LinuxSir.cn,穿越时空的Linuxsir!

 找回密码
 注册
搜索
热搜: shell linux mysql
查看: 617|回复: 0

Linux 2.4.20 以后内核的ECN问题

[复制链接]
发表于 2003-12-16 15:16:54 | 显示全部楼层 |阅读模式
问题描述:
在安装了2.4.20以后内核的Linux,在连接如意通邮箱的smtp端口的时候,出现timeout的问题。在2.4.18内核和其他操作系统上没有这个问题。

Dec 14 17:10:58 mail1 postfix/smtp[5286]: D624020108F: to=, relay=none, delay=33, status=deferred (connect to smtp.ruyi.com[211.97.168.172]: Connection timed out)

cz:~# telnet smtp.ruyi.com 23
Trying 211.97.168.172...
telnet: Unable to connect to remote host: Connection timed out


问题原因:
在2.4.20以后的内核里面,增加了一个 ECN 功能:
TCP Explicit Congestion Notification support
CONFIG_INET_ECN
Explicit Congestion Notification (ECN) allows routers to notify
clients about network congestion, resulting in fewer dropped packets
and increased network performance. This option adds ECN support to
the Linux kernel, as well as a sysctl (/proc/sys/net/ipv4/tcp_ecn)
which allows ECN support to be disabled at runtime.

Note that, on the Internet, there are many broken firewalls which
refuse connections from ECN-enabled machines, and it may be a while
before these firewalls are fixed. Until then, to access a site
behind such a firewall (some of which are major sites, at the time
of this writing) you will have to disable this option, either by
saying N now or by using the sysctl.


这个功能缺省是打开的,在和有些老的防火墙(比如 CISCO PIX老版本)通讯的时
候,会产生问题。


解决办法:
1)
echo "0" > /proc/sys/net/ipv4/tcp_ecn
2)
sysctl -w net.ipv4.tcp_ecn=0
3)编辑 /etc/sysctl.conf
net.ipv4.tcp_ecn=0
4)编译内核的时候,去掉 ECN 选项

相关链接:
http://lists.debian.org/debian-u ... 00304/msg02277.html
http://www.rfc-editor.org/rfc/rfc3168.txt
您需要登录后才可以回帖 登录 | 注册

本版积分规则

快速回复 返回顶部 返回列表