Having once again fallen into the ECN-enabled-on-new-kernel-breaks-everything-trap, I was wondering if: a) ECN is actually useful; b) Eventually, everyone will upgrade their routers; c) There's a way to automagically fall back to non-ECN TCP, if you see what I mean, instead of having to manually disable/enable it each time. -- Juha Saarinen - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Thu, Jun 27, 2002 at 10:57:42AM +1200, Juha Saarinen wrote:
Having once again fallen into the ECN-enabled-on-new-kernel-breaks-everything-trap, I was wondering if:
a) ECN is actually useful;
Yes, it is. You get a lot of resends at high link utilisation using RED, and if you use RED+ECN then you can limit the resends, and have higher effective link utilisation.
b) Eventually, everyone will upgrade their routers;
I doubt it :) Some equipment still fails on the rfc1323 extensions. (large window scaling etc; the high performance extensions) I hope that everyone that *matters* fixes the problem in the next few years though.
c) There's a way to automagically fall back to non-ECN TCP, if you see what I mean, instead of having to manually disable/enable it each time.
There's a proposal where if you receive a RST after sending a SYN packet with ECN enabled you send another SYN packet without ECN enabled for that connection. This should alleviate the issues. I seem to recall at least one of the BSDs using this method; which one has ECN patches? Ben. - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Thu, Jun 27, 2002 at 03:18:28PM +1200, Ben Aitchison wrote: There's a proposal where if you receive a RST after sending a SYN packet with ECN enabled you send another SYN packet without ECN enabled for that connection. In my experience *these* days, most ECN incompatible firewalls seem to drop the packet silently, so this doesn't work. Earlier on, of the popular firewalls, the cisco PIX did send back RST when running oldish firmware, but it seems most people inflicted with these have since upgraded. --cw - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Wed, Jun 26, 2002 at 09:28:20PM -0700, Chris Wedgwood wrote:
On Thu, Jun 27, 2002 at 03:18:28PM +1200, Ben Aitchison wrote:
There's a proposal where if you receive a RST after sending a SYN packet with ECN enabled you send another SYN packet without ECN enabled for that connection.
In my experience *these* days, most ECN incompatible firewalls seem to drop the packet silently, so this doesn't work.
Earlier on, of the popular firewalls, the cisco PIX did send back RST when running oldish firmware, but it seems most people inflicted with these have since upgraded.
If the problem is usually on end-point firewalls, it may be pratical to remember if a host works with ECN or not, and to use some kind of timeout system; but that'd give an annoying delay if ECN wasn't enabled, and when you don't know the RTT how do you guess how long to wait? Actually if ECN was enabled just to parent smarthosting mail servers, and explicit proxy servers (both forward and reverse) then a large percentage of gain should be had. Ben. - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Thu, Jun 27, 2002 at 04:37:39PM +1200, Ben Aitchison wrote: Actually if ECN was enabled just to parent smarthosting mail servers, and explicit proxy servers (both forward and reverse) then a large percentage of gain should be had. Except most people over here don't use or beleive in proxy servers (in the sense of web-cache anyhow). It's usually easier to educate problematic sites. This usually works pretty well, for example: I emailed a vendor about this over a year ago, they came back quickly and asked more about ECN (it was a draft then and they hadn't apparently heard of it) and within 24-hours reported they had fixed the problem and pending testing the fixes would make the next release cycle. --cw - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
participants (3)
-
Ben Aitchison -
Chris Wedgwood -
Juha Saarinen