Right -- systemd have just-now agreed to set the change in their upstream systemd sysctl files :- https://github.com/systemd/systemd/commit/6f130e85c76cfc2c58ba31f90d2ac3800866c1dd
I notice, however, that ubuntu's systemd pkg 'strips most those settings out', in 18.04 currently only carrying the 18.04 fq_codel switch-on in their sysctl.d.... I think, given what has been said, I would like to propose that I :- * Make a suggested text for a 10-network-bufferbloat.conf here in procps in 18.10 (hopefully-onwards, including suitable references/comments about BBR (which should be there but commented/not- enabled yet unless we are sure its' been fixed to respond to ECN notifications.). This text shall explain clearly these are deliberately being tested into 18.10 and where to report bugs. * Look at what ubuntu's systemd package towards 18.10 is importing in sysctl.d -- and likely suggest ubuntu 'taken out' entirely so procps is the 'one' location for these settings (i.e. no duplicate setting of qdisc=fq_codel in 2 different places). Some will want to boot ubuntu with OpenRC or upstart for whatever reasons and consistent-behaviour would be helpful... * Ask in the BBR community about tcp_congestion_control goings-on there, when they are ready for ECN-compatible BBR wider-deployment. * Then, as/when seems appropriate, suggest changes into upstream-debian and upstream-kernel on the defaults. @rbalint -- what do you think on this plan for the interim? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to procps in Ubuntu. https://bugs.launchpad.net/bugs/1773157 Title: procps outdated network options, old syncookies, new ecn update please. Status in procps package in Ubuntu: Confirmed Bug description: The ubuntu version of procps carries it's own /etc/sysctl.d/10 -network-security.conf file explicitly that appears not to be part of debian procps version. Firstly, the section about "# Turn on SYN-flood protections." (came from LP #57091 ) is now entirely outdated, upstream kernel has long since turned on syncookies by default, so setting this flag explicitly in 10-network-security.conf is entirely redundant likely since before ubuntu-14.04 . I would like the ubuntu-maintainer to remove that section entirely in cosmic onwards. [I am going to report debian the similarly outdated syncookies comments in sysctl.conf itself]. Secondly, I propose a new 10-network-tuning.conf with:- ============================================================================== # Allow ECN for outgoing connections. Starting with 4.2, there is an adaptive # fallback [enabled by default tcp_ecn_fallback option] preventing connection # loss even with ecn enabled, also ecn-intolerance is increasingly very rare. net.ipv4.tcp_ecn=1 ============================================================================== I know there is a (small) chance of issues/regressions with ECN enabled by default on outgoing but I'm quite sure the issue is very rare, like others notice [ref: 1 and 2 below]. Apple's selective enablements etc. show this works just as much as my own use for years and many similar reports. ECN actually being used for outgoing connections really helps with latency-reduction with modern routers (both core and edge) using queuing disciplines fq_codel or otherwise, able to mark rather than drop packets on ECN-enabled flows [helps latency and realtime applications]. Now we are just past LTS release is in my view the 'right time' to finally enable ECN [and obviously easy to revert!]. If this is disputed, in ANY case I strongly suggest at the very least a commented-out ECN section should be included, but 'defaults matter'!. I was going to suggest a non-default section about net.core.default_qdisc [ LP #1436945 ] but this appears to have been fixed upstream similarly. [1] https://www.ietf.org/proceedings/98/slides/slides-98-maprg-tcp-ecn-experience-with-enabling-ecn-on-the-internet-padma-bhooma-00.pdf [2] http://seclists.org/nanog/2015/Jun/675 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1773157/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
