AT&T Denies Resetting P2P Connections

betaville points out comments AT&T filed with the FCC in which they denied throttling traffic by resetting P2P file-sharing connections. Earlier this week, a study published by the Vuze team found AT&T to have the 25th highest (13th highest if extra Comcast networks are excluded) median reset rate among the sampled networks. In the past, AT&T has defended Comcast's throttling practices, and said it wants to monitor its network traffic for IP violations. "AT&T vice president of Internet and network systems research Charles Kalmanek, in a letter addressed to Vuze CEO Gilles BianRosa, said that peer-to-peer resets can arise from numerous local network events, including outages, attacks, reconfigurations or overall trends in Internet usage. 'AT&T does not use "false reset messages" to manage its network,' Kalmanek said in the letter. Kalmanek noted that Vuze's analysis said the test 'cannot conclude definitively that any particular network operator is engaging in artificial or false [reset] packet behavior.'"

Comment removed

[account_deleted]

Comment removed based on user account deletion

no reset for me

[p51d007]

I'm on AT&T, and I use P2P about once a week, and I've never seen any resets in my router log.

Re:

[bcat24]

That's not AT&T's fault per se. Odds are your modem doesn't have the memory/CPU capacity to withstand so many connections.

Re:

[CastrTroy]

It could also the the OS or BT software that you are using. A few years ago (not sure if it's still the case), I used to get 3-4 time the speed when downloading torrents in Linux as I did in Windows. Currently I can max out my connection in Windows, but I'm only on a 1 mbit connection. Whereas I used to be on a 5 mbit. I could max that out in Linux, but not in Windows. I know my brother in law maxes out his 10 mbit connection using windows, but he has an uber gaming computer with dual core and 2 gigs of

Re:

[Artuir]

I think you're misunderstanding something. There's a difference between your router resetting and the ISP forging RST packets. RST packets only close a particular connection, not your actual router. Every router I've ever seen (admittedly that only entails ones designed for home use) a router that actually logs RST packets. If you've got bittorrent up or whatever else and you have hundreds of connections open at once, the only indication you'll have that something fishy is going on is a very limited downloa

Re:no reset for me

[arth1]

I'm on AT&T, and I use P2P about once a week, and I've never seen any resets in my router log.

Unless you run a business class router and have configured it to log incoming RST packets, you haven't seen any resets in your router log because they are not logged.

The typical Linksys/Netgear/D-Link/whatever NAT "router" found in most homes most certainly won't log incoming RST packets.

Regards,
--
*Art

Re:

[tasidar]

tomato [polarcloud.com]

Re:

[arth1]

From what I can tell, that doesn't give you the ability to log RST packets. If anything, the Tomato firmware seems to have LESS logging abilities than the standard firmware -- it looks like it's geared towards added standalone functionality, PC connectivity and speed, and not network infrastructure functionality like remote logging or enhanced SNMP data.

Re:America descends into the dark ages of broadban

[palewook]

use anything on Joost and record your network logs 6-12 hours after. you will still register numerous hits per minute from AT&T regional hubs.

Re:America descends into the dark ages of broadban

[CastrTroy]

Sounds like the Romanian ISPs don't have the RIAA, MPAA, and courts breathing down their back about the illegality of transferring movies and music.

Re:America descends into the dark ages of broadban

[emilper]

Well, they have ... once or twice a year you hear about raids by ORDA (Rumanian Intellectual Property Rights Office), networking equipment confiscated and hefty fines paid. Quite the same rate as in US, considering that Rumania is only 22 mil.

What is different: real competition in the market. About half of the home connections are managed by small companies with a few thousand to some ten thousand customers, and the rest is split between three big guys with cable connections and three with wireless connections, one of which is the former state telecom company. Competition is so big that you can have at least four or five offers at the same time in the same location: Romtelecom, one EVDO/CDMA network with reasonable bandwidth, two G3 networks I never used but heard good things about quality of service, one of the big cable tv companies (there are two, but they avoid competing with each other) and at least one of small companies.

The small companies usually have bittorent trackers and DC++ hubs. I think they can afford to pay the fines, but cannot afford to lose customers.

