Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

AT&T Denies Resetting P2P Connections

Soulskill posted more than 6 years ago | from the it-was-the-one-armed-isp dept.

Networking 112

betaville points out comments AT&T filed with the FCC in which they denied throttling traffic by resetting P2P file-sharing connections. Earlier this week, a study published by the Vuze team found AT&T to have the 25th highest (13th highest if extra Comcast networks are excluded) median reset rate among the sampled networks. In the past, AT&T has defended Comcast's throttling practices, and said it wants to monitor its network traffic for IP violations. "AT&T vice president of Internet and network systems research Charles Kalmanek, in a letter addressed to Vuze CEO Gilles BianRosa, said that peer-to-peer resets can arise from numerous local network events, including outages, attacks, reconfigurations or overall trends in Internet usage. 'AT&T does not use "false reset messages" to manage its network,' Kalmanek said in the letter. Kalmanek noted that Vuze's analysis said the test 'cannot conclude definitively that any particular network operator is engaging in artificial or false [reset] packet behavior.'"

cancel ×

112 comments

Sorry! There are no comments related to the filter you selected.

America descends into the dark ages of broadband (5, Informative)

CRCulver (715279) | more than 6 years ago | (#23206604)

It's ironic that in America, the country that much of the basis for the Internet hails from, seems to be regressing in Internet access. In Eastern Europe, more and more people enjoy fast and unthrottled connections, and ISPs don't care how many gigabytes of traffic you pull in each month. One ISP I know in Romania helped alleviate demands on its network by setting up a DC++ server where people could share films and music with people from the same city, not by penalizing customers.

Re:America descends into the dark ages of broadban (1)

carlvlad (942493) | more than 6 years ago | (#23206626)

And think of the developing countries that will follow suit.

no reset for me (3, Interesting)

p51d007 (656414) | more than 6 years ago | (#23206674)

I'm on AT&T, and I use P2P about once a week, and I've never seen any resets in my router log.

Re:no reset for me (0)

Anonymous Coward | more than 6 years ago | (#23206882)

Clueless. Your not going to see any resets in a router log since it doesn't know jack what are legit TCP resets and what aren't.

We'll They've Reset Mine (0)

Anonymous Coward | more than 6 years ago | (#23207248)

I've had had to power-cycle my modem several times while my roommates were using bit-torrent.

Re:We'll They've Reset Mine (1)

bcat24 (914105) | more than 6 years ago | (#23207358)

That's not AT&T's fault per se. Odds are your modem doesn't have the memory/CPU capacity to withstand so many connections.

Re:We'll They've Reset Mine (2, Informative)

CastrTroy (595695) | more than 6 years ago | (#23207430)

It could also the the OS or BT software that you are using. A few years ago (not sure if it's still the case), I used to get 3-4 time the speed when downloading torrents in Linux as I did in Windows. Currently I can max out my connection in Windows, but I'm only on a 1 mbit connection. Whereas I used to be on a 5 mbit. I could max that out in Linux, but not in Windows. I know my brother in law maxes out his 10 mbit connection using windows, but he has an uber gaming computer with dual core and 2 gigs of RAM. When I had my 5 Mbit connection I was running XP on a machine with 256 MB of RAM and only running at 266 MHz.

Re:no reset for me (1)

Artuir (1226648) | more than 6 years ago | (#23207364)

I think you're misunderstanding something. There's a difference between your router resetting and the ISP forging RST packets. RST packets only close a particular connection, not your actual router. Every router I've ever seen (admittedly that only entails ones designed for home use) a router that actually logs RST packets. If you've got bittorrent up or whatever else and you have hundreds of connections open at once, the only indication you'll have that something fishy is going on is a very limited download speed. Some people say enabling or forcing encryption in your bittorrent client will bypass the issue but others have stated it doesn't work. For me, it works, but I don't know how bellsouth is with P2P connections. My download speeds have been fine thus far.

Re:no reset for me (5, Informative)

arth1 (260657) | more than 6 years ago | (#23207526)

I'm on AT&T, and I use P2P about once a week, and I've never seen any resets in my router log.

Unless you run a business class router and have configured it to log incoming RST packets, you haven't seen any resets in your router log because they are not logged.

The typical Linksys/Netgear/D-Link/whatever NAT "router" found in most homes most certainly won't log incoming RST packets.

Regards,
--
*Art

Re:no reset for me (1)

tasidar (604319) | more than 6 years ago | (#23207872)

tomato [polarcloud.com]

Re:no reset for me (1)

arth1 (260657) | more than 6 years ago | (#23209066)

From what I can tell, that doesn't give you the ability to log RST packets. If anything, the Tomato firmware seems to have LESS logging abilities than the standard firmware -- it looks like it's geared towards added standalone functionality, PC connectivity and speed, and not network infrastructure functionality like remote logging or enhanced SNMP data.

Re:America descends into the dark ages of broadban (0)

Anonymous Coward | more than 6 years ago | (#23206690)

I see your point, but Bittorrent wouldn't need the ISP to "alleviate demands on its network," as it would share with nearby peers.

Re:America descends into the dark ages of broadban (2, Interesting)

palewook (1101845) | more than 6 years ago | (#23206736)

use anything on Joost and record your network logs 6-12 hours after. you will still register numerous hits per minute from AT&T regional hubs.

Re:America descends into the dark ages of broadban (1)

CastrTroy (595695) | more than 6 years ago | (#23206766)

Sounds like the Romanian ISPs don't have the RIAA, MPAA, and courts breathing down their back about the illegality of transferring movies and music.

Re:America descends into the dark ages of broadban (5, Interesting)

emilper (826945) | more than 6 years ago | (#23206984)

Well, they have ... once or twice a year you hear about raids by ORDA (Rumanian Intellectual Property Rights Office), networking equipment confiscated and hefty fines paid. Quite the same rate as in US, considering that Rumania is only 22 mil.

What is different: real competition in the market. About half of the home connections are managed by small companies with a few thousand to some ten thousand customers, and the rest is split between three big guys with cable connections and three with wireless connections, one of which is the former state telecom company. Competition is so big that you can have at least four or five offers at the same time in the same location: Romtelecom, one EVDO/CDMA network with reasonable bandwidth, two G3 networks I never used but heard good things about quality of service, one of the big cable tv companies (there are two, but they avoid competing with each other) and at least one of small companies.

