On Fri, Apr 13, 2001 at 07:28:38AM -0600, Stefan Srdic wrote: > Daniel Stone wrote: > > > Well, there's been a raging debate on linux-kernel about this. Basically, > > some Cisco routers are broken, as the (outdated) RFC specified that this > > field (the one for ECN) was "reserved", so Cisco took that to mean "must be > > zero". Hence, when you turn ECN on, a lot of Cisco routers drop the packet - > > including the ones for Hotmail, etc. > > > > Hope this helps, > > :) d > > That could explain a few problems that I have been having while attempting to > download from the net through my Windows clients, maybe it would be best to > leave > ECN to its default value (off) untill further investigation proves otherwise. > Funny > how there was no mention of this in the kernel documentation.
Yep, it's recommended you leave it to off for the time being, the only person I know who's happy with it on is David Miller, and he's, well, David Miller. ;) > Anyway... > > Are there any other IPV4 settings that I should know about that increase > system > transfer efficientcy and security? Those settings look good to me :) > Would it be recomended to execute an IPTables script via the networking init > script? I think it should be left up to the user, as there are packages (including ferm and agt), which convert configuration language into iptables/chains/fwadm rulesets, so the user might want this. Then there are people with their own rulesets. (I'm currently packaging agt, btw). Other than that, looks good! :) d -- Daniel Stone Linux Kernel Developer [EMAIL PROTECTED] -----BEGIN GEEK CODE BLOCK----- Version: 3.1 G!>CS d s++:- a---- C++ ULS++++$>B P---- L+++>++++ E+(joe)>+++ W++ N->++ !o K? w++(--) O---- M- V-- PS+++ PE- Y PGP>++ t--- 5-- X- R- tv-(!) b+++ DI+++ D+ G e->++ h!(+) r+(%) y? UF++ ------END GEEK CODE BLOCK------
