relay?

[dignifiedquire]

yeah, potentially that would make sense

[Frando]

I pushed a change to the test that uses a log assertion instead of a timeout, so this can't flake anymore.

I'd like to leave adding a proper API for this to a followup though as it really is unrelated to the change in this PR.

[dignifiedquire]

can't we check this differently than log assertions? :/

[Frando]

Currently, no. There's nothing on the endpoint to check relay status. Maybe there should be.

[ramfox]

lgtm! especially with the proposed follow ups.

[github-actions]

Netsim report & logs for this PR have been generated and is available at: LOGS
This report will remain available for 3 days.

Last updated for commit: f8406c1