The small companies usually have bittorent trackers and DC++ hubs. I think they can afford to pay the fines, but cannot afford to lose customers.

Re:America descends into the dark ages of broadban (1)

CastrTroy (595695) | more than 6 years ago | (#23207408)

Sounds like those laws and fines are pretty ineffective. If the fine for stealing $500 is a $300 fine, then people would make tons of money off just stealing, because they would actually be making a profit. Which is why repeat offenders get even larger fines in order to try to stop them from doing it, because the first punishment wasn't enough to deter them. If the ISPs refuse to comply with the law because it ends up making them money, then they should be fined more. The whole point of fines isn't for them to be paid, and then you go merrily on your way and continue breaking the law. The point of fines is to stop you from breaking the law.

Re:America descends into the dark ages of broadban (4, Interesting)

CastrTroy (595695) | more than 6 years ago | (#23206776)

Any chance that the reset packets could be sent from someone else? If AT&T can send a reset packet that looks like it's from the person on BT you are communicating with, what's to stop other users from sending a similar packet. If I was on AT&Ts network, could I forge a packet that looks at though it was from another IP Address? Sure I couldn't get a response back, but I would only be sending out reset packets, and wouldn't want any ACK back for my bogus reset.

Any chance ? (2)

http (589131) | more than 6 years ago | (#23208550)

Any chance that the reset packets could be sent from someone else? If AT&T can send a reset packet that looks like it's from the person on BT you are communicating with, what's to stop other users from sending a similar packet[?]
Chances are less than slim that they'll get all these things right:
  1. source IP
  2. source port
  3. destination IP [1]
  4. destination port [2]
  5. sequence number [3]

So don't hold your breath. If they can tell what hosts you are communicating with, they can determine everything else. They are either at an ISP or a backbone provider (or in your basement, if you're the paranoid type).

1. a freebie, we presume the forger knows the IP of the machine to interfere with
2. the destination port is straightforward to guess
3. the sequence number is easy to fake out due to widespread use of TCP size windows.

See http://kerneltrap.org/node/3072 [kerneltrap.org] for some math on it. It's still less than one in a billion without attracting attention to yourself on some level.

Re:America descends into the dark ages of broadban (1)

Dekker3D (989692) | more than 6 years ago | (#23208924)

hmm... the difference is that AT&T is a link in the chain of computing systems that sends packets between you and your friend. a random hacker doesn't have direct access to your packets like that. that means you can't see as much about the connection, and it'll take more work to fake the reset packet.

Re:America descends into the dark ages of broadban (-1, Flamebait)

_KiTA_ (241027) | more than 6 years ago | (#23207008)

It's ironic that in America, the country that much of the basis for the Internet hails from, seems to be regressing in Internet access. In Eastern Europe, more and more people enjoy fast and unthrottled connections, and ISPs don't care how many gigabytes of traffic you pull in each month. One ISP I know in Romania helped alleviate demands on its network by setting up a DC++ server where people could share films and music with people from the same city, not by penalizing customers.
Well that's because Romania and other Eastern Union countries don't, as a general rule, worship Greed like the United States does.

Re:America descends into the dark ages of broadban (0)

Anonymous Coward | more than 6 years ago | (#23207484)

America, the country
This expression is so wrong. America has about 35 countries, the United States being only one of them. In the future use, one of:
- the United States
- the USA
- the US

Re:America descends into the dark ages of broadban (0)

Anonymous Coward | more than 6 years ago | (#23208918)

And it's always the Europeans that accuse US of not knowing geography. Hmph.

Re:America descends into the dark ages of broadban (1)

malbosher (795323) | more than 6 years ago | (#23207980)

It's ironic that in America, the country that much of the basis for the Internet hails from, seems to be regressing in Internet access. In Eastern Europe, more and more people enjoy fast and unthrottled connections, and ISPs don't care how many gigabytes of traffic you pull in each month. One ISP I know in Romania helped alleviate demands on its network by setting up a DC++ server where people could share films and music with people from the same city, not by penalizing customers.
Everything is falling apart in America!!!! Especially our infrastructure.

Re:America descends into the dark ages of broadban (1)

nehumanuscrede (624750) | more than 6 years ago | (#23208118)

If I recall it correctly, Comcast adamantly denied
they were doing anything with the P2P folks until
the numbers started coming out stating otherwise.

Now that the evidence is mounting and the FCC has
their spotlight on them, they want to be all
apologetic and use the " Lets all play nice "
card.

Hell, AT&T won't even admit they run a dedicated
fiber line over to the NSA folks. It'll take
full blown immunity from litigation before they
EVER admit to that one.

Make no mistake about it. The people are not going
to have the ability to change the corporate way of
thinking when it comes to Internet Service. It will
take government level involvement ( or the threat of
it ) before this bullsh*t stops. The big boys don't
like Big Brother looking over their shoulder any more
than the rest of us do. . . . .

What are you going to do ? Drop them as your ISP
provider ? LOL Yeah and if you're lucky to HAVE an
alternative you would have already done so by now.

They enjoy monopoly status and they know it. They
know if you want broadband service at all, you're
pretty much stuck with them.

Until the monopolies are broken up for broadband
providers, the companies cannot be trusted to police
themselves as they have little reason to do so. They
don't have to compete with anyone.

Re:America descends into the dark ages of broadban (1)

woods01 (1259134) | more than 6 years ago | (#23208626)

It's not all that surprising. Everyday our government (the americans) is trying to impede in on the internet. Anytime our government trys to get it's greedy hands on something it ruins it. None of the governmental programs we have function correctly, we're a country in debt beyond anyones wildest dreams, so having a crippled internet is not surprising. We don't have an economy, a trade imbalance beyond anything, goverment that does whatever it wants, the corporations run the country and with the types of corporations we have, nobody needs enemys. I have friends also in other countries and they always say how better things are getting on the internet. Where I live comcast is peddling slower speeds just to get you online. I had 20mbit at one time, they sent out advertisements saying "we're doing this for free", now im right back down where I started from, 8mbit, and the bills just keeps going up.

Re:America descends into the dark ages of broadban (1)

Fourier404 (1129107) | more than 6 years ago | (#23208994)

It's obvious. The vast majority of content creators are American, and it's easier to sue if you aren't crossing international borders.

