[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: IP problems with 2.4.0-test12

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

A long time ago, in a galaxy far, far way, someone said...

> Hi,
>     I'm using 2.4.0-test12-pre7 (compiled it on my own, not through a
> .deb) and I've encountered a very strange problem.  There are certain
> websites that my system now refuses to connect to.  I know that these
> sites are up because other systems can connect to them.  And I can
> even ping these same sites from my machine!  However, HTTP connections
> seem to go nowhere.  Examples of these are:
>
> www.compubank.com
> bank.netbank.com (but www.netbank.com works!)
> www.exchangepath.com
> www.zanybrainy.com
> www.barnesandnoble.com
> counters.honesty.com

Your getting bit by ECN (explicit congestion notification).  The sites in
question have broken firewalls that are blocking valid (but little used
until now) optional TCP flags.

Do "sysctl -w net.ipv4.tcp_ecn=0" as root and see what you get.

- -- 
- ----------------------------------------------------------------------
Phil Brutsche				    pbrutsch@tux.creighton.edu

GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D  7E5E FD94 D264 50DE 1CFC
GPG key id: 50DE1CFC
GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6NYK1/ZTSZFDeHPwRAk3XAJ4rTdNXURF2fwcQmSDS5wQx8iDIDACggqGl
nOj03yeTj+VzwG4dPBlYJDs=
=MmDF
-----END PGP SIGNATURE-----
Reply to: