[ale] Problem connecting to ZDNet

Chris Ricker chris.ricker at genetics.utah.edu
Sat Nov 4 23:34:50 EST 2000 

On Tue, 31 Oct 2000, Fulton Green wrote:

> On Sun, Oct 29, 2000 at 06:20:14PM -0700, Chris Ricker wrote:
> > The problem is probably that you enabled ECN; for me, running
> > 2.4.0-test10-pre6-reiser, I can reach zdnet if I disable ECN, but not if I
> > enable it.
> >
> > ZDNet (and much of the rest of the 'net) is broken and doesn't handle ECN
> > correctly.  Email them and gripe; the problem is most likely misconfigured /
> > non-upgraded Cisco routers on their end, though the chances of them doing
> > anything about it are slim.
>
> Way to go! I disabled ECN, recompiled, and now it works like a charm.

FWIW, you can use /proc/sys/net/ipv4/tcp_ecn (1 is on, 0 is off) to control
it w/o having to recompile and reboot.  I leave it on, but turn it off from
the command line when necessary, then turn it back on.

> For the uninitiated, ECN stands for "explicit congestion notification". It's
> a TCP option under the Networking Options section of the 2.4 kernel build
> configuration utility.
>
> For the barely-initiated (which includes myself): what exactly does ECN do,
> anyway?

It's specified in RFC2481.  The basic idea is that it's an extension to the
tcp protocol whereby a bit in the packet (the CE bit) can be set by routers
to indicate route congestion, which should lead to transmission throttling
by ECN-compliant stacks; this leads to fewer retransmissions, since fewer
packets wind up being dropped, and is overall a Good Thing for the 'net.
Unfortunately, many Cisco products currently in the field incorrectly
blindly drop all packets with the CE bit set ;-)

Here's the two patches from Cisco to fix their broken products:

PIX:

(see
http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCds23698)
    Bud ID:        CSCds23698
    Headline:      PIX sends RSET in response to tcp connections with ECN
 bits set
    Product:       PIX
    Component:     fw
    Severity:      2            Status:           R [Resolved]
    Version Found: 5.1(1)       Fixed-in Version: 5.1(2.206) 5.1(2.207)
 5.2(1.200)

Local Director:

(see
http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCds40921)
Bug Id : CSCds40921
 Headline:  LD rejects syn with reserved bits set in flags field of TCP
hdr
 Product:  ld
 Component: rotor
 Severity: 3                     Status:        R [Resolved]
 Version Found: 3.3(3)           Fixed-in Version: 3.3.3.107

Feel free to point broken sites at the Cisco patches....

later,
chris

-- 
Chris Ricker                                               kaboom at gatech.edu
                                              chris.ricker at genetics.utah.edu





--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

More information about the Ale mailing list