Contact:suso@suso.org
IP: TCP Explicit Congestion Notification support When I built the kernel for my server on suso.org, I made the mistake of enabling some options without fully exploring them. I just read the brief summary of the option and thought, hey that might be useful, why not. Well, you're about to find out exactly why not. I was having trouble with the server talking to a handful of mail servers. For all the symptoms that I was seeing, it seemed as if a firewall on the remote end was blocking the connections. This was loosely the case as described in the help section for the option above: CONFIG_INET_ECN: Explicit Congestion Notification (ECN) allows routers to notify clients about network congestion, resulting in fewer dropped packets and increased network performance. This option adds ECN support to the Linux kernel, as well as a sysctl (/proc/sys/net/ipv4/tcp_ecn) which allows ECN support to be disabled at runtime. Note that, on the Internet, there are many broken firewalls which refuse connections from ECN-enabled machines, and it may be a while before these firewalls are fixed. Until then, to access a site behind such a firewall (some of which are major sites, at the time of this writing) you will have to disable this option, either by saying N now or by using the sysctl. So the mail servers that I was getting "connection timed out" messages from must be behind these "broken" firewalls. After removing this option from the kernel, I was able to connect to these mail servers. Strange. Back to the Index