On Wed, Sep 05, 2001 at 06:30:27PM -0700, Neil T. Spring wrote: > My point is: the maintainers have spoken. If we're going > to make progress in helping users behind broken equipment, > we're going to have to find another way that doesn't offend > Herbert, Craig, and Anthony's sense of idealism.
I'm not sure what you mean by "idealism" but surely it's obvious the solution that's closest to ideal for the most users should be chosen as the default. We've currently had what options? 1) Disable ECN in the kernel, and let people who want it recompile the kernel by hand. Pros: doesn't hurt anyone, follows the upstream kernel defaults. Cons: makes it hard for people to enable, which in the long term damages the Internet's resiliance to DoS attacks. 2) Leave ECN in the kernel, but disable it externally by default. Pros: doesn't hurt anyone, makes it easy to change. Cons: requires kludging around in other packages (boot-floppies and procps/netbase) 3) Leave ECN in the kernel, enabled by default. Pros: easy to setup, easy to change after the fact. Cons: neophytes can easily be confused when random sites start not working unpredictably from Debian machines but work fine elsewhere. Another option, which would require a minor patch to the kernel, would be to have ECN default to disabled even when compiled into the kernel (and thus require an explit 'echo 1 >/proc/sys/net/ipv4/tcp_ecn' to enable). This'd be analagous to the current behaviour with IP forwarding. There might be other options too. Cheers, aj -- Anthony Towns <[EMAIL PROTECTED]> <http://azure.humbug.org.au/~aj/> I don't speak for anyone save myself. GPG signed mail preferred. ``_Any_ increase in interface difficulty, in exchange for a benefit you do not understand, cannot perceive, or don't care about, is too much.'' -- John S. Novak, III (The Humblest Man on the Net)
pgpqN9PKX5BBJ.pgp
Description: PGP signature