News

2009-10-11: Gone inactive again, and I suspect this won't change again. If anyone is interested in taking over the database (stripped of personal information) please let us know and I'll be happy to provide a forwarding link). However the submission CGI script is not really suitable for reuse.

2008-05-04: After a few years of inactivity we're actively processing submissions again

Introduction

This page was set up to make people aware of a problem surrounding the implementation of ECN (Explicit Congestion Notification) where communication between hosts using ECN and hosts which behave badly is completely cut off.

ECN is a new development in the TCP/IP protocol suite which will help reduce congestion over heavily-loaded links, and so improve the running of the Internet. Unfortunately, some vendors of network hardware and software have implemented TCP/IP in such a way that instead of ignoring unknown (to the software) TCP extensions (the correct behaviour), they drop the packet, making connectivity between a host wanting to establish ECN and a host beyond this broken hardware impossible. This is causing major unnecessary inconvience to people wanting to use ECN.

In short, "Products which (a) do not support ECN and (b) do not properly ignore ECN bits, are considered non-compliant." [1]

If you are an organisation whose site is listed on the hall of shame, you may want to take a look at the links below for a list of some known broken products. See the links also for more general information.

Hall of Shame

Please visit The ECN Hall of Shame for a list of hosts which we believe are non-compliant. You can also submit new hosts for testing here. More notes and a disclaimer are available.

We encourage people who submit hosts to this hall of shame which are found to be broken to email the appropriate contact for the network so that they can be made aware of the problems it is causing.

If you are running Linux 2.4.20 or above and iptables then you can use this script contributed by Ed Schaller to help alleviate your problems by removing the ECN bit for hosts that are in our hall of shame list (no responsibility is taken for this script). He says: "I ran across a problem that affects the script indirectly. It turns out that the ECN support in linux 2.4.20 has a bug that keeps it from working properly on little endian machines. Since my firewall is big endian it hasn't affected me. There is a patch for it in the netfilter patch-o-matic that will hopefully be in the 2.4.21 kernel."

The above script uses the raw output version of our CGI script, http://urchin.earth.li/cgi-bin/ecn.pl?output=ip, which you are welcome to use for your own automated processing.

Links

Contact

This page was written by Dominic Hargreaves and Ganesh Sittampalam. If you want to make any comments or suggest any additions, please email ecn@urchin.earth.li.

Last updated: Thu Mar 10 00:42:57 GMT 2005