Slashdot Mirror
Cable Packet Shaping Causing Slowdowns
knorthern knight writes "To counter P2P programs that encrypt their traffic to evade detection, Rogers Cable in Canada has apparently started degrading all encrypted IP traffic, according to a post on Michael Geist's blog. How many of you log in to work over a VPN or ssh-tunnel? How many get usenet news or email over an encrypted connection? This could be a problem for Rogers Cable customers. Geist, who teaches at U of Ottawa, has 'been advised that the University computer help desk has received a steady stream of complaints from Rogers customers about off-campus email service.'"
How else would this be (near) first post ;-0
Cable companies do NOT want you to actually use your Internet connection for anything more than connecting to their webmail, POP, or SMTP servers and surfing CNN, Google, and their billing site.
:(
We have known for years that they have been overselling bandwidth and then cutting you off when you use more than their "unlimited service" will permit without telling you any concrete numbers of what that is.
I would guess that very few people use SSH, VPNs, or other encrypted connections that require the speeds to which we have become accustomed. They don't want that 10% of users on their residential network anyway and they will be happy to have you move to their commercial service packages if you so desire.
I complain that I have to use DSL and pay for land line service that I rarely use but at least my ISP (visi.com) doesn't give a shit what I do (they allow you to run servers, use all your bandwidth, and offer static and reverse).
I feel sorry for those that don't have more of a choice
I often use ssh/x to connect to work with p2p downloading at the same time. The ssh/x response is horrible. I'd like to be able to shape the traffic so my ssh/x connection gets absolute priority with p2p using whatever is left. I wonder how other people are doing this.
I know in the US there are laws prohibiting companies from gimping their products like this. The specific laws escape me at the moment. Does Canada have anything similar?
Purposely sabotaging your product against a segment of people is deplorable.
I would think that "packet shaping" is not the right term. "Traffic shaping", "bandwidth throttling" or simply "throttling" are more appropriate.
If you're running Linux, you can try out WonderShaper. I have been using it since 2003 and it works great on keeping the SSH connection running 100% while other traffic is chugging along.
These days, after all the time to perfect technology and awareness of identity theft and industrial espionage, non-encryped traffic should be banned from Internet at backbone routers. Every ISP can issue you an SSL certificate that indicates the level of verification (possibly none) they performed on your identity. Even with multicast, data can be encrypted with server's private key for which the public key is available to intended recipients, or public. The only exception would be very low powered dumb devices, but those shouldn't be connected to public Internet anyway.
Shaw cable on the western side of Canada also mangles packets. Check with Vonage to find out how Shaw is trying to cripple their business by dropping calls, packets, or just dropping the network connection for people using Vonage VoIP.
Support NYCountryLawyer RIAA vs People
This is somewhat "broken". If you can't use https or ssh with an internet connection, then that particular internet provider is little more than a glorified TV. If anything, ssh and https should be the highest priority.
There are reasons why p2p systems have started encrypting their traffic. Due to popular discontent with bandwidth throttling, they are trying to classify their traffic with a group of services that cannot be removed without breaking the functionality of the internet for that service provider. So their ideal solution to that is to break the functionality of their internet connection?
Okay, I can see (from their perspective) how you wouldn't want someone who is paying the same as your other customers using 500x the bandwidth that they use. After all, you're paying for the bandwidth.
So why not simply SEGMENT your network and put those heavy users on their own block? If you're that worried about P2P crap, they're probably sharing amongst themselves anyway. This would make it easier for you.
So why not offer GRADUATED pricing levels? 2 GB/month for $x. 5 GB/month for $2x. 10 GB/month for $10x. You could even break it down to traffic that stays on your own network and traffic that reaches the Internet.
The whole thing about the opposition to "Net Neutrality" is about extracting the MAXIMUM profit from the existing infrastructure with the minimum of technological advancement. Fuck that. We have the technology right now to make this a non-issue in almost every case. They just don't want to use it because there is a chance they can make more money by crippling the system.
I am a telecommuter and I have certainly noticed the bandwidth decrease for encrypted traffic; at any given time, for my job, I absolutely have to have roughly 15 citrix-application windows open at any given time, and the only way to access the metaframe server is via a VPN connection (as per corporate security policy). I have noticed major, major slowdowns; it's unfortunate that I cannot do my work properly as a telecommuter due to this new procedure of Rogers. Don't get me wrong, everything still works properly, the only thing is that with this slow down of my Citrix sessions (due to the traffic being encrypted), I have learned to live with a "Click now, work later" style application behaviour; it reminds me of using a 486 PC.
Rogers does not offer an "unlimited" plan (max 100gb upload/download transfer @ 5 megabit down) except for "buisness/enterprise" users.
As for all the other stuff, there are lots of smaller DSL ISPs here, just they don't have advertising budgets as Rogers is a mega corporation here. They own radio stations, cable tv networks, cable tv distribution, voip, internet and cell phones. They can get away with it.
Use "brownouts" to shape traffic for "fair load" during peak times.
During non-peak times, when you can carry every bit at maximum speed, do it.
During peak times when you can't, then, for the next few minutes or hours, cap everyone at X bits per second, Y bits per minute, Z bits per 5 minutes, and so on so the leeches-of-the-moment get throttled down and people putting less immediate demand on the system don't notice any change. X should be as close to the normal maximum as possible. Y should be less than 60X or Z should be less than 300X, or both. This way, people just doing normal web browsing won't be impacted but I'll be slowed down if I dare to download all of kernel.org during a busy period.
If you combine charging extra for minimum guaranteed per-second bandwidth and charging extra for high-volume-per-month users with peak-demand throttling, then you can raise revenue and/or discourage people from demanding all-you-can-eat lobster buffet service at cup-o-noodles price.
Do NOT discriminate based on the content of the traffic, especially if you do not know what kind of content that is, i.e. because it is encrypted. That encrypted connection is probably me working from home thank you very much.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
I wonder if maybe the throttling could be progressive. As in, if the encrypted traffic is a few tens of kbps, then let it go, but if the subscriber is just trying to pull down megabits that is encrypted, then scale back that traffic.
When people complain about anything related to ISP surveillance, I always wonder how bothered they really are about security. If you're truly interested, you'll use an encrypted network, preferably an onion routing network, because you never know who is watching. My branch of civil rights activism is highly controversial and generally misinterpreted, so I always make sure that I route my traffic in an encrypted form through my ISP's routers
Sadly, some people really don't understand that the internet is NOT anonymous and that you must use other measures to achieve a reasonable degree of security.
"To the future or to the past, to a time when thought is free" ~ Nineteen Eighty-Four
I'm no fan of cable companies, but someone has to speak up about the problems associated with P2P. I'm aware of some educational institutions that saw their newly upgraded networks come to a complete grinding halt - simply because of P2P sharing. They had no choice but to shape their traffic so that other business could get done. They didn't ban it or shut it off. They simply said X amount of our bandwidth can be used for it during business hours and Y amount at other times. And now look what's happened: P2P clients have deliberately foiled such attempts by encryption. Great. Now those institutions will be crippled once again by dorms full of students sharing their entire music collection to the world, many not even aware that they are doing it.
I don't want to kill P2P. I am no fan of cable companies or the RIAA or the MPAA. But don't blame network admins when they have to fight back on this stuff!
You like your Macintosh better than me, don't you Dave? Dave? Can you hear me Dave?
Run a transparent bridge or a router using linux. You can easily do what you want using a correctly configured kernel, IPTABLES, and the tc package. (and perhaps bridge-tools if you are doing bridging rather than routing)
:-)
I personally run a debian transparent bridge on my DSL line and it works very well. Plus I can be a BOFH and give my own systems prioritized bandwidth over the rest of the family's.
Three words:
:)
OpenBsd with PF
I've been using an openbsd box as my router/firewall for the last 4 years since discovering that some cable routers apparently have issues when you're using P2P constantly. I picked up a cheap dell server (one of those dell server deals you see a couple times a year) installed openbsd via the online faq, set up PF, and after a few trials and errors have even successfully set up bandwidth prioritization. Start with openbsd and go from there. Though I'm sure there are comercial routers that do this too, most of them are advertise VOIP optimization, it's the same thing, just add the ssh port you're using upstream (22 most of the time)to the list of VOIP clients. Note if you do use PF to queue up bandwidth, make sure to only divide up your upstream pipe, NOT the downstream.
Have a ball and learn something
NT
And the Blue Jays - the only product of theirs I like.
What was once true, is no longer so
The referenced site is slashdotted...does anybody know?
And if they slow it all down, sue them for not providing the level of service they promised when you signed up. The whole unlimited, high-speed broadband thing is such a fraud anyway, it deserves to land in court -- preferably sooner, rather than later.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Welp, yet another ISP that i'll be boycotting
Linux has very powerful traffic shaping capabilities.
Check it out: http://lartc.org/
Michael Geist
This site is temporarily unavailable. Please notify the System Administrator
And just how are you supposed to to that?
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
What about X Windows over my company's VPN? I know it's sub-optimal, but every now and then I just need to bring up my CAD application, do a tweak or two, or maybe just export data so I can do some real "telecommute". But every now and then, I need X. For that matter, once I've exported the data, it maybe a few 10s of MB.
Throttling is not acceptable for telecommuting.
The living have better things to do than to continue hating the dead.
If anything, ssh and https should be the highest priority.
No, streaming UDP based protocols have to be the highest priority, otherwise VoIP and similar applications won't work.
Ultimately the only logical way to handle this sort of thing is going to be through service tiers or other non-Net neutral mechanisms.
Easy. Setup a Linux-based router and use HTB/iptables to prioritize your upstream. Thats what I do and it works beautifully. I can saturate my upload w/non-interactive programs (P2P, FTP, etc), and my ssh connecitons work fine. http://www.faqs.org/docs/Linux-HOWTO/ADSL-Bandwidt h-Management-HOWTO.html has a really good howto on setting up an example QoS system. It can be easily modified to suit your needs.
If you have a modern, and very cheap, Linksys router there is some very good (free, as in beer) 3rd party software you can use to reflash your router to be far more capable than the standard software it comes with. I think those are some of the abilities it includes.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Stupid decisions like this are what made Rogers lose my business. Throttling encrypted traffic was the last straw, so I switched the internet, phone, and TV services at two houses and convinced a few friends to do the same. I am Rogers free and it is excellent.
Do that, and suddenly you can't advertise those peak speeds any longer that you are so fond of comparing to your DSL competition.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Telecommuting is too popular for this tactic to work in the US. There are some very powerful companies that have a vested interest in VPNs being reliable and responsive. How many of you think Cisco would let ISPs get away with this? Sure, Cisco sells lots of expensive hardware to ISPs, but they also sell a lot of hardware and software to businesses and consumers so that VPNs can be established.
Also, I know that many employees of my local and state governments use VPNs daily. If their VPN connections get any slower, they will be well-nigh unusable. This is essentially a lower-stakes version of NTP wanting to cripple every congressman's BlackBerry. Our monopolies seem to be forgetting rule #1: don't piss off your regulators!
Let's say the University decides that during peak hours, dorm computers can use an aggregate of 100Gb/sec and 1000Gb/min during business hours and twice that at night without impacting other traffic.
Let's say they've studied the problem and know if they cap each dorm user's 1000Mb/sec ethernet port's out-of-university traffic at 100Mb/sec and 3000Mb/min during peak time and 1000Mb/sec and 6000Mb/min during off-peak hours they will be able to meet the needs of not just the professors and staff but also the students who aren't heavy users. It makes sense for them to impose such a cap. Of course, the actual numbers of the cap should be re-evaluated as conditions change.
If the internal university networks have bottlenecks, consider imposing similar caps on out-of-dormitory or out-of-LAN traffic as well. If a bunch of students want to have a dorm-wide LAN gaming party, that's one thing. If they put their traffic on the wires that connect the buildings and it saturates the wire, that's a problem.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Various bittorrent clients implemented encryption because of ISPs trying to tell their customers what they could use the bandwidth they had purchased for.
If we had strong network neutrality legislation, it wouldn't have been necessary.
Porr Michael Geist's site is dead. He must have forgotten that his server uplink is with Rogers.
I would guess that very few people use SSH, VPNs, or other encrypted connections that require the speeds to which we have become accustomed.
Actually, some major companies out there have several thousand "work at home" employees that are required to use VPN. Most of these people are in sales type of jobs, but plenty others are required to use VPN to connect to Exchange servers to access email from home.
Considering MS Exchange and dialup don't really mix, these people often have to have broadband to do their jobs efficiently. Seeing how not having VPN with an exchange server is a security risk, I can't really see any alternatives for these work at home types other than to switch to the provider who downgrades them the least.
Keep in mind these people are often working on company laptops who are locked down completely and couldn't install P2P software even if they wanted to.
"I am the king of the Romans, and am superior to rules of grammar!"
-Sigismund, Holy Roman Emperor (1368-1437)
If you can't use https or ssh with an internet connection, then that particular internet provider is little more than a glorified TV. (...) So their ideal solution to that is to break the functionality of their internet connection?
Well, for many services a bandwidth-throttled (but hopefully still low-latency) secure connection isn't exactly a big limitation. Your online banking site or that terminal session you were running are hardly bandwidth hogs. Downloading large attachments over a secured connection is another matter. I guess the question is "Are those few enough that we can get away with it?". Sounds like to me like a good way to increase your support costs though...
Live today, because you never know what tomorrow brings
Seriously, WTF are they thinking?!
Three words.
Deep Packet Inspection.
May the Maths Be with you!
How could I forget!
They also offer pagers as well.
(offtopic: the Jays actually look like that no matter how well they do this year, they will still finish 3rd in their division, whats up with that?)
But you don't mind giving us a web-site to find you at (anu.nfshost.com) that tells us your interest is in making paedophilia more accepted in society, or all the other tracks you've left on a simple Google search.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Who is to say that BigBackbone1 doesn't encrypt traffic going over its wires and BigBackbone1 and BigBackbone2 don't encrypt traffic flowing between them? The only reason not to is cost.
Remember, encryption may take place at a level below the IP layer and as such will not be clearly visible in traceroutes.
Imagine this traceroute:
9 ms 11 ms 7 ms 1.2.3.4
500 ms 510ms 503 ms 5.6.7.8
That hop between 1.2.3.4 and 5.6.7.8 may include a bunch of sub-IP-level bit-moving over many devices and many wires. Encryption may or may not happen between these devices, even if 1.2.3.4 and 5.6.7.8 only see bits in the clear.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Seeing how not having VPN with an exchange server is a security risk, I can't really see any alternatives for these work at home types other than to switch to the provider who downgrades them the least.
Well, there is Outlook Web Access (Exchange webmail) which easily runs over SSL.
And if you're using outlook 2003 or later with exchange 2003 or later, you can use RPC-over-HTTPS to connect using SSL to connect with strong encryption without a VPN.
hat method is too steep(knowledge) and expensive(bandwidth-loss) to be a viable solution.
An inexpensive method that everyone can use is the one that I implemented... Use an old 10BaseT Network Adapter, preferably USB 1.0, and at Half Duplex, for those certain bandwidth-hogging programs to discretely direct their packets through and use. The separate 10BaseT adapter needs nothing special and is to co-exist as plugged-in to the same hub that the primary Network Adapter is using. Then with their routes decided other than the same used by Telnet and SSH, attach about 100 feet of CAT3 cable rolled in a giant loop just to make the data slow down for having to travel through all that extra wire with all the "loop" inductance. We're not done yet, make sure you use the opposite of ferrite cores, somthing effective as "Twisty Ties" or better is a common 150-watt Heat Lamp that would cause enough radiation onto the cable to slow down the data; this is so we can make the CAT3 very noisy to cause the Network Adapter to detect the errors at the Physical Layer (not the Link Layer) where it automatically re-sends packets without disturbing the Application with faulty data. The Application will only see a slow connection, and no bad data will return.
On-topic to the actual Article, I encrypt all my data in binary-text. I use this method all the time when surfing slashdot. I have a computer running a daemon at another side of the country that receives the text binary and then converts it to text text; all this looks like is an application sending text'coded binary, kind of like hiding messages in Spam eMail.
Enjoy.
I am the nightmare of nightmares.
The whole attempt to slow encrypted traffic is useless, simply taking the encrypted packet and running it through say, http encapsulation, would make it impossible to degrade; that is only if they are not willing to shape http requests.
Why is your business more important than my business. I might be distributing my newest song via P2P, while other people are engaged in other business. My filesharing is as important to me as your other business is to you, and you've appointed yourself the gatekeeper of how bandwidth is to be used. Just give everybody the same bandwidth allotment, and let them use it as they see fit, instead of trying to be the arbitrator of what's right and what's wrong.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
upgrade their shitty equipment?
Seems like I have read over and over about how North America is like pretty much at the bottom of the ladder of high speed Internet service compared to the rest of the world with the exception of places in Africa.
I think I read places like France and Korea have gigabit service pretty much nation wide.
WHY is the (used to be) world leader of technology and one of the richest nations on Earth (USA) still dragging it's feet and living in the past? I know so many people that are STILL running 54k dialup modems at home but their actual throughput averages around 48k. And they are paying an average of $30 a month for such sorry service! Not to mention, frequent disconnects, busy trunks in the evenings, etc..
How pathetic.
These companies have no interest in providing a quality service, their only interest is milking their customers for as much as possible as long as they can. They'll continue to use antiquated and archaic equipment to provide substandard service until they are FORCED to by either massive equipment failures or court order.
Agreed. I regularly use scp to transfer files with nontrivial size between my home office and my employer's network; if my ISP throttled this traffic, then I wouldn't have any reason to pay for their highest upload speed. Fortunately I live in an area with multiple high speed internet providers.
Recall the program "texto" that takes data and hides it as a (rather longer) text message that appears to be a very long harangue about some boring subject, but where every word choice encodes some bits?
That would be extremely hard to tell from normal boring text, though it would take still MORE bandwidth. By salting with some other words from anywhere, the resulting message could be assured to NOT have a small unique vocabulary that might be used to select it, making it hard to tell what is going on. For that matter, it can be hard to tell simple base64 encoded binaries apart from other material.
I also wonder whether the cable companies actually measure entropy or not. Is compressed data also throttled?
There are enough snoops around these days that a stego layer above the crypto layer is widely desirable. Since a packet sniffer has only a small string of data to work on at a time, it cannot do some of the sophisticated detection possible on longer data strings. For an ISP in particular, detecting crypto under stego could be prohibitively expensive. (Also such a response would make it clear that the result was an increase in traffic, not a decrease.)
The deceitful cable advertising needs to stop.
These guys need to be sued.
DSL companies should use it in their ads.
Can't you make service tiers "neutral?"
If the telco or cable company treated all traffic at a given tier equally, and did not play favorites when it came to pricing and marketing, then it's neutral.
If the cable company offers you a "medium latency" package suitable for web browsing at $30/month, and an "enhanced" package suitable for VoIP at $40/month, that's fine.
It's becomes "not neutral" if they price their own VoIP offering at a loss or break-even, knowing competitors will have to charge more to stay in business. If the competitors can't charge less than $25 to make a minimal profit, and the cable company sells the same service at a loss at $20 a month, or bundles VoIP+enhanced Internet for $60/month, that's not neutral.
Likewise, if they treat their VoIP traffic differently than a competitors for a given customer's Internet tier, that's anti-competitive.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
I'm using Gentoo Linux with iptables and ip route/tc/sfq. Unfortunately, Comcast seems to be doing something with my SSH traffic, or encrypted traffic in general, like the article says Rogers is doing. I know the QoS on my server is working correctly because web traffic goes through fine. I've also noticed periods where my upload (and sometimes download) traffic for bittorrent will drop to near 0. This happens at least a few times a day. Yet, when I go to websites while this is happening, it's blazing fast. I am supposed to have 768kbps up, but I usually keep it at 650kbps because speeds are averaging that on speed tests (speedtest.net, speakeasy.net, etc). The only downside to the QoS is that whenever I call Comcast, I have to turn off the QoS. Fortunately I just run two commands to turn it off (my basic firewall script which has commands to clear all mangle commands, and tc qdisc del dev eth1 root).
Damn am I getting offtopic. I used this tutorial for Gentoo to setup packet shaping, and modified it suit my needs. I also used ipp2p like the guide uses, rather than i7-filter.
They use the term peak speeds to refer to top speeds, not top usage speeds.
Inventions have long since reached their limit, and I see no hope for further development.-- Frontinus, 1st cent. AD
By how much is Rogers slowing down encrypted traffic? I don't see a mention of that anywhere.
How does what you describe not fit under the umbrella of "very few people"?
Not to mention that the people you describe are the ones that are going to say "oh, uh, okay" when they get told that they need to move up to a business plan, because they are in fact using the connection for business.
Nerd rage is the funniest rage.
Michael Liberal Geist again... ...nothing to see, move along...
Perhaps one could slap HTTP headers on all traffic, call everything either a GET or a PUT request, and tunnel out with only a modest overhead?
Telcos have ALWAYS oversold their capacity. So do most other businesses.
If EVERYONE tries to use their phone at the same time, there are problems. Remember trying to make a cell call anywhere in greater New York City on 9/11? Nevermind the destroyed equipment, the demand on each cell tower was just too much.
Even today, on busy days like Mother's Day, it's hard to get a long-distance call between certain cities on certain carriers. It's not as bad as it used to be thankfully.
Other businesses do the same thing. Ever tried to get into a computer store at 5AM the day after Thanksgiving? Some stores have fire-wardens at the door and when the store reaches fire-code capacity they won't let anyone else in until someone leaves. There's a popular restaurant I used to go to that took a different approach: They kicked you out after a certain period of time during peak hours. Think of it as "traffic-shaping" your restaurant experience.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
I'm pretty sure Xbox Live uses encrypted p2p udp and tcp, and has no set port numbers. How can they tell that apart from encrypted bittorrent? Did they just gimp live for all of their users?
But you'd be still using SSL, so it's not much of a solution.
Of all major operating systems, UNIX is the only one originally meant for gaming.
Seriously, no blamecanda?
"No, no, no, don't tug on that! You never know what it might be attached to."
No. They want to ADVERTISE an "unlimited" package so that people will leave their graduated plans and come over to the "unlimited" provider.
Whereupon the "unlimited" provider throttles encrypted communications. And whatever else for someone going over the maximum of the "unlimited" plan.
[i]Most people want to have unlimited traffic even if they have no concept of the amount of traffic they need.[/i]
Not really. Most people would rather save a bit of money. So the companies use deceptive advertising.
I'm saying that we need to force them to get rid of the deceptive advertising. There's no TECHNOLOGICAL reason for it.
They can sell "unlimited standard usage" packages that throttle connections after 2GB/month.
They can sell "unlimited gamer" packages that throttle connections after 5GB/month.