Re:America descends into the dark ages of broadban (1)

cliffski (65094) | more than 6 years ago | (#23212652)

America is the home of Hollywood, and a big chunk of the worlds popular music. Why are you surprised that the nation actually making all this stuff acts harder to stop it being taken for free?
I'm sure nobody in Romania cares what impact file sharing has on American jobs.

Confirmed? (1, Insightful)

1001011010110101 (305349) | more than 6 years ago | (#23206606)

Did Vuze ever confirmed that P2P connections created resets? or its just the reset count from the plugin?

Re:Confirmed? (4, Informative)

budgenator (254554) | more than 6 years ago | (#23206838)

No and Vuze was quite up-front about the study, they basically measured the number of RST messages and divided by the number of network connections. The numbers weren't intended to be accurate but rather to give an indication of realevive trends.
For example,
37 users on Telecom Italia France using ASN 12876 experienced a median of 2.53% RST messages;
27 users on AT&T WorldNet Services using ASN 6478 experienced 13.97% RST messages;
24 users on AT&T WorldNet Services using ASN 7018 experienced 5.35% RST measages;
40 users on Comcast Cable using ASN 33668 experienced 23.72% RST messages.
One thing you have to remember is the forged RST packets is a man-in-the-middle-attack, the Vuze plugin connected on a AT&T connection doesn' know if the RST came from AT&T at ASN 6478 , AT&T at ASN 7018, Comcast or Telecom Italia France.

Re:Confirmed? I think not. (1)

Geldon (444090) | more than 6 years ago | (#23206998)

Did Vuze ever confirmed that P2P connections created resets? or its just the reset count from the plugin?
This study doesn't show anything but network quality. Furthermore, since so many networks have peering agreements with each other and your data flies around between them readily, it barely judges network quality.

Furthermore, they aren't sampling anything but P2P traffic, there's no sampling of something benign like web traffic or gaming traffic. If there was some sort of control group involved, I would be more convinced. But the fact is that there isn't.

Using this methodology, one could produce a study saying pretty much anything. For instance, you could "show" that car manufacturers design their cars to experience mechanical failure at between 20,000 and 25,000 miles by producing a list of incidents where such a thing happens. Of course, cars fail at other times too, they even fail at a higher rate later in their lifespan. But if you only look at cars that are 20,000-25,000 miles into their lives, you would never know, now would you?

Re:Confirmed? I think not. (1)

ben there... (946946) | more than 6 years ago | (#23209260)

This study doesn't show anything but network quality. Furthermore, since so many networks have peering agreements with each other and your data flies around between them readily, it barely judges network quality.
What I don't get is I thought the RST packets in Comcast's case were generated by Comcast grabbing the list of peers from you during your communications with the tracker, then sending RST packets to each of the peers you're trying to connect to, aborting your connections with them. The goal being to prevent you from seeding.

So isn't it actually more important to know, for each user, how many RST packets are forged as coming from their IP and sent to other users, not how many are received by each user? That would mean the results of this Vuze sample would be RST packets potentially generated by other ISPs, right?

Re:Confirmed? (2, Informative)

Geldon (444090) | more than 6 years ago | (#23207036)

... One more note... Not only does this study do nothing to show that AT&T might be modifying traffic, it shows that AT&T is probably NOT modifying traffic!

Comcast has admitted to sending false resets, so, no surprise, they are on top of the list. In fact, they are not only on top of the list, they're nowhere else. This is to be expected with a systematic interference with traffic.

HOWEVER, if you look down the list, and I mean, WAYYY down the list, you'll find that ranked at #101 (out of 108)... is AT&T! If AT&T has been systematically producing false resets, they wouldn't just have one network high on the list, but all of them.. (see: Comcast).

No one ever got a good rep defending AT&T, but stories like this just make /. look like a group of geeks with nothing better to do than bash AT&T. I'm sure you can find some legitimate grievances against AT&T instead of wasting people's time and ruining the reputation of a good news source with trash like this.

Re:Confirmed? (1)

f_raze13 (982309) | more than 6 years ago | (#23207578)

HOWEVER, if you look down the list, and I mean, WAYYY down the list, you'll find that ranked at #101 (out of 108)... is AT&T!

That's interesting, because if you actually read the summary you'd know that they are actually 25th on the list, 13th if you remove all of comcasts doubles. So no, they're not quite seventh from last.

Re:Confirmed? (0)

Anonymous Coward | more than 6 years ago | (#23207694)

Sorry, we got tired of bashing Micro$oft, so we decided to hit up AT&T for awhile.

As an AT&T customer (5, Funny)

Anonymous Coward | more than 6 years ago | (#23206612)

I can say that they never reset conne

Re:As an AT&T customer (1)

Devv (992734) | more than 6 years ago | (#23209064)

Oh that must've sucked. It's amazing I leave in Sweden and my connection never resets. I can send data without reset and it can be pure garbage. I mean I could send anything ridiculously stupid and it wouldn't matter. It could be sentence after sentence repeating the same thing indefinately and no one would be bothered. Well, of course apart from the poor saps reading som web forum. But hey! It doesn't matter because their connections will reset neway. Wow I really could send something sloppy out there. It's a big power that I have. I could abuse free-speech to say unnecessary stuff creating noise for the insightful posts. But man I'd need to have a lot of time on my hands. Though that shouldn't really be a problem since
[OKEJ helvete nu får du ta och ge dig!]
[poof]

I'm less worried about Middle Eastern terrorists. (1, Insightful)

Anonymous Coward | more than 6 years ago | (#23206660)

I'm far less worried about Middle Eastern terrorists than I am about these telecom terrorists who wish to disrupt our God-given right as Americans to communicate openly and freely.

Re:I'm less worried about Middle Eastern terrorist (2, Interesting)

Spy der Mann (805235) | more than 6 years ago | (#23207058)

I guess the time for the encrypted, anonymized [wikipedia.org] overlay networks is now.

Re:I'm less worried about Middle Eastern terrorist (0)

Anonymous Coward | more than 6 years ago | (#23209194)

You dick, it says right there on the wiki not to mention it on slashdot yet, due to slash. high publicity...

I like verizon (1, Interesting)

Anonymous Coward | more than 6 years ago | (#23206670)

Hah. I remember when DSL first came out and I waited to get that instead of cable I got some comments from friends but Verizon seemed to make sense to me vs the more shared bandwidth of cable. I knew it wouldn't take long for customers to start complaining about not getting all the bandwidth promised and other measures enacted to restrict user's bandwidth. Based on comments here and from friends and relatives. Instead of blocking p2p they do stuff like this http://www.crn.com/software/206903773 [crn.com]

Verizon wireless internet services are a different story it seems.

Re:I like verizon (1)

Rakeris (1114111) | more than 6 years ago | (#23206702)

I use their wireless service, and there is no type of throttling or reset issues with P2P what-so-ever. Now if I could just get DSL...crap I would even go with cable, if I could just get it.

Re:I like verizon (1)

dreamchaser (49529) | more than 6 years ago | (#23206970)

Yep. I consistently get max or close to speed on my FIOS, provided there is no other bottleneck and the remote host can support 15-20 megabits per second.

I've been VERY happy with FIOS. We've had it for over a year now and I have had one 3 minute outage in all that time. That was during a horrendous storm last Summer.

Denial (5, Insightful)

Narpak (961733) | more than 6 years ago | (#23206676)

No! No! We are not screwing our customers to maximize profits!

Basic principle of greed you try to do as much that is legally and ethically grey; and then deny it until you are finally dragged kicking and screaming into court.

At least they're learning... (1)

evilninjax (930108) | more than 6 years ago | (#23207140)

This is an interesting turn as up to now, the providers have not been worried about owning up to the practice and have been creating speak about how they're allowed to do it, how they have to do it to protect the over-capacity infrastructure they have, etc. etc

at least they're now figuring out that it's a frowned upon practice. Even if they ARE doing it, they are best off hiding it. Well, that's going to do quite a bit to help The Net Neutrality movement if/when the truth comes to light.

Far, Far beyond "screwing the customer" (1)

mikelieman (35628) | more than 6 years ago | (#23207232)

They are unlawfully spying on you and should be tried for their choice to commit felonious acts.

If they don't give a shit about OBEYING THE LAW, why the hell would they care about Customer Service?

Blame Canada, hackers and trends :-) (2, Insightful)

AHuxley (892839) | more than 6 years ago | (#23206686)

"suggesting that industry forums like the Distributed Computing Industry Association would
provide a better means for addressing such questions."

That the computer worlds version of a closed door human rights meeting for despots and dictators?
Just tell your consumers the truth Charles, you missed a decade of upgrades.

AT&T just has poor service (1, Interesting)

Anonymous Coward | more than 6 years ago | (#23206698)

AT&T may not be throttling P2P. As an AT&T DSL victim^H^H^H^H^H^Hcustomer, with their use of PPPOE (setting up a PPP connection -- the protocol used for dialup -- to tunnel over ethernet) and generally crappy service, my PPP connection drops and IP therefore changes very frequently (more than once a day). I would imagine that the TCP RSTs are caused by these connection drops more than anything else.

It's unfortunate that in the cheap end of the "broadband" segment ($30/mo for phone line + 768k/256k), AT&T DSL is really the only option, at least in my area.

IP violations? (1, Funny)

Anonymous Coward | more than 6 years ago | (#23206756)

In the past, AT&T has defended Comcast's throttling practices, and said it wants to monitor its network traffic for IP violations.

I'm KEEPING 12.308.1.273, I don't care how many IP rules it violates!

Re:IP violations? (1)

Kamineko (851857) | more than 6 years ago | (#23206784)

Amateur!

Real IPs look like this:

563.mushrooms.100_.7043-3.sin(x).^_^

Re:IP violations? (1)

AHuxley (892839) | more than 6 years ago | (#23206816)

So, I see you've played 'spammers or feds' before.
Thats not an ip
S010600062506ff15.fm
is an ip.

I have had resets (0)

Anonymous Coward | more than 6 years ago | (#23206762)

I was an ATT dsl customer for a year. I am also a CCNA. No matter how I configured my gateway with open ports and allowed applications I always experienced resets. Red light would blink, traffic would stop, and I would slowly start to reconnect to peers. I never tried a different modem, just dumped their services. If you can put up with slower speeds cellular broadband has been bliss.

Re:I have had resets (0)

Anonymous Coward | more than 6 years ago | (#23206808)

I am also a CCNA.
Then you would understand that resets are perfectly natural on the routers for which you are certified.

ba dum dum cha! Thanks, I'll be here all day. Be sure to second tip your lap dancer on the way out.

ATT is a lousy ISP, they even block email! (0)

Anonymous Coward | more than 6 years ago | (#23206788)

As someone from Europe its my experience that ATT is probably one of the worst ISP's there is. They have no consideration for their customers, they even actively censor their customers and in most cases the customers doesn't even know!

I've experienced several times that ATT simply didn't acknowledge our mailserver and just refused to accept any e-mails. Ofcourse this is in direct violation of the RFC's. And then there's the small detail of customers never knowing if they had their e-mail blocked.

If it wasn't intentional... (5, Funny)

nurb432 (527695) | more than 6 years ago | (#23206896)

Then i guess their network just sux.

Re:If it wasn't intentional... (1)

Phase Shifter (70817) | more than 6 years ago | (#23207936)

Their network does definitely suck.

I don't use them as an ISP, but since they're in charge of the local infrastructure--well, let's just say that every time it rains I have to put up with a 60 Hz hum on my phone line for a week or two. Even after several service calls. For the last 3 years. (Typically they wait a few weeks for the problem to go away before they attempt a response.)

And yet they persist in calling me, trying to get me to use their DSL service which works over the same line. I don't know whether it's greed or incompetence, and don't really care--I'll switch my ISP and voice service to Comcast before I consider using AT&T for my ISP.

AT&T CEO admints to poor network (1)

HycoWhit (833923) | more than 6 years ago | (#23206904)

The exact quote from the AT&T CEO was more along the lines: "We never reset P2P traffic, it's simply a fact we've built a crappy network."

we don't care (0)

Anonymous Coward | more than 6 years ago | (#23206936)

And as usual someone fails to see the obvious.

It is not important HOW those resets came to be. We don't care. We only care about the percentage as a (lack of) performance metric of the provider.