Re:

[CastrTroy]

Sounds like those laws and fines are pretty ineffective. If the fine for stealing $500 is a $300 fine, then people would make tons of money off just stealing, because they would actually be making a profit. Which is why repeat offenders get even larger fines in order to try to stop them from doing it, because the first punishment wasn't enough to deter them. If the ISPs refuse to comply with the law because it ends up making them money, then they should be fined more. The whole point of fines isn't for t

Re:America descends into the dark ages of broadban

[CastrTroy]

Any chance that the reset packets could be sent from someone else? If AT&T can send a reset packet that looks like it's from the person on BT you are communicating with, what's to stop other users from sending a similar packet. If I was on AT&Ts network, could I forge a packet that looks at though it was from another IP Address? Sure I couldn't get a response back, but I would only be sending out reset packets, and wouldn't want any ACK back for my bogus reset.

Any chance ?

[http]

Any chance that the reset packets could be sent from someone else? If AT&T can send a reset packet that looks like it's from the person on BT you are communicating with, what's to stop other users from sending a similar packet[?]

Chances are less than slim that they'll get all these things right:

1. source IP
2. source port
3. destination IP [1]
4. destination port [2]
5. sequence number [3]

So don't hold your breath. If they can tell what hosts you are communicating with, they can determine everything else. The

Re:

[Dekker3D]

hmm... the difference is that AT&T is a link in the chain of computing systems that sends packets between you and your friend. a random hacker doesn't have direct access to your packets like that. that means you can't see as much about the connection, and it'll take more work to fake the reset packet.

Re:

[phantomcircuit]

You need to do some reading up on how IP works.

http://www.tech-faq.com/tcp-sequence-prediction.shtml [tech-faq.com]

Re:

[malbosher]

It's ironic that in America, the country that much of the basis for the Internet hails from, seems to be regressing in Internet access. In Eastern Europe, more and more people enjoy fast and unthrottled connections, and ISPs don't care how many gigabytes of traffic you pull in each month. One ISP I know in Romania helped alleviate demands on its network by setting up a DC++ server where people could share films and music with people from the same city, not by penalizing customers.

Everything is falling apart in America!!!! Especially our infrastructure.

Re:America descends into the dark ages of broadban

[nehumanuscrede]

If I recall it correctly, Comcast adamantly denied
they were doing anything with the P2P folks until
the numbers started coming out stating otherwise.

Now that the evidence is mounting and the FCC has
their spotlight on them, they want to be all
apologetic and use the " Lets all play nice "
card.

Hell, AT&T won't even admit they run a dedicated
fiber line over to the NSA folks. It'll take
full blown immunity from litigation before they
EVER admit to that one.

Make no mistake about it. The people are not going
t

Re:America descends into the dark ages of broadban

[Fourier404]

It's obvious. The vast majority of content creators are American, and it's easier to sue if you aren't crossing international borders.

Re:America descends into the dark ages of broadban

[cliffski]

America is the home of Hollywood, and a big chunk of the worlds popular music. Why are you surprised that the nation actually making all this stuff acts harder to stop it being taken for free?
I'm sure nobody in Romania cares what impact file sharing has on American jobs.

Confirmed?

[1001011010110101]

Did Vuze ever confirmed that P2P connections created resets? or its just the reset count from the plugin?

Re:Confirmed?

[budgenator]

No and Vuze was quite up-front about the study, they basically measured the number of RST messages and divided by the number of network connections. The numbers weren't intended to be accurate but rather to give an indication of realevive trends.
For example,
37 users on Telecom Italia France using ASN 12876 experienced a median of 2.53% RST messages;
27 users on AT&T WorldNet Services using ASN 6478 experienced 13.97% RST messages;
24 users on AT&T WorldNet Services using ASN 7018 experienced 5.35% RST measages;
40 users on Comcast Cable using ASN 33668 experienced 23.72% RST messages.
One thing you have to remember is the forged RST packets is a man-in-the-middle-attack, the Vuze plugin connected on a AT&T connection doesn' know if the RST came from AT&T at ASN 6478 , AT&T at ASN 7018, Comcast or Telecom Italia France.

Re:Confirmed? I think not.

[Geldon]

Did Vuze ever confirmed that P2P connections created resets? or its just the reset count from the plugin?

