Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 19 May 2016 16:45:09 -0700 (PDT)
From:      Don Lewis <truckman@FreeBSD.org>
To:        yaneurabeya@gmail.com
Cc:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   Re: svn commit: r300240 - head/sys/netinet
Message-ID:  <201605192345.u4JNj9GE084896@gw.catspoiler.org>
In-Reply-To: <CAGHfRMDbwkq2%2BbkXWtk611HDZn1-jBMXhyWxDVV3Wr%2BLeyex-Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 19 May, Ngie Cooper wrote:
> On Thu, May 19, 2016 at 3:20 PM, Don Lewis <truckman@freebsd.org> wrote:
>> Author: truckman
>> Date: Thu May 19 22:20:35 2016
>> New Revision: 300240
>> URL: https://svnweb.freebsd.org/changeset/base/300240
>>
>> Log:
>>   Change net.inet.tcp.ecn.enable sysctl mib from a binary off/on
>>   control to a three way setting.
>>     0 - Totally disable ECN. (no change)
>>     1 - Enable ECN if incoming connections request it.  Outgoing
>>         connections will request ECN.  (no change from present != 0 setting)
>>     2 - Enable ECN if incoming connections request it.  Outgoing
>>         conections will not request ECN.
>>
>>   Change the default value of net.inet.tcp.ecn.enable from 0 to 2.
>>
>>   Linux version 2.4.20 and newer, Solaris, and Mac OS X 10.5 and newer have
>>   similar capabilities.  The actual values above match Linux, and the default
>>   matches the current Linux default.
>>
>>   Reviewed by:  eadler
>>   MFC after:    1 month
>>   MFH:          yes
>>   Sponsored by: https://reviews.freebsd.org/D6386
> 
> RelNotes: yes
>
> Also, does it make sense to merge this to head if it fundamentally
> changes behavior from what it was previously on the stable branch(es)?

grrh ... that was supposed to be "Relnotes: yes", not "MFH: yes".

I do think it makes sense to merge this to stable/10.  Linux has had ECN
enabled by default for quite some time, and OS X enabled ECN by default
last September.

The default setting of 2 is fairly safe.  If you receive an incoming
connection request that wants ECN, then that indicates that you are not
behind a broken middlebox that blocks ECN.

Requesting ECN by default on outgoing connections is more problematic.
If you are behind a broken middlebox, the you could have problems making
outgoing connections, though if you don't get a response after sending
net.inet.tcp.ecn.enable SYN packets, ECN will get disabled for that
connection request.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201605192345.u4JNj9GE084896>