AT&T Lying like a Rug (2, Informative)

sjvn (11568) | more than 6 years ago | (#23206964)

I have an AT&T DSL connection. I've used it for years. I've also beaten the heck out of it for years with massive downloads, uploads and the like. It has worked fine, until the last few months. Now, whenever I have a P2P Torrent going a day or more, I know my connection is going to lock up completely anywhere from 20 to 28 hours into the process. The only solution is to hard boot my DSL modem. It then happens again, about once a day, until I stop the torrent.

Coincidence? I think not.

Steven

Re:AT&T Lying like a Rug (1)

Truekaiser (724672) | more than 6 years ago | (#23207122)

Maybe your accepting more incoming connections then your dsl modem can accept. try changing your settings.

DSL modem lock up during heavy usage (1)

laird (2705) | more than 6 years ago | (#23207674)

Now, whenever I have a P2P Torrent going a day or more, I know my connection is going to lock up completely anywhere from 20 to 28 hours into the process. The only solution is to hard boot my DSL modem. It then happens again, about once a day, until I stop the torrent.

Coincidence? I think not.
I had this happen regularly with my router (linksys). Since home routers are so cheap, I ended up replacing it, and never had it happen again. So I can't say whether the lock-ups were caused by hardware, firmware, etc., but I can say that in my case it wasn't the ISP.

Your sig (1)

ben there... (946946) | more than 6 years ago | (#23209320)

--
Improve P2P with P4P. Learn more! [pandonetworks.com]
I like how their charts start at 400 peers. I can't remember the last time I connected to a torrent that had over 400 peers. Where's the rest of the chart? You know, the part before it plateaus.

Re:AT&T Lying like a Rug (0)

Anonymous Coward | more than 6 years ago | (#23208354)

Or perhaps you've reached the end of service life for your DSL modem? Time for a replacement.

whatever (0)

Anonymous Coward | more than 6 years ago | (#23206992)

I've had AT&T for years, and use p2p extensively. I have never had a single problem with dropped connections. I download up to hundreds of gigabytes per month, and upload several gigs as well. If AT&T was really doing this, I'd know it.

Re:whatever (0, Offtopic)

pandrijeczko (588093) | more than 6 years ago | (#23207296)

I download up to hundreds of gigabytes per month

And let me guess... all of it is legal Linux distros.

Re:whatever (0)

Anonymous Coward | more than 6 years ago | (#23207842)

And let me guess... all of it is legal Linux distros.

Yaeh -- goddamned right -- unless you have hard evidence to the contrary, you swaggering asshole.

You're just another pissant fucker that with nothing to contribute except chickenshit sniping from the sidelines. Grow up or kiss my ass.

Re:whatever (1)

pandrijeczko (588093) | more than 6 years ago | (#23212678)

Ooh! Touched a nerve, have I?

Chuck's right (4, Informative)

laird (2705) | more than 6 years ago | (#23207000)

TCP resets can occur for many reasons. All that client software can know and report is that the TCP reset occurred. But, for example, it can't know whether it got a reset because the software on the other end of the connection crashed, or had a bug, or the computer was turned off, or there was some corrupted communications between the two causing the TCP connection to get confused and need to be reset. This is all explained at http://www.tcpipguide.com/free/t_TCPConnectionManagementandProblemHandlingtheConnec.htm [tcpipguide.com] (for example).

Vuze's test only counted reset rates, so it can't prove anything about what's going on. At most, it could suggest areas where it might be productive to do more investigation.

Re:Chuck's right (1)

poetmatt (793785) | more than 6 years ago | (#23207548)

I suggest you try not to assume all vuze facts are incorrect. I happen to be in an area where the reset rate was 50-75%, and to ensure accuracy I did nothing more than download a torrent via azureus and then seed it.

No other sources that use internet access were used at all, so I suspect that you try not to find magic ways to deny traffic.

Why was vuze accurate? because it only watched traffic coming in off azureus. You don't need more details than that, so yes, it can prove anything about whats going on.

If you watch the reset logs (as I did while vuze was running) you'd notice the generic packet resets inserted by comcast would not have the right(brainfart, forgot the term here), umm, packet number/order in the reset....you'd be trying to connect and then suddenly reset reset reset after an exact amount of time that was consistent every time (and way less than the TCP timeout).

I found that between wireshark and azureus ther ewas about a 2% variance in which program thought I had higher reset rates, but to give you an idea it was around 50-82% reset rates, which less than 1% were legitimate.

Re:Chuck's right (1)

laird (2705) | more than 6 years ago | (#23208048)

I suggest you try not to assume all vuze facts are incorrect. I happen to be in an area where the reset rate was 50-75%, and to ensure accuracy I did nothing more than download a torrent via azureus and then seed it.
I'm not sure where you got the idea that I assumed that all Vuze's facts were incorrect. In fact, I'm assuming that all of their facts are correct, because I have no reason to believe otherwise. And because it's pretty obvious how Vuze can count and collect TCP resets. So while it's nice that your testing on your PC showed that their reporting of TCP resets was fairly accurate, that doesn't have anything to do with the issue I raised.

What I pointed out is that capturing reset rates alone can't prove that your ISP is issuing resets, because (as I already explained) the resets could be caused by the other end of the TCP connection or anything along the connection. At most, a high reset rate for many users of a given ISP might indicate that a deeper analysis of traffic patterns might be warranted. But (at least in what's been reported) Vuze hasn't done that deeper analysis, or made the raw data available so that anyone else can do the analysis.

Note that I am not saying that ISP's aren't sending resets, or that Vuze collected bad data. I am only saying that the information that's been released so far (tcp reset rates) doesn't actually prove anything about what ISP's are doing.

Re:Chuck's right (1)

poetmatt (793785) | more than 6 years ago | (#23208192)

Sorry for misreading what you said then.

However, why would it not be fairly accurate to see that "x ISP is doing a significantly larger than normal amount of resets" = they might have something going on with their resets?

Additionally, its not like comcast or any other ISP wants us to see said data or would let us, so where else can it go?

Re:Chuck's right (1)

DMUTPeregrine (612791) | more than 6 years ago | (#23209506)

It could just be a bad quality network. And ISPs that filter content open themselves up to being sued for contributory infringement or some such, (loss of DMCA safe-harbour) and thus filtering is a massive legal liability.

hmmm. is this the same ATT that denied spying? (0)

Anonymous Coward | more than 6 years ago | (#23207162)

ATT said for the longest time that they never allowed the FBI full access to their network. Then later they claimed it was all post 9/11.