This study doesn't show anything but network quality. Furthermore, since so many networks have peering agreements with each other and your data flies around between them readily, it barely judges network quality.

Furthermore, they aren't sampling anything but P2P traffic, there's no sampling of something benign like web traffic or gaming traffic. If there was some sort of control group involved, I would be more convinced. But the fact is that there isn't.

Using this methodology, one could produce a study say

Re:

[ben there...]

This study doesn't show anything but network quality. Furthermore, since so many networks have peering agreements with each other and your data flies around between them readily, it barely judges network quality.

What I don't get is I thought the RST packets in Comcast's case were generated by Comcast grabbing the list of peers from you during your communications with the tracker, then sending RST packets to each of the peers you're trying to connect to, aborting your connections with them. The goal being to prevent you from seeding.

So isn't it actually more important to know, for each user, how many RST packets are forged as coming from their IP and sent to other users, not how many are received by each user? That

Re:

[Geldon]

... One more note... Not only does this study do nothing to show that AT&T might be modifying traffic, it shows that AT&T is probably NOT modifying traffic!

Comcast has admitted to sending false resets, so, no surprise, they are on top of the list. In fact, they are not only on top of the list, they're nowhere else. This is to be expected with a systematic interference with traffic.

HOWEVER, if you look down the list, and I mean, WAYYY down the list, you'll find that ranked at #101 (out of 108)... is

Re:

[f_raze13]

HOWEVER, if you look down the list, and I mean, WAYYY down the list, you'll find that ranked at #101 (out of 108)... is AT&T!

That's interesting, because if you actually read the summary you'd know that they are actually 25th on the list, 13th if you remove all of comcasts doubles. So no, they're not quite seventh from last.

Re:

[rstewart]

However no one will ever believe an ISP up front until they publish a public policy for open access and net neutrality. AT&T will never be completely believed until proven otherwise due to comments they have made in the past and continue to make.

If AT&T, Comcast, etc continue to sell more bandwidth to customers then they can provide (yes oversubscription is necessary but if they're at 80% during busy times then they should add more bandwidth and never reach saturation) instead of just bumping the s

As an AT&T customer

[Anonymous Coward]

I can say that they never reset conne

Re:

[Devv]

Oh that must've sucked. It's amazing I leave in Sweden and my connection never resets. I can send data without reset and it can be pure garbage. I mean I could send anything ridiculously stupid and it wouldn't matter. It could be sentence after sentence repeating the same thing indefinately and no one would be bothered. Well, of course apart from the poor saps reading som web forum. But hey! It doesn't matter because their connections will reset neway. Wow I really could send something sloppy out there. It'

I'm less worried about Middle Eastern terrorists.

[Anonymous Coward]

I'm far less worried about Middle Eastern terrorists than I am about these telecom terrorists who wish to disrupt our God-given right as Americans to communicate openly and freely.

Re:I'm less worried about Middle Eastern terrorist

[Spy der Mann]

I guess the time for the encrypted, anonymized [wikipedia.org] overlay networks is now.

I like verizon

[Anonymous Coward]

Hah. I remember when DSL first came out and I waited to get that instead of cable I got some comments from friends but Verizon seemed to make sense to me vs the more shared bandwidth of cable. I knew it wouldn't take long for customers to start complaining about not getting all the bandwidth promised and other measures enacted to restrict user's bandwidth. Based on comments here and from friends and relatives. Instead of blocking p2p they do stuff like this http://www.crn.com/software/206903773 [crn.com]

Verizon w

Re:

[Rakeris]

I use their wireless service, and there is no type of throttling or reset issues with P2P what-so-ever. Now if I could just get DSL...crap I would even go with cable, if I could just get it.

Re:

[dreamchaser]

Yep. I consistently get max or close to speed on my FIOS, provided there is no other bottleneck and the remote host can support 15-20 megabits per second.

I've been VERY happy with FIOS. We've had it for over a year now and I have had one 3 minute outage in all that time. That was during a horrendous storm last Summer.

Denial

[Narpak]

No! No! We are not screwing our customers to maximize profits!

Basic principle of greed you try to do as much that is legally and ethically grey; and then deny it until you are finally dragged kicking and screaming into court.

At least they're learning...

