From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qt1-x829.google.com (mail-qt1-x829.google.com [IPv6:2607:f8b0:4864:20::829]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id 04F8C3CB36 for ; Fri, 20 Sep 2019 03:50:10 -0400 (EDT) Received: by mail-qt1-x829.google.com with SMTP id w14so3188016qto.9 for ; Fri, 20 Sep 2019 00:50:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloudflare.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=jDXM0+lc+HHFEclNaS7Tm1Xzv27tcAfSVJZ87ebziE0=; b=pjW0qS8cppgkR1ZNQWRzF09E3uhJ5/k+bZP36XuBTbVlQCsactQFM0/E3MvSzt0dxL YijqwjscduaJ4qMVTG/lhoQJdSUzSi2G7l1XgnCZKHGVrTU+xIYfVin9BIXkmIy9/Qxd 0Kq4mauP9fGP8g3tWa6DWGp4HJSoPtwT/SuAQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=jDXM0+lc+HHFEclNaS7Tm1Xzv27tcAfSVJZ87ebziE0=; b=rRUsxYjVjp5zkIDFH6CyxRSrzh/f6KCShumpiwp0fe7OkoZXiVEzHZ4N9UXUa3vKmR C1m26yc1D7Svej8pdE3EnWzeCT+meZDt2+Gk1Nszu0YenXSYr7T0g+VlK7R5LLj+pwN/ xdySel3fcou4nAajYor1ymalLIeNnWji+QMJtAS5lhyeTabxuDuDnDvwxKghoRoNJUAV 9GLzOUG+DRvKHEcS4htCW2fENMK5ncMVo7AziiZ7bdUoyKA2Bz8nvVTUHRAKjlPfEETt 52m9605AHPjeaRwgQpoBLdRu5obvo7RNzYHpZWu7eFVpShxx41WbYxQZWFcKjjetZbgU Jt6w== X-Gm-Message-State: APjAAAUdo4xbYi1MNW9TFv3mfheE6ZYCbVyRyJme6zkuFfxdEEI7ylfc s9weVhbnnfPQ6wjhqGL+uthGMV2d+xgUj6Hu48JCmw== X-Google-Smtp-Source: APXvYqxB7/YWHdulS3PSXRkQrbn4RSfQ6aBR8JrMMnuIH9gTCTo7WUqGdSrODsCPEEkUGadTWteZAuKDDEINHdJtp7U= X-Received: by 2002:ac8:4597:: with SMTP id l23mr1973921qtn.284.1568965810387; Fri, 20 Sep 2019 00:50:10 -0700 (PDT) MIME-Version: 1.0 References: <87o8zgdvka.fsf@toke.dk> <20190920092408.58747a48@carbon> In-Reply-To: <20190920092408.58747a48@carbon> From: Marek Majkowski Date: Fri, 20 Sep 2019 09:49:59 +0200 Message-ID: To: Jesper Dangaard Brouer Cc: =?UTF-8?B?VG9rZSBIw7hpbGFuZC1Kw7hyZ2Vuc2Vu?= , ecn-sane@lists.bufferbloat.net, bloat@lists.bufferbloat.net Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Mailman-Approved-At: Fri, 20 Sep 2019 07:58:48 -0400 Subject: Re: [Ecn-sane] [Bloat] Issue with negotiating ECN with Cloudflare hosts? X-BeenThere: ecn-sane@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussion of explicit congestion notification's impact on the Internet List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Sep 2019 07:50:11 -0000 We definitely don't do anything fancy about ECN on our side. It must be some middle-box or intermediate router. Could you share your source IP, traceroute, and ideally "traceroute -S" (tcp/SYN mode). On Fri, Sep 20, 2019 at 9:24 AM Jesper Dangaard Brouer wrote: > > > On Thu, 19 Sep 2019 19:50:45 +0200 Toke H=C3=B8iland-J=C3=B8rgensen wrote: > > > Is anyone else experiencing problems negotiating ECN when connecting to > > Cloudflare? I see this for most sites protected by Cloudflare (such as > > bufferbloat.net), but only when using IPv4: > > > > # sysctl -w net.ipv4.tcp_ecn=3D1 > > net.ipv4.tcp_ecn =3D 1 > > # curl -v 1.1.1.1 > > * Trying 1.1.1.1:80... > > * TCP_NODELAY set > > * Connected to 1.1.1.1 (1.1.1.1) port 80 (#0) > > > GET / HTTP/1.1 > > > Host: 1.1.1.1 > > > User-Agent: curl/7.66.0 > > > Accept: */* > > > > > * Recv failure: Connection reset by peer > > * Closing connection 0 > > curl: (56) Recv failure: Connection reset by peer > > It works for me when repeating your experiment: > > $ sysctl -w net.ipv4.tcp_ecn=3D1 > net.ipv4.tcp_ecn =3D 1 > > $ curl -v 1.1.1.1 > * Rebuilt URL to: 1.1.1.1/ > * Trying 1.1.1.1... > * TCP_NODELAY set > * Connected to 1.1.1.1 (1.1.1.1) port 80 (#0) > > GET / HTTP/1.1 > > Host: 1.1.1.1 > > User-Agent: curl/7.61.1 > > Accept: */* > > > < HTTP/1.1 301 Moved Permanently > < Date: Fri, 20 Sep 2019 07:19:48 GMT > < Content-Type: text/html > < Transfer-Encoding: chunked > < Connection: keep-alive > < Location: https://1.1.1.1/ > < Served-In-Seconds: 0.000 > < CF-Cache-Status: HIT > < Age: 5944 > < Expires: Fri, 20 Sep 2019 11:19:48 GMT > < Cache-Control: public, max-age=3D14400 > < Server: cloudflare > < CF-RAY: 519208830aced891-CPH > [...] > > > > # sysctl -w net.ipv4.tcp_ecn=3D0 > > net.ipv4.tcp_ecn =3D 0 > > # curl -v 1.1.1.1 > > * Trying 1.1.1.1:80... > > * TCP_NODELAY set > > * Connected to 1.1.1.1 (1.1.1.1) port 80 (#0) > > > GET / HTTP/1.1 > > > Host: 1.1.1.1 > > > User-Agent: curl/7.66.0 > > > Accept: */* > > > > > * Mark bundle as not supporting multiuse > > < HTTP/1.1 301 Moved Permanently > > < Date: Thu, 19 Sep 2019 17:42:22 GMT > > < Content-Type: text/html > > < Transfer-Encoding: chunked > > < Connection: keep-alive > > < Location: https://1.1.1.1/ > > < Served-In-Seconds: 0.000 > > < CF-Cache-Status: HIT > > < Age: 4442 > > < Expires: Thu, 19 Sep 2019 21:42:22 GMT > > < Cache-Control: public, max-age=3D14400 > > < Server: cloudflare > > < CF-RAY: 518d5b13fcfcd43f-HAM > > < > > > > 301 Moved Permanently > > > >

301 Moved Permanently

> >
cloudflare-lb
> > > > > > * Connection #0 to host 1.1.1.1 left intact > > > > > > I've opened a support request with my ISP, but thought I'd ask if anyon= e > > else was seeing this? (Is anyone else running with ECN enabled?) > > I'm not seeing it, so it might be your ISP? > > -- > Best regards, > Jesper Dangaard Brouer > MSc.CS, Principal Kernel Engineer at Red Hat > LinkedIn: http://www.linkedin.com/in/brouer