Then it was shown that ATT and others provided it by at least feb/2001. The fact that 9/11 occurred is the strongest evidence that unlimited wiretapping does not prevent it, or it shows that the FBI was not using the wiretapping for checking for terrorists, but checking for other crimes.

Someone, please write a decent test (2, Interesting)

Animats (122034) | more than 6 years ago | (#23207236)

This approach to testing is stupid. One correct approach is to record all the packets sent and received at both ends of the connection, then compare them after the session. Any unexpected packets are bogus.

There are some routers that will generate bogus packets through out and out bugs. The Sveasoft Linux software for Linksys routers had that problem a few years back. If you had more than one or two packets queued for the air link, some of the packets would get garbled. Most users never saw this, because they were connecting to the Internet via a low bandwidth link. In that mode, you can't saturate the air link, and you never build up a transmit queue. We were doing big downloads from a local file server to a local client, with no traffic to the outside world at all. (We were using this for a robot vehicle, with long debug logs and code updates being transferred.) An FTP connection wouldn't work for more than about fifteen seconds. It would stall, retransmitting until the connection timed out. We finally put packet sniffers on the links and found out that TCP packets were being garbled by the "internal firewall", even when it was supposedly turned off. The garble wasn't random; it occurred in a repeatable way that made each TCP retransmit fail.

In 2007, I found a transparency problem with Coyote Point load balancers. This one would mysteriously block connections. If you made an HTTP connection through a Coyote Point load balancer, and sent an HTTP header with a "User-agent" string ending in "m" but not containing another "m", and the HTTP header contained no additional fields, the load balancer would not pass any TCP packets to the systems behind the load balancer. This turned up on a site where I know the people who run the site, and we did packet dumps on both sides of the load balancer to confirm this. Coyote Point parses HTTP headers with regular expressions, and I suspect that, somewhere in the built-in rules, someone wrote "\m" where they meant to write "\n". In a typical non-response, Coyote Point suggested we upgrade the load balancer. I pointed out that Coyote Point's own site had the same problem.

So a good network transparency test for end users would be a useful tool to have around. The existing tools tend to be part of protocol analyzers, and assume the user knows TCP/IP/Ethernet down to the bit level.

Re:Someone, please write a decent test (1)

Tuoqui (1091447) | more than 6 years ago | (#23207532)

The problem is...

Like Comcast they can forge packets on BOTH sides of the router if they were doing it and therefore you'd get RST packets on both sides. Therefore merely comparing the output on both sides is not enough to determine if forging RST packets is occurring. All you can do is compare the number of RST's and compare them to a baseline like when you're downloading a multi-gigabyte Linux .iso and when you are downloading a multi-gigabyte Linux torrent. If there is a severe difference between .iso download and a torrent download then you know that something is causing more RST packets but you cant exactly prove it was AT&T forging RST packets but it would be a very good guess particularly if you do a number of similar tests.

Re:Someone, please write a decent test (2, Informative)

Animats (122034) | more than 6 years ago | (#23207804)

Like Comcast they can forge packets on BOTH sides of the router if they were doing it and therefore you'd get RST packets on both sides. Therefore merely comparing the output on both sides is not enough to determine if forging RST packets is occurring.

You need to log, at each end, what each end is both sending and receiving. Then compare the results. Unless you installed a stateful firewall or a proxy server, there shouldn't be anything in the middle changing the packets. If there is, it's useful to know that.

They don't need to (1)

TitanOdysseus (1279780) | more than 6 years ago | (#23207452)

New ATT&T routers (2Wire based) have a "spam" function that will reset your router if it detects:
Spam
P2P
2 people refreshing COD4 servers simultaneously

According to the ATT&T technician I spoke with this is "intended" to protect the network against spam. So really, there's no way to possible log how many times this happens to people on the client side. If too much traffic passes through your 2Wire, it will reset until you basically get so frustrated you decide P2P and looking for COD4 servers on multiple PC's is unethical.

Re:They don't need to (1)

compro01 (777531) | more than 6 years ago | (#23209710)

AT&T is lying. it's not a feature. it's a problem with the damn things. 2wire is great at making modems, but they absolutely suck at making routers. go above about 200 connections (inbound and outbound combined) and it'll run out of memory and hard lock, or it'll start dropping connections one at a time, then hard lock. sometimes the thing is smart enough to restart itself, but most of the time you've gotta hard reset it by pulling the power.

i used to work tech support for sasktel, who also use 2wire gateways (2701 series) and i had a call about this problem at least weekly, commonly either with torrents, or i heard about it a lot with counterstrike.

general solution was to cap connections around 150/number of systems (last time i checked, azureus caps at 100 connections by default. no idea how one would do this in a game.) or lobotomize the damn thing by putting it into bridge mode, which disables the NAT stuff (and the built in wireless), then just use your own router/switch. sasktel now does this by default on all the top-tier (10/1mbps) residential installs.

What I don't understand... (1)

pauljlucas (529435) | more than 6 years ago | (#23207478)

... is why ISPs want to be in the business of monitoring their networks for certain content. Aren't they supposed to have common-carrier status (which, AFAIK, is supposed to mean that they're agnostic about and not responsible for the traffic on their networks)? Why do they want to spend money on engineering and PR damage-control for all this if they could just ignore it?

Re:What I don't understand... (1)

sunderland56 (621843) | more than 6 years ago | (#23207504)

  1. 1) Put way too many users on a slow infrastructure.
  2. 2) Throttle them back when they use the product they paid for.
  3. 3) Profit!

Re:What I don't understand... (1)

Tuoqui (1091447) | more than 6 years ago | (#23207584)

Oh they want all of the benefits of being a common-carrier with none of the drawbacks... Except the thirst for money. Sorta like the Blade of ISPs.

From what I understand common-carrier is about not prioritizing anything over another and not checking the contents of what is passing through your network. This applies to postal service and telephones. By doing this they effectively are given immunity when it comes to criminal prosecution. This is why when the first mail bomb happened you didn't see anyone trying to sue the Postal Service as they were the ones that delivered the package but they were not responsible for its contents. Same with what happened during that Anthrax scare a few years back.

Frankly it seems like the ISPs want to be immune to legal prosecution for things passing through their network but they want the right to go through every single packet looking for whatever and treat traffic differently. Like where they'll make it so torrents from bittorrent's personal client work but torrents from say bitcomet would be throttled down or subjected to RST packet forging. We're looking at a grim future where the ISP's VOIP is given priority over other VOIP technologies thereby securing their dominance over the phone system which they presumably had by default back when they were telephone carriers and the only game in town.

Re:What I don't understand... (1)

Thing 1 (178996) | more than 6 years ago | (#23207592)

... is why ISPs want to be in the business of monitoring their networks for certain content. Aren't they supposed to have common-carrier status (which, AFAIK, is supposed to mean that they're agnostic about and not responsible for the traffic on their networks)? Why do they want to spend money on engineering and PR damage-control for all this if they could just ignore it?

Perhaps it's time for a grass-roots class-action lawsuit?

1. Common carriers aren't supposed to monitor.

2. AT&T (Comcast, etc.) are monitoring.

3. Therefore, their common carrier status should be revoked.

4. This opens them up to government scrutiny regarding illegal content being transferred across their wires.

5. Not sure where the "profit!" is in any of this, but at least it could be considered a step on the path towards ISP honesty...

Re:What I don't understand... (1)

ion.simon.c (1183967) | more than 6 years ago | (#23207966)

Cablecos do not have common carrier status. Just sayin.

Re:What I don't understand... (0)

Anonymous Coward | more than 6 years ago | (#23211292)

3. Therefore, their common carrier status should be revoked.
They already aren't common carriers. The concept doesn't apply to ISPs.

Why consumer ISP's manage their networks (2, Insightful)

laird (2705) | more than 6 years ago | (#23207928)

... is why ISPs want to be in the business of monitoring their networks for certain content. Aren't they supposed to have common-carrier status (which, AFAIK, is supposed to mean that they're agnostic about and not responsible for the traffic on their networks)? Why do they want to spend money on engineering and PR damage-control for all this if they could just ignore it?
They don't. I've never heard of any ISP who's monitoring their network for specific content, because it raises all sorts of legal questions.

The reason that ISP's are starting to manage traffic it is due to capacity issues - changes in user behavior (e.g. viewing high quality video online, p2p) dramatically increase the bandwidth consumption per user, causing demand to exceed available bandwidth.

Given that demand exceeds current supply, and expanding capacity is time consuming and expensive, some ISP's appear to be managing traffic in a protocol-specific way (i.e. deliver time-sensitive VOIP traffic before HTTP page views before P2P seeding), and others appear to be managing traffic in a protocol-agnostic way.

Of course, many ISP's are building out to have capacity that exceeds demand. This is expensive and time consuming (e.g. Comcast has started deploying DOCSIS 3.0, but it'll take years and billions of dollars to upgrade everyone, Verizon has been rolling out fiber to the home, but again it'll be years and billions of dollars before fiber can completely replace DSL). And, in lower population density areas, or parts of the world where people can't pay much for broadband, the cost of providing more capacity exceeds what people are willing to pay, so traffic shaping is the only viable answer.

I've seen some people say "They sold me X bandwidth, and now they're not delivering it". They're confusing two very different types of bandwidth, capped and committed.

Capped bandwidth is cheap, because there are no guarantees other than that you won't get more than a certain amount. This is what home users generally buy. So if you read your ISP's terms, they probably are very clear that you're getting "up to X" performance, but with no committed performance, or even availability. For this, you might pay $60/month for 20 Mbps, or $3/Mbps.

Committed bandwidth is expensive, because the ISP reserves resources so that you can always get all the bandwidth that you're paying for, with financial penalties to the ISP for slowdowns or outages. For this, you might pay $359/month for a T1 line giving you 1.5 Mbps, or $239/Mbps.

What this means is that if you pay for capped bandwidth, you're making the choice of saving a lot of money by buying unreliable bandwidth. If you really, really want committed bandwidth, you can do what web sites and businesses do, and pay for committed bandwidth.

Re:Why consumer ISP's manage their networks (1)

pauljlucas (529435) | more than 6 years ago | (#23207972)

I've never heard of any ISP who's monitoring their network for specific content, because it raises all sorts of legal questions.
Perhaps not today, but perhaps you missed this article [slashdot.org] ?

Re:Why consumer ISP's manage their networks (1)

laird (2705) | more than 6 years ago | (#23208136)

I've never heard of any ISP who's monitoring their network for specific content, because it raises all sorts of legal questions.

Perhaps not today, but perhaps you missed this article [slashdot.org] ?
Yes, that article about AT&T was all over the news.

The point I was making is that while many people think that traffic shaping has something to do with ISP's not liking specific content, or not liking "piracy," the actual reason that ISP's are doing traffic shaping related to p2p is driven by bandwidth consumption exceeding their capacity, not by content/copyright issues.

Re:Why consumer ISP's manage their networks (2, Insightful)

pauljlucas (529435) | more than 6 years ago | (#23208160)

... the actual reason that ISP's are doing traffic shaping related to p2p is driven by bandwidth consumption exceeding their capacity ....
I don't understand. If it's strictly a bandwidth issue, why don't they do traffic shaping for all bandwidth regardless of protocol?

Re:Why consumer ISP's manage their networks (1)

orlanz (882574) | more than 6 years ago | (#23211302)

For this, you might pay $60/month for 20 Mbps, or $3/Mbps.
You mean $60/month for 3-5Mbps. This is the US, not some other developed, developing, or 3rd world country.

Re:What I don't understand... (1)

slimjim8094 (941042) | more than 6 years ago | (#23210998)

Common Carrier status applies only to phone service. Internet service is excluded

IANAL.

AT&T probably does NOT send RST packets..... (1)

Fallen Kell (165468) | more than 6 years ago | (#23207512)

Comcast is most likely the source. Comcast is sending RST packets to both ends of the P2P connection, not just their subscribers. So simply having a large number of RST packets may simply mean your P2P client is connected to a large number of Comcast clients. We have know for a while that Comcast is sending the packets to both their own customer and forging a packet to their customer's destination. If Comcast wasn't sending the packets like that, all it would take would be a firewall filter to drop incoming RST packets on the in-bound P2P port used, and all Comcast P2P users would be fine. But we know this not to be the case, because we learned through tests, that BOTH ends need to have that filter in place for it to keep Comcast from resting the connection.

