procps outdated network options, old syncookies, new ecn update please.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
procps (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
The ubuntu version of procps carries it's own /etc/sysctl.
Firstly, the section about "# Turn on SYN-flood protections." (came from LP #57091 ) is now entirely outdated, upstream kernel has long since turned on syncookies by default, so setting this flag explicitly in 10-network-
I would like the ubuntu-maintainer to remove that section entirely in cosmic onwards.
[I am going to report debian the similarly outdated syncookies comments in sysctl.conf itself].
Secondly, I propose a new 10-network-
=======
# Allow ECN for outgoing connections. Starting with 4.2, there is an adaptive
# fallback [enabled by default tcp_ecn_fallback option] preventing connection
# loss even with ecn enabled, also ecn-intolerance is increasingly very rare.
net.ipv4.tcp_ecn=1
=======
I know there is a (small) chance of issues/regressions with ECN enabled by default on outgoing but I'm quite sure the issue is very rare, like others notice [ref: 1 and 2 below]. Apple's selective enablements etc. show this works just as much as my own use for years and many similar reports.
ECN actually being used for outgoing connections really helps with latency-reduction with modern routers (both core and edge) using queuing disciplines fq_codel or otherwise, able to mark rather than drop packets on ECN-enabled flows [helps latency and realtime applications]. Now we are just past LTS release is in my view the 'right time' to finally enable ECN [and obviously easy to revert!]. If this is disputed, in ANY case I strongly suggest at the very least a commented-out ECN section should be included, but 'defaults matter'!.
I was going to suggest a non-default section about net.core.
[1] https:/
[2] http://
Status changed to 'Confirmed' because the bug affects multiple users.