| To: | "Harald Welte" <laforge@xxxxxxxxxxxx> |
|---|---|
| Subject: | Re: RFC iptables target for selectively removing ECN |
| From: | Sebastian Zimmermann <sz@xxxxxxxxxxxxxxxxxxxxxxxx> |
| Date: | Tue, 26 Feb 2002 13:37:03 +0100 |
| Cc: | netdev@xxxxxxxxxxx |
| In-reply-to: | <20020226101235.G23307@xxxxxxxxxxxxxxxxxxxxxxx> |
| Organization: | FSP 4-06 |
| References: | <20020225144047.Z23307@xxxxxxxxxxxxxxxxxxxxxxx> <20020225224721.020ccfe4.sebastian+list02@xxxxxxxxxxxxxx> <20020226101235.G23307@xxxxxxxxxxxxxxxxxxxxxxx> |
| Sender: | owner-netdev@xxxxxxxxxxx |
On Tue, 26 Feb 2002 10:12:35 +0100 "Harald Welte" <laforge@xxxxxxxxxxxx> wrote: >> Instead, I suggest to only clear the ECE and CWR TCP flags >> on SYN-packets. > > I don't need to clear the ECT codepoint in the IP header as well? Is > it > valid to receive an IP packet which has an ECT codepoint set in the > IP header, but no ECE/CWR bits in the TCP header? The RFC states that SYN packets MUST NOT set ECT. So when the TCP connection is initiated, the ECN-capability is negotiated only by the two TCP flags ECE and CWR. If you clear those, ECN cannot be established. If ECN wasn't established, ECT MUST NOT be set on the following packets - and thus CE won't be set. So if the ECN implementation is conforming to the RFC, your target does not have to touch IP headers at all to disable ECN. Sebastian |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: RFC iptables target for selectively removing ECN, Andreas Ferber |
|---|---|
| Next by Date: | Linux Question about snooping on ARP cache updates, Jamie Esliger |
| Previous by Thread: | Re: RFC iptables target for selectively removing ECN, Andreas Ferber |
| Next by Thread: | Linux Question about snooping on ARP cache updates, Jamie Esliger |
| Indexes: | [Date] [Thread] [Top] [All Lists] |