bogus DSCP value for ssh
Kevin Oberman
oberman at es.net
Mon Jul 12 15:01:51 UTC 2010
> From: Andrei Kolu <antik at bsd.ee>
> Date: Mon, 12 Jul 2010 15:31:58 +0300
> Sender: owner-freebsd-stable at freebsd.org
>
> Hi!
>
> I am testing FreeBSD 8.1-RC2 amd64 networking stuff and notice one
> strange DSCP message with wireshark:
> ------------------------------------
> Internet Protocol, Src: 192.168.1.111 (192.168.1.111), Dst:
> 192.168.1.101 (192.168.1.101)
> Differentiated Services Field: 0x10 (DSCP 0x04: Unknown DSCP; ECN: 0x00)
> 0001 00.. = Differentiated Services Codepoint: Unknown (0x04)
> .... ..0. = ECN-Capable Transport (ECT): 0
> .... ...0 = ECN-CE: 0
>
> Transmission Control Protocol, Src Port: ssh (22), Dst Port:
> attachmate-s2s (2419), Seq: 2902917, Ack: 29842, Len: 132
> ------------------------------------
>
> There is no firewall enabled. Only thing I changed (should have no
> effect) was: "net.inet.tcp.ecn.enable: 1"
> _______________________________________________
I don't know why Wireshark does not understand this, but it is defined
in RFC2474 as Class Selector 2 or simply IP precedence of 2 (of 7).
If you add the ECN bit, you have Assured Forwarding at IP priority 2.
Whether you pass or respond to the DSCP bits is, of course, a personal
choice, but there is nothing unusual with this and ssh has bee setting
the bit for a long time.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
More information about the freebsd-stable
mailing list