Guspaz
Guspaz
Premium,MVM
join:2001-11-05
Montreal, QC
 ·Colbanet
| reply to R0CKY
Re: Update on Throttling: Part 2...
In my reading, he never mentioned Radius servers. He said (paraphrasing) "In these circumstances, if ISPs like TekSavvy want to stick to their principles, they should start building out their own networks."
Which, in all honestly, wouldn't be such a bad idea. Extremely expensive perhaps, but it's a nice pie-in-the-sky idea. |
|
R0CKY
TSI Rocky
Premium,VIP
join:2005-05-19
Chatham, ON
| said by Guspaz  :In my reading, he never mentioned Radius servers. He said (paraphrasing) "In these circumstances, if ISPs like TekSavvy want to stick to their principles, they should start building out their own networks." Which, in all honestly, wouldn't be such a bad idea. Extremely expensive perhaps, but it's a nice pie-in-the-sky idea. It would be interesting to see if we would receive the same or equal funding the Government provides Bell to do this.
--
TSI Rocky - TekSavvy Solutions Inc. |
|
Flannel
join:2007-11-28
·Bell Sympatico
1 edit | said by R0CKY :[...]funding the Government provides Bell[...] Gotta love it... government is aiming for net neutrality (net access for all) while Bell is aiming for Executive bonuses. |
|
LiQuiD
BSD geek
Premium
join:2002-08-08
Anjou, QC
1 edit | reply to Guspaz
said by Guspaz :said by derekm :said by Guspaz :Nobody has tried sending data through an SSH link and seeing if it caps at a stable 30KB/s dd if=/dev/urandom of=tmp4M.bin count=4 bs=1M 4+0 records in 4+0 records out 4194304 bytes transferred in 0.592058 secs (7084280 bytes/sec) $ scp tmp4M.bin xxx@yyy:~/ Password: tmp4M.bin 100% 4096KB 81.9KB/s 00:50 I'm on a 5056/800 profile... You completely maxed out your upstream sending that file, which clearly means that SSH is not throttled on your connection. If you're throttled, you just blew a huge hole in the "everything that is encrypted" panic that's been flying around. If you're not throttled, then your test isn't very useful  I just tried the same thing at my gf's house. She's using sympatico, and so I believe she should have been throttled a while ago (please inform me if this is not necessarily true). I have no way to check if she is actually throttled here. It's in the Hampstead area of Montreal, and I have no idea where her CO is and what not.
Here are my results. Clearly SSH is not throttled, though others have said otherwise.
sandro@prometheus:~$ scp test.file liquid@mercury.obsecured.net:~/
Password:
test.file 100% 4096KB 81.9KB/s 00:50
edit: Clearly SSH is not *THROTTLED* - I wrote not encrypted, heh. |
|
Flannel
join:2007-11-28
·Bell Sympatico
1 edit | said by LiQuiD :I just tried the same thing At what time because throttling is not all-the-time with Sympatico, it's not even necessarily at fixed times, but it is more likely between 4pm and 2am. Considering you just posted, you could have been outside the throttling window, or throttling may also not have been active. (Try using bittorrent at the same time to see if throttling is active.) |
|
Guspaz
Guspaz
Premium,MVM
join:2001-11-05
Montreal, QC
·Colbanet
| reply to LiQuiD
I just confirmed that the two users who reported throttled SCP connections did not specify what port they are using SSH on (and one of the two, it was questionable if he really was throttled).