[evilninjax]

This is an interesting turn as up to now, the providers have not been worried about owning up to the practice and have been creating speak about how they're allowed to do it, how they have to do it to protect the over-capacity infrastructure they have, etc. etc

at least they're now figuring out that it's a frowned upon practice. Even if they ARE doing it, they are best off hiding it. Well, that's going to do quite a bit to help The Net Neutrality movement if/when the truth comes to light.

Far, Far beyond "screwing the customer"

[mikelieman]

They are unlawfully spying on you and should be tried for their choice to commit felonious acts.

If they don't give a shit about OBEYING THE LAW, why the hell would they care about Customer Service?

Blame Canada, hackers and trends :-)

[AHuxley]

"suggesting that industry forums like the Distributed Computing Industry Association would
provide a better means for addressing such questions."

That the computer worlds version of a closed door human rights meeting for despots and dictators?
Just tell your consumers the truth Charles, you missed a decade of upgrades.

AT&T just has poor service

[Anonymous Coward]

AT&T may not be throttling P2P. As an AT&T DSL victim^H^H^H^H^H^Hcustomer, with their use of PPPOE (setting up a PPP connection -- the protocol used for dialup -- to tunnel over ethernet) and generally crappy service, my PPP connection drops and IP therefore changes very frequently (more than once a day). I would imagine that the TCP RSTs are caused by these connection drops more than anything else.

It's unfortunate that in the cheap end of the "broadband" segment ($30/mo for phone line + 768k/256k

Re:

[mvdwege]

Dropping the link layer (and as far as TCP is concerned, a PPPoE connection is the link layer) does not result in RST packets. RST packets are sent on purpose by one end of a TCP connection to close an existing connection.

Dropping the connection without closing it results in a TCP connection hanging in TIME_WAIT, waiting to time out.

If there are spurious RST packets on a network, the provider will have to give a good explanation. Yours won't do, and if AT&T can't come up with a better one, they have o

IP violations?

[Anonymous Coward]

In the past, AT&T has defended Comcast's throttling practices, and said it wants to monitor its network traffic for IP violations.

I'm KEEPING 12.308.1.273, I don't care how many IP rules it violates!

Re:

[Kamineko]

Amateur!

Real IPs look like this:

563.mushrooms.100_.7043-3.sin(x).^_^

Re:

[AHuxley]

So, I see you've played 'spammers or feds' before.
Thats not an ip
S010600062506ff15.fm
is an ip.

If it wasn't intentional...

[nurb432]

Then i guess their network just sux.

Re:

[Phase Shifter]

Their network does definitely suck.

I don't use them as an ISP, but since they're in charge of the local infrastructure--well, let's just say that every time it rains I have to put up with a 60 Hz hum on my phone line for a week or two. Even after several service calls. For the last 3 years. (Typically they wait a few weeks for the problem to go away before they attempt a response.)

And yet they persist in calling me, trying to get me to use their DSL service which works over the same line. I don't k

AT&T CEO admints to poor network

[HycoWhit]

The exact quote from the AT&T CEO was more along the lines: "We never reset P2P traffic, it's simply a fact we've built a crappy network."

AT&T Lying like a Rug

[sjvn]

I have an AT&T DSL connection. I've used it for years. I've also beaten the heck out of it for years with massive downloads, uploads and the like. It has worked fine, until the last few months. Now, whenever I have a P2P Torrent going a day or more, I know my connection is going to lock up completely anywhere from 20 to 28 hours into the process. The only solution is to hard boot my DSL modem. It then happens again, about once a day, until I stop the torrent.

Coincidence? I think not.

Steven

Re:

[Truekaiser]

Maybe your accepting more incoming connections then your dsl modem can accept. try changing your settings.

DSL modem lock up during heavy usage

[laird]

Now, whenever I have a P2P Torrent going a day or more, I know my connection is going to lock up completely anywhere from 20 to 28 hours into the process. The only solution is to hard boot my DSL modem. It then happens again, about once a day, until I stop the torrent.

Coincidence? I think not.

I had this happen regularly with my router (linksys). Since home routers are so cheap, I ended up replacing it, and never had it happen again. So I can't say whether the lock-ups were caused by hardware, firmware, etc., but I can say that in my case it wasn't the ISP.

Your sig

[ben there...]

