Re[4]: www.isoc.org unreachable when ECN is used
2003-12-11 13:12:01Valdis(_dot_)Kletnieks(_at_)vt(_dot_)edu writes:
The problem is that the most common failure mode is *not* getting an RST back, but getting NOTHING back because some squirrely firewall between here and there is silently dropping packets with bits it doesn't understand.
Ah ... that would definitely be a bug with the firewall, then. However, a slight complication is that firewalls normally do not enter into TCP/IP conversations as proxies for the true correspondents--so is it really appropriate for a firewall to send a RST on behalf of some other host? If the firewall really is a legitimate proxy as well, no problem, but if it is intended to be fairly transparent, holding conversations with a distant host in a way that gives the latter the impression that it is talking to someone else is risky business. I also don't see why a firewall would drop packets just because reserved bits are set, although I can see why it might be a configurable option for the most paranoid users.
smime.p7s
Description: S/MIME Cryptographic Signature
| Previous by Date: | Re[4]: www.isoc.org unreachable when ECN is used [was: Re: ITU takes over?], Anthony G. Atkielski |
|---|---|
| Next by Date: | Re: Re[2]: www.isoc.org unreachable when ECN is used [was: Re: ITU takes over?], Valdis . Kletnieks |
| Previous by Thread: | Re: Re[2]: www.isoc.org unreachable when ECN is used, Valdis . Kletnieks |
| Next by Thread: | Re: Re[4]: www.isoc.org unreachable when ECN is used, Theodore Ts'o |
| Indexes: | [Date] [Thread] [Top] [All Lists] |