digg

Facebook Connect Join Digg About

GUIDE: Using Linux to Beat Comcast's BitTorrent Throttling

zeropaid.com For those savvy enough to have switched over to Linux, this step-by-step guide will prove once again that Linux really does offer users almost complete control over their OS.

Who dugg this? Made popular Jul 3, 2008

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

54 Comments

show profanity settings
expand all
  • mbhakti, on 07/02/2008, -9/+58Step 1: Install Ubuntu
    Step 2: Don't sign up with Comcast
    Step 3:...
    Step 4: Profit
  • DeathfireD, on 07/03/2008, -0/+15Do you understand how Comcast is even throttling? You're not the one sending the RST packets to the downloaders, Comcast is. It's called a middle man attack (Man in the middle attack) and in order for this linux mod to work, everyone using bittorrent would have to apply it, which isn't plausible. A faster solution thats built into ever major torrent client is to just turn on header encryption in your bittorrent client and lower your max amount of peer connections to 30. Then set your max download to something far lower then your actual download speed. The reason for the lowering of the connections and speed is because Comcast checks to see not just if your using bittorrent but also how much traffic your currently using and how much of a strain your putting on your pipeline. If they see you downloading 200kb/s for more then an hour then obviously you're gonna be getting hit by an RST storm and after a day probably lose your cable. Thats why by limiting your connections and by lowering your speed you reduce your chances of getting RST bombed and also help prevent pip clogage for neighbors around you. Bittorrent causes extreme amounts of latency. It's a mystery why torrent clients haven't added in a latency prioritizer yet.
  • 3242130193, on 07/03/2008, -1/+15I don't think it works that way, it simply detects when a seed connects to a peer and then disrupts the connection by sending a reset packet. This link has more information:

    http://torrentfreak.com/comcast-throttles-bittorre ...

    "Although BitTorrent protocol encryption seems to work against most forms of traffic shaping, it doesn’t help in this specific case."
  • magamiako, on 07/03/2008, -1/+12Applications cannot selectively ignore RST packets sent to them. You need to enable this in a firewall that can handle this function. Very few firewalls can even allow you to control that.

    That said, RST packets are valid TCP packets on the internet and dropping those on your firewall is not really a good idea.

    I'm willing to bet that many of the networking issues that people have with Comcast aren't related to throttling and related to a poor networking setup to begin with. Either using ***** equipment (low end Linksys WRT routers that have limited amounts of memory), or having things improperly setup (port forwarding not enabled properly, bandwidth not throttled properly).

    Even if you set QoS, it's usually on a "per connection" and "per direction" basis. Meaning this:

    Since torrent upload traffic is on connections made *to you*, and your web or gaming traffic is a connection made *going out*, then you're not going to be able to QoS these properly since they're entirely different directions.

    Or the simple answer to all of your torrent problems: seed at night like I do.
  • ps3udonym, on 07/03/2008, -1/+12Ahhh how to "stop" the RST issues. Sorry guys, really really there isn't a way that will fix this and still comply with RFC729 and RFC1122. It was already noted that this will only work if BOTH ends of the connection (IE every peer and seed your connected to) is configured to ignore TCP RST. Even then it is not a really good idea. Depending on your state conditions you could end up with alot of dead threads waiting to time out rather than being closed gracefully.

    So how DO you avoid the "throttling"? There are basicly three ways that and ISP can, realisticly, "throttle" your connection. There is protocol based cueing (as identified by Deep packet inspection), as well as cueing based on the packet originating source. First of all this ISN'T throttling. I really can't see many instances where throttling is a elegant solution. It is more of a kludge that you use in very limited instances. (Also why the ISPs are able to say they do NOT throttle. They don't, they QoS!). In reality you use cueing to manage traffic. So if torrent is set to the lowest cue, all other data will be passed first and THEN your torrent data will go through. This is good network managment and is nessisary to keep networks functioning for all users. What we need to know are the criteria that they are using. The last method the ISPs can use is a true throttle. Basicly they can just look for a connection using alot of upstream bandwidth on a particular port, and then throttle all traffic to that port dynamicly. This is a major kludge as it would require real time monitoring of each and every connection on the network. Here is a quick discription of the methods, and ways to get around them if posible.

    Deep Packet Inspection:

    TURN THE DAMN ENCRYPTION ON FOR THE LOVE OF GOD!

    This is an easy one. While the encryption used for BT is pretty weak, when you are talking about millions of packets of data flowing through a NAP, the horsepower need to crack open ALL those packets, then send them on with minimal delay is simply not practical. Enabling encryption should get you around MOST deep packet inspection techniques. However, it won't work on all. DPI has started to go the way of Approximate Data Fingerprinting (http://portal.acm.org/citation.cfm?id=1177120). This uses a patern matching method which is much faster and won't be blocked by encryption. However, I don't know how widely this is used at the time and I, for one, can see issues with false positives.

    Protocol based cueing:

    Once the packet is identified as a match for a "torrent" packet, it is then placed in the lowest cue. The only way around this is to avoid having the data be identified as torrent, hense the encryption. Some use SSH, or TOR as noted (please PLEASE don't use TOR!), for basicly the same reason. Both these solutions are not elegant, nor ideal (not to mention SLOW!). There really isn't another way around this, and I really don't think there should be.

    Most torrent users will be familar with the situation where they are downloading something and even through they have a whole lot of bandwidth avalible, the web is so slow it is almost un-useable. What is happening there is that your upstream is flooded and you are dropping ACKs (please see above referenced RFCs, look at "the three way handshake" for more details). The way to solve this is to use QoS where your ACKs are in the highest cue so they get sent out first (I for instance can pin my uploads and downloads as fast as my connection will let me and STILL get 20-50 ping in CS:S at the same time). The exact same issues apply at the ISP level (more so) and if we all want to keep surfing the net QoS is a nessisary and beautiful thing.

    Cueing based on packet originating Source.

    This is the big daddy in the room here, and what we all should REALLY be talking about. QoS is good network managment, but I have suspected that there is more going on than just cueing based on protocol. I have a real feeling that traffic may be cued based on where it is comming from! THAT is what network neutrality is all about, not to mention is ineffective as a managment solution and certain to piss people off.

    This would be basicly creating a huge list of trackers (and any other IP that they feel like) and then putting any traffic from those locations in the very very very bottom cue, below even other torrent data. Luckily for us torrent users the solution is..well not easy, but simple if you have access to a private, not well known tracker. Staying off of Mininova and BTJunkie would be the best way to fix this issue (I get blazing speeds from other private trackers for instance).

    I am just currious if anyone has been noticing this as well. Lately on Shaw (my ISP) I have been noticing very strange behaviour from websites, esspecially video streaming sites. Videos are taking a extremely long time to load, when a month ago they would load very very fast. Most ISPs are also media providers and they all see video streaming sites as a direct threat to their revenue streams. Using punitive cueing wouldn't be a far reach and would be almost invisible as long as the major sites like YouTube were still working well (which it is, it is only the smaller, not well known sites that I have trouble with). No matter what, it would be almost imposible to prove from the consumer side of the situation.

    So there you go. A quick overview. Could go into ALOT more detail, but hopefully this will help. As for speed, the two best things you can do are forward your port correctly (both TCP and UDP) and I assume you have, and to tune your torrent settings so that you don't flood your upstream out. http://infinite-source.de/az/az-calc.html is what I use. Lastly, get a router that does QoS. You could drop a couple grand on a nice CISCO unit, or just go and download the free pfSense.org router package and build your own.

    Hope that helps and I didn't loose to many of you. Sorry for the spelling.

    Happy torrenting folks!
  • DeathfireD, on 07/02/2008, -6/+16Comcast sends RST packets to both you and the person your connected to which makes this method useless. It's already been covered 100s of times on digg and popular p2p/linux forms. This method will not work like you intend it to work!
  • Gathalimay, on 07/02/2008, -2/+10Not everyone has a better alternative for an ISP. For me, All I have is TWC unless I want ATT (their crappier packages)
  • ninja0, on 07/02/2008, -3/+9Comcast has found a way to throttle encrypted BT traffic?
  • inactive, on 07/03/2008, -2/+7I think you mean ???
  • 4DFX, on 07/02/2008, -2/+7No, not them. I believe it was some researchers from Italy. No ISP is using the technique yet AFAIK, but we can be sure it won't be long before they do.
  • abacadabbra, on 07/03/2008, -0/+4I think 3242130193 might be right, i have comcast as an isp and with encryption enabled (and forced) in utorrent my seeds die after a few seconds of connecting and my internet connection gets reset anywhere from 30mins to an hour after i start downloading from a torrent file.

    I hope this solution works... i'll have to reinstall a linux distro and find out.
  • Lordy1952, on 07/03/2008, -2/+6verizon fios FTW
  • DickBreath, on 07/03/2008, -0/+4Yes folks, Windows Networking has the kind of quality, robustness, reliability AND security that you have come to expect from the Microsoft brand name!
  • theaceoffire, on 07/03/2008, -1/+5F*** general software, I can't get rid of XP cause of Games.

    So Until Wine works 99%, or virtual comps allow me to use my video card, I will have to dual boot.
  • DickBreath, on 07/03/2008, -0/+3I am NOT a Windows or Mac user.

    If you are, then you can use the Linux packet filer by using a cheap blue plastic box from Linksys that runs Linux. Get the WRT54GL for about $60 ish, sometimes less. NewEgg. Amazon. Etc.

    Download DD-WRT firmware. (Open source replacement.) Re-flash the firmware. (Read all the directions at the DD-WRT site first.)

    On Windows, use PUTTY to SSH into your blue plastic box. Yes, it is actually a computer with Linux. Use the IPTABLES command to block Comcastrated RST packets to your entire network. You'll have to repeat the procedure whenever you power cycle the blue plastic router box.

    Added bonus: You can install other packages onto this blue plastic box. NFS or Samba to mount a remote disk. Apache web server. FTP. Streaming music server, etc. Leaving this blue plastic box on 24/7 is more eco friendly than a regular computer.
  • MrTea, on 07/03/2008, -2/+57) Buy some tinfoil and make a hat.
  • Llivavin, on 07/03/2008, -1/+3*sighs* too bad they've stopped targeting most users and only those who use a ***** of bandwidth
    http://torrentfreak.com/comcast-bittorrent-net-neu ...

    So just don't go downloading every god damn little thing and actually go out and get it once in a while.
  • PhailQuail, on 07/03/2008, -0/+2Well, if the person you are connected to also has done the same thing, than it should work right?
  • inactive, on 07/03/2008, -0/+2This is true. Maybe this workaround will start coming standard with popular distros - That would certainly be a nice start. Windows and OS X will need to have this sort of functionality standard with bittorrent clients, but it seems like it would be possible if a popular client like, say, uTorrent added this fix, other clients would follow suite and Comcasts stupid protection could become muted.
  • r4ge, on 07/04/2008, -0/+2Very informative, thanks. :)
  • PhailQuail, on 07/03/2008, -1/+3There is a program called iptables that Linux comes with, in all versions, at no extra charge!
  • DeathfireD, on 07/03/2008, -0/+2yes but like I and many others have already said it wont help. Comcast will still send RST packets to the people connected to you so ignoring the rst packets doesn't benefit anyone and could end up causing more problems for your network.
  • BlackAdderIII, on 07/03/2008, -0/+2That's a lovely story, but... your feelings on using a "Mac" hardly make a nonsense of the quoted text.