--
Improve P2P with P4P. Learn more! [pandonetworks.com]

I like how their charts start at 400 peers. I can't remember the last time I connected to a torrent that had over 400 peers. Where's the rest of the chart? You know, the part before it plateaus.

Re:

[elrous0]

I also have AT&T DSL and can confirm that the EXACT same thing has started to happen to me recently. Worked fine for even large downloads before now. But now if I leave it running for more than a 12-24 hours downloading a large file, the internet connection shuts down completely. I have to reboot my modem to get it working again. It's definitely NOT an isolated incident or any mistake. My connection was rock solid before now.

Re:

[elrous0]

The exact same thing started happening to me recently on my AT&T DSL connection. I *never* had to reboot the modem before this, now it locks up whenever I try and download a particularly large file. It's definitely not just a coincidence.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[account_deleted]

Comment removed based on user account deletion

Chuck's right

[laird]

TCP resets can occur for many reasons. All that client software can know and report is that the TCP reset occurred. But, for example, it can't know whether it got a reset because the software on the other end of the connection crashed, or had a bug, or the computer was turned off, or there was some corrupted communications between the two causing the TCP connection to get confused and need to be reset. This is all explained at http://www.tcpipguide.com/free/t_TCPConnectionManagementandProblemHandlingtheConnec.htm [tcpipguide.com] (for example).

Vuze's test only counted reset rates, so it can't prove anything about what's going on. At most, it could suggest areas where it might be productive to do more investigation.

Re:

[poetmatt]

I suggest you try not to assume all vuze facts are incorrect. I happen to be in an area where the reset rate was 50-75%, and to ensure accuracy I did nothing more than download a torrent via azureus and then seed it.

No other sources that use internet access were used at all, so I suspect that you try not to find magic ways to deny traffic.

Why was vuze accurate? because it only watched traffic coming in off azureus. You don't need more details than that, so yes, it can prove anything about whats going on.

If

Re:

[laird]

I suggest you try not to assume all vuze facts are incorrect. I happen to be in an area where the reset rate was 50-75%, and to ensure accuracy I did nothing more than download a torrent via azureus and then seed it.

I'm not sure where you got the idea that I assumed that all Vuze's facts were incorrect. In fact, I'm assuming that all of their facts are correct, because I have no reason to believe otherwise. And because it's pretty obvious how Vuze can count and collect TCP resets. So while it's nice that your testing on your PC showed that their reporting of TCP resets was fairly accurate, that doesn't have anything to do with the issue I raised.

What I pointed out is that capturing reset rates alone can't prove that y

Re:

[poetmatt]

Sorry for misreading what you said then.

However, why would it not be fairly accurate to see that "x ISP is doing a significantly larger than normal amount of resets" = they might have something going on with their resets?

Additionally, its not like comcast or any other ISP wants us to see said data or would let us, so where else can it go?

Re:

[DMUTPeregrine]

It could just be a bad quality network. And ISPs that filter content open themselves up to being sued for contributory infringement or some such, (loss of DMCA safe-harbour) and thus filtering is a massive legal liability.

Re:

[laird]

Sorry for misreading what you said then.

However, why would it not be fairly accurate to see that "x ISP is doing a significantly larger than normal amount of resets" = they might have something going on with their resets?

Additionally, its not like comcast or any other ISP wants us to see said data or would let us, so where else can it go?

I think that it would be entirely reasonable to say that "customers of x ISP see a significantly higher than normal rate of resets = the ISP might have something going on".

To go further than that, you'd want to do (as another poster suggested) a more detailed data collection and analysis. That could help determine who's doing what.

Someone, please write a decent test

[Animats]

This approach to testing is stupid. One correct approach is to record all the packets sent and received at both ends of the connection, then compare them after the session. Any unexpected packets are bogus.

There are some routers that will generate bogus packets through out and out bugs. The Sveasoft Linux software for Linksys routers had that problem a few years back. If you had more than one or two packets queued for the air link, some of the packets would get garbled. Most users never saw this, because they were connecting to the Internet via a low bandwidth link. In that mode, you can't saturate the air link, and you never build up a transmit queue. We were doing big downloads from a local file server to a local client, with no traffic to the outside world at all. (We were using this for a robot vehicle, with long debug logs and code updates being transferred.) An FTP connection wouldn't work for more than about fifteen seconds. It would stall, retransmitting until the connection timed out. We finally put packet sniffers on the links and found out that TCP packets were being garbled by the "internal firewall", even when it was supposedly turned off. The garble wasn't random; it occurred in a repeatable way that made each TCP retransmit fail.

