From owner-freebsd-stable@FreeBSD.ORG  Mon Jul 12 15:01:51 2010
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 455801065670
	for <freebsd-stable@freebsd.org>; Mon, 12 Jul 2010 15:01:51 +0000 (UTC)
	(envelope-from oberman@es.net)
Received: from mailgw.es.net (mail1.es.net [IPv6:2001:400:201:1::2])
	by mx1.freebsd.org (Postfix) with ESMTP id 2ADB88FC1E
	for <freebsd-stable@freebsd.org>; Mon, 12 Jul 2010 15:01:51 +0000 (UTC)
Received: from ptavv.es.net (ptavv.es.net [IPv6:2001:400:910::29])
	by mailgw.es.net (8.14.3/8.14.3) with ESMTP id o6CF1lrY019321
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Mon, 12 Jul 2010 08:01:47 -0700
Received: from ptavv.es.net (localhost [127.0.0.1])
	by ptavv.es.net (Tachyon Server) with ESMTP id 542BE1CC0D;
	Mon, 12 Jul 2010 08:01:47 -0700 (PDT)
To: Andrei Kolu <antik@bsd.ee>
In-reply-to: Your message of "Mon, 12 Jul 2010 15:31:58 +0300."
	<AANLkTimR7B6SDkD_fbI5O_ggW5UQ8z7SLfgMlNbZF8p2@mail.gmail.com> 
Date: Mon, 12 Jul 2010 08:01:47 -0700
From: "Kevin Oberman" <oberman@es.net>
Message-Id: <20100712150147.542BE1CC0D@ptavv.es.net>
X-Proofpoint-Virus-Version: vendor=fsecure engine=1.12.8161:2.4.5, 1.2.40,
	4.0.166 definitions=2010-07-12_02:2010-02-06, 2010-07-12,
	2010-07-11 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0
	ipscore=0 phishscore=0 bulkscore=0 adultscore=0 classifier=spam
	adjust=0 reason=mlx engine=5.0.0-1005130000
	definitions=main-1007120067
Cc: freebsd-stable@freebsd.org
Subject: Re: bogus DSCP value for ssh 
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Jul 2010 15:01:51 -0000

> From: Andrei Kolu <antik@bsd.ee>
> Date: Mon, 12 Jul 2010 15:31:58 +0300
> Sender: owner-freebsd-stable@freebsd.org
> 
> Hi!
> 
> I am testing FreeBSD 8.1-RC2 amd64 networking stuff and notice one
> strange DSCP message with wireshark:
> ------------------------------------
> Internet Protocol, Src: 192.168.1.111 (192.168.1.111), Dst:
> 192.168.1.101 (192.168.1.101)
> Differentiated Services Field: 0x10 (DSCP 0x04: Unknown DSCP; ECN: 0x00)
> 0001 00.. = Differentiated Services Codepoint: Unknown (0x04)
> .... ..0. = ECN-Capable Transport (ECT): 0
> .... ...0 = ECN-CE: 0
> 
> Transmission Control Protocol, Src Port: ssh (22), Dst Port:
> attachmate-s2s (2419), Seq: 2902917, Ack: 29842, Len: 132
> ------------------------------------
> 
> There is no firewall enabled. Only thing I changed (should have no
> effect) was: "net.inet.tcp.ecn.enable: 1"
> _______________________________________________

I don't know why Wireshark does not understand this, but it is defined
in RFC2474 as Class Selector 2 or simply IP precedence of 2 (of 7).

If you add the ECN bit, you have Assured Forwarding at IP priority 2.

Whether you pass or respond to the DSCP bits is, of course, a personal
choice, but there is nothing unusual with this and ssh has bee setting
the bit for a long time.
-- 
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman@es.net			Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751