added in rev 25451 but commented it out Peter Am Donnerstag, 10. Februar 2011, 17:57:51 schrieben Sie: > On 2/10/11 5:00 AM, Peter Wagner wrote: > > Hi, > > > > i'm the maintainer of openssh. and if your patches for openssh are > > accepted they will make it into the source - but i dont see why i should > > change default values in the config file. > > Well, the patch I had sent to Damien languished for 10 months, and when it > was finally merged it had been seriously mangled. So don't wait for > things to be done timely or even correctly upstream. > > Also, as I said in detail, the RFC-791 markings that Openssh uses have been > obsolete 13 years. > > Just because Openssh is broken doesn't mean we can't fix the parts that we > know to be broken. > > >> If you're forced to interoperate with some seriously braindead gear like > >> a 10 year-old bargain Taiwanese firewall or router that discards > >> traffic with these bits set (extremely rare but not unheard of), then > >> your best > > > >> bet is to turn off QoS marking all together as: > > maybe thats the cause why this part of the patch was left out? so > > everyone who needs the new values can change it. > > The number of braindead routers not handling QoS is less than 1%. > > However, for users having OpenWRT co-existing in a VoIP environment, > there's significant benefit for having proper modern markings... and > that's substantially more than the number of people having the above > broken routers. > > -Philip > > > kind regards, > > Peter Wagner > > > > Am Donnerstag, 10. Februar 2011, 03:34:32 schrieb Philip Prindeville: > >> The default values for OpenSSH QoS markings are wrong. > >> > >> They use 'lowdelay' and 'throughput' for interactive and bulk traffic, > >> respectively. > >> > >> Unfortunately, these values were retired in 1998 when the low-order 2 > >> bits of ToS field were repurposed for DSCP: originally RFC-2474 marked > >> the lower 2 bits as 'CU' (currently unused), but they were eventually > >> designated as ECT and CE in RFC-2481 and then as ECT0 and ECT1 in > >> Explicit Congestion Notification (RFC-3168). > >> > >> The upshot of all this is that marking traffic with these obsolete > >> markings could mean that not only is the traffic not handled as > >> desired, but it's handled in a highly detrimental fashion (for > >> instance, the RFC-791 designation of 'lowcost' collides with the ECT0 > >> and CE values of RFC-3168 as well as that of obsolete RFC-2481). > >> > >> I'm surprised that this wasn't fixed a lot sooner (like a decade ago). > >> > >> For whatever reason, while OpenSSH has accepted my patches for allowing > >> the configuration of QoS, the default values are still the obsolete ToS > >> fields from RFC-791 which is dangerously ancient (that part of the > >> patch was left out). > >> > >> The patch here itself is fortunately trivial. > >> > >> DSCP markings will be ignored in the majority of equipment not > >> implementing it or where it has not been enabled. > >> > >> If you're forced to interoperate with some seriously braindead gear like > >> a 10 year-old bargain Taiwanese firewall or router that discards > >> traffic with these bits set (extremely rare but not unheard of), then > >> your best bet is to turn off QoS marking all together as: > >> > >> IPQoS CS0 CS0 > >> > >> in both /etc/ssh/ssh_config and sshd_config. > >> > >> A fix has been submitted for OpenSSH: > >> > >> https://bugzilla.mindrot.org/show_bug.cgi?id=1856
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
