how-to block ads
|
mudtoe
join:2005-10-09
Cleveland, OH
| reply to Bakla
Re: Comcast is throttling FTP uploads
Another though regarding the FTP throttling. I saw the comment about SFTP and I wasn't sure which kind of secure FTP it was, implicit or explicit. With implicit secure FTP and a non-standard port number for a passive connection, I doubt that Comcast could even figure out that an FTP file transfer was in progress. The difference between explicit and implicit SSL ftp is that with explicit the encryption doesn't start until the client sends a command on the control channel to start encryption, which means that an observer would know from data prior to encryption being started that this is an FTP control session. With implicit encryption the control channel and data channel are encrypted from the start (i.e. it's implicitly assumed that if you connect to the ftp server on this specific port that encryption is required from the start).
If you used implicit encryption with a non-standard port number all Comcast could know for sure is the number of bytes per unit time going across the connection, nothing else. However, I suppose it might be remotely possible to deduce it's FTP if there is some sort of pattern to the initial exchange of data (e.g. size of messages, sequence of requests and responses, etc.) between client and server that Sandvine (Comcast's BW mgt software?) could identify as being indicative of FTP, even without being able to read the data itself or by using the connection port number as a flag.
mudtoe | |
Sterling
IP Support Tier III
Premium
join:2003-05-30
Pittsburgh, PA | Gesh a classic "when animals attack" moment!
»www.reuters.com/article/newsOne/···20080320 | |
kelso
join:2007-04-06
Ashburn, VA
| reply to mudtoe
said by mudtoe  :Another though regarding the FTP throttling. I saw the comment about SFTP and I wasn't sure which kind of secure FTP it was, implicit or explicit. With implicit secure FTP and a non-standard port number for a passive connection, I doubt that Comcast could even figure out that an FTP file transfer was in progress. ---snip--- However, I suppose it might be remotely possible to deduce it's FTP if there is some sort of pattern to the initial exchange of data (e.g. size of messages, sequence of requests and responses, etc.) between client and server that Sandvine (Comcast's BW mgt software?) could identify as being indicative of FTP, even without being able to read the data itself or by using the connection port number as a flag. Here is a dump of the header exchange using sftp. You will see that there is no encryption during the initial header exchanges. From then on it's not ascii.
Recv
# SSH-2.0-OpenSSH_4.6|
Xmit
# SSH-2.0-OpenSSH_4.6|
Xmit
# |||||||*||~|||z_o)|}|||||~diffie
# -hellman-group-exchange-sha256,d
# iffie-hellman-group-exchange-sha
# 1,diffie-hellman-group14-sha1,di
# ffie-hellman-group1-sha1||||ssh-
# rsa,ssh-dss||||aes128-cbc,3des-c
# bc,blowfish-cbc,cast128-cbc,arcf
# our128,arcfour256,arcfour,aes192
# -cbc,aes256-cbc,rijndael-cbc@lys
# ator.liu.se,aes128-ctr,aes192-ct
# r,aes256-ctr||||aes128-cbc,3des-
# cbc,blowfish-cbc,cast128-cbc,arc
# four128,arcfour256,arcfour,aes19
# 2-cbc,aes256-cbc,rijndael-cbc@ly
# sator.liu.se,aes128-ctr,aes192-c
# tr,aes256-ctr|||Uhmac-md5,hmac-s
# ha1,hmac-ripemd160,hmac-ripemd16
# 0@openssh.com,hmac-sha1-96,hmac-
# md5-96|||Uhmac-md5,hmac-sha1,hma
# c-ripemd160,hmac-ripemd160@opens
# sh.com,hmac-sha1-96,hmac-md5-96|
# |||none,zlib@openssh.com,zlib|||
# |none,zlib@openssh.com,zlib|||||
# ||||||||||||||||
Recv
# |||||||||`||||||U|n||||||~diffie
# -hellman-group-exchange-sha256,d
# iffie-hellman-group-exchange-sha
# 1,diffie-hellman-group14-sha1,di
# ffie-hellman-group1-sha1||||ssh-
# rsa,ssh-dss||||aes128-cbc,3des-c
# bc,blowfish-cbc,cast128-cbc,arcf
# our128,arcfour256,arcfour,aes192
# -cbc,aes256-cbc,rijndael-cbc@lys
# ator.liu.se,aes128-ctr,aes192-ct
# r,aes256-ctr||||aes128-cbc,3des-
# cbc,blowfish-cbc,cast128-cbc,arc
# four128,arcfour256,arcfour,aes19
# 2-cbc,aes256-cbc,rijndael-cbc@ly
# sator.liu.se,aes128-ctr,aes192-c
# tr,aes256-ctr|||Uhmac-md5,hmac-s
# ha1,hmac-ripemd160,hmac-ripemd16
# 0@openssh.com,hmac-sha1-96,hmac-
# md5-96|||Uhmac-md5,hmac-sha1,hma
# c-ripemd160,hmac-ripemd160@opens
# sh.com,hmac-sha1-96,hmac-md5-96|
# |||none,zlib@openssh.com||||none
# ,zlib@openssh.com|||||||||||||||
# |||||||| | |
mudtoe
join:2005-10-09
Cleveland, OH
| said by kelso :Here is a dump of the header exchange using sftp. You will see that there is no encryption during the initial header exchanges. From then on it's not ascii. So it is possible for an external observer to easily "know" that you are doing a file transfer. I'll have to run that same test on an implicit FTP session to see what shows. My understanding is that an implicit SSL encrypted FTP session is completely encrypted, but perhaps not. I'm not sure off the top of my head what the difference between explicit SSL FTP and implicit SSL FTP, versus SFTP.
