lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.DEB.1.10.0811070529550.10993@uplift.swm.pp.se>
Date:	Fri, 7 Nov 2008 05:46:28 +0100 (CET)
From:	Mikael Abrahamsson <swmike@....pp.se>
To:	David Miller <davem@...emloft.net>
cc:	daniel.blueman@...il.com, linux-kernel@...r.kernel.org,
	netdev@...r.kernel.org, linux-net@...r.kernel.org
Subject: Re: time for TCP ECN defaulting to on?

On Wed, 5 Nov 2008, David Miller wrote:

> This kind of thinking just perpetuates the problem forever.

Well, I also think IPv6 breaks things for some people (mostly buggt DNS 
resolvers) but I wholly support this being default on. The ISP business is 
going in the direction of faster links and smaller interface buffers, 
meaning WRED is used less and less, thus lessening the benefit of ECN.

I see that in 
<http://www.icir.org/floyd/papers/draft-ietf-tsvwg-tcp-ecn-00.txt> there 
is a recommendation to not use ECN on retransmits, is there code right now 
(or planned) to do some kind of "ECN blackhole detection", ie if no 
response is received to SYN with ECN set, continue by sending the second 
SYN without ECN and keep this information for the duration of the TCP 
session?

If there is, I do agree with you that enabling ECN by default is a good 
idea. Without such code, I still believe there are enough broken devices 
out there that will create problems for people.

It's like the TCP option order "bug", where some devices would drop the 
packets because of buggy implementations, that was changed in Linux to 
work around others buggy code, and I see "ECN blackhole detection" as a 
similar measure.

-- 
Mikael Abrahamsson    email: swmike@....pp.se
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