Mailinglist Archive: opensuse (769 mails)

< Previous Next >
[opensuse] incoming tcp connections with ECN
  • From: Per Jessen <per@xxxxxxxxxxxx>
  • Date: Mon, 30 May 2016 18:01:57 +0200
  • Message-id: <niho5l$17p$>
I am having a bit of an issue with a customer and their inbound traffic
to us. It's authenticated SMTP on port 587 with TLS. For whatever
reason, they're trying to negotiate ECN. The receiving systems are
somewhat backlevel/due-for-update, kernel 2.6
with /proc/sys/net/ipv4/tcp_ecn = 0 by default. Newer systems have '2':

0 – disable ECN and neither initiate nor accept it
1 – enable ECN when requested by incoming connections, and also request
ECN on outgoing connection attempts
2 – (default) enable ECN when requested by incoming connections, but do
not request ECN on outgoing connections

When /proc/sys/net/ipv4/tcp_ecn is 0, incoming connections appear to be
simply ignored, even when the sending host switched off ECN after
having tried with ECN. The solution seems to be to
set /proc/sys/net/ipv4/tcp_ecn = 2.

The question is - are there any other effects?

Per Jessen, Zürich (21.2°C) - virtual servers, made in Switzerland.

To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups