Re: sysctl should disable ECN by default
On Wed, 5 Sep 2001, Steve Langasek wrote:
> On Wed, 5 Sep 2001, T.Pospisek's MailLists wrote:
>
> > On Wed, 5 Sep 2001, Guillaume Morin wrote:
>
> > > Dans un message du 05 sep à 14:37, Florian Weimer écrivait :
> > > > From a technical behavior, throwing away packets with unknown protocol
> > > > flags is perfectly acceptable in any case and even reasonable in some
> > > > environments.
>
> > > I would not call reasonable dropping packets carrying bits of a protocol
> > > rated as Proposed Standard by IETF.
>
> > The question is only if devices should be programmed in order to know
> > the future and it's potential proposed stadards by the IETF. Mind you I
> > don't know if the devices in question (websites, routers etc. droping ECN
> > packets) *are* violating a standard that was current at *their* time. The
> > routers in particular I think *are* wrong, since they are making decisions
> > based on bits that at that time were reserved.
>
> The devices in question *are* violating the standards that existed at the time
> they were created. The bits that they're fiddling with are *reserved*. That
> means "don't touch". They were in violation of the TCP/IP protocol from day
> one, it's just that it's only now that the IETF is making use of those bits,
> /as is their right/, that the problem with this equipment has come to light.
That's what I was saying wasn't I?
> > But tell me, in case there's an IMAP client that has some problems with
> > the IMAP protocol. Should a Debian box by default *refuse* to talk
> > to it or should the default be to try to talk to it (provided that it
> > can)?
>
> Are you joking? If someone filed a bug against my package saying I should
> make changes to it to accomodate a broken client (equivalent: my IMAP server
> sends back a valid IMAP response and this causes the client to segfault), I
> would immediately close the bug with a smile and a have-a-nice-day.
Good for you. And the people that *need* a working server as in "it forks
for *me*" will move on and ignore you. That's your choice. It's the choice
Debian is making now.
But if care about the real world you will see that the philosophy of most
software isn't "I'm right have-a-nice-day" but let's have "something that
works". Check the kernel. Check IMAP servers (that's why I was choosing
this example), check well whatever, many things try to cooperate with
broken stuff.
> Anyone using such broken software should do the right thing, which is one of:
>
> a) get a different IMAP client
If you have the choice. Which is an open question.
> b) get an upgrade/fix for the IMAP client so that it's no longer broken.
If there is one. Which still is an open question.
> c) sue the vendor for selling a product under false pretenses, with the
> goal of achieving either a) or b) above.
Do *you* do that for all the things that don't work as they should? And
even if, why should you force others to behave similary?
> The same applies to these POS Zylex routers. There's no reason that Debian
> should be covering their asses when they refuse to provide firmware upgrades
> to their customers in a timely manner, especially when everyone else on the
> Internet has been ready to go with ECN for some time now.
There are a *lot* of places that are not reachable. "Everyone else"
doesn't reflect any reality.
But the question is if it's worth it for Debian to keep this anal "I am
right" position, just because of a flag, whose existence aparently doesn't
hurt people who're runing 2.2.x, which is *by default* disabled upstream
(take a second and ask yourself, why could this be?). What's certain is,
that it's going to hurt a lot of people.
Maybe a quote from the kernel docu can help:
> Note that, on the Internet, there are many broken firewalls which
> refuse connections from ECN-enabled machines, and it may be a while
> before these firewalls are fixed. Until then, to access a site behind
> such a firewall (some of which are major sites, at the time of this
> writing) you will have to disable this option, either by saying N now
> or by using the sysctl.
>
> If in doubt, say N.
Obviously, Debian is not in doubt about it's own users and knows better.
*t
PS: Since you're Cc:ing me in addition to the list, you maybe need an
extra copy as well.
----------------------------------------------------------------------------
Tomas Pospisek
SourcePole - Linux & Open Source Solutions
http://sourcepole.ch
Elestastrasse 18, 7310 Bad Ragaz, Switzerland
Tel: +41 (81) 330 77 11
----------------------------------------------------------------------------
Reply to: