[Bloat] ECN on vpns?
Dave Taht
dave.taht at gmail.com
Tue Jul 1 01:24:23 EDT 2014
I presently don't have any ipsec based tunnels running (having
reverted to the much easier to setup openvpn), and we'd discussed what
the rfcs said about ecn a while back:
http://permalink.gmane.org/gmane.comp.embedded.cerowrt.devel/470
And I'd noted that encapsulation seemed to be working even further back:
https://lists.bufferbloat.net/pipermail/bloat/2011-June/000554.html
http://huchra.bufferbloat.net/~d/veryhappynetwork.png
but I haven't ever got around to checking what products, if any,
actually decapsulated ECT(1) correctly back into the original IP
header.
Does anyone know if linux + strongswan/libreswan and/or other forms of
vpn encapsulation (tinq, openvpn, commercial products), are doing the
right thing presently? I would figure openvpn can't (due to doing
compression)...
I see ecn negotiation is in the ikev2 standard...
--
Dave Täht
NSFW: https://w2.eff.org/Censorship/Internet_censorship_bills/russell_0296_indecent.article
More information about the Bloat
mailing list