dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
303346
share rss forum feed


espaeth
Digital Plumber
Premium,MVM
join:2001-04-21
Minneapolis, MN
kudos:2
Reviews:
·Vitelity VOIP
reply to koitsu

Re: Evidence: Comcast to Comcast P2P is also interfered with

said by koitsu:

said by jig:

anyway, another approach would be to use the mirror port data to determine which IPs are sending p2p data, then splitting that data off the trunk at some early point (some switches can tag packets making routing easy later on) and running it inline through sandvine hardware. that's one way to segment off the unwanted traffic.
QoS tagging comes to mind (absolutely 100% sure a switch can do this). There's definitely more than one way to accomplish this of course.
While it's technically possible for this to be implemented by having the packet inspection appliance dynamically update access control lists on the aggregation switches, I'm not sure how realistic the approach is. Pushing dynamic ACL updates to policy route certain traffic sets up the potential for resource overloading at the aggregation switches creating a denial of service condition. Not only would there need to be limits on how often the ACL was updated, but the size would need to be closely regulated as well to avoid overflowing the TCAM memory and causing traffic to be process switched.

-Eric


funchords
Hello
Premium,MVM
join:2001-03-11
Yarmouth Port, MA
kudos:6

1 edit
reply to koitsu

said by koitsu:

We don't. I'm going purely off of the information provided here, which looks more like it comes from a torrent client than Ethereal/tcpdump/snoop.
It is the packets screen (the top third of the normal display screen) from Wireshark. The connection it is watching was unencrypted, which is why it decoded the BitTorrent protocol. The display filter is provided.

mystica

join:2001-10-30
Denver, CO

1 edit

1 recommendation

reply to EG

Re: Comcast is using Sandvine to manage P2P Connections

said by EG See Profile
ge = gigabit ethernet.

te = ten gigabit ethernet.

p, po, pos = Packet Over Sonet (an OC-3 or faster connection).

1-1, 1-2, 1-11, 6-1, 9-1, 2-2, etc. = slot and port.

ar01, cr01, ur01 = probably a router name ?
:

Judging by the location of these names - 'cr' appearing on everything with a 'cbone' hostname for example - it would appear that these are as follows: 'cr' is a core router, or a backbone router. 'ar' would be an access router, something in a local metro region. 'ur' could be a user router, or perhaps more likely it is named after the uBR router series from Cisco (uBR means universal Broadband Router) widely used in cable internet operations.


comcasticmyazz

@comcast.net
reply to funchords

I have comcast & I checked my speed & it's a fast 6 mb per second, but every time I try to download a movie off of just about any site I try....it'll start off ok...but realy slow....downloads like 6-14 kbs & uploads like .04-6 kbs.....upload steadily drops off to nothing while download struggles along....then all of the sudden the torrent stops & it tells me that "access is denied". What's up with this? My port is properly ported....fire wall was taken down....so that's not it. Is this because of that sandvine thingy you talked about....just wondering. I'll go to Quest before I'll put up with this for much longer. Comcast sucks! I agree with the guy that said they sould be spending that money on more equiptment to make our internet faster & better & able to carry more info.... lazy Comcast bast**ds!



EG
The wings of love
Premium
join:2006-11-18
Union, NJ
kudos:9
reply to mystica

Thanks for expanding



Comcast lE

@comcast.net
reply to funchords

I think you are right to voice your concerns. As an employee with comcast, we get a lot of calls about this. The fact remains, 99% of the @$$clowns in the world are not using Torrent for legal use. I am guilty foremost. However, if you are resourceful enough. You can find ways around this like: Torrent SeedBoxs

The one I use:

»torrenflux.wewillhostit.com

is a great means of torrenting a file to a server and downloading it to your machine via tar'ed legitimate traffic.

If you guys are interested in such a thing, email the admin @ admin@wewillhostit.com and mention me, Steve. He will take care of you.

if you want to host your own torrentflux, good luck finding the binaries.

God Bless



peon

@comcast.net

-1 recommendation

reply to funchords

Yea, right. In that case, I don't really need broadband for my home. Just broadband at the server.

