From: Eric Dumazet <eric.dumazet@gmail.com>
To: Stephen Hemminger <shemminger@vyatta.com>
Cc: Chris Wright <chrisw@redhat.com>,
David Miller <davem@davemloft.net>,
netdev@vger.kernel.org
Subject: Re: [RFC] gre: conform to RFC6040 ECN progogation
Date: Tue, 25 Sep 2012 07:17:07 +0200 [thread overview]
Message-ID: <1348550227.26828.1910.camel@edumazet-glaptop> (raw)
In-Reply-To: <20120924153013.553f0b76@nehalam.linuxnetplumber.net>
On Mon, 2012-09-24 at 15:30 -0700, Stephen Hemminger wrote:
> Logging is a bad idea in this case since the tunnel might be from a remote
> host/protocol and the log would be filled with crap.
>
> The tunnels in general do need to have rx_dropped counter, but it looks
> like that isn't being done right either.
>
I never suggested to log _all_ messages.
Stephen, I personally was hit by some provider playing with TOS bits so
wrong I had to patch linux to fix a minor problem. [1]
I would like to know why my tunnels are going to fail, and what should I
do to get a fallback. Ie reverting your patches.
RFC 6040 states :
In these cases,
particularly the more dangerous ones, the decapsulator SHOULD log
the event and MAY also raise an alarm.
Just because the highlighted combinations are currently unused,
does not mean that all the other combinations are always valid.
Some are only valid if they have arrived from a particular type of
legacy ingress, and dangerous otherwise. Therefore, an
implementation MAY allow an operator to configure logging and
alarms for such additional header combinations known to be
dangerous or CU for the particular configuration of tunnel
endpoints deployed at run-time.
Alarms SHOULD be rate-limited so that the anomalous combinations
will not amplify into a flood of alarm messages. It MUST be
possible to suppress alarms or logging, e.g., if it becomes
apparent that a combination that previously was not used has
started to be used for legitimate purposes such as a new standards
action.
[1]
commit 7a269ffad72f3604b8982fa09c387670e0d2ee14
Author: Eric Dumazet <eric.dumazet@gmail.com>
Date: Thu Sep 22 20:02:19 2011 +0000
tcp: ECN blackhole should not force quickack mode
While playing with a new ADSL box at home, I discovered that ECN
blackhole can trigger suboptimal quickack mode on linux : We send one
ACK for each incoming data frame, without any delay and eventual
piggyback.
This is because TCP_ECN_check_ce() considers that if no ECT is seen on a
segment, this is because this segment was a retransmit.
Refine this heuristic and apply it only if we seen ECT in a previous
segment, to detect ECN blackhole at IP level.
next prev parent reply other threads:[~2012-09-25 5:17 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-24 18:43 [PATCH net-next 0/3] VXLAN driver Stephen Hemminger
2012-09-24 18:43 ` [PATCH net-next 1/3] netlink: add attributes to fdb interface Stephen Hemminger
2012-09-24 18:43 ` [PATCH net-next 2/3] igmp: export symbol ip_mc_leave_group Stephen Hemminger
2012-09-24 18:43 ` [PATCH net-next 3/3] vxlan: virtual extensible lan Stephen Hemminger
2012-09-24 19:33 ` Eric Dumazet
2012-09-24 19:39 ` Eric Dumazet
2012-09-24 19:46 ` [PATCHv2 " Stephen Hemminger
2012-09-24 19:55 ` Eric Dumazet
2012-09-24 20:02 ` [PATCHv3 " Stephen Hemminger
2012-09-24 20:24 ` John Fastabend
2012-09-24 20:27 ` Stephen Hemminger
2012-09-24 23:17 ` John Fastabend
2012-09-24 20:09 ` [PATCHv2 " Eric Dumazet
2012-09-24 20:26 ` Stephen Hemminger
2012-09-24 20:41 ` Eric Dumazet
2012-09-24 20:58 ` [PATCH " Chris Wright
2012-09-24 21:11 ` Stephen Hemminger
2012-09-24 21:22 ` Chris Wright
2012-09-24 21:44 ` [RFC] gre: conform to RFC6040 ECN progogation Stephen Hemminger
2012-09-24 22:25 ` Eric Dumazet
2012-09-24 22:30 ` Stephen Hemminger
2012-09-25 5:17 ` Eric Dumazet [this message]
2012-10-01 15:55 ` Ben Hutchings
2012-10-01 15:56 ` Stephen Hemminger
2012-10-01 16:49 ` Ben Hutchings
2012-10-01 17:13 ` Eric Dumazet
2012-10-01 21:21 ` Stephen Hemminger
2012-09-24 21:50 ` [PATCHv4 net-next] vxlan: virtual extensible lan Stephen Hemminger
2012-09-25 21:55 ` Jesse Gross
2012-09-25 22:03 ` Stephen Hemminger
2012-09-25 22:09 ` [PATCHv5 " Stephen Hemminger
2012-09-27 22:47 ` David Miller
2012-09-27 23:00 ` Stephen Hemminger
2012-09-27 23:12 ` David Miller
2012-10-01 20:57 ` [PATCHv6 " Stephen Hemminger
2012-10-01 22:07 ` David Miller
2012-10-01 22:23 ` Stephen Hemminger
2012-10-01 22:30 ` Stephen Hemminger
2012-10-01 22:34 ` David Miller
[not found] ` <20121001140206.2bbf9c41@nehalam.linuxnetplumber.net>
2012-10-01 21:02 ` [PATCH 2/2] iproute2: manage VXLAN forwarding entries Stephen Hemminger
2012-10-01 21:02 ` [PATCH 1/2] iproute2: vxlan support Stephen Hemminger
2012-09-26 4:36 ` [PATCHv4 net-next] vxlan: virtual extensible lan Stephen Hemminger
2012-09-27 17:20 ` Jesse Gross
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1348550227.26828.1910.camel@edumazet-glaptop \
--to=eric.dumazet@gmail.com \
--cc=chrisw@redhat.com \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=shemminger@vyatta.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox