Bug#1111446: openssh: IPQoS changes upstream and debian revert-ipqos-defaults.patch since 2019 (#923879 and 923880)
Source: openssh
Version: all from 2019 to 2025
Severity: normal
X-Debbugs-Cc: bugreports@pouzenc.fr
Dear Maintainer,
I get there while doing tcpdump capture on ssh IPv6 traffic and seen
"invalid" values in DSCP field (in respect to IANA defined values) with
a default sshd config on Debian 13. It seems identical in unstable.
I see a patch qualified as "temporary" in #923879 from 2019 that is
still applied on Debian 13, named revert-ipqos-defaults.patch.
Mentionning that to friends, one of them points me to recent changes
commited in openssh around this topic, that, I think will make debian
revert patch unappliable or introduce a change in behavior, pushing
default system DSCP values (CS0 I beleive) instead of non DSCP compilant
curent values.
https://marc.info/?l=openbsd-cvs&m=175396095604983&w=2
This patch is still applied, saying that there was a bug in iptables -m
tos in 2019. I never found a clue that is was reported nor considered
upstream. Debian bug #923880 still open and seems to be in a dead state.
Could you reconsider revert-ipqos-defaults.patch for testing+unstable ?
As mentionned in one the two BR, Fedora since 2019 choosen to not revert
IPQoS default values and I am not aware that there is problems with that
nowadays.
Best regards,
Ludovic
-- System Information:
Debian Release: 12.11
APT prefers oldstable-security
APT policy: (500, 'oldstable-security'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-38-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Reply to: