On Mon, Feb 17, 2003 at 09:32:08PM +0100, Nick Nauwelaerts wrote: > Ofcourse the new kernel was already in place but I'd forgotten to > reboot. So, one reboot later it's getting a "connection refused" as > expected. Just one more thing, it takes about 3 seconds to get a > connection refused with ECN enabled, but with ECN disabled it's > immediately. I guess this is a feature of ECN?
It's a consequence of how OpenBSD's (KAME's, really) code ignores the first RST and retransmits the SYN with ECN disabled. It's the second RST that causes the socket to get closed with "connection refused", and it takes about three seconds for the retransmission to get triggered. Daniel