They can sell "unlimited pro" packages that throttle connections after 10GB/month.
The reason that they don't is that they can save MONEY by being STUPID and selling a single "unlimited" package and fucking with the connections so that things such as encrypted sessions are dead slow. It's about them being lazy. That is it.
So why not offer GRADUATED pricing levels? 2 GB/month for $x. 5 GB/month for $2x. 10 GB/month for $10x.
Why not just pay directly for the bits themselves?
$1 per GB per month [say].
So that if you used 17.79 GB for that month, then your bill would be precisely $17.79.
It's pretty much the way the long distance companies have being doing it since time immemorial.
And if upstream bits are more precious than downstream bits, then bill accordingly: Say, $2 per upstream GB per month, and $0.50 per downstream GB per month [or whatever].
It's not at all clear to me why the free market [in the form of PRICING] can't take care of this stuff naturally.
My business [assuming VPN user] required 1 or 2 TCP connections (saturated)
yours 20-49 TCP Connections [assuming bittorent user with multiple torrents going]
you get 10-20x my bandwidth as TCP attempts to balance its self PER connection
Now there is one solution of ensuring all of your traffic is load balanced as from one person.. but this needs to be done outside of the scope of TCP/IP. And I can only hope companies are thinking how to do this reasonable.
link
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
How does what you describe not fit under the umbrella of "very few people"?
Perhaps if I meant "very few people with influence" it would have made more sense. If a company (who chances are you buy a daily product of every day) notices that its employees can't do its job because of another company... Well they might say something either to the other company or to another press related group.
Of course I think I forgot to mention the company I'm referring (vaguely) to is in the States and their sales reps are regional so they would all have different ISPs.
"I am the king of the Romans, and am superior to rules of grammar!"
-Sigismund, Holy Roman Emperor (1368-1437)
"But you don't mind giving us a web-site to find you at (anu.nfshost.com) that tells us your interest is in making paedophilia more accepted in society, or all the other tracks you've left on a simple Google search."
"Brian Ribbon" is just a pseudonym. It would be stupid to use my real name on the internet - there are a lot of silly people who assume that all paedophiles have sex with children, then act against paedophiles according to that assumption.
"To the future or to the past, to a time when thought is free" ~ Nineteen Eighty-Four
Actually, I believe DPI stands for "Doesn't Produce Income."
The higher the technology, the sharper that two-edged sword.
I'm talking about Garcia's very few people and your several thousand being the same thing. Spreading them across various isps just makes them a better fit for the description.
Nerd rage is the funniest rage.
Use QoS
I can't speak to the specific networks involved, and what their real capacity issues may or may not be, but P2P tends to expand to fill available capacity. I operate a broadband Internet service in northern Canada where bandwidth is more than 10x the cost of transit services in the south. Obviously we can not charge people 10x southern rates for our service, so we have to manage our capacity very carefully, and that includes traffic shaping that deprioritises traffic that can not be identified as a common protocol. It is an ugly solution, I hate having to do it, but it is a necessary evil. The circumvention measures P2P applications use to avoid detection are the principal reason that the baby gets thrown out with the bathwater in these cases. It is either that or allow all traffic for all customers to suffer.
That being said, all is not lost. I have no idea if you will have any luck contacting someone clueful at Rogers to help you out, but on my network I am more than happy to ensure that VPN traffic, and previously unrecognised game traffic - and so on - gets proper quality of service. It is not uncommon for one of our customers to call and say their application performance is poor, and I am able to confirm that their traffic is mistakenly being considered rogue, and I will ensure thereafter their application data is recognised as non-evil. It might be worth contacting Rogers if you think your non-evil traffic is being shaped down incorrectly.
Should cable companies care if you're using P2P or not? I assume its because they have a stupid blanket assumption that all P2P use === copyright breaching.
But even if they were right (which they're not) why is it the ISP that is getting all moralistic and judgmental in the face of what their customers want to do?
Its not like the Music Industry's loss affects their sales. In fact, I'd think their sales would suffer much more as a result of clamping down.
Its similar but more stupid than gas stations refusing to sell you gas if they think you might then ever exceed a speed limit.
Cached version
"To the future or to the past, to a time when thought is free" ~ Nineteen Eighty-Four
What's weird is I predicted this EXACT thing about 6 months ago, here on Slashdot:
5 02121
http://slashdot.org/comments.pl?sid=187990&cid=15
Guess I was right this time. What will be neat a couple of years down the road now is the slow conversion of all traffic to encrypted streams, and I guess we'll see how the ISPs react to this. Maybe *gasp* actually not lie and sell guaranteed bandwidth?
If you buy a business connection then you really do get unlimited.
The problem is that residential service has and will likely never be a guarnenteed service.
In my area Cox cable offers 12m/1m connections for hard-core home users at $15 more per month ($65 total). But even with that I only get 9m/768k and ports 25 and 80 are blocked. But on a business connection of 12m/1.5m I actually get 12m/1.5m most of the time with multiple static IP addresses and no limits on what I can do with it. It costs $249/month, but even that is a deal because the alternative would be a dedicated T1 that only has 1.5m/1.5m for twice the money.
There is no way a cable company can guarntee the level of services they offer to home users. Would you rather they capped the speed to 768k/128k to give you guarnteed service at the price you pay now? Becasue you can buy that plan for business use if you wanted for the same price you are paying for your 7m/768k residential plan.
You get what you pay for. Sometime you do get more, but why complain when you stop getting more and you are still getting what you pay for?
Traffic shaping is the only way to really do that, but if you have a simpler goal, there is a quick, easy solution. The simpler goal is not to have ssh get absolute priority but to instead have good response most of the time. The easy solution to this is to use p2p software that allows limiting its own maximum bandwidth. Find the maximum bandwidth your connection supports, and then set the p2p program to top out at about 80% or 90% of that.
I did this with Azureus, and it worked really well. Azureus has a built-in bandwidth usage graph, so I just turned that thing on and set the max upload speed to various values. When you keep the bandwidth cap relatively low, the graph shows a basically even line across the top indicating more or less constant bandwidth usage. But when you take the cap too high, the graph gets very jagged very quickly. That indicates you've hit the maximum. For me, that happened at about 43 or 44 kB/s, so I keep the upload bandwidth cap at around 35 to 40 kB/s, which works great.
There are still times when things will slow down. If I'm doing this and I start sending e-mail with an attachment (or do some other kind of upload), then both will slow down. That's where this overly simple method fails. But most of the time, I'm not doing that.
ISPs will be forced by the P2P use to charge by the GB. They have no other way to avoid making their service useless to everyone else, just visit any campus to see a useless network in action. Its just the reality of life, not that all the P2P users give a damn so long as they can get their movies
I'd bet the pricing will be about $9/600MB, making it cheaper to goto the movies then to download them.
But, as a bonus, all those bots will get huge bills and people will finally have a reason to remove them. And the net will be fast as hell for the rest of us.
- Adam L. Beberg - The Cosm Project - http://www.mithral.com/
Try the program CFOSSpeed. It's like $20 for lifetime upgrades, and it will shape your traffic based on application, even in Vista.
Eastlink - still the industry leaders in North America. Too bad they're only in Nova Scotia.
Rogers is a criminal organisation, seriously. They think nothing of false advertising, breach of contract and extortion, in fact it's standard operating procedure for them.
I can't rave enough about the quality of Eastlink's service though, they treat their customers with respect, go the extra mile and provide excellent quality service. I attribute their expertise to the staff of the old Dartmouth Cable that they absorbed a few years back. In 1994 I had a 5Mbit down and up static IP shell account and permission to run any servers you liked with Dartmouth cable for $40 a month. They still lead the pack on the entire continent, though they're not as free with the upstream bandwidth as they were originally. Though Eastlink is still the best cable ISP in North America in my experience.
FFS.
P2P is illegal taking of property. The collection of song, literature and movie rights owned by e.g. Sony-BMG, movie studios and other entities was built over decades' work and at the expense of several tens of billions of dollars, spent by investors on purchasing copyrights.
If the US federal government and UN WIPO collects enough money to buy out these companies at fair market price, so far so good. They can than declare that all file sharing is legal and no novel, videoclip or music has copyright any more. Until then P2P of copyright material (which is 2/3rd or more of ALL traffic on the net) amounts to illegal taking of property.
It is laudable that some ISPs actively protect copyrights. The market for selling DRM-protected material over the net cannot expand further unless illegal file sharing is eliminated. Selling more and more bandwidth to filesharers of copyright violation materials is not a long-term strategy for ISPs. Sensible ISPs want to extend into selling legal on-demand content, which needs DRM alive and illegal P2P dead, otherwise people would not be willing to pay.
Hopefully the new RIAA strategy which has recently been approved by investors will win. It aims at buying many IT-security companies and building a vastly capable product, which will unify protection against viruses, worms, spyware, adware, scams and spam, etc. as well as P2P blocking and copyright enforcement. They will contract with government to gain authority to rid the net of all malware and mal-intent solely on their own expense and, as a side-effect, also enforce legal use of copyrighted materials. This is a multi-billion dollars project, which will end the days of net anarchy. The product is preliminary called Peer-2-Plate Systems Inc. Juggernaut 2. The megarich arabian sheiks and emirates also back this project with huge funds, because end of P2P will help them enforce islamic morality (esp. influx of sex and alcoholic filled audio-visual materials).
.....IS VOTE WITH YOUR DOLLARS! I did by moving to Bell Sympatico who (AFAIK) don't shape traffic. I believe that Speakeasy in the states doesn't easier (although IIRC you pay a bit more for that). If enough people do that, dimwitted ISP's will get the hint.(or at least one would hope so).
This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
If they want to do this fine as long as they tell me. Otherwise it's a breach of their 'contract'. Then all their customers can decide whether to pay for something they never get.
Here is our new pricing plan for home and small-business customers, effective May 1, 2007:
Additional usage is available for $3 per 50GB. Additional blocks must be pre-paid or can be paid for as needed from our customer service web site.
All packages include all the same services you are used to plus free "action alerts" when your prepaid usage is almost up.
When the built-in usage and any additional usage is used up, your connection will be limited to Economy speeds.
We are pleased to announce that as of May 1, 2007, we are eliminating the restrictions on servers. You may now run servers on your systems provided they do not violate any other terms of service, such as hosting illegal content.
We are also changing the way we deal with very high volume users. In the past, we have warned high-volume users to limit their usage and terminate service to those who do not. Now, where possible, we will allow unlimited usage. In neighborhoods where this is not possible, we will impose lower-than-normal speed limit on high-volume customers during peak usage hours.
Sincerely,
Your Cable Internet Provider The numbers I don't care about as long as they are reasonable and continue to drop as technology improves. It's the principle of "pay for what you use" that I like.
Note:
A 30-month has 2592000 seconds in it.
That's 48.6GB maximum at 128Mb/sec,
486GB maximum at 1.5Mb/sec,
1944GB maximum at 6.0Mb/sec, and
7776GB maximum at 24.0Mb/sec.
A maxed-out connection at 24.0Mb/sec will be $466.56, or $468 in $3 increments.
1 hour at 24.0Mb/sec is 10.8GB, or $0.648.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
It strikes me that such a ban will simply provide an incentive for people to produce more sophisticated P2P clients that cloak their activity in some way by getting their traffic to masquerade as something else. It can still be encrypted, it just won't be obviously encrypted - it will be hidden a la steganography. And then we'll have yet another packet inspection arms race.
wget http://autocast.ca/test.dat
Length: 10,485,760 (10M) [text/plain]
18:52:39 (539.62 KB/s) - `test.dat' saved [10485760/10485760]
wget https://autocast.ca/test.dat
Length: 10,485,760 (10M) [text/plain]
18:53:03 (560.59 KB/s) - `test.dat.1' saved [10485760/10485760]
No slowdown on https downloads at this moment from this location.
scp test.dat odin.canadacast.ca:/root/
test.dat 100% 10MB 97.5KB/s 01:45
scp odin.canadacast.ca:/root/test.dat .
test.dat 100% 10MB 602.4KB/s 00:17
No slowdown on that either.
Upstream rate is 97.5% of this cable modem's capability (800kbps)
This is on a saturday, at 7:10pm local time.
Not quite peak usage time of day but not 3am either.
This does not prove anything of course.
I've only failed to prove that there is traffic shaping, I have not proven that there is no traffic shaping.
Maybe I'll try again at a known peak traffic time.
Someone else mentioned here already that Shaw on the west coast does this as well. They do have varying rates from 10GB/month - 150GB/month for home users. Some of their prices are pretty scary though.
What usually is the problem is a few people per node that decide to leave their p2p on at full tilt 24/7. I for one do not have a problem with paying for monthly throughput (if I could get a reasonably priced 150GB package from Shaw I would) as I know I won't go over it. Other articles said in the US that some ISP was just cutting people off. Why? Make it clear what the caps are, and then throttle all traffic down if they go over the monthly limit. The problem for this to work is that they would have to have several bandwidth packages ranging for individual needs. Instead of just saying "you can do 100GB, but not with p2p" give the consumer a choice of package with no restrictions on the line. It's not perfect, and most ISPs are just too damn lazy to upgrade/change to deal with it.
I'm on Rogers and downloading a torrent right now, no problem. I must say, however, that if I use any client other than Azureus, my Interenet connection will mysteriously die about three hours after starting a torrent. Is the packet encryption for Azureus different in some way from what uTorrent uses? I had set both clients not to make any un-encrypted connections, in or out.
I am one of those people's who vpn, ssh, and uses bittorents in legal forms and had a hell of a time getting my old Rogers connection to play nice ever since some group of fucktard managers decided that we were getting too much value for our money. Rogers, Bell, those two elephants of communications in Canada both equally love to abuse their customers.
I know from a few engineering friends that Rogers' network is overloaded to hell. Devices are handling traffic x3 times what they were designed for. All this to cut costs and keep milking their monopoly. In the mean while, they know there are very few options for cable/dsl providers, and the other options are mediocre as well so they abuse consumers as they wish. It is the same with Bell, their phone service is overpriced and their customer service is the biggest pile of elephant dung I have ever experienced.
Here they are again, doing with customers as they please because they did not anticipate people were actually going to use their network as advertised. They are crippling one of the essential functionalities of the net and there is very little that can be done about it because the general public just bends over and continues to take it from Ted. Thank God I moved outside the coverage of Rogers and I'm using ACI+Vonage, they seem to be pretty consistent and reasonable with their bandwidth, we'll see how long until Rogers decides to buy them out.
[alk]
Not that I am defending their traffic-shaping ways, but just to set the record straight.
It does everything my old dedicated router did with less power usage, much smaller form factor, no fan noise and it has a decent web admin interface out of the box. Essentially it's like buying a tiny dedicated Linux router box that actually designed to be a wired/wireless router.
Thats why I pay a outrageous amount to a ISP for a true unlimited connection and no shaping of any kind.
Its worth every cent.
Rogers I believe dosn't throttle the speed after you go over the limit.
They just charge an additional $1.70 per gig that you go over.
"Various bittorrent clients implemented encryption because of ISPs trying to tell their customers what they could use the bandwidth they had purchased for."
Like not violating the law?
"If we had strong network neutrality legislation, it wouldn't have been necessary."
Someone above already addressed this piece of misleading prose.
"Telecommuting is too popular for this tactic to work in the US. There are some very powerful companies that have a vested interest in VPNs being reliable and responsive."
1-I doubt business class service has this problem (You know? The service that most 'cheapskate' abusers usually don't have.)
2-Since most companies directly or indirectly pay for their "telecommuting" employee's broadband connection. They would dislike even more any "questionable" traffic on "THEIR" connection. e.g. P2P.
"Our monopolies seem to be forgetting rule #1: don't piss off your regulators!"
And some employees are forgetting rule #2: Thou shall not abuse thy employer's connection.
I saw someone recommended software for Linux already. On the Mac I used to use Carrafix. I stopped using it because most of my p2p applications now have throttling built-in, and I find that sufficient for my needs. There is also a new kid on the block called DummyMac, which just is a front-end for the built-in dummynet. I've never tried it, though.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
The way I solved this problem was with a Linksys WRT54GL flashed with DD-WRT 3rd party firmware.
It works very well, and have been easy to set up. It's a cheap, small, quiet, and easy solution to the problem. As a bonus, you also get wireless (which can be turned off).
It's The Golden Rule: "He who has the gold makes the rules."
Don't forget the Skydome... er... I mean, Roger's Centre.
http://en.wikipedia.org/wiki/Rogers_Centre
Sometimes I wonder if I think too much.
That web host charges for usage. If anyone wants to hit this "minor-attracted" freak where it hurts all they have to do is leech the crap out of his site until he can't afford to pay for it and has to move to a host that won't tolerate him.
As for all the other stuff, there are lots of smaller DSL ISPs here, just they don't have advertising budgets as Rogers is a mega corporation here. They own radio stations, cable tv networks, cable tv distribution, voip, internet and cell phones. They can get away with it.
h tml
At least for now. Big companies that treat their customers like criminals are starting to feel the heat though. http://www.freedomforip.org/2007/04/this-just-in.
We are all just people.
I was a long suffering customer of this particular ISP (Rogers) and found that their shaping technology had such an impact on my relatively benign use of the net, that I switched to a small local DSL ISP - at 25% of the bandwidth - and I can't get over how much more stable my 'net experience is. I didn't think I had the choice - but you know, there are always options...
We had a conversation on Kuro5hin.org about this very topic. See here for the article.
There's a few things we gathered:
1. It's a "pedo crime" if 2 15 year olds go at it. Yet we consider them as adults in other avenues (that of murder/deadly assault).
2. The recent 14 year old who took webcams of herself is being tried as a kiddie porn collecter (or whatever). It's her own body, yet illegal. Wonderful florida law.
3. Pictures that end up on a school computer that have kiddie porn are ASSUMED to be a substitutes.
4. Prior cultures didnt halt sexuality as our culture has. Many aboriginal groups were sexual right after puberty. As a discussion, why has this changed? Was this change for the better or worse?
Frankly, I can discuss this (and other issues) without coming off as a complete "I HATE YOU BURN IN HELL" idiot as prior posters have. Just understand that your feelings are just that: feelings. I'd rather scientifically examine what was the past trends, current trends, and why things have changed in these ways.
Too bad K5 is hard to get into (rather nastyish clique)... unless you're floridasun. Who knows.
And chances are the small local DSL ISP is just reselling Sympatico. If Bell starts doing the same thing then you will see it occur. To be honest, the last time on Rogers I saw a difference was when I wasn't using uTorrent. Once I started encrypting with uTorrent the speed jumped up, not exorbitant amounts but back to what it was before Rogers started bandwidth shaping. This is just the ongoing war between Rogers and Torrent downloaders.
If it happens to be that they aren't doing it to my phub yet (I am on the west side of Ottawa, this sounds like the east side) then I guess I will just downgrade my connection to their lite version so they don't make as much money off of me.
I'm a Rogers customer. Just last night I was downloading something on Azureus and I noticed I was getting pretty decent speeds, probably the best speeds I've had in months since Rogers started traffic shaping. To compare I connected to a VPN at secureix.com, and the speeds were noticeably slower (but then that could also be because secureix is getting fairly busy now).
Anyways, time for me to dump Rogers. First they dropped their Usenet service, then they started traffic shaping, and now this. I'm tired of paying more money for lousier service. I imagine Rogers' business customers can't be pleased either, since many of them rely on encrypted services in order to do business.
"You will never, ever stop piracy."
Oh there's one sure-fire way. Simply don't produce anything that can easily be pirated. You want that statue of David? Better break out a chisel and some stone. It may never be zero, but it will be at the point of "so what?"
"Companies keep foolishly thinking they can and they fail every time."
I keep telling the Linux kernel team they should quit with this "security" thing. They will NEVER stop hackers from breaking in, so why try?
"ISPs should not be involved in protecting copyrights of these big media conglomerates."
Foolish geeks. It's not all about you. It's about keeping all you "hogs" from destroying their networks.
I stayed at a Marriott hotel last week in Long Beach that used stayonline.net as there ISP, and the network was horrid. My colleague figured out after two days that the reason he was banned from the network was for using a non-US encryption standard for his SSH. Total bull. Also, file transers over a few meg seemed to be throttled like mad, making it almost impossible to upload pictures until after I got back home.
bash-2.04$
bash-2.04$yes "Don't you hate dialup connections?"| write USERNAME
"Yeah, well in my area both the cable and DSL providers advertise "DOWNLOAD MOVIES IN MINUTES!!!1!!" get all the greatest tunes! Lightning fast games blah blah blah."
Are those encrypted?
In Alaska, everything but taxes cost more.
The do that here in Winnipeg too. The prices are:
- Lite: $20/mnth 256Kb dn 128Kb up - 10GB total per month
- High Speed: $30/mnth 5Mb dn 512Kb up - 60GB per month
- Xtreme: $42/mnth 10Mb dn 1Mb up - 100GB per month
- Nitro: $93/mnth 25Mb dn 1Mb up - 150GB per month
I can't imagine why anyone would pay $50 more for the Nitro package. I easily hit the 100GB limit with Xtreme. 2.5X faster with Nitro, it would be very easy to hit 150GB per month. For the price, that should be waaaaaay higher. 500 Maybe. But they don't even give you an option to pay for going over the total per month.Another thing to try if you have an old PC around (Pentium or better) is m0n0wall, which is a BSD based firewall that can be configured through a web interface much like other home routers, but still offers power features like traffic shaping - which I make plenty of use out of.
Have you tried tunelling VNC over SSH instead of raw X?
Then back on the ssh client box, do "vncviewer
And the tunnel will get set up each time you connect automatically.
"Unlimited" what? Everyone here seems to think that means bandwith. Everyone here also seems to not understand the laws of physics too. That leaves time. So you have "unlimited" time (subject to you paying your bill on time).
"If someone wants to be on 24/7 downloading from BitTorrent at $5/GB after they exceed the 10GB of included transfer for that month, thats perfectly fine (if they don't pay the huge bill at the end of the month, they will get a black mark on their credit rating or whatever)."
It sounds to me you don't understand how broadband works. It may seem fair to charge them for going over a limit. But in the mean time a lot of OTHER (You know? The people sharing the "unlimited"?) people will have to suffer with poor service until the "hog" gets through being a self-centered dick.
Doh. I just figured out why my vpn is slow even though I have fast internet.
That's with Cox cable btw. I get about 3 megabit down normally, and work is on 6mb symmetric, yet X is somehow unusably slow over the VPN, and VNC is better but still slow. Pings are usually 30ms to places in town, but around 300 over the VPN.
Vonage happens to have several ports which are critical to its service. Some of these ports have widely been used for worms in the past and many ISPs just block them since legitimate traffic on these few ports is so small in comparision to the flood of crap. This is Vonage's problem for not being flexible with their ports, not your ISPs. They are doing their job.
Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
I think you touched on something when you introduced steganography, and I think steganography is the way of the future when it comes to P2P.
Of course, then you have the problem of steganalysis...
In my locality in the exurbs of everybody's least favourite megalopolis, BitTorrenting using all encrypted connections worked like a charm right up until 1 January 2007. From that point on torrenting works in surges -- a few seconds or minutes or normal speeds, followed by a few seconds or moments of clogged pipes -- a seemingly regular periodic cycle of clench and release.
I can still torrent, but what used to take two hours now takes two days. (By the book, Mr. Saavik.)
For the record, I'm using Azureus for OS X.
Also since January my VPN connection to the office has been rendered practically unusable. Very, very sluggish. Rogers Support claims there should be no problem, and suggests it's because I use a Mac (in my experience, this is a thing retards say when they're stumped or lying).
All I can say is thank Xenu for good, old fashioned Usenet. Otherwise how would I get me Doctor Who stories?
My Usenet downloads still experience Rogers' advertized bandwidth.
These stories are free but worth money.
I was already on Rogers' 'unlimited' cable internet plans, when I started receiving usage notices. So I ponied up the extra $4.95 a month to go from their express package to their 'ultimate' package and 40 or 50 more 'unlimited' gigs a month (mainly to avoid hearing from them).
They ditched usenet access a couple years ago without lowering their prices? I was pissed, but still stayed on with them.
They started traffic shaping bittorrent traffic? I downloaded BitComet, enabled packet encryption and happily went on my merry way.
Now this?
F**k Rogers. They want customers, but apparently not customers who use their services to do as they choose.
If my encrypted traffic goes to shit, I'll be leaving Rogers for good and encouraging everyone else I know (who turns to me for tech help) to do the same.
Its not just internet providers, Google and Microsoft and Yahoo etall do the same thing for FREE Email. 2GB 10GB UNLIMITED email boxes? If we all fill that up they would be OVERSOLD. They DONT have the storage.
http://www.rense.com/general79/wdx1.htm
You are idiot. It has to be said. If a business (let us say a restaurant) start advertising "unlimited phone call for a fix price" and you were permanently openning a call with your aunt, you would not be abusing anything, you would be within the bound of your contract. And if the phone company is fucked up because they have only a limited number of switch, well they should NOT HAVE advertised a service they could not sustain in the first place !
P2P user are not ABUSER, they use what was sold to them within the limit of their contract !
Do not blame P2P user for doing something perfectly ok within their contract, or you look like idiot. Switch to an ISP which do not have "unlimited" advertising. Or blame your ISP for offering such contract at unsustainable price. But I repeat do not blame user for using what they were sold by the ISP ! This is especially true since my ISP (T-ONLINE) used to advertise downloading movie and music within minutes !!
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
My ISP Free.FR appears to be blocking GRE traffic, as I cannot connect to a PPTP server *cough*RELAKKS*cough*. I've forwarded port tcp/1723, but I believe that their Freebox is blocking GRE/47, even in plain modem (non-router/wifi) mode. There's no way you can open up GRE protocol 47 either, their webconfig only allows changes to TCP/UDP.
My exact same setup (using a Netgear DG834Gv2/TalkTalk instead of Freebox3/Free.FR) works fine in England.
Strangely enough since they've started blocking STMP/25 by default, they seem to have unblocked BitTorrent.
Free.FR either like to change their usage policies a lot, or they have a severely broken router/network.
It's funny that an ISP who claims to be so Linux-friendly (probably because they're using GPL code in their routers and don't want to get sued) they don't seem to allow you to do much with their service - you can't even configure your router without going through their website!
If you want a little more than m0n0wall - then try pfsense. Its built on m0n0wall but has far more features and a plugin system that allows 3rd-party packages to be installed like ntop and others. but it needs more resources.. m0n0wall was happy with 64MB RAM, pfsense's minimum is 128MB
My ISP seems to simply cut off the connection until midnight if you download more than (right around) 5 gig a day or something like 20 gig in a week. I'm sure if I called them they'd basically say it was a connection issue and was being resolved. Never really had a problem with that. I have to download an awful lot of shit to hit that limit in a day or week and I rarely do. I can run torrents, game and e-mail servers, p2p apps, basically gobs of shit; I've learned where their limits are and do the throttling myself off of my own router; [pretty simple to throttle P2P connections to a specific speed (especially since other people in the house don't understand that sharing is caring). Been with the same ISP for 3 years now, fantastic service. I've never even had to call em'.
They don't care what I run over the connection, they just fuck with the connection for people who use it way too much. The thing they want to avoid is the stigma of charging per meg or some other BS, which they don't, and shitty ISP's are going to continue to do BS and use words like unlimited; if an honest ISP started advertising their service on a gig-per-day service they'd have their customers flocking to their competition.
Bottom line is, if your ISP sucks, shop around. Otherwise you're a tool and don't deserve any respect.
Funnily enough, just yesterday I finally broke and called my ISP's tech support line after noticing a very big drop in speed for the last few days. From the test I ran it didn't even look like throttling of any specific services - simply congestion on their outgoing pipe to the world (I live in Israel).
/. users have the technical ability to do this.
:-)
Anyway, after 20 minutes of patiently waiting for the guy to run through the script, he asked me to hold for a minute, then asked me to disconnect and reconnect. I got a new IP from a different block from the one I usually get, and lo and behold - link was running at full speed (I'm assuming higher priority on the QoS).
Most of these companies will hesitate to actually let you know they are throttling, and count people just not noticing. If you run some careful tests, save the data and confront them (politely - no need to bite the helpdesk guy's off) there's a very good chance they'll simply make an exception for you rather than admit to throttling. I'm sure most
The only really annoying part of the conversation was when the guy on the line asked me to download a file from www.microsoft.com (which "sits in New York") and I had to guide through "nslookup download.microsoft.com", some IP locator sites and www.ripe.net to show him the server was not in New York, but sitting in Israel, in his own company's server farm
"can't run, can't hide...oh well, return 0"
since "delusional" and "retarded" aren't available.
The Hollywood content cartel company Sony gave us the Sony r00tk1t. The RIAA is trying to get exempted from anti-pretexting laws.
THESE are the people who will protect us from malware? Yeah, right, and Vista DRM is "enhancing" the user experience.
Do humanity a favor. Kill yourself. I recommend a bullet to the stomach, since it's obvious that given your lack of brain cells to rub together, an attempt to blow your brains out will endanger the public without affecting your ability to drool in public in the least. Don't worry about your family, it's better off without you regardless of your delusions to the contrary.
Tech Public Policy stuff
Parse error, missing ]?
-b.
That's evil - why not just gradually throttle back to 128kbps as your download amount approaches some cap? Disconnecting people's 'net connections which they may need for work or even phone service == not good!
-b.
-b.
That's encrypted, so won't it be throttled, too? And OWA is slow as hell on the best of days - I hate to think how bad it would be if throttled.
And if you're using outlook 2003 or later with exchange 2003 or later, you can use RPC-over-HTTPS to connect using SSL to connect with strong encryption without a VPN.
Does this require a key from the employer, or does it use a key-transfer protocol like SSH? If it's the latter, it's only as strong as the weakest password chosen by an employee. Much better to channel all traffic over something like OpenVPN and set up long keys for each client computer - essentially, make the comp with the key on it a "dongle" in addition to the usual password protection.
-b.
I wish that Slashdotters would stop their blanket bashing of "businesses." Yes, large corps. are often sterile and intransigent, and use unfair means to compete. But most businesses in the US are still pretty small, and (like my IT/soon-to-be-engineering-design) business, are just owned by working Joes out to make a decent living for themselves without the annoyances of working for someone else. And, believe me, it's hard work; though rewarding at the end of the day.
Besides, what about their employees? It would be mighty inconvenient if sales employees couldn't work from the road, etc.
Regards,
-b.
Locked down? Try putting that VPN'ed connection on a Virtualized PC. It works ok and lets you use both secure and insecure traffic at the same time.
But on a business connection of 12m/1.5m I actually get 12m/1.5m most of the time with multiple static IP addresses and no limits on what I can do with it. It costs $249/month, but even that is a deal because the alternative would be a dedicated T1 that only has 1.5m/1.5m for twice the money
12/1 is what I get here, and I get it virtually always. There are moments where it will drop to 10/1 but thats exceptional.
Oh, and I do get a fixed IP
And port 25 and 80 are not being blocked
I even have permission to run my own servers
Guess what, thats all on a standard 'residential' DSL connection costing approx $50/month.
I could get 24/1 with the same conditions for approx $90/month.
The difference? I live in a place where the government actually decided they have to actively undo the damage of the telco monopolies of past times with the result that there is real competition. Oh, and the government here also thinks that consumer protection is somewhat important so advertising for 'unlimited' plans has consequences for those advertising, either keep to the promise or face serious fines.
Sometimes you do need regulations for a limited time to undo the damage of previous monopoly granting regulations.
Oh lookie another genius. Guess your school stopped teaching physics and critical thinking skills. Repeat after me; "there's no such thing as an unlimited bandwith connection". Shannon addressed that issue a couple decades ago. So you belive that if someone says it's OK, then it's OK? So if your contract said it was OK to beat up our employees? Would you actually go and beat them up? Or would you apply some of that critical thinking skills and realize that just because someone says it's OK doesn't mean it is. Plus since you are so gung-ho about contracts, you might want to read the TOS sometime. A lot of these "hogs" are saturating the connection to the detriment of everyone else (the very definition of selfishness in my book). ISPs have every right according to the contract you didn't read to take any action they deem necessary to correct the situation up to and including making you someone elses problem (bye bye customer). Hope your reputation doesn't travel with you. ("sorry we don't want you as a customer either"). Kind of hard to have "rights" if you don't have someone to exercise them on.
"This is especially true since my ISP (T-ONLINE) used to advertise downloading movie and music within minutes !!"
For a geek forum your inability to throttle your connections is most telling. Saturate away since you all don't give a damn about anyone else.
Simply inform all users of campus e-mail that Rogers Cable is NOT supported, and that any students who want to use it need to switch providers.
After Rogers loses 10K customers or so, perhaps they'll think about bringing their service into the 21st Century.
Tech Public Policy stuff
Heh, I'm not using a big grey box either. I'm using the Soekris net4521 embedded system (http://www.soekris.com/net4521.htm) w/Pebble Linux running on a CompactFlash card. This uses very little power as well and has a very small form factor and no fan noise, not to mention I have the freedom to do whatever I want with it since I'm running Linux on it :).
Commercial packages of Rogers, don't guarantee anything anyway, they say it plainly, that you will get faster call backs if you have technical issues with your wiring, but at fixing global network connectivity you get same treatment. Hence get a leased connection and you'll get a flunky you can yell at if you have any problems. In general though even if you get leased line from Bell, you'll still won't get anything resolved. They simply don't care. Since only Bell is allowed to run dedicated connections here, likes of T1, phone and optical fiber. Really a scam. Rogers was decent for a while, but we all knew that they will screw it up sooner or later. Wring every penny from their users.
cheers.
I hadn't heard about that. That would be really cool if it were true. As it was posted on April 1st, I'm still a little skeptic, but do you have another reference where it would have been confirmed true?
After 3 days without programming, life becomes meaningless
- The Tao of Programming
HTTPS doesn't need & shouldn't have high priority. It's a waste of low latency bandwidth. Real time things need low latency - phone calls, video conferencing, streaming audio & video, etc. A web page doesn't need that type of connection. Trust me, you're not going to notice if packet 4 has to get retransmitted when there are 45K packets in the page. You will notice it on a voice call.
SSH as a protocol, also doesn't need low latency - it's just an encrypted terminal emulation. However, when you start tunneling X server data over that connection, then you need low latency. Perhaps SSHH & SSHL protocols to diferentiate the useage of the connection?
I pay for the Rogers commercial Internet, and let me tell you even it's running like ass lately. Which is a pain, I'm a computer science major and, for instance, when logging into a remote cluster of computers (I don't know, say for your research) you almost always use an encrypted connection. Not to mention I have a big distributed systems assignment I have to show off tomorrow, and I can't serve it from home the way the network is currently running (keeping in mind this is allowed on the Rogers corporate package). Thanks a lot Rogers.. There are some people out there who, believe it or not, use their Internet for checking more than the top 10 corporate websites (youtube, Google, Yahoo, Msn, etc.)... This is why I upgraded to your commercial service in the first place (so I would be allowed to serve things)... Thanks for making an already stressful time of year for a student more stressful, with your ridiculous packages... It must be nice having a near Monopoly like you do in these parts aye?
Because this doesn't solve the fundamental problem :
With this system a couple of hundreds MBytes are pretty cheap (couple of cents in worst case), if you want to download some ISO you can do it without problems.
If a new distro is out, and several hundreds of users download it, it's still OK.
*BUT* if Microsoft releases some important service pack, suddenly there are several thousands of users (mostly 95% of all userbase) downloading the huge file. In theory they could each easily pay for it, but if the incoming "pipe" isn't large enough, for example say that the ISP is connected 1Gbps to the interweb and that 100k users start to download simultaneously the service pack, their individual speed will drop to 10Kbps, and they won't be happy : they are paying for a service and not getting it.
Just like when the ISP is selling a package as "unlimited" and then shaping traffic.
The problem is, the ISP is only connected with a limited bandwidth to the internet. So there's a theoretical limit that users can reach.
If a ISP has a 1Gbps connection and 100k users, it can't 100% surely advertise bandwitdh above several dozens of kbytes.
When facing such problem, there are only few solutions :
- To advertise a service with a minimum guaranteed bandwidth (like "10Mbps" : no matter what other clients do, you'll always get that bandwith). If some people want more bandwidth, the ISP can sell more services with better bandwidth at a higher price. By cleverly setting the price points, the ISP can mange to have a mix of users of all categories whose total bandwidth doesn't what he can resell. This the only REAL solution.
This is exactly how it works in Switzerland. We may have the crappiest DSL ever (still advertised using kbps figures), but you know what you're paying for and you know that no matter what, you'll never get lower bandwidth than advertised.
This is also how it works in other parts of Europe, except that sometime the ISP advertises services as "up to xx mbps" (which means : maximal bandwidth when conditions are good, see small print for minimal bandwidth under which service will never drop).
- To start shaping the traffic : some specific trafic is blocked or limited. By doing so the ISP hopes that, with unlimited. This starts to look like false advertising (the service is supposed to be unlimited but, apart for some special usage like Web and IMAP, some or most of the traffic has a limit), but help the ISP not overselling the bandwidth it has.
This solution is ethically wrong
- Similar to the last one, except instead of shaping random traffic types, the ISP asks web-citizen to pay for the right to have their webpages served to users. Not only does it limit the overselling (if not website pay money, some aren't accessible, users have less site to browse, hence their browse less and don't eat the bandwidth ofg the ISP's connection to the interweb), but also it fills the ISP's pockets.
This solution eats babies.
- Per GB price : maybe will force some person to lower their internet consumption, but doesn't, per se, avoid the situation were the total bandwidth of all users exceeds what the ISP gets from the backbone.
This solution is useless.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]