@brocaar I’ve faced the same problem and read LoRaWAN spesification then. dev-nonce is persistent data and stored in postgresql. It’s enforced to prevent replay attacks. Our problem is that:
- End node sends join request and it’s relayed to network server successfully.
- Network server sends join accept then.
- Our device is in faulty situation( cannot activate), sends join -request again.
- This cycle repeats itself.
The main problem is our device. We fixed it and sent it to the field but dev-nonce values are still there. Postgresql has stored nearly 20000 dev-nonce values (per faulty device) and failure rate for activation will be around 30%. Some values are from 4 months ago.
My suggestion is that dev-nonce values older than a certain age (1 month) can be deleted automatically. This will make the stack more self-sufficient and not compromise security also.