default ECN settings

hiren panchasara hiren at strugglingcoder.info
Fri Nov 6 00:52:57 UTC 2015 

On 11/05/15 at 06:58P, Midori Kato wrote:
> Hi Macy and Don,
> 
> I am Midori. Too late to catch up this topic but this topic is interesting
> to me.
> Linux separates inbound and outbound ecn operation while RFC 3168 says that
> making hosts fail during the negotiation without ecn configuration.
> 
> I think FreeBSD is probably able to distinguish inbound and outbound with
> cc_var flag as well.
> I like to try to work this. If the sender like to use ECN, behaving as ECN
> receiver is good for the TCP connection.
> 
> Regards,
> -- Midori
> 
> 
> 2015-09-05 10:05 GMT+09:00 K. Macy <kmacy at freebsd.org>:
> 
> > On Fri, Sep 4, 2015 at 5:53 PM, Don Lewis <truckman at freebsd.org> wrote:
> > > On  4 Sep, K. Macy wrote:
> > >> By default ECN is completely disabled on FreeBSD. On Linux the default
> > >> is to disable it outbound (not request it) but enable it inbound
> > >> (accept new connections asking for it). Is there a good reason to only
> > >> set ECN_PERMIT on inbound connections if the system is doing ECN on
> > >> outbound connections?
> > >
> > > Not that I can think of.  The risk in enabling ECN for outbound
> > > connections is that some connection attempts can fail, especially if you
> > > are attempting to connect to some old and oddball device.  That should
> > > not be a risk for inbound connections since those devices won't be
> > > requesting ECN.
> >
> > Even with 'oddball' devices the stack is configured to retry ECN n
> > times where n defaults to 1 and then revert to not requesting ECN
> > support. Thus connections would take longer on 'oddball' devices. The
> > solution that *I* would choose for that would be to track ECN support
> > in the host cache. The first connection to a new host would always try
> > ECN and in the event that that failed all subsequent connection
> > attempts would not try ECN. To me this seems like the most robust
> > compromise. However, I don't yet have enough information to say how
> > much benefit this would confer.

ECN is a good thing to have and I think that we should support
it if an incoming connection requests it. I also like this approach
suggested by Kip for implementation.
> >
> > > Seems like we should be defaulting ECN on for inbound connections,
> > > though we currently can't control the two directions separately.
> >
> > That is a straightforward change.

Just to clarify, with/after this change, the default behavior would be:
enabled on inbound and disabled on outbound. And we should also have a
way to disable ecn completely on both directions.

Cheers,
Hiren
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 603 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20151105/c131941c/attachment.bin>

More information about the freebsd-net mailing list