Bottomeline, if comcast want to ban bittorent, just say so in explicit language. Say ban bittorent in usage agreement and on comcast website.

Whether people using bittorent for legal use or not is not comcast's concern, comcast just don't want heavy user. Period. In that case, say so publicly.



espaeth
Digital Plumber
Premium,MVM
join:2001-04-21
Minneapolis, MN
kudos:2
Reviews:
·Vitelity VOIP

1 edit

said by peon :

Bottomeline, if comcast want to ban bittorent, just say so in explicit language. Say ban bittorent in usage agreement and on comcast website.
You mean like statement xiv under the "Prohibited Uses and Activities" section of the Terms of Use ( »www.comcast.net/terms/use.jsp )?

run programs, equipment, or servers from the Premises that provide network content or any other services to anyone outside of your Premises LAN (Local Area Network), also commonly referred to as public services or servers. Examples of prohibited services and servers include, but are not limited to, e-mail, Web hosting, file sharing, and proxy services and servers;
But hey, nobody ever reads that stuff. Right?

-Eric


NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:11

Touché!



FairTriplePlay

@comcast.net
reply to funchords

Very nice and easy guide to defeat Comcast's questionable (and wrong imo) practices reguarding good 'ol 'Network Management'.
Dead easy way to use SSH (aka a secure connection) so that you may get what you pay for.

»torrentfreak.com/bittorrent-over-ssh-071014/



NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:11
Reviews:
·SONIC.NET
·Pacific Bell - SBC

1 edit

1 recommendation

said by FairTriplePlay :

Very nice and easy guide to defeat Comcast's questionable (and wrong imo) practices reguarding good 'ol 'Network Management'.
Dead easy way to use SSH (aka a secure connection) so that you may get what you pay for.
So you advocate moving shifting the strain of moving humongous amounts of data to other networks.

What, exactly, is a Comcast customer paying for? Speed, or bandwidth? Last I checked, it was speed.

Would you pay Comcast $1 per Gbit for moving data over 50Gbits per month? 100Gb per month would be an extra $50 tacked onto your Comcast cable HSI bill. 600Gb would be an extra $550. Worth it?
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum


espaeth
Digital Plumber
Premium,MVM
join:2001-04-21
Minneapolis, MN
kudos:2
Reviews:
·Vitelity VOIP

1 edit
reply to FairTriplePlay

said by FairTriplePlay :

Very nice and easy guide to defeat Comcast's questionable (and wrong imo) practices reguarding good 'ol 'Network Management'.
Dead easy way to use SSH (aka a secure connection) so that you may get what you pay for.
If you're going to invest all that effort in setting up a SSH end-point, why not invest the last 10% of effort to not do the tunneling hack and just run rtorrent on a $10 VPS account somewhere?

-Eric


FairTriplePlay

@comcast.net
reply to NormanS

Who said anything about massive amounts of data?? Hello?? Not everyone who thinks Comcast is wrong is a filesharing bw hog!!
I also gladly pay for the most expensive tier offered (Blast! 16/2) as well as digital cable WITH the HD package not to mention the NFL pack and my digital phone service. CC is making max profit from my subscriptions. I'd be different if I was d/ling 400GB a month and only paying for the minimal 6MB connection and nothing more.

@espaeth...I'm sure your right, I'm not well versed in these counter measures. By the grace of the internet gods, somehow my connection isn't being hammered by sandvine as much as others. Avg number RSTs are between 15% and 20% allowing me to seed at full speed after completion (140-160k). Only measure I've taken is enabling crypto and lazy bit field even tho these steps have been deemed useless against sandvine.



NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:11
Reviews:
·SONIC.NET
·Pacific Bell - SBC

said by FairTriplePlay :

Who said anything about massive amounts of data?? Hello?? Not everyone who thinks Comcast is wrong is a filesharing bw hog!!
The point is, Comcast appears to be using Sandvine to manage bandwidth. You are advocating shifting bandwidth to other networks, which probably aren't expecting to have to handle the traffic. You are offering your advice to BW hogs, whether you are one, yourself, or not.
I also gladly pay for the most expensive tier offered (Blast! 16/2) as well as digital cable WITH the HD package not to mention the NFL pack and my digital phone service. CC is making max profit from my subscriptions. I'd be different if I was d/ling 400GB a month and only paying for the minimal 6MB connection and nothing more.
You are probably one of those caught in the crossfire. Were it not for BW hogs, you would probably not encounter this Sandvine problem.

