StuartA67
join:2003-08-08
Boulder, CO | reply to dontask2much
Re: Optimize BitTorrent To Outwit Traffic Shaping ISPs
I just heard (from an undisclosed source) that Comcast is not throttling as much those on the higher speed package (8mbs). Not sure if this is a fact or not but curious to know if others are noticing this distinction.
S |
|
dontask2much
@comcast.net
| reply to StuartA67
"What would I be looking for to see if the rst's are being sent. I have a network sniffer and saw quite a bit of action coming from Comcast and going to the port I have opened for bittorrent"
I didn't have my port open, don't use or even have BitTorrent and I saw the same thing you did. Someone posted in reply to me last weekend that I either had someone on my wireless router (sorry, there's no joy there, it's WEP and MAC filtered/restricted for that very reason) and I was seeing P2P afterglow and alas too, not the case. Instead, this was loop back traffic from a specific network router locally affected in conjunction with Comcast's filtering implementation in this area - they cleared it up this past Sunday night and I no longer have any of the issues that I had before. I might also mention that when calling Comcast last weekend, I was told by the 3 folks to whom I spoke that the call center's own network was intermittently degraded or completely down while this work was taking place.
It is no surprise that Comcast (or any other ISP/broadband provider for that matter) would be attempting to throttle excessive bandwidth consumption based on their published TOS and advertised service packages you can purchase. Sorry folks, I can also say that since this all took place, my service is better than it ever has been before - and I am glad.
To the poster who mentioned UDP - good luck. UDP is notoriously unreliable even though it's lighter and quicker and my bet is you'll have the same issues you are now and perhaps worse. Especially on Comcast's network - at least in my area, my employer wanted us use UDP as the default protocol for VPN into their network and I tested it for them from both Cox and Comcast connections. It was so bad (frequent drops, hanging out there in the ether) that the UDP "standard" idea was abandoned after 3 weeks of testing. |
|
koitsu
Premium
join:2002-07-16
Mountain View, CA
| reply to Presage
And I recommend talking to your shell provider before doing this. It's considered "rude" to blindly siphon network traffic through a shell host like this, since now you're not only using up large amounts of bandwidth yourself, but on your shell providers' uplink as well.
I can tell you that as a hosting provider that offers SSH, if our users started doing that with their shell accounts, I'd be *livid*. |
|
Presage
join:2004-06-01
Londonderry, NH
| reply to JedSezZed
Use PuTTy and a shell to use SSH and tunnel your bittorrent traffic. Info here: »whalesalad.com/2006/08/27/tunnel···/#eberth
I recommend checking freeshells.info for shells. |
|
JedSezZed
@comcast.net
| reply to Movieman420
said by Movieman420  :Thu a vpn or ssh tunnel (works for now at least) ...or spend a little money and get a host for a seed box.  Can you give a little more direction, even in the form of a link with info. Several posters above have said they haven't had success with this method (I'm not able to get it working either with SecureIx).
Thanks |
|
Movieman420
join:2007-08-28
Rivesville, WV | reply to jig
Thu a vpn or ssh tunnel (works for now at least) ...or spend a little money and get a host for a seed box. |
|
StuartA67
join:2003-08-08
Boulder, CO
| reply to jig
I'm a little technically challenged. What would I be looking for to see if the rst's are being sent. I have a network sniffer and saw quite a bit of action coming from Comcast and going to the port I have opened for bittorrent. Just not sure what it means exactly and I don't see rst in those. |
|
jig
join:2001-01-05
Hacienda Heights, CA | reply to deblin
the major reason to care about seeding is for ratio purposes, and there are two ways to fix that.... |
|
deblin
Dark Side of the Moon
Premium,MVM
join:2001-09-01
Middletown, DE
| reply to funchords
Doesn't enabling (forcing) encryption have a similar effect, though? At least until it catches on, this means less peers (both up and down) if you enable and force encryption. Perhaps not as detrimental to the upstream side, but then the downstream side suffers, too.
