From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <brouer@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by lists.bufferbloat.net (Postfix) with ESMTPS id 8B5BF3B2A4;
 Fri, 20 Sep 2019 03:24:15 -0400 (EDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.redhat.com (Postfix) with ESMTPS id 9D64281F07;
 Fri, 20 Sep 2019 07:24:14 +0000 (UTC)
Received: from carbon (ovpn-200-26.brq.redhat.com [10.40.200.26])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 7469A5D6A7;
 Fri, 20 Sep 2019 07:24:10 +0000 (UTC)
Date: Fri, 20 Sep 2019 09:24:08 +0200
From: Jesper Dangaard Brouer <brouer@redhat.com>
To: Toke =?UTF-8?B?SMO4aWxhbmQtSsO4cmdlbnNlbg==?= <toke@toke.dk>
Cc: ecn-sane@lists.bufferbloat.net, bloat@lists.bufferbloat.net,
 brouer@redhat.com, Marek Majkowski <marek@cloudflare.com>
Message-ID: <20190920092408.58747a48@carbon>
In-Reply-To: <87o8zgdvka.fsf@toke.dk>
References: <87o8zgdvka.fsf@toke.dk>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
 (mx1.redhat.com [10.5.110.25]); Fri, 20 Sep 2019 07:24:14 +0000 (UTC)
Subject: Re: [Bloat] Issue with negotiating ECN with Cloudflare hosts?
X-BeenThere: bloat@lists.bufferbloat.net
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: General list for discussing Bufferbloat <bloat.lists.bufferbloat.net>
List-Unsubscribe: <https://lists.bufferbloat.net/options/bloat>,
 <mailto:bloat-request@lists.bufferbloat.net?subject=unsubscribe>
List-Archive: <https://lists.bufferbloat.net/pipermail/bloat>
List-Post: <mailto:bloat@lists.bufferbloat.net>
List-Help: <mailto:bloat-request@lists.bufferbloat.net?subject=help>
List-Subscribe: <https://lists.bufferbloat.net/listinfo/bloat>,
 <mailto:bloat-request@lists.bufferbloat.net?subject=subscribe>
X-List-Received-Date: Fri, 20 Sep 2019 07:24:15 -0000


On Thu, 19 Sep 2019 19:50:45 +0200 Toke H=C3=B8iland-J=C3=B8rgensen <toke@t=
oke.dk> wrote:

> Is anyone else experiencing problems negotiating ECN when connecting to
> Cloudflare? I see this for most sites protected by Cloudflare (such as
> bufferbloat.net), but only when using IPv4:
>=20
> # sysctl -w net.ipv4.tcp_ecn=3D1
> net.ipv4.tcp_ecn =3D 1
> # curl -v 1.1.1.1
> *   Trying 1.1.1.1:80...
> * TCP_NODELAY set
> * Connected to 1.1.1.1 (1.1.1.1) port 80 (#0)
> > GET / HTTP/1.1
> > Host: 1.1.1.1
> > User-Agent: curl/7.66.0
> > Accept: */*
> >  =20
> * Recv failure: Connection reset by peer
> * Closing connection 0
> curl: (56) Recv failure: Connection reset by peer

It works for me when repeating your experiment:

$ sysctl -w net.ipv4.tcp_ecn=3D1
net.ipv4.tcp_ecn =3D 1

$ curl -v 1.1.1.1
* Rebuilt URL to: 1.1.1.1/
*   Trying 1.1.1.1...
* TCP_NODELAY set
* Connected to 1.1.1.1 (1.1.1.1) port 80 (#0)
> GET / HTTP/1.1
> Host: 1.1.1.1
> User-Agent: curl/7.61.1
> Accept: */*
>=20
< HTTP/1.1 301 Moved Permanently
< Date: Fri, 20 Sep 2019 07:19:48 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
< Location: https://1.1.1.1/
< Served-In-Seconds: 0.000
< CF-Cache-Status: HIT
< Age: 5944
< Expires: Fri, 20 Sep 2019 11:19:48 GMT
< Cache-Control: public, max-age=3D14400
< Server: cloudflare
< CF-RAY: 519208830aced891-CPH
[...]
=20
=20
> # sysctl -w net.ipv4.tcp_ecn=3D0
> net.ipv4.tcp_ecn =3D 0
> # curl -v 1.1.1.1
> *   Trying 1.1.1.1:80...
> * TCP_NODELAY set
> * Connected to 1.1.1.1 (1.1.1.1) port 80 (#0)
> > GET / HTTP/1.1
> > Host: 1.1.1.1
> > User-Agent: curl/7.66.0
> > Accept: */*
> >  =20
> * Mark bundle as not supporting multiuse
> < HTTP/1.1 301 Moved Permanently
> < Date: Thu, 19 Sep 2019 17:42:22 GMT
> < Content-Type: text/html
> < Transfer-Encoding: chunked
> < Connection: keep-alive
> < Location: https://1.1.1.1/
> < Served-In-Seconds: 0.000
> < CF-Cache-Status: HIT
> < Age: 4442
> < Expires: Thu, 19 Sep 2019 21:42:22 GMT
> < Cache-Control: public, max-age=3D14400
> < Server: cloudflare
> < CF-RAY: 518d5b13fcfcd43f-HAM
> <=20
> <html>
> <head><title>301 Moved Permanently</title></head>
> <body bgcolor=3D"white">
> <center><h1>301 Moved Permanently</h1></center>
> <hr><center>cloudflare-lb</center>
> </body>
> </html>
> * Connection #0 to host 1.1.1.1 left intact
>=20
>=20
> I've opened a support request with my ISP, but thought I'd ask if anyone
> else was seeing this? (Is anyone else running with ECN enabled?)

I'm not seeing it, so it might be your ISP?

--=20
Best regards,
  Jesper Dangaard Brouer
  MSc.CS, Principal Kernel Engineer at Red Hat
  LinkedIn: http://www.linkedin.com/in/brouer