I don't know what it would take to plan for a metered service. Comcast has to pay for X amount of capacity from its transit providers; and it needs to be able to plane for that capacity, especially to avoid the 95th percentile charges. Okay, I don't know if that is the term I want. But there is a fee charged by transit providers if your BW consumption exceeds some specified amount. Pretty hefty one, too. Comcast has to be able to predict that usage when it plans for network capacity.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum


FairTriplePlay

@comcast.net
reply to funchords

I see your point...guess ssh isn't the best choice to defeat sandvine.

It's indeed a balancing act...just wish CC would be up front with their customers i.e. No set limits and the denial of hindering bit torrent protocol (thru forgery at that...). They need to rethink a bit in the PR area...at very least.



Packrat33

@comcast.net
reply to funchords

I seem to not be able to even connect to Limewire. are they blocking total access to it?



hobgoblin
Sortof Agoblin
Premium
join:2001-11-25
Orchard Park, NY
kudos:10

1 recommendation

said by Packrat33 :

I seem to not be able to even connect to Limewire. are they blocking total access to it?
I hope so

Hob
--
"A foolish consistency is the hobgoblin of little minds."
- Ralph Waldo Emerson


Mouth
Punches fly to the face
Premium
join:2004-11-20
Chicago, IL

said by hobgoblin:

said by Packrat33 :

I seem to not be able to even connect to Limewire. are they blocking total access to it?
I hope so

Hob


MysticGogeta
The Robot Devil
Premium
join:2005-03-14
Katy, TX
reply to hobgoblin

said by hobgoblin:

said by Packrat33 :

I seem to not be able to even connect to Limewire. are they blocking total access to it?
I hope so

Hob
Agreed I hate Limewire.. Utorent 1.6 is way better.
--
Team Discovery-Join the fight


rob robson

@comcast.net
reply to funchords

Has anyone had any problems with sandvine using other protocols beside bittorrent. I was experiencing disconnects accompanied by rst packets when trying to transfer a file from my house to my parent's house when using either ftp or scp. About 4MB would transfer, then the connection would be killed, no bad errors on either end, just that it was disconnected.

Connections:
1: Comcast connection where sandvine is implemented. I have seen it when using bittorrent, never checked for the rst packets but performance drastically changed one day and it has all the symptoms.
2: ATT connection from a small wireless company. This connection does not have an externally routable address, everyone is on a big lan.

What I was doing:
I wanted to transfer a file from my house (comcast) to my parent's house (ATT). I have set up on my parents computer a script that runs every 5 minutes which checks for the existence of a reverse ssh tunnel to my computer and creates it if it doesn't exist. Unfortunately I didn't write down all the errors so they are from memory. I tried to scp the file through the tunnel but after about 4MB I got an error, remote host had disconnected or something like that. It also killed the tunnel. After it was re-established I tried again to no avail killing the tunnel again. The next time I ssh'ed into my parents computer and tried issuing the scp command from their computer, still disconnected but didn't kill the reverse tunnel. The same thing happened when I tried to transfer the file via ftp, it would transfer for a little while then disconnect.

The whole thing was eerily similar to what my bittorrent traffic looked like before I started using an ssl enabled tracker. So, I fired up wireshark on my computer and through ssh, started wireshark on my parents computer displayed on my screen. Before I continue, let me say that I haven't really used a packet sniffer before for anything other than showing my friend how easy it was to spy on his instant messaging a couple years ago when I was on dialup and all the other computers on the lan at my house were routed through mine. I did however, thanks to the smart people I have read information about sandvine from, know that I would be looking for rst packets. I then started transferring a file and waited for the disconnect. Wireshark made it really easy for me, the rst packets were in red and stuck out like a sore thumb. All the packets before them looked normal, the source and destination matched up between the computers and everything made sense. The rst packtets however didn't. On my computer there is no record of any rst packets going out, they all show they are incoming from my parents computer. On their computer it is the same story, no record of the packets going out but incoming from my computer.

