On 03/10/17 08:16, Rosen Penev wrote:
ECN is used by fq_codel and other AQMs. Kernel 4.2 added a fallback in case of
failure, so adjust to kernel default.
The kernel default is 2, which is what you've set the firewall3 default
to be now as well. 2 accepts ECN on incoming connections but does NOT
request it on outbound connections. Therefore the fallback mechanism
you mention doesn't actually come in to play at all.
Setting the value to '1' permits linux to attempt ECN on both incoming
and outgoing connections to/from the router itself (and uses the
fallback mechanism)
It's tempting to set it to 1 (like I have for the past year+) and be
damned :-)
Signed-off-by: Rosen Penev <ros...@gmail.com>
---
defaults.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/defaults.c b/defaults.c
index 85a3750..68e40f5 100644
--- a/defaults.c
+++ b/defaults.c
@@ -90,6 +90,7 @@ fw3_load_defaults(struct fw3_state *state, struct uci_package
*p)
defs->syn_flood_rate.rate = 25;
defs->syn_flood_rate.burst = 50;
+ defs->tcp_ecn = 2;
defs->tcp_syncookies = true;
defs->tcp_window_scaling = true;
defs->custom_chains = true;
_______________________________________________
Lede-dev mailing list
Lede-dev@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/lede-dev
