On 7/12/25 18:01, Tim Leslie wrote:
> Trivial patch makes ECN (RFC 3168) enabled by default in OpenBSD.  ECN has been in-tree since 2002 but remains off by default; early rollout challenges in a few middle-boxes slowed adoption.
> 
> Enabling ECN end-to-end typically reduces queuing delay and packet loss when both endpoints signal support. Network infrastructure today generally supports marking instead of drop. Most TCP stacks will honor CE marks when they receive them, even if they didn’t originate ECT. CPU overhead is negligible, and we fall back automatically to loss-based TCP on non-ECN peers.
> 
> —
> Tim
> 
> --- /sys/netinet/tcp_subr.c	2025-07-11 06:34:38
> +++ /sys/netinet/tcp_subr.c	2025-07-12 13:57:45
> @@ -113,9 +113,7 @@
>   int	tcp_do_rfc1323 = 1;
>   int	tcp_do_sack = 1;	/* RFC 2018 selective ACKs */
>   int	tcp_ack_on_push = 0;	/* set to enable immediate ACK-on-PUSH */
> -#ifdef TCP_ECN
> -int	tcp_do_ecn = 0;		/* RFC3168 ECN enabled/disabled? */
> -#endif
> +int	tcp_do_ecn = 1;		/* RFC3168 ECN enabled/disabled? */
>   int	tcp_do_rfc3390 = 2;	/* Increase TCP's Initial Window to 10*mss */
>   int	tcp_do_tso = 1;		/* TCP segmentation offload for output */
> 
> 

Here is a patch for libpcap so tcpdump can use tcp-ece and tcp-cwr tcpflags.

Index: pcap-filter.5
===================================================================
RCS file: /cvs/src/lib/libpcap/pcap-filter.5,v
diff -u -p -r1.13 pcap-filter.5
--- pcap-filter.5	26 Feb 2024 06:49:38 -0000	1.13
+++ pcap-filter.5	13 Jul 2025 23:06:43 -0000
@@ -909,7 +909,9 @@ The following TCP flags field values are
  .Cm tcp-rst ,
  .Cm tcp-push ,
  .Cm tcp-ack ,
-.Cm tcp-urg .
+.Cm tcp-urg ,
+.Cm tcp-ece ,
+.Cm tcp-cwr .
  .El
  .Pp
  Primitives may be combined using
@@ -1013,6 +1015,11 @@ TCP connection that involves a host not
  .Bd -literal -offset indent
  tcp[tcpflags] & (tcp-syn|tcp-fin) != 0 and not src and dst \e
  	net 192.168.7.0/24
+.Ed
+.Pp
+To select packets TCP packets relating to ECN:
+.Bd -literal -offset indent
+tcp[tcpflags] & (tcp-ece|tcp-cwr) != 0
  .Ed
  .Pp
  To select all IPv4 HTTP packets to and from port 80, i.e. print only
Index: scanner.l
===================================================================
RCS file: /cvs/src/lib/libpcap/scanner.l,v
diff -u -p -r1.33 scanner.l
--- scanner.l	24 Sep 2024 14:20:31 -0000	1.33
+++ scanner.l	13 Jul 2025 23:06:43 -0000
@@ -297,6 +297,8 @@ tcp-rst			{ yylval.i = 0x04; return NUM;
  tcp-push		{ yylval.i = 0x08; return NUM; }
  tcp-ack			{ yylval.i = 0x10; return NUM; }
  tcp-urg			{ yylval.i = 0x20; return NUM; }
+tcp-ece			{ yylval.i = 0x40; return NUM; }
+tcp-cwr			{ yylval.i = 0x80; return NUM; }
  [A-Za-z0-9][-_.A-Za-z0-9]*[.A-Za-z0-9] {
  			 yylval.s = sdup((char *)yytext); return ID; }
  [A-Za-z] {		 yylval.s = sdup((char *)yytext); return ID; }