Time Warner Cable - Legacy → Re: Heads up guys....new trick to eliminate Youtube throttling!

I'm down with doing this. However, as far best as I can tell, m0n0wall won't do a packet capture. And there's noooo way I'm hooking up directly to the cable modem.

I'm very familiar with taking packet captures with WireShark. I can do that, or if you'll help with command line syntax, I can use tcpdump on my Mac.

--edit to correct pcap for tcpdump.

m0n0wall is based on FreeBSD; if it has a shell interface, has tcpdump, and has bpf device support enabled in the kernel or as a module (this is default), it should be able to do the capturing.

From this thread it appears that the kernel has bpf support, but that the tcpdump binary and associated libpcap library (and possibly others) are missing -- installing them by unpacking some standard FreeBSD package tarballs and putting both libpcap.so* and tcpdump in the same directory should suffice. Do not follow the advice of the fellow who download libpcap.so.1.1.1 and renamed it to libpcap.so.1 -- do not do this.

If you want to provide me with a Wireshark capture from a Windows workstation (if that's easiest for you), be my guest.

On OS X it's just as easy. As root: tcpdump -p -i {iface} -l -n -v -s 0 -w capture.pcap '(tcp and port 80) or (udp and port 53)' where {iface} should be the interface name of your Ethernet connection (i.e. en0, etc.). To end the capture, press Ctrl-C, and then copy the capture.pcap file somewhere where you can open it in Wireshark, or hand it over to me.

Be aware: cookies and other things will be visible in these captures, as well as any other TCP port 80 and DNS traffic that occurred during that time, so if you're concerned about privacy (which I would be in this particular circumstance), you can PM me with a link to the capture and I'll look at it privately -- see my profile for kudos/etc. from folks here on DSLR/BBR as justification that I'm not going to violate your privacy or distribute the capture.

Yeah, I did look into that and saw where the guy wasn't getting the library stuff correct.

Let's reserve that option in case it is only very very necessary.

I'm keenly aware of the data I'll be sending you. I have to capture network data quite often when I troubleshoot the load balancers and web app firewalls at work - a medical facility.

Soon as a get a few free minutes, I'll whip everything up and document what the captures are for.

Do you want the capture of the entire video stream? Or just a few minutes?

Do you want me to stream a video for a bit, then switch to 1080p?

Then rinse and repeat with the claimed miracle fix?

I'd like a capture starting prior to Youtube even being loaded/visited in the web browser. Start the capture, visit a Youtube video link in your browser, and let the capture go for about 5-10 seconds.

It would also be useful if the exact same could be repeated but with the supposed ""solution"" in place (assuming it works for you). Please make sure you visit the same Youtube URL in both captures, and please make sure to completely shut down/exit + restart your browser between captures.

I don't need the whole duration of the video stream captured -- what's being claimed is that TWC is in effect redirecting browsers to an alternate destination (specifically 173.194.55.0/24 or 206.111.0.0/16 netblocks) that is rate-limited; the claim seems to be that by blocking outbound packets to those destinations, the browser attempts to get the same content but from a different destination (i.e. a netblock not in either of those ranges) which is not rate-limited.

Thanks.