Results 1 to 1 of 1
This is on CentOS4, 2.6.9-55.0.2.ELsmp
Adding the following lines to /etc/sysconfig/iptables, then doing service iptables reload, causes all outgoing tcp connections to just hang there.
* mangle
:INPUT ACCEPT [0:0]
...
- 09-15-2007 #1Just Joined!
- Join Date
- Feb 2007
- Location
- Columbus, OH
- Posts
- 2
iptables ECN target is a black hole
This is on CentOS4, 2.6.9-55.0.2.ELsmp
Adding the following lines to /etc/sysconfig/iptables, then doing service iptables reload, causes all outgoing tcp connections to just hang there.
* mangle
:INPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -p tcp -j ECN --ecn-tcp-remove
This is a router/nat box for our local network. Local machines are a mix of Windows (no ECN) and Linux (ECN enabled).
It's otherwise a pretty standard setup. I could never get ECN removal to work for the few broken sites that require it (Southwest Airlines in my case). As soon as you try it, even per-site, then no connections ever succeed.
Any clues?
Cheers, Kuba
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
