Solution for Ubuntu Fedora CentOS and Other Linux Systems That Can Only Access Baidu
First, let me introduce some background knowledge about this problem.
A typical TCP packet has a window field with a maximum window size of 64KB. This was sufficient in the early days of the Internet when most systems couldn’t handle larger data, but it’s too small for today’s bandwidth applications.
To solve this problem, a solution called window scaling was proposed in 1992, which provides an additional TCP window scaling option containing an 8-bit scaling factor. The value of this option specifies how large the window should be, achieved by shifting the window size value by several bits. For example, if the scaling factor is set to 5, then the window size should be shifted 5 bits or multiplied by 32.
The window scaling option increases TCP’s window definition from 16 bits to 32 bits. This is not achieved by modifying the TCP header, which still uses 16 bits, but by defining an option that implements a 16-bit expansion operation.
In kernel 2.6.16 and earlier, the default scaling factor was 0, so window size wasn’t increased. In kernel 2.6.17, the scaling factor was set to 7. Ideally, this wouldn’t cause any problems. However, in practice, some “broken” routers rewrite the window scaling TCP option - setting the scaling factor to 0 but not changing the actual processing capability option.
Essentially, this means some websites won’t be accessible from systems using kernel 2.6.17 or higher. From the kernel developers’ standpoint, they consider those routers broken and in need of replacement. In reality, these routers may continue to be used for many years before being repaired or replaced.
One way to solve this problem is to reset the Linux kernel’s window scaling option. While this won’t fix the broken routers, if you’re affected by the window scaling issue, this method can allow your system to connect to remote sites.
The solution is to edit the /etc/sysctl.conf file and add the following line:
net.ipv4.tcp_window_scaling = 0Remove the # in front
This will completely disable the window scaling feature, allowing you to connect to sites you previously couldn’t. Whether right or wrong, kernel developers refuse to revert this change, so using this option can both disable your own window scaling feature to return to pre-2.6.17 default settings, and connect to those unreachable sites while convincing them they should find and replace the broken routers.