--
"The Dude abides." |
|
Movieman420
join:2007-08-28
Rivesville, WV
| reply to funchords
A somewhat dark ending in that article...let's just hope the developers of Az and uT are getting busy with something. As the two most popular clients it'd be nice if they came up with a joint strategy together. One can only hope...  |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
 ·Verizon Online DSL
 ·Skype
| reply to funchords
said by funchords :said by Movieman420 :Some clients do not show as a seed to other peers when in superseed mode...wonder if this mode could somehow be modified/used/employed to help 'fool' the sandvine box into thinking your not 'seeding'. Lazy Bitfield does about the same thing, but I think your suggestion is worth a test. I tried it both ways today, no joy. But very good thinking on your part!
On a related note, here's something from Wired's HOW-TO Wiki. I am not the original author, but since I provided the last revisions, some displays (like the RSS) have listed me as the author. I don't deserve the credit:
Optimize BitTorrent To Outwit Traffic Shaping ISPs
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon USA
Are you affected by Comcast's RST forging? How to test it! -or- Read my original report. |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| reply to Movieman420
Re: How to test how many connections are being reset by RST pack
I hate you and everything that you stand for! 
said by Movieman420 :Any way...a quick thought (for wat it's worth..lol)..Some clients do not show as a seed to other peers when in superseed mode...wonder if this mode could somehow be modified/used/employed to help 'fool' the sandvine box into thinking your not 'seeding'. Lazy Bitfield does about the same thing, but I think your suggestion is worth a test.
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon USA
Are you affected by Comcast's RST forging? How to test it! -or- Read my original report. |
|
Movieman420
join:2007-08-28
Rivesville, WV
3 edits | reply to funchords
Heh..this will blow your mind...Blast! isn't available in my area (WV..go figure...lol)! I signed up for the premium tier..the 8Mb line..when I asked what the upload bw was, I couldn't get an answer from the comcast person I talked to...I just figured it couldn't be any worse than my previous RoadRunner 9Mb line w/ 512kbps up, ~60k max u/l. My local computer guru who is also on comcast (formerly adephia like my area) told me of his speeds (he's in a semi-rural area)..thought it was a fluke. But I was wrong ...I can maintain ~1,500k down (1.5MB) and between 80 and 160k up...u/l fluctuates. My only guess is my node is way undersold (I'm in a semi-rural area as well)..or it has something to do with the comcast/time warner buyout of Adelphia cable and my 'limits' got lost in the shuffle..I dunno but I love it..lol. On the flash bw test I hit 20+ down and usually 1.5Mb up but thats powerboost involved.
My last few tests:
»/archive/comca···t=Search
Any way...a quick thought (for wat it's worth..lol)..Some clients do not show as a seed to other peers when in superseed mode...wonder if this mode could somehow be modified/used/employed to help 'fool' the sandvine box into thinking your not 'seeding'. I may be p!issin in the wind..just thought I'd mention it tho. |
|
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| reply to dontask2much
said by dontask2much :
3 days straight I have had my cable modem here in the MD/VA/DC area literally bombarded with 6881 incoming port traffic...
Such connection attempts have never been a problem for me. And I often see them after I close a torrent. It sound more like your equipment can't handle the probes than that the Comcast network is suffering.
Also, I don't see how Sandvine can be a part of the problem. You shouldn't see so many BT connection attempts if you never use it. The peers only attempt to connect to a client which was part of torrent.
If I were a guessing person, I'd guess you have a wireless LAN, and an uninvited hitch hiker using your WLAN for their torrent sessions.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| reply to dontask2much
said by dontask2much :
The problem though is whatever Comcast is doing to monitor P2P is resulting in serious latency crud for some of the rest of us who don't use or even have BitTorrent.
I read your whole message. I'm 100% sure this is not related to Sandvine or BitTorrent monitoring.
What you are seeing sounds like "P2P Afterglow." »Re: Dangers of P2P filesharing networks?
Your firewall should be ignoring these packets. If they are causing latency, it probably is due to the number of CPU cycles that the router has to spend to evaluate or log them. It doesn't take any CPU cycles to drop them.
