I came across this while researching test failures for CDRIVER-2961. In test_bulk_max_msg_size, the test suite builds a bulk write around the 48MB message size and I was originally accounting for the "txnNumber" (for retryWrites=true) based on whether a session ID was also being appended. I observed various test failures on standalone environments and ultimately observed that libmongoc was adding lsid to all outgoing commands sent with OP_MSG (unless sessions were unavailable due to lack of crypto). I was able to quickly observe this using APM in the PHP driver with libmongoc 1.13.0, although I expect this issue dates back to 1.9.0 when sessions were introduced.

Sending the session ID to the server on all commands only specifies that drivers MUST set the lsid field if a deployment supports sessions, but does not explicitly prohibit including lsid otherwise. Interestingly, standalone servers don't seem to complain about the field and likely ignore it.

While including the lsid is probably harmless, I'm not sure if we're missing a chance to raise a client-side error in the event the user is trying to specify an explicit session on an outgoing command and the topology does not support it.