Bug 116461

Summary: Default TCP ECE enabled setting breaks routing across ADSL router
Product: [Fedora] Fedora Reporter: James Derrick <orders>
Component: kernelAssignee: Arjan van de Ven <arjanv>
Status: CLOSED NOTABUG QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 2CC: aleksey
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-02-22 00:45:37 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description James Derrick 2004-02-21 14:12:18 UTC 
Description of problem:
Summary
=======
Fedora FC2-test1 ships with a TCP stack that sets TCP flags CWR and 
ECE set on. This prevents any TCP traffic from being routed through 
my ADSL router (www.Solwise.co.uk SAR-705, Globlespan Vitara chipset, 
v1.22a).

A single line reconfig turns-off ECE and all magically starts working!

Symptoms
========
Upgrade RH9 - Fedora FC2 test1.
No external networking works. Can resolve DNS, ping works to LAN and 
to the Internet. HTTP browser and 'telnet www.google.com 80' timeout 
with no reply. All external TCP/IP connections timeout, interlan LAN 
connections work fine.

Similar RH9 machine works AOK on same LAN.

Looks to be a general issue with 2.6 ketnel TCP/IP stack, its config, 
and interworking with existing third-party router kit.

Analysis
========
Installed machines on a hub, sniffed with Ethereal.
# telnet www.foobar.org 80
The only difference in outgoing telnet SYN TCP/IP packets from RH9 
and FC2-test1 is the Fedora packet has CWR and ECN-Echo bits set.

A search on TCP CWR and ECE flags brought up a fix:
# cat /proc/sys/net/ipv4/tcp_ecn
1
# echo 0 > /proc/sys/net/ipv4/tcp_ecn
# cat /proc/sys/net/ipv4/tcp_ecn
0

After doing this, web browsing, telnet, and all other TCP/IP 
applications started working immediately.

The ADSL router box doesn't forward TCP/IP SYN packets with CWR and 
ECN flags set, which is the default for Fedora FC2-test1.

This may not be a Linux or Fedora bug per-se but could hit other 
users connecting via routers that don't support ECN.

Version-Release number of selected component (if applicable):
kernel-2.6.1-1.65

How reproducible:
Every time

Steps to Reproduce:
1. telnet www.google.com 80
2. echo 0 > /proc/sys/net/ipv4/tcp_ecn
3. telnet www.google.com 80
  
Actual results:
1. Times out as TCP/IP SYN marked with ECN is dropped.
2. Disable ECN.
3. Connects AOK as packets no longer use ECN.

Expected results:
ECN should not be enabled as a default until other devices support 
it. 

Additional info:
Comment 1 Dave Jones 2004-02-22 00:45:37 UTC 
your router firmware needs upgrading to comply with internet standards
that have been RFC's for a few years now.
My dealings with Solwise in the past have shown them to be quite
clued, so there may even already be an update available.
Comment 2 Aleksey Nogin 2004-03-02 00:24:53 UTC 
Linksys routers are also unhappy with ECN - they forward ECN fine,
they do not accept connections (w.g. when youi are trying to access
their http port for configuration manager) if ECN is enabled...