On Sat, Mar 09, 2002 at 06:43:38PM +0100, Wiktor Wodecki wrote: > Hi there, > > > > Nope, TCP_RESERVED_BITS = __constant_htonl(0x0F000000), ECN bits > > > are not included. See RFC793 if you want a confirmation. > > Doing so will with no doubt create serious incompabilities the day > > these bits starts to be used for anything, just as the ECN change > > has. There is still a huge amount of sites that do not accept ECN > > flagged traffic even if the ECN extension is proposed standard track > > since long back. This due mainly to various kinds of firewalls beeing > > too picky about "reserved for future use" bits, which in the ECN case > > even was defined once in a time and then later became reserved. > > well, so whatabout making an interface in /proc to dynamically turn > on/off checks for that 'reserved' fields? That way admins could allow > those "new" packets without the need of rebooting with a new kernel and > an updated unclean match.
This doesn't deal with the problem. How many firewall admins do even know about the reserved bits and do follow recent IETF development with regards to reserved bits in various headers? > Wiktor Wodecki | http://johoho.eggheads.org -- Live long and prosper - Harald Welte / [EMAIL PROTECTED] http://www.gnumonks.org/ ============================================================================ GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M+ V-- PS++ PE-- Y++ PGP++ t+ 5-- !X !R tv-- b+++ !DI !D G+ e* h--- r++ y+(*)
msg00205/pgp00000.pgp
Description: PGP signature
