On 2025/07/12 18:01, Tim Leslie wrote:
> Trivial patch makes ECN (RFC 3168) enabled by default in OpenBSD.  ECN has been in-tree since 2002 but remains off by default; early rollout challenges in a few middle-boxes slowed adoption.

Bit of a tricky one. If enabling this on a remote server ends up
breaking network connectivity to it, recovering from the situation may
need out-of-band access. We do have this "if ECN is enabled, there might
be a broken firewall which blocks ecn packets. fall back to non-ecn",
but this feels like something that might want wider testing before
enabling it in the OS.

I wondered what other OS do for this and found
https://en.m.wikipedia.org/wiki/Explicit_Congestion_Notification
(not entirely sure how up-to-date it is though).

Defaults in other OS seem mixed. Many have it either disabled, or only
used on a connection if the other side requests it (and it seems some
have fallback mechanisms to cope if packets end up blackholed).
Looks like Solaris and iOS and maybe MacOS do use it by default.