    I don't know what warranted the "What"?
  • Rolcol, on 07/04/2008, -0/+2Which isn't saying much ;)
  • DeathfireD, on 07/03/2008, -0/+2yes, you will continue to seed to them and only them. Everyone else connected to you that has not applied this linux hack will be disconnected from you thanks to Comcast sending them an RST packet. Thats why it's better to just turn on header encryption in your bittorrent client and set speed and connection limits. By doing that you can seed just fine.
  • inactive, on 07/03/2008, -0/+1Just buy comcast like distributed hostile takeover., call it The pirate cast.
  • iJessicaRabbit, on 07/03/2008, -0/+1http://en.wikipedia.org/wiki/Sandvine :(

    Ever since OiNK I've been fighting my ass off trying to get around it. I've had a few things to lessen it (VPN, Stop n' Lock) but besides the VPN which is expensive nothing free has worked. Woo hoo linux!!!!
  • elfguy, on 07/03/2008, -1/+2The SAME fix is available for Windows:

    http://wakarimasu.googlepages.com/windows
  • ps3udonym, on 07/03/2008, -1/+2apparently can't edit.. Just reading up on Sandvine. I still haven't seen a good explination as to HOW it identifies "P2P" traffic. It would have to use some form of DPI in order to do so. Get around the identifcation, and you get around Sandvine. Anyone has more info on the methods used please post it.
  • r4ge, on 07/03/2008, -1/+2-A INPUT -p tcp –dport 6883 –tcp-flags RST RST -j DROP
    -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
  • grimward, on 07/03/2008, -4/+5Well, all you have to do here is install this app and you're just as good on a windows machine.. sooo what's your point?
  • grimward, on 07/03/2008, -1/+2This article is inaccurate to say the least. Buried
  • abacadabbra, on 07/03/2008, -0/+1If the problem is that a rts packet is being sent to each connection, could'nt torrent programmers implement this rts filter into there clients so it would be more widely distributed?
  • Cybermaul, on 07/03/2008, -0/+1Use PeerGuardian, it's helped me to evade Concast for dl'ing stuff they don' t want me to have.
  • neuralcooker, on 07/04/2008, -0/+1Best comment on Digg that I've seen. This should be an article in itself. It's way better than this article.
  • inactive, on 07/03/2008, -1/+2WOW LINUX SOUNDS AMAAAAAAAZING.
  • mossblaser, on 07/03/2008, -0/+1You wouldn't know what unix power was if it bit you in the arse. Whats more, part of unix's great design is the use of config files to store things and set things up.
  • docfreezzzz, on 07/09/2008, -0/+1Why does everyone flock to Ubuntu? Confused Linux Users Group......
  • ps3udonym, on 07/03/2008, -0/+1You know.. that is the nicest thing I have ever had said to me on Digg! Thanks! =))
  • abacadabbra, on 07/03/2008, -0/+1i like it, the pirates or just people who love unfettered access to information should buy up stocks in all communication companys then demand change or a mass sell off will occur. that could work...
  • rajb245, on 07/03/2008, -1/+2Dear god this is digg not a networking class...take your "facts" and your "knowledge" elsewhere :-)
  • TheSeeker11, on 07/03/2008, -1/+1Usenet FTW!
  • RolltheStampede, on 07/03/2008, -1/+1FIOS FTW
  • dougle, on 07/03/2008, -1/+1"Windows has good networking" you what?
  • InorganicMatter, on 07/03/2008, -1/+1Could you set this up on a Smoothwall/ipcop box, and then get your entire network (Windows/Mac clients included) freed from Comcast's throttling?
  • sqrt7744, on 07/06/2008, -1/+1...except it can't possibly work in this scenario because it is an application, not the windows kernel - i.e. once it 'sees' the packets it is too late, they have already done their dirty work.
  • keyme, on 07/03/2008, -2/+21) Buy some cheap VPS hosting.
    2) Install CentOS, Apache and some BT client via SSH.
    3) Change the BT download directory to /var/www/html (so it's accessible via HTTP).
    4) Don't forget to enforce some authentication (using .htaccess or something).
    5) Start downloads via SSH, and enjoy your 100Mbps pipes.
    6) Access downloaded files over HTTP.

    Don't give out your real personal details. Once you're busted, switch to another provider. Consequently, don't ever pay for more than one month of hosting.
    (Use TOR when you make the purchase, when you log in to the control panel, when you SSH, etc.)
  • aws910, on 03/21/2009, -0/+0Sneaker-net FTW!
  • Fetching more discussions...
    Show 51 - 57 of 57 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.