From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 8B5BF3B2A4; Fri, 20 Sep 2019 03:24:15 -0400 (EDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9D64281F07; Fri, 20 Sep 2019 07:24:14 +0000 (UTC) Received: from carbon (ovpn-200-26.brq.redhat.com [10.40.200.26]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7469A5D6A7; Fri, 20 Sep 2019 07:24:10 +0000 (UTC) Date: Fri, 20 Sep 2019 09:24:08 +0200 From: Jesper Dangaard Brouer To: Toke =?UTF-8?B?SMO4aWxhbmQtSsO4cmdlbnNlbg==?= Cc: ecn-sane@lists.bufferbloat.net, bloat@lists.bufferbloat.net, brouer@redhat.com, Marek Majkowski Message-ID: <20190920092408.58747a48@carbon> In-Reply-To: <87o8zgdvka.fsf@toke.dk> References: <87o8zgdvka.fsf@toke.dk> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Fri, 20 Sep 2019 07:24:14 +0000 (UTC) Subject: Re: [Bloat] Issue with negotiating ECN with Cloudflare hosts? X-BeenThere: bloat@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: General list for discussing Bufferbloat List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Sep 2019 07:24:15 -0000 On Thu, 19 Sep 2019 19:50:45 +0200 Toke H=C3=B8iland-J=C3=B8rgensen wrote: > Is anyone else experiencing problems negotiating ECN when connecting to > Cloudflare? I see this for most sites protected by Cloudflare (such as > bufferbloat.net), but only when using IPv4: >=20 > # sysctl -w net.ipv4.tcp_ecn=3D1 > net.ipv4.tcp_ecn =3D 1 > # curl -v 1.1.1.1 > * Trying 1.1.1.1:80... > * TCP_NODELAY set > * Connected to 1.1.1.1 (1.1.1.1) port 80 (#0) > > GET / HTTP/1.1 > > Host: 1.1.1.1 > > User-Agent: curl/7.66.0 > > Accept: */* > > =20 > * Recv failure: Connection reset by peer > * Closing connection 0 > curl: (56) Recv failure: Connection reset by peer It works for me when repeating your experiment: $ sysctl -w net.ipv4.tcp_ecn=3D1 net.ipv4.tcp_ecn =3D 1 $ curl -v 1.1.1.1 * Rebuilt URL to: 1.1.1.1/ * Trying 1.1.1.1... * TCP_NODELAY set * Connected to 1.1.1.1 (1.1.1.1) port 80 (#0) > GET / HTTP/1.1 > Host: 1.1.1.1 > User-Agent: curl/7.61.1 > Accept: */* >=20 < HTTP/1.1 301 Moved Permanently < Date: Fri, 20 Sep 2019 07:19:48 GMT < Content-Type: text/html < Transfer-Encoding: chunked < Connection: keep-alive < Location: https://1.1.1.1/ < Served-In-Seconds: 0.000 < CF-Cache-Status: HIT < Age: 5944 < Expires: Fri, 20 Sep 2019 11:19:48 GMT < Cache-Control: public, max-age=3D14400 < Server: cloudflare < CF-RAY: 519208830aced891-CPH [...] =20 =20 > # sysctl -w net.ipv4.tcp_ecn=3D0 > net.ipv4.tcp_ecn =3D 0 > # curl -v 1.1.1.1 > * Trying 1.1.1.1:80... > * TCP_NODELAY set > * Connected to 1.1.1.1 (1.1.1.1) port 80 (#0) > > GET / HTTP/1.1 > > Host: 1.1.1.1 > > User-Agent: curl/7.66.0 > > Accept: */* > > =20 > * Mark bundle as not supporting multiuse > < HTTP/1.1 301 Moved Permanently > < Date: Thu, 19 Sep 2019 17:42:22 GMT > < Content-Type: text/html > < Transfer-Encoding: chunked > < Connection: keep-alive > < Location: https://1.1.1.1/ > < Served-In-Seconds: 0.000 > < CF-Cache-Status: HIT > < Age: 4442 > < Expires: Thu, 19 Sep 2019 21:42:22 GMT > < Cache-Control: public, max-age=3D14400 > < Server: cloudflare > < CF-RAY: 518d5b13fcfcd43f-HAM > <=20 > > 301 Moved Permanently > >

301 Moved Permanently

>
cloudflare-lb
> > > * Connection #0 to host 1.1.1.1 left intact >=20 >=20 > I've opened a support request with my ISP, but thought I'd ask if anyone > else was seeing this? (Is anyone else running with ECN enabled?) I'm not seeing it, so it might be your ISP? --=20 Best regards, Jesper Dangaard Brouer MSc.CS, Principal Kernel Engineer at Red Hat LinkedIn: http://www.linkedin.com/in/brouer