| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 Oct 2014 23:15:01 +0100 From: Florian Westphal <fw@...len.de> To: Eric Dumazet <eric.dumazet@...il.com> Cc: Florian Westphal <fw@...len.de>, David Miller <davem@...emloft.net>, netdev@...r.kernel.org Subject: Re: [PATCH -next 0/2] net: allow setting ecn via routing table Eric Dumazet <eric.dumazet@...il.com> wrote: > On Thu, 2014-10-30 at 21:52 +0100, Florian Westphal wrote: > > > So, what about changing the default to 1 in net-next? > > > > We could add automatic 'no-ecn' to retransmitted syns to avoid > > ecn blackholes (Daniel Borkmann has a patch for this), and, in case > > ecn=1 causes too much breakage we can always revert (and re-consider ecn > > per route settings as an intermediate step). > > > > What do you think? > > I think this is way too dangerous. > > I played a lot with ECN in the past (and fixed number of bugs in linux) > and discovered many times I had to disable it to be able to surf the > Internet. [..] > Reverting might take a long long time, it wont help people stuck behind > buggy equipment. Do you think a fallback to non-ecn for retransmitted syns would help? If not, do you think having ecn tunable available via route is helpful? Thanks! -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists