Slashdot Mirror
P2P Traffic Shaping For Home Use?
An anonymous reader writes "My housemate uses an aggressive P2P client, that when in use makes the Internet unusable for everyone else connected to the network. After hearing about various ISPs shaping traffic to reduce P2P traffic, I was wondering if there was a solution for managing P2P traffic on a home network. I have a Linksys WRT54G available for hacking. Can Slashdot recommend a way to reduce the impact of P2P on my network and make it usable again?"
Which version? Check the model tag, it should say there...
Don't tell me to get a life. I'm a gamer; I have LOTS of lives!
Install OpenWrt, then:
/etc/config/qos
ipkg install qos-scripts
vi
[ enter your linespeed in the right place ]
qos-start
How about just nicely explaining the problem to him, and requests he runs his P2P stuff overnight when no one is using the connection?
If that doesn't work, well, his port on the switch might mysteriously fail during waking hours.
Oolite: Elite-like game. For Mac, Linux and Windows
Seriously. An arms race is not going to solve your problem.
Just set up QoS such that VOIP, SMTP, HTTP, HTTPS, and whatever else you care about gets prioritized.
In the days of Napster, a nephew of mine spent a year living with me while going to college nearby.
His use of Napster would make the cable modem connection unusable. In response, I'd go to the home firewall device (had one of the early Linksys models) and block the traffic.
He thought the cable company was doing it.
Beat the shit out of the fucker.
Tell this person to stop being a hog and to drop upload and download speeds so that other people can use the net. This is a social problem that doesn't need a techno fix. Either that or tell them to get their own connection, stop sharing it with them.
you can put it between the router and the net if you're using the wireless capabilities.
a forum about traffic shaping with smoothwall
http://www.linux-noob.com/forums/index.php?s=dffc19493975498724b50564217f05e4&showtopic=3250&pid=11502&st=0&#entry11502
smoothwall linux
http://www.smoothwall.org/
https://www.gnu.org/philosophy/free-sw.html
Switch to Comcast!
a. 1st off and most importantly make sure the internet connection isn't in your name so you are not the one who gets sued by the RIAA b. go get DD-WRT (check your WRT54G version..later one's suck) then set up the traffic shaping QoS feature. http://www.dd-wrt.com/wiki/index.php/Quality_of_Service
actually I am happy to see you, however that is in fact a banana in my pocket.
My Linksys WRT54G is notorious for getting slower and slower over time when we use P2P here at the house. I found that rebooting it every day helped. Not even DD-WRT made that problem go away. I think the Linksys just didn't have enough "oomph" to do traffic shaping. There's an interesting solution I came up with - buy a second Linksys and flash it with DD-WRT. Turn on traffic shaping for all ports. Use the second Linksys as your Internet facing router, and leave the default firmware on it, but define the second Linksys as your DMZ system. It works, and for some reason the first Linksys doesn't need to be rebooted all the time.
-Somebody stole this sig.
I have the same issue at home, except I'm the one who is running bittorrent. As of right now, it is not perfect, but it has greatly improved since I started doing tweaks. The first thing I did was install DD-WRT on the router. After that, I maxed the connection limit to 4096 and set the timeout to a low setting, like 5 minutes. From there, I did some modifications to the QoS settings. If a wired connection is used, set his connection to the lowest priority, and the rest to the top priority. This is not perfect, so I'm still tweaking things to obtain a better outcome. The other suggestion is to tell him to use the scheduler feature found in the bittorrent client; a little bit of downtime at peak times goes a long way to keep harmony at home. -Lilkat
Raise priority for
- Web (Http and https, maybe also 8080)
- DNS (UDP:53)
- Mail (SMTP, IMAP, POP3 (including SSL versions))
- IRC (if you use)
- FTP
- SSH, Telnet
- All TCP acknowledgement packets.
- Maybe some gaming protocols (Directplay, WoW, etc - these unfortunately require checking docs for each game)
that way, you have whitelisted most of the "interactive" protocols that suffer from loaded link. No need to keep chasing after the latest encrypted, onion routed P2P application that happens to be flavor of the month. The biggest problem is the online gaming stuff.
I love how people pimp their own client. But nearly every PTP client I've touched, has bandwidth limiting. Some of them, uTorrent included, allows you to schedule your bandwidth.
The real problem here isn't traffic shaping, but about traffic courtesy. Your housemate may not know how much trouble their causing. Talk to them. Get them to set their max speeds to 1/2 or 1/4 of the available bandwidth.
They may be surprised when their OWN web browsing gets better.
Yet this does all hinge on you talking to said housemate. Go talk. I've had the "talk" and been the person talking to the housemate. It usually works out well.
You would have to be crazy to be sane in this world. -Nero
It also has QoS features, and a nice AJAX interface.
Presumably saying "Hey, dude, can you throttle the hell out of your P2P? I'm getting no net whatsoever." is not an option.
If so, yeah, you could try looking into the alternate firmwares for the router; they let you throttle stuff based on ports. You'll have to look at the serial number to know for sure if you can stick that in, or spend like $80 or whatever for the WRTGL, which has enough firmware space to do fun things.
egypt urnash minimal art.
What about talking to the housemate to get them to use a less aggressive client? Most P2P software that I know of has bandwidth cap options built in, which makes me think the poster is trying to do this under the table. How is the housemate going to react if/when they find out about it? Is this really a problem that's best addressed with technology?
Visit the
My housemate has a machine setup for bittorrent, when we first moved in together it was very annoying as he seemed oblivious that running it all the time meant that my connections were slow, dropping all the time & unusable.
So I spoke to him, you know - in a rational way. It's now scheduled for the nights & days when we're either asleep or at work with a few hours in between & most of the weekends where it's either throttled down to 10k/s (by uTorrent) or stopped completely.
On top of that we've got a Smoothwall box with packet prioritization for ssh/web/email/im etc. but no bandwidth throttling.
At the end of the day, if you cant come to an agreement then it's probably just gonna get worse for you two and there's nothing you can do to stop him being an asshole.
tell him that his .torrent-ing is adversely affecting your social life on WoW. He'll either understand, or not.
If not, just use some DPS and hide behind the couch....
http://games.dlink.com/products/?pid=370
Works well, but is rather expensive. Has an oversized NAT table to help with UDP server pings, so this will remedy and torrent problems you might have with your current setup.
QoS system is fairly flexible with an intuitive GUI and many preconfigured service options.
Has an option to pack the output frames completely (harms XBox Live possibly) as well as delay non-prio packets in favour of VOIP/gaming/as you configure.
Matt
http://www.openbsd.org/cgi-bin/man.cgi?query=pf.conf 'nuf said
First step would be to find out what type of P2P he's using and (if it's not recognized by DD-WRT) what ports. Drop those down to bulk priority. Raise special activities like https web browsing to express (on the assumption that connecting to an https server means you're doing something important like accessing your bank). Stuff that's time-critical like VoIP and gaming should get premium priority. This took care of 90% of the problems I had.
The remaining 10% proved extremely tricky. Newer bittorrent clients default to encryption on, and it was getting by the QoS. I tried tweaking all sorts of settings to mitigate this without success. What eventually worked was a setting anything on ports higher than 1024 to bulk priority, then specifying certain ports as having higher priority. This is the QoS equivalent of switching from allow all and blocking things you don't want, to deny all and allowing things you do want. That seems to have solved the bittorrent problem.
The only problems that remain have to do with http and ftp transfers of large files. If someone sticks a 40 MB file on a web site, the router can't tell it apart from regular http traffic, so you can't drop its priority without also affecting regular web browsing. In one case a user was running a program to download an entire web site - that was killing the network since to the router it looked just like a lot of web browsing. Same with ftp - if you drop ftp's priority so the 100 MB transfers are bulk, the small ftp files like certain software updates are also bulk.
Nerf guns at 20 paces, last nerd standing wins!
Down With Slashdot BETA!!! I've been around the corner and seen the oliphant; you can only abuse me from your perspecti
In the Administration section, on the Management page, make some changes to the IP Filter Settings. Set the Maximum Ports to 4096 (the maximum), and the Timeout values for both TCP and UDP to 120 seconds.
Running Azureus used to kill all the other network activity on my LAN. These changes made all the difference in the world.
Lemmings are silly; dinosaurs are extinct.
Yea, I finally gave up on DD-WRT. It was unstable and a resource hog. Tomato is a MUCH better option if you want a web gui.
My pings dropped 10ms and the QOS actually works.
Gone!
There is some controversy surrounding DD-WRT; you must decide if you want to support them or not. I use OpenWrt with the X-Wrt extension, which also has powerful QoS functionality in a GUI.
OpenWRT hardware requirements If it's version 4.0 or earlier (or the L model), it has enough RAM and flash (16MB, 4MB respectively) to run OpenWRT, or other wrt54g-friendly distributions. (OpenWRT is pretty cool; it has an olsrd package you can install from the web configurator, and with a little bit of effort you can make an ad-hoc mesh. Not useful for traffic shaping, but interesting nonetheless. I expect there are probably tools available to do traffic shaping with OpenWRT as well, I just never needed to mess with that.)
Grab the Tomato firmware for your Linksys. Tomato's QoS features are much easier to configure than others like DDWRT. With Tomato, you don't need to be a Linux networking guru to do what you want. Tomato also handles P2P very well. You can pound a WRT54 running Tomato with heavy P2P traffic 24/7 for months with no perfmrance problems. No resets required. Grab it here http://www.polarcloud.com/tomato/
"Liechtenstein is the world's largest producer of sausage casings, potassium storage units, and false teeth."
As someone mentioned in a previous post, it's much easier to just whitelist priorized services such as ssh, telnet or gaming protocols than wasting too much CPU cycles on detecting obscure P2P protocols with layer 7 filters.
... ...
Personally, I use iptables & tc to setup a simple HTB (Hierarchical Token Bucket filter) system with 3 priority levels:
- Interactive: SSH (with Minimize-Delay TOS-Flag), Telnet, Jabber,
- Medium: HTTP, IMAP, SMTP, POP3,
- Low: All the rest
Shaping the upload speed is my only concern. All 3 classes may use the complete upload bandwidth. The interactive HTB class gets a guaranteed 90% of the bandwidth and a high burst value. The lowest HTB class has a burst of 0 and about 5% guaranteed upload speed.
While this is only primitive setup, it allows lag-free ssh with an unlimited upload in the background.
An in-depth how-to about the Linux Traffic Control system: http://www.tldp.org/HOWTO/Traffic-Control-HOWTO/index.html
A short pragmatic example using HTB & SFQ can be found here: http://gentoo-wiki.com/HOWTO_Packet_Shaping
Instead of cheaping out spend $30 a month for your own cable or DSL connection. Or, as many have suggested, just talk to the guy.
Barring that just connect the 220v dryer line to the wall socket in his room and hope that he got his power bar for $5.99 at WalMart.
Or even better please all of your room-mates and just move.
Three Squirrels
This is true up to a point. It should be easy to get the offending roommate to cap their bandwidth, but it should also be easy to install a traffic-shaping router (though sadly it's not), and then the problem would be solved without having to get the cooperation of everyone (and every program on every computer) on the network, and for everyone to be constantly self-policing their own network usage.
To solve the problem in one place at a higher layer of abstraction will be more likely to prevent the problem from recurring in a different form later on.
Of course, being on friendly terms with your roommates about these sorts of issues is more important than how the problem is ultimately resolved.
Tell him if he doesn't stop using P2P while everyone else is awake and using the net then you're going to cave his skull in with his monitor.
You'll either make him stop or make him press charges. Either way it probably won't be an issue for you anymore.
I'm sure the reaction of physical violence isn't one most Slashdot readers would take. All that heavy breathing would just tire us out too quickly.
Give a man a fire and he'll be warm for a day. But light a man on fire and he'll be warm for the rest of his life.
From the uTorrent FAQ: "The default firmware for Linksys (and all replacement firmwares except for the latest DD-WRT and HyperWRT Thibor) have a severe problem where they track old connections for FIVE days, which causes the router to hang when using P2P apps, or any software that generates a lot of connections. DHT only aggravates the situation because of the number of connections it generates."
Does NOT apply to WRT54G/GS v5 and up.
HTH
Or save the ten bucks a month in electricity and show him how to set his bandwidth limits in his client.
The lengths people will go to avoid social interaction these days.
If you can't have a frank conversation about communal resource usage with your own roommate than your have much bigger problems than mere router configuration will ever solve.
I'm sure you guys have laid down basic guidelines governing how you'll split up paying for and using shared stuff. Like, "Hey dude, if you insist on running that 20 node Beowulf cluster in your room to crunch SETI work units all day, you should pay more for electricity." Or if nothing that specific, at least rules along the lines of "neither of us should monopolize the common area on a consistent basis preventing the other from ever having guests over."
I don't think shared Internet usage should be any different. If you're the administrator of the network at home, it seems that what you're suggesting would be tantamount to setting up bear traps in the common area to discourage over foraging by your inconsiderate roommate. Of course, if he/she is that much of a boor, maybe you have no choice.
Bottom line though: it would probably be better to talk it over with your roommate rather than putting the smack down with filters and such... in the end, there'll be a lot less resentment from both ends.
Honestly, this is the reason ISPs are moving toward throttling, packet shaping, and simply capping the bandwidth. There's a minority of bit torrent users hoarding the bandwidth so that they can hoard piles and piles of movies, music, and games that they have no reasonable expectation of using. "hey check it out man, I have the entire Simpson's series dubbed in Japanese!"
New! Device Legs: These legs will help your poor OEM installed product escape any hamfistedness it may encounter. Ava
Whether your roommate knows he's using all the bandwidth or not you should approach him about it and settle it.
When did people get so afraid of each other?
PM
QoS is really a must if you're sharing a connection and somebody runs Bittorrent.
I disagree with the idea that traffic courtesy is the problem. We all want good torrent speeds. There is no reason to arbitrarily limit your torrents to 1/4 of the max upload bandwidth when the connection is probably going unused most of the time. Voluntary bandwidth limiting is still no substitute for a good router.
I have set up both (uncrippled and crippled) versions of Linksys wireless routers and a couple Buffalo routers with the same Broadcom chipsets. The DD-WRT has terrible QoS and should only be used when you need the lite version. Tomato is the way to go, as half of the posters seem to be saying.
You've already got a router up and running. Why not make it do its job efficiently? I think you underestimate the value of prioritizing web traffic and DNS queries. Before trying tomato, I put my uTorrent through the most draconian bandwidth caps I could think of. Upon switching from DD-WRT to Tomato (default settings), my household went from "my firefox doesn't work" to rock solid browsing all the time.
The best piece of professional advice I ever received was this:
"Don't use software to solve social problems"
This seems pretty apt here - instead of spending money and time trying to do this the hard way....
Just fucking smack him, and tell him to behave responsibly or lose his internet privileges.
"Tomato is the way to go, as half of the posters seem to be saying."
my original suggestion was to use smoothwall's QoS. but some people felt tomato would be better than a smoothwall setup, the only reason i like smoothwall is you don't need to flash a hardware router, and if you use an older PC it will use less power running smoothwall than it ever did running windows, for whatever reason any PC from the 486 on, always uses less power running free open source software than running windows, i think it's the 'system idle thread' i think it literally makes the cpu busy out rather than fall asleep...
never had a problem with a Linux or BSD system doing no CPU activity, just routing a few packets and letting the cpu idle and use any on chip power savings... when i first switched my 486 from 24/7 windows to 24/7 freebsd (in 1996) i saved $10 a month in electric bills. (i still have the bills but they're in storage) plus, i never had to reboot freeBSD windows would crash every week.
https://www.gnu.org/philosophy/free-sw.html
He's from the RIAA, and he's part of a research to find ways to fix the problem at the root.
Shoes for Industry. Shoes for the Dead.
I use ipcop http://www.ipcop.org/ for my home network - it's all of about 40 megs (well it was, I see the new update is quite a bit bigger so I may be low on that figure) and can run on any old pc lying around.
It can do the traffic shaping you're wanting, plus, I found, especially when I am doing p2p downloading or some online gaming, my old netgear (very old) couldn't keep up and would drop packets. I saw my download speeds go up significantly and I have the opportunity to do traffic shaping if needed.
It's free (donation) and very simple to set up. You don't have to be a linux guru to set it up, it has a web based interface for configuration.
It works great for me.
Illiterate? Write for free help!
Even the most expensive residential router chokes on the shear number of connections your average P2P client tries to maintain.
I modified my WRT54G's setting to be just a wireless access point and switch by disabling the DHCP server - then built a cheap Smoothwall firewall using an old P3 800Mhz with a pair of pci nics.
DSL -> Smoothwall -> LAN Port 1 on WRT54
Leaving the WAN port unused, I still have three ports for wired PCs (nearly unlimited with the addition of more switches) and wireless works without a hitch. The WRT's job is just to be a switch and manage wireless authentication and encryption.
The Smoothwall easily handles the traffic without slowing down other clients and (bonus) has QoS built in.
It also provides web caching, email antivirus, DNS, NTP, Snort IDS, and so much more.
Oh, and it's totally open source and available for download from smoothwall.org
Good points, valid points, granted, and what exactly do the computer makers think people actually *do* with hundreds of gigabytes of hard drive space, type up school reports and recipes? And look at the freekin ads for the big ISPs, smiling happy people and advertising "blazing download speeds, enjoy movies" and etc. So? Where's the beef when people really try to do that? Why does unlimited really mean limited in the fine print?
This is like the wink wink nod nod industry. The big pipe providers (in the US) though already got paid 200 billion dollars to roll out true high speed internet all over and did about bupkis with it except squabble over the low hanging profitable fruit in some select areas. The bulk of the nation gets grade C alleged broadband or not even that. Cry me a river of crocodile tears, like the auto industry in the US saying they can't make high MPG cars when they *sell* high MPG cars in Europe. In short, always read between the lines when big corporations bitch about stuff. It's just *cheaper* for them to do "throttling, packet shaping, and simply capping the bandwidth." than it is to actually, you know, improve the infrastructure from end to end. The fatcats Cxx whatevers and big pirate wallstreet "investors" ain't happy being millionaires anymore, nope, that ain't enough, they all got to be *billionaires* now and the only way to do that is to screw their customers over and bribe off government so they can get away with it.
Frankly, being on dialup and being told directly by the lineman when they ran out new phone wire when I moved in here that they would *never* install anything good enough for DSL unless ordered to by the government (that is an exact quote when I asked him him if I could now get dsl and he was a smug and condescending ass about it too, BTW, near giggling over being able to screw a customer by charging for tissue paper phone lines with constant buzz and noise and crappy connections), I have little sympathy for the monopoly broadband folks and the entrenched telco cartels. I also have little sympathy for that roomate who was hogging what was available, and offered two fast solutions to that exact problem, because I have been in that situation with roomates and that is what we did, multiple lines, problem solved. If that crap-geting full seasons of the simpsons dubbed in japanese-is so important to someone, that they have to leech 24/7, let them get their own freeking line, that's what an adult would do anyway (loosely used term for anyone who would actually do that of course..seems rather silly to me, and the other roomate who I guess the net connections name is in is leaving him or herself open to getting *popped* by the the MAFIAA some day, another boneheaded decision). But if the telco folks would have their feet held to the fire by the government and the FCC the US could be on top and not like number 16 in the developed world for decent net connectivity, and then everyone might have some decent throughput and bandwith.
Most places, if its cable, they've been there for years and have been milking a granted local monopoly with zero competition (and I remember before they even started, sat through a county commission hearing when they promised "no commercials, really, trust us!"). If it is the phone company, they've been mostly milking the same wires they strung up when alex bell was running things. I grew up with the "one" phone company and their pure asshattery corporate mindset, and I can tell you, it never went away even after they were allegedly "broken up", it's just a cartel now instead of one company. All that money they got went someplace, but a whole heaping pile of that 200 billion did not go into the last mile solution very many places except at the bare minimum possible level they could claim was "broadband".
It's not just a courtesy thing. You can solve a lot with traffic shaping and other configuration, allowing your roommate to maintain relatively high bittorrent speeds and still have a decent web surfing experience. The one thing, mentioned above, is QoS. The other thing you might want to look into is the size of your router's NAT table and its TCP timeouts. If your roommate has 500 concurrent TCP connections out of a possible 512, that's going to slow you way down. If, on the other hand, you're looking at 500 out of a possible 4096, you should be in a lot better shape. You'll still *notice* when there are bittorrents running, but your internet should still be usable.