Evidence points to SSH not being throttled when used on standard ports at this point in time. |
|
koreyb
join:2005-01-08
Etobicoke, ON | reply to R0CKY
Not saying this will happen, but why do I have a feeling sympatico will be less throttled now that they are cracking down on all the 3rd parties? |
|
Guspaz
Guspaz
Premium,MVM
join:2001-11-05
Montreal, QC | That would lose them any lawsuit. You can bet they're going to make sure everybody is as crippled as everybody else. |
|
Doci
Toothless Fairy
join:2003-02-01
·Bell Sympatico
| reply to R0CKY
said by R0CKY :said by messanger321 :now don't shoot the messenger but... This guys blog more or less states that wholesalers like rocky suckles from Bells tites and because he doesn't have his own equipment (radious servers) he deserves what he gets. he also stated that all those who posted on Geists blog are hysterical (not the first time he states this). » mhgoldberg.com/blog/2008/03/is-b···nti.htmlIn his next blog he also states its well within Bells right to throttle: » mhgoldberg.com/blog/2008/03/tari···fic.htmlThis guy, in my opinion, is either on bell payroll or a complete moron, or both. You decided (or tell him). Radius Servers? Huh.... If he thinks we don't have our own Radius Servers, then he's confused on how this all works. Also, no, Bell is not within their rights to do this. PS - LOL... He's not biased ( » www.mhgoldberg.com/MarkHG.pdf) Rocky That dude is Grade A clown. Why is he bringing wireline into this? |
|
koreyb
join:2005-01-08
Etobicoke, ON
 ·Primus Talkbroadband
·TekSavvy Solutions..
2 edits | reply to Guspaz
said by Guspaz :That would lose them any lawsuit. You can bet they're going to make sure everybody is as crippled as everybody else. Give them time... I have no faith in Bell not doing this over time.
I've heard from my friends who use Rogers and Cogeco, that they seem to have either raised their traffic shaping limits, OR has dropped them, cause apparently they both are noticing HUGE increase. this has all be since the 3rd parties announced they MAY take legal action. Rogers user is in Toronto, and the Cogeco is in Milton. |
|
oldwise1
join:2002-05-18
canada
| I can tell you I'm on Rogers with private trackers and I'm pulling 1.0MB on extreme, the problem lies in the upload channel I'm usally only able to go 10kbs. So how long will it take before I'm banned from private trackers?...Public trackers such as Piratebay...no problem ratio's don't matter. So I think Rogers new strategy is to the throttle the upload channel. |
|
LiQuiD
BSD geek
Premium
join:2002-08-08
Anjou, QC
1 edit | Ok, I ran a whole bunch of stuff at my gf's house to verify for myself. As I said on irc in #teksavvy, serves me right for taking people's stuff on here at face value with no way of verifying their results, or their integrity.
Worth noting: I use all standard ports. If you don't... why exactly aren't you anyway? Moving along...
I can tell you with certainty, based on multiple attemts using my laptop, and a first time attempt at using torrents (on linux no less) that my gf's connection, via sympatico, is throttled. Interesting note: I didn't bother opening a port on her router for uploading, and as I've read, this limited my download to 60k/s. The moment the clock hit 6PM though, and since then, it's been stuck at 30k/s. Thanks Flannel for suggesting I verify this, or I would have stopped checking this stuff out.
Next, I tried to SCP a file from my laptop here to my mail server back home. I was able to send a test.file at 83k/s.
I tried again while downloading a couple of torrents (which were stuck at a combined 30k/s). Result: 79k/s
I also tried to download via FTP, using a freebsd iso as a test, also while downloading using KTorrent: I was able to download at 380k/s, which is full speed on my gf's line.
If anyone else can think of anything I can try, let me know.
My greatest fear has been subsided... for now. Don't worry though, bell's not off the hook!
Edit: If anyone is running OpenVPN and will trust me with a temp account just to test file transfer performance, it would be awesome  |
|
Rand2k1
join:2003-12-09
Canada | reply to R0CKY
Looks like Throttling has hit Oakville, only its even worse.
I can't break 25k! |
|
Flannel
join:2007-11-28
·Bell Sympatico
| reply to LiQuiD
said by LiQuiD :[...]serves me right for taking people's stuff on here at face value with no way of verifying their results, or their integrity. Worth noting: I use all standard ports. If you don't... why exactly aren't you anyway?[...] I think no one can generalize one what's what, especially since Bell isn't upfront / there is no full disclosure with what they are doing. Heck, look at the throttling threads, when it starts people are told they are crazy. I think during the early days of throttling there was collateral damage to other encrypted protocols, I experienced it with Sympatico, they possibly have tried to iron out the bugs with the company that makes the software, I don't know, there is no disclosure.
Some use non-standard ports for security reasons, it can be that simple. You could have multiple servers running at one IP, each on their own port, all of which cannot be "standard", etc.. Besides, what if you want to use software X or protocol Y or port Z with encryption? Must we use only the software and protocols on ports approved by Bell? That's anti-competition and anti-innovation. Do you question why people don't use the "standard" MS Windows or MS Office? I don't think so. |
|
Flannel
join:2007-11-28
·Bell Sympatico
| reply to Doci
said by Doci :[...]That dude is Grade A clown. Yeah, what's he saying by "start building out more of their own network"? He wants them to run wires? The government granted Bell monopoly had one hundred (!) unchallenged years to install its network everywhere. He really is a Doofus. |
|
patyeon
join:2008-03-27
| reply to Guspaz
said by Guspaz :I just confirmed that the two users who reported throttled SCP connections did not specify what port they are using SSH on (and one of the two, it was questionable if he really was throttled). Evidence points to SSH not being throttled when used on standard ports at this point in time. I use ports above 2000 for my SSH sessions, simply because it cuts down on the absolutely huge number of scanners that come across. It's really more about not having to see them in my logs than it is about security. So that was limited to 30KB/s both ways.
If I get some time, I may poke around to see, over a range of ports, what's throttled, and what's not. |
|
Guspaz
Guspaz
Premium,MVM
join:2001-11-05
Montreal, QC | It may be possible to request Bell set a few ports aside as alternatives. 2222 for SSH, for example. |
|
shepd
join:2004-01-17
Kitchener, ON
·TekSavvy Solutions..
| reply to R0CKY
If it matters, I'm running SSH on the standard SSH port, port 22. Did an FTP transfer immediately after ANOTHER 60 kbps SSH transfer, the FTP transfer ran at over 300 kbps. To the standard FTP ports (20/21/whatever the computer asks for for data).
Either I've seriously misconfigured my SSH server (how I could misconfigure it to the point that it throttles my traffic so effectively, I don't know) or SSH is throttled for me.
HTH! |
|
LiQuiD
BSD geek
Premium
join:2002-08-08
Anjou, QC
| reply to patyeon
said by patyeon :said by Guspaz :I just confirmed that the two users who reported throttled SCP connections did not specify what port they are using SSH on (and one of the two, it was questionable if he really was throttled). Evidence points to SSH not being throttled when used on standard ports at this point in time. I use ports above 2000 for my SSH sessions, simply because it cuts down on the absolutely huge number of scanners that come across. It's really more about not having to see them in my logs than it is about security. So that was limited to 30KB/s both ways. If I get some time, I may poke around to see, over a range of ports, what's throttled, and what's not. No matter what port number you use, eventually you'll get scans. What I've done to avoid them is set the sysctl on fbsd to drop syn+fin (not perfect, but marked improvement) and b: a buddy of mine and myself once created a perl script that would parse my /var/log/auth.log (or wherever connection attempts are logged) every hour and find numerous attempts from an IP and add them to a table for pf to chew on. I then had a cronjob that would reload the table into pf every hour. Needless to say, it was a table of unwelcomed hosts, and reloading it caused it to be added to the addresses blocked by my gateway.
Worked like a charm. I'm gonna see if I can find it. the cf card died on my firewall machine several months ago and i never bothered reloading it. I don't get that many hits though. Besides, most of them seem to be going after ftp.
Hopefully the idea will motivate you to write something similar in the language of your choice. |
|
DSL_Ricer
Premium
join:2007-07-22
| said by LiQuiD : a buddy of mine and myself once created a perl script that would parse my /var/log/auth.log (or wherever connection attempts are logged) every hour and find numerous attempts from an IP and add them to a table for pf to chew on. I then had a cronjob that would reload the table into pf every hour. Needless to say, it was a table of unwelcomed hosts, and reloading it caused it to be added to the addresses blocked by my gateway. I do believe monit also has similar features (if so configured). |
|