But if they really are causing problems, you can change your IP: »Comcast High Speed Internet FAQ »How do I get a different IP address?
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon USA
Are you affected by Comcast's RST forging? How to test it! -or- Read my original report. |
|
dontask2much
@comcast.net
| reply to funchords
The problem though is whatever Comcast is doing to monitor P2P is resulting in serious latency crud for some of the rest of us who don't use or even have BitTorrent. 3 days straight I have had my cable modem here in the MD/VA/DC area literally bombarded with 6881 incoming port traffic (the log is long and glorious) - a reverse lookup on those IPs reveal cable modems from both comcast.net as well as other cable/dsl providers and our routes are toasted as a result. Comcast Tech Support knows about it and calls it "network maintenance" If they're going to use to such software and monitoring tools, perhaps they should at least configure it correctly. |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| reply to johnmwilson7
said by johnmwilson7 :Regarding Resets, there are good resets and there are bad resets. Good and bad are subjective assessments. How about Expected and Unexpected, or perhaps Genuine and Forged
said by johnmwilson7 :Along with the received SEQuence is included a command to be executed, such as SYNchronize at the beginning and reset (RST) at the end. Normal network transactions finish with a reset (RST) command. Each received SEQuence may include a command to be executed, such as SYNchronize at the beginning and Final (FIN) at the end. Normal network transactions finish with a Final (FIN) command. »tools.ietf.org/html/rfc793#section-3.5
One command in a sequence may be Abort (RST). Abort is sent by an endpoint when a received SEQuence is not expected or allowed, such as attempting to connect to a closed port, or attempting to send data to an endpoint without first going through the SYN process.
It is not unusual to see an RST being sent at the very end of a properly-ended connection (using the FIN commands). These packets are a result of a stateful firewall at one endpoint or another which has closed the connection but then receives the final acknowledgment ("FIN,ACK") packet. While these RST responses are not necessary, they are harmless.
said by johnmwilson7 :and then a second reset (RST) with an out of sequence number is also sent. Yeah, I don't know what this second one is about. It is superfluous. There is no reason to send it.
said by johnmwilson7 :Understand that you cannot easily verify the source of these resets: They can come from anyone who can view and transmit on the network. If they are forged, they can be made to look like anyone, even you. Some sources can be low-end traffic shapers, network blocking programs, hacker programs, or the actual sender may have a problem with their client. It's key to understand that an idle attacker cannot easily accomplish this. This needs to be done by someone/something that it "in-line," that can read both sides of the conversation, and inject or forge a packet with exactly the correct sequence numbers.
Forging TCP packets is exceedingly difficult unless you are "the man in the middle."
said by johnmwilson7 :Some solutions, in order of difficulty; These are all generally fine suggestions.
One thing I don't see here is anything about tolerating it or "complaining" about it.
The ISP is not necessarily an evil entity. You got 3 resets in 10 minutes, and you're okay with that. I got a lot more and, still, I'm okay with that (for BitTorrent, anyway.)
However, Gnutella is broken for me. One option that I should explore is calling (or writing, with evidence provided) into Support and asking for the problem to be investigated and fixed.
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon USA
Are you affected by Comcast's RST forging? How to test it! -or- Read my original report. |
|
johnmwilson7
join:2007-08-30
Washington, DC
1 edit | reply to funchords
FunChords,
Thank you for your kind assistance. I have summarized your explanations on a new post with credit to you.
»[Speed] There are good resets and there are bad resets...
Sincerely,
John M. Wilson |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
1 edit | reply to Movieman420
158 kB/s upload is insanely fast! Is this one of those 16Mb/2Mb tiers of service?
Remember, all things in moderation. Even though you have 16M/2M, your neighborhood is still sharing the same pipe. Be a kind sharer. |
|
Movieman420
join:2007-08-28
Rivesville, WV
1 edit | reply to funchords
said by funchords :It looks like you're ready -- right click on one of those red lines and choose "Follow TCP Stream"  eegads..waaay to deep for me..lol. |
|