In 2007, I found a transparency problem with Coyote Point load balancers. This one would mysteriously block connections. If you made an HTTP connection through a Coyote Point load balancer, and sent an HTTP header with a "User-agent" string ending in "m" but not containing another "m", and the HTTP header contained no additional fields, the load balancer would not pass any TCP packets to the systems behind the load balancer. This turned up on a site where I know the people who run the site, and we did packet dumps on both sides of the load balancer to confirm this. Coyote Point parses HTTP headers with regular expressions, and I suspect that, somewhere in the built-in rules, someone wrote "\m" where they meant to write "\n". In a typical non-response, Coyote Point suggested we upgrade the load balancer. I pointed out that Coyote Point's own site had the same problem.

So a good network transparency test for end users would be a useful tool to have around. The existing tools tend to be part of protocol analyzers, and assume the user knows TCP/IP/Ethernet down to the bit level.

Re:

[Tuoqui]

The problem is...

Like Comcast they can forge packets on BOTH sides of the router if they were doing it and therefore you'd get RST packets on both sides. Therefore merely comparing the output on both sides is not enough to determine if forging RST packets is occurring. All you can do is compare the number of RST's and compare them to a baseline like when you're downloading a multi-gigabyte Linux .iso and when you are downloading a multi-gigabyte Linux torrent. If there is a severe difference between .iso do

Re:

[Animats]

Like Comcast they can forge packets on BOTH sides of the router if they were doing it and therefore you'd get RST packets on both sides. Therefore merely comparing the output on both sides is not enough to determine if forging RST packets is occurring.

You need to log, at each end, what each end is both sending and receiving. Then compare the results. Unless you installed a stateful firewall or a proxy server, there shouldn't be anything in the middle changing the packets. If there is, it's useful to k

They don't need to

[TitanOdysseus]

New ATT&T routers (2Wire based) have a "spam" function that will reset your router if it detects:
Spam
P2P
2 people refreshing COD4 servers simultaneously

According to the ATT&T technician I spoke with this is "intended" to protect the network against spam. So really, there's no way to possible log how many times this happens to people on the client side. If too much traffic passes through your 2Wire, it will reset until you basically get so frustrated you decide P2P and looking for COD4 serve

Re:

[compro01]

AT&T is lying. it's not a feature. it's a problem with the damn things. 2wire is great at making modems, but they absolutely suck at making routers. go above about 200 connections (inbound and outbound combined) and it'll run out of memory and hard lock, or it'll start dropping connections one at a time, then hard lock. sometimes the thing is smart enough to restart itself, but most of the time you've gotta hard reset it by pulling the power.

i used to work tech support for sasktel, who also use 2wi

What I don't understand...

[pauljlucas]

... is why ISPs want to be in the business of monitoring their networks for certain content. Aren't they supposed to have common-carrier status (which, AFAIK, is supposed to mean that they're agnostic about and not responsible for the traffic on their networks)? Why do they want to spend money on engineering and PR damage-control for all this if they could just ignore it?

Re:

[sunderland56]

1. 1) Put way too many users on a slow infrastructure.
2. 2) Throttle them back when they use the product they paid for.
3. 3) Profit!

Re:

[Tuoqui]

Oh they want all of the benefits of being a common-carrier with none of the drawbacks... Except the thirst for money. Sorta like the Blade of ISPs.

From what I understand common-carrier is about not prioritizing anything over another and not checking the contents of what is passing through your network. This applies to postal service and telephones. By doing this they effectively are given immunity when it comes to criminal prosecution. This is why when the first mail bomb happened you didn't see anyone tryi

Re:

[Thing 1]

... is why ISPs want to be in the business of monitoring their networks for certain content. Aren't they supposed to have common-carrier status (which, AFAIK, is supposed to mean that they're agnostic about and not responsible for the traffic on their networks)? Why do they want to spend money on engineering and PR damage-control for all this if they could just ignore it?