Strange, my computer has no record of sending those packets and neither does my parents. That is what is same thing that is happening with bittorrent traffic, right?

Now, I have been running bittorrent pretty solid for the last couple weeks without any problems seeding and have uploaded about 75GB of data. Forced encryption, ssl enabled tracker, and disabled dht take care of that.

I called up comcast and started complaining but the person I was talking to refused to help me because I had a 3rd party router, he told me I had to connect directly or he couldn't do anything. Describing the problem I compared it to the forced disconnects that they were doing to bittorrent seeders and he told me that this wasn't happening (is this still their official position?).

Anyways, when I connected directly to the modem it assigned me an new IP address and I don't have the problem anymore.

Questions:
Does someone who knows more about sandvine know if what I am describing makes sense?
Will this problem come back if I upload a large amount of data via bittorrent?
Has anyone else seen this before?

ps. Yes, I know all you have to go on is my word but if it happens again I will be sure to save the dump from wireshark, and document all disconnect errors. Is there anything specifically that I should test/log if i run into this issue again?



JTRockville
Data Ho
Premium,MVM
join:2002-01-28
Rockville, MD

1 recommendation

reply to funchords

Looks like funchords See Profile is famous! Here's a good write-up of the issue:
»news.yahoo.com/s/ap/20071019/ap_···nation_2
(By PETER SVENSSON, AP Technology Writer)


dfxmatt

join:2007-08-21
Evanston, IL

I let funchords know as well I'm curious as to whether they have done recent testing or not, I am suspicious of it going on but it doesn't seem to be 100% disconnects anymore, I wonder if bittorrent has an option of "do not use encrypted transmissions" because that would affect the tracking of sandvine if so. I know you can do the opposite but I might want to track unecrypted.



MysticGogeta
The Robot Devil
Premium
join:2005-03-14
Katy, TX
reply to funchords

Its odd even with the article that I'm still not being managed I think they will do this in Houston eventually but for now I havn't noticed any difference from TWC in torrent seeding.
--
Team Discovery-Join the fight



Grethor
Today Is A Good Day To Format

join:2004-04-14
Tacoma, WA
reply to funchords

I will try this. Thanks.



FairTriplePlay

@comcast.net
reply to funchords

Finally!!!! Way to go funchords!

Well now that the cat IS out of the bag CC HAS to address the issue..how? I don't know..will be very interesting to see how they decide to handle this. Perpetuate the deception or come clean?
Bet the CC board room and PR dept are seeing some action..lol



DragracerArt

@covad.net
reply to funchords

So... In a nutshell... this is why my pictures I uploaded to my comcast online storage, won't show up when I hotlink them on a webpage ?

I use this for avatars, sig pics, etc...

If I'm being actively blocked by Comcast, this sort of makes me want to cancel my service.


robertfl
Premium
join:2005-10-10
Mary Esther, FL

1 edit

Another article:

URL: »www.msnbc.msn.com/id/21376597/

If the Internet is good for just reading e-mail and surfing, I can do that on a disl up. Why spend $56 dollars just to have blocked ports.

I say it's time to stop buying cd's people as this is about CONTROL. and it's damn stupid.

-Rob



FairTriplePlay

@comcast.net
reply to funchords

EFF is on the case as well....this is getting good. (Insert evil grim here..)

»www.eff.org/deeplinks/2007/10/ef···nterfere



espaeth
Digital Plumber
Premium,MVM
join:2001-04-21
Minneapolis, MN
kudos:2
reply to robertfl

It has nothing to do with blocking ports. It is pruning connections to throttle the traffic generated by P2P apps. It's not closing all connections.


julyccc
Premium
join:2004-11-09
reply to funchords

Comcast is using what the chinese are using for internet censorship.