On 6/30/05, Nate Carlson <tclug at natecarlson.com> wrote:
> On Thu, 30 Jun 2005, Scot Jenkins wrote:
> > I have several systems that I recently upgraded from Debian woody to
> > sarge.  On systems where I've upgraded the kernel, I have a strange
> > networking issue.  I do secondary MX for a friend (we'll call his host
> > friendmail) and after the OS upgrades on my end, I started spooling mail
> > for him.  I contacted him thinking his mail server was down but it
> > turned out that from my Debian mail server, I couldn't telnet to
> > friendmail:25.  I could not telnet to any other open ports on his IP,
> > 80, 22, etc.  I was able to telnet to other random hosts on various
> > ports just fine.
> 
> Do you have ECN enabled?
> cat /proc/sys/net/ipv4/tcp_ecn

That was it.  It looks like the 2.4.18 kernel had an option to enable
ECN and another to disable it by default:

CONFIG_INET_ECN=y
CONFIG_INET_ECN_DISABLED=y

The "disabled" option appears to be gone in newer kernels.  One can
toggle it off a couple of ways:

echo "0" > /proc/sys/net/ipv4/tcp_ecn

--OR--

add this line to /etc/sysctl.conf if your distro supports sysctl:

net.ipv4.tcp_ecn = 0

Thanks a million Nate! 

Scot