Not all servers have ECN support enabled. A SYN-ACK without the ECE bit set
indicates it does not. The connection then proceeds as Not-ECT.
I'm reasonably sure Akamai has specifically enabled ECN support. A lot of
smaller webservers are probably running with the default passive-mode ECN
support as well (ie. will negotiate inbound but not initiate outbound).
- Jonathan Morton
Why would my server not support ECN? I have full control over both the
client and server, my previous mail contained the ECN kernel parameter
configuration, and I also did the packet capture directly on the server.
The server is using fq_codel with ecn enabled, and also has a basic
nftables firewall but it doesn't mess with packet headers or do anything
fancy.
The only thing I can think of could be a hidden requirement on
conntrack, which on the server is disabled for some ports, though I
couldn't find any mention of this anywhere.
_______________________________________________
Cake mailing list
[email protected]
https://lists.bufferbloat.net/listinfo/cake
