Re: reopening ECN bugreport/netbase

To: debian-devel@lists.debian.org
Subject: Re: reopening ECN bugreport/netbase
From: "Neil T. Spring" <nspring@cs.washington.edu>
Date: Wed, 5 Sep 2001 18:30:27 -0700
Message-id: <[🔎] 20010905183026.A8057@cs.washington.edu>
In-reply-to: <[🔎] 20010905193014.A16713@molehole.dyndns.org>
References: <[🔎] Pine.LNX.4.32.0109052302410.2297-100000@tpo2.sourcepole> <[🔎] 20010905161450.C7004@cs.washington.edu> <[🔎] 20010905193014.A16713@molehole.dyndns.org>

> On 05-Sep-01, 18:14 (CDT), "Neil T. Spring" <nspring@cs.washington.edu> wrote: 
> > 2. A configuration option, when you know concensus on this
> > list is that there will be none; and that the default will
> > be on.
> No, I don't think that's the concensus. I agree that the kernel package
> can't change another packages conffile, but that doesn't mean the issue
> cannot be worked around

Fair enough.  perhaps I was expressing my expectation
that if we asked Herbert, Craig, and Anthony, none of them
would add a configuration option.  Certainly not Herbert or
Craig (irrelevant to kernel-package and procps).

My point is: the maintainers have spoken.  If we're going
to make progress in helping users behind broken equipment,
we're going to have to find another way that doesn't offend
Herbert, Craig, and Anthony's sense of idealism.

> The problem is not Debian user's with broken equipment. The problem is
> that if any router between them and the target system is broken, they
> get screwed. What do you suggest they do? And before you say "contack the
> admin of the broken router", I suggest you try to

No.  Arbitrary routers along the packet's path are not
the problem.  See http://gtf.org/garzik/ecn/ 
Real routers in the middle of the network don't have time
to screw with the payload of an IP packet.

We're talking zealous firewalls, unpatched cisco local
director, and the Zyxel "router that zeroes TCP bits".
At the end hosts, we're talking about what nmap thinks
are old AIX and IRIX.

> a) find out who is responsible for an arbitrary router.

This is easy, as above; it's either your zyxel or the
server's cisco redirector, firewall, or operating system.

> b) find out how to contact said person.

Since (a) is easy, (b) is fairly easy.  webmaster@, root@,
postmaster@intuit.com

> c) find out how far you get when you, internet newbie, try to tell them
> their equipment is broken.

(c) will be easy when corporate web servers that want
to sell you something realize that they're turning away
connections that might represent business.

I don't see what's so hard about a user writing
webmaster@rei.com:

 Hi, 
 I tried to access your webserver today and it said
 connection timed out.  I can connect to yahoo just fine.
 Is it because I'm using konqueror?  Please let me know
 when your web server is back up.

> It's simply not a realistic answer for most people (i.e. those without

I do not presume to say what most people would be capable
of doing.  It was your suggestion, not mine, that joe user
"contack the admin".  If they feel sufficiently capable,
great, everyone should at least try to submit bug reports.

If you feel it is your responsibility to make the
world safe for these users,  I suggest you take it upon
yourself to write the admins of webservers that don't
respond to ECN negotiating SYN packets as listed at:

http://www.aciri.org/tbit/ecn_test3A.html
(some of these may have been fixed since April)

-neil

Reply to:

Follow-Ups:
- Re: reopening ECN bugreport/netbase
  - From: Anthony Towns <aj@azure.humbug.org.au>

References:
- Re: reopening ECN bugreport/netbase
  - From: "T.Pospisek's MailLists" <tpo2@spin.ch>
- Re: reopening ECN bugreport/netbase
  - From: "Neil T. Spring" <nspring@cs.washington.edu>
- Re: reopening ECN bugreport/netbase
  - From: Steve Greenland <stevegr@debian.org>

Prev by Date: Re: step by step HOWTO switch debian installation into utf-8
Next by Date: ideas about how to package something
Previous by thread: Re: reopening ECN bugreport/netbase
Next by thread: Re: reopening ECN bugreport/netbase
Index(es):
- Date
- Thread