由 ppyy 在 12-16-2003 15:16 发表:
Linux 2.4.20 以后内核的ECN问题
问题描述:
在安装了2.4.20以后内核的Linux,在连接如意通邮箱的smtp端口的时候,出现timeout的问题。在2.4.18内核和其他操作系统上没有这个问题。
Dec 14 17:10:58 mail1 postfix/smtp[5286]: D624020108F: to=, relay=none, delay=33, status=deferred (connect to smtp.ruyi.com[211.97.168.172]: Connection timed out)
cz:~# telnet smtp.ruyi.com 23
Trying 211.97.168.172...
telnet: Unable to connect to remote host: Connection timed out
问题原因:
在2.4.20以后的内核里面,增加了一个 ECN 功能:
TCP Explicit Congestion Notification support
CONFIG_INET_ECN
Explicit Congestion Notification (ECN) allows routers to notify
clients about network congestion, resulting in fewer dropped packets
and increased network performance. This option adds ECN support to
the Linux kernel, as well as a sysctl (/proc/sys/net/ipv4/tcp_ecn)
which allows ECN support to be disabled at runtime.
Note that, on the Internet, there are many broken firewalls which
refuse connections from ECN-enabled machines, and it may be a while
before these firewalls are fixed. Until then, to access a site
behind such a firewall (some of which are major sites, at the time
of this writing) you will have to disable this option, either by
saying N now or by using the sysctl.
这个功能缺省是打开的,在和有些老的防火墙(比如 CISCO PIX老版本)通讯的时
候,会产生问题。
<br /