[Ecn-sane] [Bloat] Issue with negotiating ECN with Cloudflare hosts?
Jesper Dangaard Brouer
brouer at redhat.com
Fri Sep 20 03:24:08 EDT 2019
On Thu, 19 Sep 2019 19:50:45 +0200 Toke Høiland-Jørgensen <toke at toke.dk> wrote:
> Is anyone else experiencing problems negotiating ECN when connecting to
> Cloudflare? I see this for most sites protected by Cloudflare (such as
> bufferbloat.net), but only when using IPv4:
>
> # sysctl -w net.ipv4.tcp_ecn=1
> net.ipv4.tcp_ecn = 1
> # curl -v 1.1.1.1
> * Trying 1.1.1.1:80...
> * TCP_NODELAY set
> * Connected to 1.1.1.1 (1.1.1.1) port 80 (#0)
> > GET / HTTP/1.1
> > Host: 1.1.1.1
> > User-Agent: curl/7.66.0
> > Accept: */*
> >
> * Recv failure: Connection reset by peer
> * Closing connection 0
> curl: (56) Recv failure: Connection reset by peer
It works for me when repeating your experiment:
$ sysctl -w net.ipv4.tcp_ecn=1
net.ipv4.tcp_ecn = 1
$ curl -v 1.1.1.1
* Rebuilt URL to: 1.1.1.1/
* Trying 1.1.1.1...
* TCP_NODELAY set
* Connected to 1.1.1.1 (1.1.1.1) port 80 (#0)
> GET / HTTP/1.1
> Host: 1.1.1.1
> User-Agent: curl/7.61.1
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Date: Fri, 20 Sep 2019 07:19:48 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
< Location: https://1.1.1.1/
< Served-In-Seconds: 0.000
< CF-Cache-Status: HIT
< Age: 5944
< Expires: Fri, 20 Sep 2019 11:19:48 GMT
< Cache-Control: public, max-age=14400
< Server: cloudflare
< CF-RAY: 519208830aced891-CPH
[...]
> # sysctl -w net.ipv4.tcp_ecn=0
> net.ipv4.tcp_ecn = 0
> # curl -v 1.1.1.1
> * Trying 1.1.1.1:80...
> * TCP_NODELAY set
> * Connected to 1.1.1.1 (1.1.1.1) port 80 (#0)
> > GET / HTTP/1.1
> > Host: 1.1.1.1
> > User-Agent: curl/7.66.0
> > Accept: */*
> >
> * Mark bundle as not supporting multiuse
> < HTTP/1.1 301 Moved Permanently
> < Date: Thu, 19 Sep 2019 17:42:22 GMT
> < Content-Type: text/html
> < Transfer-Encoding: chunked
> < Connection: keep-alive
> < Location: https://1.1.1.1/
> < Served-In-Seconds: 0.000
> < CF-Cache-Status: HIT
> < Age: 4442
> < Expires: Thu, 19 Sep 2019 21:42:22 GMT
> < Cache-Control: public, max-age=14400
> < Server: cloudflare
> < CF-RAY: 518d5b13fcfcd43f-HAM
> <
> <html>
> <head><title>301 Moved Permanently</title></head>
> <body bgcolor="white">
> <center><h1>301 Moved Permanently</h1></center>
> <hr><center>cloudflare-lb</center>
> </body>
> </html>
> * Connection #0 to host 1.1.1.1 left intact
>
>
> I've opened a support request with my ISP, but thought I'd ask if anyone
> else was seeing this? (Is anyone else running with ECN enabled?)
I'm not seeing it, so it might be your ISP?
--
Best regards,
Jesper Dangaard Brouer
MSc.CS, Principal Kernel Engineer at Red Hat
LinkedIn: http://www.linkedin.com/in/brouer
More information about the Ecn-sane
mailing list