[Ecn-sane] Issue with negotiating ECN with Cloudflare hosts?
Toke Høiland-Jørgensen
toke at toke.dk
Thu Sep 19 13:50:45 EDT 2019
Is anyone else experiencing problems negotiating ECN when connecting to
Cloudflare? I see this for most sites protected by Cloudflare (such as
bufferbloat.net), but only when using IPv4:
# sysctl -w net.ipv4.tcp_ecn=1
net.ipv4.tcp_ecn = 1
# curl -v 1.1.1.1
* Trying 1.1.1.1:80...
* TCP_NODELAY set
* Connected to 1.1.1.1 (1.1.1.1) port 80 (#0)
> GET / HTTP/1.1
> Host: 1.1.1.1
> User-Agent: curl/7.66.0
> Accept: */*
>
* Recv failure: Connection reset by peer
* Closing connection 0
curl: (56) Recv failure: Connection reset by peer
# sysctl -w net.ipv4.tcp_ecn=0
net.ipv4.tcp_ecn = 0
# curl -v 1.1.1.1
* Trying 1.1.1.1:80...
* TCP_NODELAY set
* Connected to 1.1.1.1 (1.1.1.1) port 80 (#0)
> GET / HTTP/1.1
> Host: 1.1.1.1
> User-Agent: curl/7.66.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Date: Thu, 19 Sep 2019 17:42:22 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
< Location: https://1.1.1.1/
< Served-In-Seconds: 0.000
< CF-Cache-Status: HIT
< Age: 4442
< Expires: Thu, 19 Sep 2019 21:42:22 GMT
< Cache-Control: public, max-age=14400
< Server: cloudflare
< CF-RAY: 518d5b13fcfcd43f-HAM
<
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>cloudflare-lb</center>
</body>
</html>
* Connection #0 to host 1.1.1.1 left intact
I've opened a support request with my ISP, but thought I'd ask if anyone
else was seeing this? (Is anyone else running with ECN enabled?)
-Toke
More information about the Ecn-sane
mailing list