Re: ECN: Clearing the air (fwd)
Rogier Wolff (R.E.Wolff@BitWizard.nl)
Sun, 28 Jan 2001 19:23:28 +0100 (MET)
jamal wrote:
>
>
> On Sun, 28 Jan 2001, Rogier Wolff wrote:
>
> > jamal wrote:
> > > > Yes,
> > > > those firewalls should be updated to allow ECN-enabled packets
> > > > through. However, to break connectivity to such sites deliberately just
> > > > because they are not supporting an *experimental* extension to the current
> > > > protocols is rather silly.
> > > >
> > >
> > > This is the way it's done with all protocols. or i should say the way it
> > > used to be done. How do you expect ECN to be deployed otherwise?
> >
> > Thinking about this a bit more:
> >
> > A sufficiently paranoid firewall should block requests that he doesn't
> > fully understand. ECN was in this category, so old firewalls are
> > "right" to block these. (Sending an 'RST' is not elegant. So be it.)
> >
> > However, ECN is now "understood", and operators are now in a position
> > to configure their firewall to "do the right thing". This is
> This would have been easier. The firewall operators were not
> provided with this option. This is hard-coded. I agree with the rest
> of your message.
Take "configure" with a bit of liberty. Because the firewall vendor
chose to hard-code this into the firmware. "configuring" in this case
means reconfiguring new software on the firewall. Blame the vendor.
Roger.
--
** R.E.Wolff@BitWizard.nl ** http://www.BitWizard.nl/ ** +31-15-2137555 **
*-- BitWizard writes Linux device drivers for any device you may have! --*
* There are old pilots, and there are bold pilots.
* There are also old, bald pilots.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/