[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Changes to /etc/init.d/networking

On Fri, Apr 13, 2001 at 07:28:38AM -0600, Stefan Srdic wrote:
> Daniel Stone wrote:
> > Well, there's been a raging debate on linux-kernel about this. Basically,
> > some Cisco routers are broken, as the (outdated) RFC specified that this
> > field (the one for ECN) was "reserved", so Cisco took that to mean "must be
> > zero". Hence, when you turn ECN on, a lot of Cisco routers drop the packet -
> > including the ones for Hotmail, etc.
> >
> > Hope this helps,
> > :) d
> That could explain a few problems that I have been having while attempting to
> download from the net through my Windows clients, maybe it would be best to leave
> ECN to its default value (off) untill further investigation proves otherwise. Funny
> how there was no mention of this in the kernel documentation.
TCP Explicit Congestion Notification support
  Explicit Congestion Notification (ECN) allows routers to notify
  clients about network congestion, resulting in fewer dropped packets
  and increased network performance. This option adds ECN support to the
  Linux kernel, as well as a sysctl (/proc/sys/net/ipv4/tcp_ecn) which
  allows ECN support to be disabled at runtime.

  Note that, on the Internet, there are many broken firewalls which
  refuse connections from ECN-enabled machines, and it may be a while
  before these firewalls are fixed. Until then, to access a site behind
  such a firewall (some of which are major sites, at the time of this
  writing) you will have to disable this option, either by saying N now
  or by using the sysctl.

  If in doubt, say N.
But anyway...
I gladly used this setting as soon as I started with 2.4.. until I
noticed all of ibm.com and anoncvs.gnome.org seem to be behind 'broken'
routers -(....

Gordon Sadler

> Anyway...
> Are there any other IPV4 settings that I should know about that increase system
> transfer efficientcy and security?
> Would it be recomended to execute an IPTables script via the networking init script?
> Stef

Reply to: