Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: How To Diagnose Traffic Throttling and Work Around It?

Posted by timothy on from the watch-where-the-soap-bubbles-emerge dept.

Aguazul2 writes "I live in Peru and use OpenVPN to connect to my own Linux VPS in the UK for non-live TV. Recently the VPN connection has slowed to a crawl (5% previous rate). Further investigation shows that all connections to my VPS from Peru (even HTTP) are equally slow, whilst the rest of the 'net seems fine. My VPS host says they do no traffic shaping, and connections from Germany to the VPS are fast. This leaves the NSA and Telefonica (Movistar) as suspects. Could the NSA be slowing all VPNs to/from South America because of Snowden and Greenwald? A traceroute shows traffic going through domains with NYC in their name — are my packets being indefinitely detained in transit? Or maybe it is Telefonica and their Sandvine traffic management? Either way this certainly isn't network neutrality, especially on an 'unlimited' plan. Is there a way to tell for certain who is throttling me? If Telefonica have throttled traffic to/from that one IP address, what options do I have to work around it? It seems that separate connections are throttled independently, so can I multiplex over many UDP ports without having to hack OpenVPN myself? This is really frustrating, especially with two untrustworthy parties on the route. I wonder, is this kind of mess the future of the internet?"

12 of 251 comments (clear)

  1. NSA by Dan+East · · Score: 5, Insightful

    I've had a client I provide consulting for suggest that their poor connectivity is also in some way due to the NSA. People need to understand that it is paramount to the NSA that they are covert. They do not need to do real-time processing of the data: that is only necessary for filtering. It suffices for them to simply capture raw data for later analysis or decryption as necessary. Of course capturing data does not result in any slowdown or other noticeable effects. It does not make any sense whatsoever for the NSA to be slowing or otherwise blocking connectivity, as that is counterproductive to the acquisition of intelligence data.

    It's just amusing to me to see NSA as the scapegoat of the day for any quirk anyone experiences related to computers or connectivity in general.

    --
    Better known as 318230.
    1. Re:NSA by girlintraining · · Score: 5, Insightful

      It does not make any sense whatsoever for the NSA to be slowing or otherwise blocking connectivity, as that is counterproductive to the acquisition of intelligence data.

      That's generally true. The NSA is competent. But not all government agencies are... and not all of those agencies work for the United States either. So I can't conclusively tell you (nor can anyone else) that it isn't the result of some law enforcement action that's causing your internet connection to behave strangely. What I can tell you, is that it's pretty unlikely.

      The more likely explanation is QoS being implimented that targets either based on IP, subnet, port, or content. Content-aware QoS is pretty rare, but it is out there. Alternatively, it could be a misconfigured router, or an oversaturated link. Traceroute and measuring the latency during TCP handshakes to various ports both to the destination of interest and elsewhere would help identify this. Lastly, it may not even be network-related; it could be the server itself that is slow, or the application it is running on. In today's 'cloud all the things!' service model, there are all kinds of weird performance glitches due to complex interactions within the cluster. For example... several data centers bought the (server) farm during the last addition of a leap second, as circuit breakers tripped out due to sudden load spikes.

      The fact is, without a lot more information from the OP, this question simply can't be answered. It could be one of dozens of different things... all we can do is give odds on the likelihood of what it might be... and I'd put the NSA pretty far down the list. The 'NSA Effect' is the same thing happening now in the media that caused people to beat the crap out of random muslims out of 9/11, or jerkwads in Florida to shoot black kids -- perception and media attention creates a new social reality. Social reality is not based in actual reality, however... but it's stuff like this that gives rise to all kinds of prejudices -- racism, sexism, religious persecution... it's ironic that the NSA's surveillance policies are based on such faulty logic ... and now they are the victim of it as well. Ah, but I digress... short answer: Your router doesn't need a tin foil hat.

      --
      #fuckbeta #iamslashdot #dicemustdie
    2. Re:NSA by noh8rz10 · · Score: 4, Insightful

      WOW is this what the world is coming to? anywhere in the world, when there's a bad internet connection, the first question is "is the NSA throttling me?" HINT: the NSA won't throttle you, they'll spy on everything you do.

    3. Re:NSA by Antique+Geekmeister · · Score: 4, Insightful

      Given that they did, in fact, cause poor connectivity for critical west coast trunk connections at AT&T with the "bent fiber optic" taps installed in Room 641A, it seems that interfering with a typical customer's bandwidth is not their highest priority. While there are ways in many environments to tap data surreptitiously and at full bandwidth, such setups are often quite expensive and instead done with less sophisticated, possibly slower devices and bandwidth throttled to allow full data capture.

      I've certainly seen this in industry when monitoring a network problem, where we throttled the bandwidth so our monitors could keep up and analyze who was abusing our systems.

    4. Re:NSA by dubbreak · · Score: 3, Insightful

      You can type in full words with very little overhead.

      --
      "If you are going through hell, keep going." - Winston Churchill
    5. Re:NSA by Anonymous Coward · · Score: 5, Insightful

      Yeah, NSA tech guy, we really don't think you should be listening in on our business plan and buying up stock before we announce the acquisition...
      Lotta non-poilitical reasons why a person might want to encrypt communications. I do have something to hide AND I'm not doing anything wrong.

  2. From an ISP network engineer by Anonymous Coward · · Score: 5, Insightful

    If you are a US ISP, it is required that you have monitoring in place. If you don't want to hamper your entire infrastructure while doing so, you get a bunch of taps and install them all over your network. One very good provider for this is Gigamon. Taps do not add any latency in your traffic. They are completely invisible to all other network devices. Traffic shaping (throttling) is done by the source typically but can be done at the destination ISP. Basically, your connection is assigned a Package in the Shaper. The packages determine how fast each classification groups of traffic are allowed to go. Classifications are determined by whoever manages the shaper for that ISP. Shapers can also dynamically change the speed you are allowed to have for a classification group based on bandwidth used, time used, and volume of traffic.

    If you are not throttled from Germany to your home but are from Peru to your home, chances are you are throttled from your ISP in Peru. It is typical for transits to cross borders, so your traffic going through NYC is normal. BGP (the routing protocol of the internet) determined that to be the best path. This is mostly managed, but is still fairly dynamically determined by the routing protocol.

    Course of action: Switch ISPs, get a new IP address (if they are not very good at configuring a shaper this will work, otherwise not), try a proxy, stop using it for a day or more and it will go away (temporarily most likely). This is done dynamically in the shaper. There is not some dude with his finger on a 'throttle' button. Everything is automatic. Just figure out the how their throttling deterministic state diagram works and you can avoid throttling. Most likely they are throttling you because of your volume of use. It costs a lot for transit access and you are using more than most others by streaming through a vpn.

  3. OMG NSA SPOOK SCARY! by BitZtream · · Score: 1, Insightful

    Seriously, get a grip. Your precious little VPN is something they do not give a single flying frak about.

    IF they did, you would never know. Duping a packet to another port for the NSA costs you exactly 0 in latency. Its done in silicon, and its no different than a broadcast packet as far as the hardware is concerned, i.e. 0 performance penalty.

    You're pointing fingers at people and you have no clue whats going on. I can say that safely from your post.

    As they say, when in America ... when you sound of pounding hooves ... you don't look for Zebra's, you look for horses.

    I suggest you look for a more sane reason, start by dropping your paranoia.

    --
    Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
  4. Re:I use longer words by Anonymous Coward · · Score: 0, Insightful

    Once again, mods have no sense of humour.

  5. Re:I use longer words by WindBourne · · Score: 4, Insightful

    Actually, we think that the original poster is the one without a sense of humor.

    --
    I prefer the "u" in honour as it seems to be missing these days.
  6. I scoffe at your "homor"! by For+a+Free+Internet · · Score: 0, Insightful

    My ideas about compotore technology and social revolution and FREEDOM are so advanced, so revolutionary, that most people on Slashdort mistake them for "jorkes." Wrong! I am totally serial.

    --
    UNITE with the Campaign for a Free Internet because today, our future begins with tomorrow!
  7. Re:an incorrect theory, because port mirroring by ameyer17 · · Score: 3, Insightful

    But I wouldn't think the extra few ms of latency would slow the data flow by 95%. In fact, I don't think it'd even be noticeable to the naked eye except for exceptional circumstances like gaming.