I have a hunch Time Warner does this too (2, Interesting)

haaz (3346) | more than 6 years ago | (#23207638)

While it could be TCP resets, as I see someone talking about in a comment above, Time Warner being pricks is so much more attractive...

I just wonder (0)

Anonymous Coward | more than 6 years ago | (#23208108)

I just wonder how they are differentiating between forged RST packets and legitimate ones from the other client that is closing the connection. These numbers could be a lot higher than they really should be.

AT&T CEO admints to poor network (1)

clint999 (1277046) | more than 6 years ago | (#23208122)

It could also the the OS or BT software that you are using. A few years ago (not sure if it's still the case), I used to get 3-4 time the speed when downloading torrents in Linux as I did in Windows. Currently I can max out my connection in Windows, but

Must be true - its been officially denied (1)

Helldesk Hound (981604) | more than 6 years ago | (#23210040)

> "... 'AT&T does not use "false reset messages" to manage
> its network,' Kalmanek said in the letter. Kalmanek noted
> that Vuze's analysis said the test 'cannot conclude
> definitively that any particular network operator is
> engaging in artificial or false [reset] packet behavior.'"

Interesting that they're denying something /very/ specific, and not absolutely denying the accusation overall.

also interesting that they're effectively saying "could be, couldn't say for sure".

What I don't understand is why a carrier corporation - one that is paid by the sender of the data to move data around - thinks it has the right to specify what sorts of data get transmitted from one client to another.

Next minute electricity corporations will start saying that they'll only deal with 100,000, 22,000, and 11,000 volt electricity and not with 240 volt electricity, as 240 volt electricity has become too popular, and that popularity is causing them difficulties in supplying 240 volt electricity. Clearly many of the things they're using that electricity for are illegal - such as staying up late at night and reading when they should be in bed asleep.

This is, after all, known to be a fact because the grandmother of a neighbour three blocks away happened to be driving past one day and saw at least one lamp glowing in the house.

Its a 15 watt night light you say? Sorry but I believe your three-blocks-away neighbour's grandmother more than I believe you.

Has she paid me to disconnect your 240 volt electricity? I don't think I need to divulge that sort of corporate information to you. It might be, but could not be the case for sure.

Why not just filter the RST packets client side? (1)

LinuxDon (925232) | more than 6 years ago | (#23210122)

I've had some bad issues with RST packets in the past which were generated by the modem or whatever. Also back in the day they were frequently used to disconnect people from IRC.

These issues can be solved easily by filtering those packets.
iptables -A INPUT -p tcp --tcp-flags RST RST -j DROP
(Please correct me if the command isn't entirely correct.)

It might fix the entire problem, it would be worth a try.

Don't flame so soon (1)

slimjim8094 (941042) | more than 6 years ago | (#23210920)

I've explicitly seen them 'look the other way' with regard to music piracy:

Our Policy on Internal Worldnet Newsgroups & MP3s

        Posting of MP3 files is a copyright violation. We do not patrol or monitor the public Usenet newsgroups but the local-only newsgroups (the internal Worldnet newsgroups) are our responsibility, and we may be liable for copyright issues.

        As such, MP3 postings should not be placed in the members-forum.non-text newsgroup, or any Worldnet internal newsgroup, and will be removed. The members-forum.non-text newsgroup newsgroup was not intended for MP3s and should not be used for that purpose.

        There are available public Usenet newsgroups dedicated for those types of posts.

        We appreciate your cooperation, and thank you for your understanding.
http://care.att.net/bulletins/general.html#Newsgroups&MP3s [att.net]

From a network standpoint, it's doubtful that they're the originating host. The packets are forged, therefore anybody can forge them (because it's already not from the true source, right?). There are many, many, many routers on the Internet and any one could send a reset.

Perhaps the spillover 5% is from connections to Comcasties? If Comcrap is already willing to forge identities, why wouldn't they just break TCP and send RST's to both?

In any case, the submitter is grossly overrepresenting the Vuze tests (at least Vuze isn't overrepresenting their tests). I'd like to see more controlled tests, like against static servers on a known-good ISP.

Is a RST a normal network behavior? If I send millions of millions of packets, what's the normal RST rate? Or is it only an error condition?

AT&T wants to Minimize Potential Lawsuits (1)

CodeBuster (516420) | more than 6 years ago | (#23211306)

AT&T said it wants to monitor its network traffic for IP violations.
They only said that because there is nothing to be gained from telling the truth, namely that the really don't give crap about IP as long as they are not sued and their customers continue paying for their Internet service. They probably care somewhat about bandwidth, but that is a separate issue from intellectual property (IP). Corporations care about profit and whatever else they say must be viewed through the profit lens because it is probably being said (or spun to put it more precisely) in service of that goal. The first rule of public relations, corporations, and government: never tell the truth when a lie will do just as well. They will tell the truth when it matters (i.e. the potential consequences of lying are not worth the benefits or it is a matter of no consequence where even the small risk of lying is not worth it), but why make it easier for litigants to sue you by telling the truth (i.e. that you don't give a damn about their intellectual property, let them police it)?

My brilliant idea (1)

Slur (61510) | more than 6 years ago | (#23212714)

Shouldn't the big networks instead take steps to improve the efficiency of filesharing applications, rather than trying to curtail them?

If the big networks like AT&T are honestly troubled by the use of torrent - which according to some reports is something like 90% of all internet traffic - it seems that the best technical solution would be to install distributed torrent nodes and predictively cache files in closer proximity to their destinations.

They could outsource it to Akamai... just a thought.

RST Packets on comcast (1)

Douglas Goodall (992917) | more than 6 years ago | (#23212920)

After I recently purchased an advanced firewall router I became aware of the spurious RST packets that will appearing in the COMCAST environment. I had my firewall router configured to report these packets by email and I received so many of these emails I had to discontinue the reporting. During the time I say the packets, I was not using any p2p protocols but in fact was using a web browser to operate the ebay website. I did notice these packets around the time web content was being provided by akamai servers. I don't pay COMCAST to insert pirate packets into my communication stream. They don't belong there. Retries exist to made protocols more robust and not to allow traffic shaping by spurious RST injection to operate a certain way that pleases an ISP.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?