From owner-freebsd-stable@FreeBSD.ORG Mon Jul 12 15:01:51 2010 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 455801065670 for ; Mon, 12 Jul 2010 15:01:51 +0000 (UTC) (envelope-from oberman@es.net) Received: from mailgw.es.net (mail1.es.net [IPv6:2001:400:201:1::2]) by mx1.freebsd.org (Postfix) with ESMTP id 2ADB88FC1E for ; Mon, 12 Jul 2010 15:01:51 +0000 (UTC) Received: from ptavv.es.net (ptavv.es.net [IPv6:2001:400:910::29]) by mailgw.es.net (8.14.3/8.14.3) with ESMTP id o6CF1lrY019321 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 12 Jul 2010 08:01:47 -0700 Received: from ptavv.es.net (localhost [127.0.0.1]) by ptavv.es.net (Tachyon Server) with ESMTP id 542BE1CC0D; Mon, 12 Jul 2010 08:01:47 -0700 (PDT) To: Andrei Kolu In-reply-to: Your message of "Mon, 12 Jul 2010 15:31:58 +0300." Date: Mon, 12 Jul 2010 08:01:47 -0700 From: "Kevin Oberman" Message-Id: <20100712150147.542BE1CC0D@ptavv.es.net> X-Proofpoint-Virus-Version: vendor=fsecure engine=1.12.8161:2.4.5, 1.2.40, 4.0.166 definitions=2010-07-12_02:2010-02-06, 2010-07-12, 2010-07-11 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx engine=5.0.0-1005130000 definitions=main-1007120067 Cc: freebsd-stable@freebsd.org Subject: Re: bogus DSCP value for ssh X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2010 15:01:51 -0000 > From: Andrei Kolu > Date: Mon, 12 Jul 2010 15:31:58 +0300 > Sender: owner-freebsd-stable@freebsd.org > > Hi! > > I am testing FreeBSD 8.1-RC2 amd64 networking stuff and notice one > strange DSCP message with wireshark: > ------------------------------------ > Internet Protocol, Src: 192.168.1.111 (192.168.1.111), Dst: > 192.168.1.101 (192.168.1.101) > Differentiated Services Field: 0x10 (DSCP 0x04: Unknown DSCP; ECN: 0x00) > 0001 00.. = Differentiated Services Codepoint: Unknown (0x04) > .... ..0. = ECN-Capable Transport (ECT): 0 > .... ...0 = ECN-CE: 0 > > Transmission Control Protocol, Src Port: ssh (22), Dst Port: > attachmate-s2s (2419), Seq: 2902917, Ack: 29842, Len: 132 > ------------------------------------ > > There is no firewall enabled. Only thing I changed (should have no > effect) was: "net.inet.tcp.ecn.enable: 1" > _______________________________________________ I don't know why Wireshark does not understand this, but it is defined in RFC2474 as Class Selector 2 or simply IP precedence of 2 (of 7). If you add the ECN bit, you have Assured Forwarding at IP priority 2. Whether you pass or respond to the DSCP bits is, of course, a personal choice, but there is nothing unusual with this and ssh has bee setting the bit for a long time. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751