mudtoe | |
EG
The wings of love
Premium
join:2006-11-18
Union, NJ
3 edits | reply to Bakla
said by Bakla :
Use bit/Utorrent for awhile and shut it down and do FTP uploads,u will notice the throttling...it wont come off for awhile from the torrent usage aftermat hence affecting your FTP uploads.
to all the people who thinks COMCAST doesnt throttle are those people who never use torrent. The method that Sandvine uses to throttle P2P would not cause this effect on FTP. | |
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
 ·Verizon Online DSL
 ·Skype
| Yeah, but Sandvine is not the only tool in the box.
I feel like I've experienced this as well, but I have not put any cycles into testing it.
Mudtoe: Within an SSH tunnel, they can only know that you are sending data at a much higher rate then you are receiving data. They don't know whether or not you are uploading via http, ftp, mftp, tftp, etc. They also don't know whether it's audio, video, or text. --HTH
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon
"We don't throttle any traffic," -Charlie Douglas, Comcast spokesman, on this report. | |
EG
The wings of love
Premium
join:2006-11-18
Union, NJ
2 edits | said by funchords :Yeah, but Sandvine is not the only tool in the box. I suspect that you may be correct....
I am merely questioning that poster's correlation. | |
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| Agreed -- not Sandvine like ...
Yesterday
We made friendships here and far away,
Greed and power brought our judgment day,
Oh, I believe in yesterday.
Suddenly,
There weren't half the sites there used to be,
Deep Inspection hanging over me.
Oh, yesterday came suddenly!
Why'd they cut my flow?
Now it's slow. But they just say,
"You'll do something wrong!"
How I long for yesterday!
Yesterday,
We built networks for both work and play!
Then the bullies took it all away.
Oh, I believe in yesterday.
When they dimmed the dawn,
Progress gone! So now they say,
"Tune in, See what's on!"
How I long for yesterday!
Yesterday
Iron walls could not keep friends away,
World-wide networks gave each man a say,
Oh, I believe in yesterday.
by Robb Topolski, a cyber-hippie.
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon
"We don't throttle any traffic," -Charlie Douglas, Comcast spokesman, on this report. | |
EG
The wings of love
Premium
join:2006-11-18
Union, NJ | 
Clever indeed !!   | |
slickro
join:2007-09-20
| reply to lperdue
I ran across this thread today while searching for the source of a common problem we all seem to have. While trying to upload a large file to a FTP server my upload rate appears to get throttled back. It'll start at about 100kps or so and even go up to around190kps, but after a few minutes it always plateaus at 40 to 44 kps.
So I call comcast internet support.
After a conversation about resetting my modem I assure the tech it is not a hardware problem. My HTTP web traffic is not affected in any way and regular download speeds are also fine.
It is only occurs when I am uploading using FTP protocol. I ask the following questions:
"Can you tell me why my data upload only is affected while uploading to an FTP server? If my service plan should give me upload rates of up to 350 kps why does it stay around 44kps. Even if everyone in the neighborhood are all uploading I should still see medium upload speed of around 100 to 200 kps right?"
I am put on hold for a few minutes and the tech comes back with this explanation. I'll sum it up. The tech tells me that any traffic other than HTTP traffic is limited to roughly 750 KB in a 24 hour period at the full upload speed.
After the limit is reached upload speeds are throttled back.
I asked if that was in the TOS and the Tech said they had not read them, telling me someone else gave the tech the explanation. I was then instructed to go to Comcast.com and read them for myself - which I will.
My big question is if I upgrade to a business account, will my limit double to 1500KB in a 24 hour period. I hope this sheds some light on the problem in this thread.
I do not know what the TOS are for business accounts, but the consumer plan I have seems a little misleading.
I'll be looking for a proxy solution shortly. | |
deblin
Dark Side of the Moon
Premium,MVM
join:2001-09-01
Middletown, DE | That looks like a load of crap, honestly. 750KB? That's nothing. I don't think that tech knows what the heck they are talking about.
--
Hello...is there anybody in there? | |
slickro
join:2007-09-20
| reply to lperdue
I don't think they did either, I think the supervisor fed that to them. I just read the Service agreement, I found this on page 19.
"Facilities Allocation. Comcast reserves the right to determine, in its discretion, and on
an ongoing basis, the nature and extent of its facilities allocated to support HSI, including,
but not limited to, the amount of bandwidth to be utilized and delivered in conjunction with
HSI."
Here's the url:
»www.comcast.com/MediaLibrary/1/1···tcom.pdf | |
|
