Bug #125

ECN blacklist iptables rules

Added by Dave Täht on May 7, 2011. Updated on Jun 24, 2014.
Closed Normal Steven Bauer

Description

Much like we have email blacklists, a malfunctioning ECN server blacklist could be maintained, and used as a standard iptables rule, to prevent ECN negotiation to malfunctioning hosts.

It could use ipset to check for malfunctioning hosts on connect and rsync or wget to periodically update the file, much like how spam sources are tracked today. It would be awesome if it could check automagically and phone home with the data…

History

Updated by Steven Bauer on May 8, 2011.
Lets discuss… most ECN “problems” are caused by network elements of one sort or another (routers, switches, load balancers, etc).

So a ECN server blacklist perhaps isn’t quite the right thing. Moreover, ECN problems can be introduced by a device very close to the client. For such a client, essentially the entire Internet would have to be blacklisted. (This in fact was exactly the case at my lab before it was fixed.)

Now, perhaps your point is there are servers that have topologically close problems and those could reasonably be put on a global list so everyone doesn’t go negotiating an ECN connection that ends up broken. Could be fairly large list. But even here since ECN brokenness is a path issue, the blacklist might not be correct for some clients depending upon the network topology and the location of the problems.

Updated by Dave Täht on Jul 27, 2011.
Updated by Dave Täht on Jun 24, 2014.

This is a static export of the original bufferbloat.net issue database. As such, no further commenting is possible; the information is solely here for archival purposes.
RSS feed

Recent News & Articles

Mar 17, 2019 Wiki page
Jake Holland's Stance on ECN
Sep 6, 2018 Wiki page
Pete Heist's Thoughts on ECN
Sep 5, 2018 Wiki page
Dave Taht's Stance on ECN
Sep 4, 2018 Wiki page
Jonathan Morton's Take on ECN
Sep 3, 2018 Wiki page
ECN-Sane Project

Find us elsewhere

Bufferbloat Mailing Lists
#bufferbloat on Twitter
Google+ group
Archived Bufferbloat pages from the Wayback Machine

Sponsors

Comcast Research Innovation Fund
Nlnet Foundation
Shuttleworth Foundation
GoFundMe

Bufferbloat Related Projects

Congestion Control Blog
Lede Project (OpenWrt)
Flent Network Test Suite
Sqm-Scripts
The Cake shaper
AQMs in BSD
IETF AQM WG

Network Performance Related Resources


Jim Gettys' Blog - The chairman of the Fjord
Toke's Blog - Karlstad University's work on bloat
Voip Users Conference - Weekly Videoconference mostly about voip
Candelatech - A wifi testing company that "gets it".