[WireGuard] WireGuard ECN Implementation

Jason A. Donenfeld Jason at zx2c4.com
Thu Sep 29 19:50:19 CEST 2016

Hey Dave,

I'm back! Catching up on the backlog now. You wrote in your blog post:

> In a day, the author (while on a plane!) tossed off an ecn encapsulation
> implementation (it worked! but it’s not currently as modern RFC compliant as it should be),

What part of it deviates from the RFC precisely? Here's a short
summary of the implementation:

- When a packet is transmitted:

    outer_packet->ds =
            ip_tunnel_ecn_encap(0, ip_hdr(inner_packet), inner_packet);

- When a packet is received:

    var = ip_tunnel_get_dsfield(ip_hdr(outer_packet), outer_packet);
    if (INET_ECN_is_ce(var))

What specifically is wrong with this? Where does it deviate from the
RFC? I'd like to be as "correct" as possible.

Talk soon,

More information about the WireGuard mailing list