Perhaps it's time for a grass-roots class-action lawsuit?

1. Common carriers aren't supposed to monitor.

2. AT&T (Comcast, etc.)

Re:

[ion.simon.c]

Cablecos do not have common carrier status. Just sayin.

Why consumer ISP's manage their networks

[laird]

... is why ISPs want to be in the business of monitoring their networks for certain content. Aren't they supposed to have common-carrier status (which, AFAIK, is supposed to mean that they're agnostic about and not responsible for the traffic on their networks)? Why do they want to spend money on engineering and PR damage-control for all this if they could just ignore it?

They don't. I've never heard of any ISP who's monitoring their network for specific content, because it raises all sorts of legal questions.

The reason that ISP's are starting to manage traffic it is due to capacity issues - changes in user behavior (e.g. viewing high quality video online, p2p) dramatically increase the bandwidth consumption per user, causing demand to exceed available bandwidth.

Given that demand exceeds current supply, and expanding capacity is time consuming and expensive, some ISP's app

Re:

[pauljlucas]

I've never heard of any ISP who's monitoring their network for specific content, because it raises all sorts of legal questions.

Perhaps not today, but perhaps you missed this article [slashdot.org]?

Re:

[laird]

I've never heard of any ISP who's monitoring their network for specific content, because it raises all sorts of legal questions.

Perhaps not today, but perhaps you missed this article [slashdot.org]?

Yes, that article about AT&T was all over the news.

The point I was making is that while many people think that traffic shaping has something to do with ISP's not liking specific content, or not liking "piracy," the actual reason that ISP's are doing traffic shaping related to p2p is driven by bandwidth consumption exceeding their capacity, not by content/copyright issues.

Re:

[pauljlucas]

... the actual reason that ISP's are doing traffic shaping related to p2p is driven by bandwidth consumption exceeding their capacity ....

I don't understand. If it's strictly a bandwidth issue, why don't they do traffic shaping for all bandwidth regardless of protocol?

Re:

[laird]

... the actual reason that ISP's are doing traffic shaping related to p2p is driven by bandwidth consumption exceeding their capacity ....

I don't understand. If it's strictly a bandwidth issue, why don't they do traffic shaping for all bandwidth regardless of protocol?

They do. There are (AFAIK) four basic strategies for managing bandwidth:
- Let lines saturate, then drop random packets.
- Prioritize traffic within capacity based on protocol. For example, give the most time sensitive VOIP and streaming protocols highest priotity, then HTTP, then P2P. This seems good in theory, but in practice the distinctions aren't so clear (e.g. p2p streaming), and it opens the door to all sorts of issues.
- Rate limit users based on protocol-agnostic rules (e.g. data transfer volumes).
-

Re:

[orlanz]

For this, you might pay $60/month for 20 Mbps, or $3/Mbps.

You mean $60/month for 3-5Mbps. This is the US, not some other developed, developing, or 3rd world country.

Re:

[laird]

For this, you might pay $60/month for 20 Mbps, or $3/Mbps.

You mean $60/month for 3-5Mbps. This is the US, not some other developed, developing, or 3rd world country.

The pricing I gave is what I pay for FIOS. Even if you're paying a bit more for your home broadband that I am, that doesn't change the point that consumer capped bandwidth is dirt cheap compared to business-grade committed bandwidth.

Re:

[slimjim8094]

Common Carrier status applies only to phone service. Internet service is excluded

IANAL.

AT&T probably does NOT send RST packets.....

[Fallen Kell]

Comcast is most likely the source. Comcast is sending RST packets to both ends of the P2P connection, not just their subscribers. So simply having a large number of RST packets may simply mean your P2P client is connected to a large number of Comcast clients. We have know for a while that Comcast is sending the packets to both their own customer and forging a packet to their customer's destination. If Comcast wasn't sending the packets like that, all it would take would be a firewall filter to drop incoming

I have a hunch Time Warner does this too

[haaz]

While it could be TCP resets, as I see someone talking about in a comment above, Time Warner being pricks is so much more attractive...

Must be true - its been officially denied

[Helldesk Hound]

> "... 'AT&T does not use "false reset messages" to manage
> its network,' Kalmanek said in the letter. Kalmanek noted
> that Vuze's analysis said the test 'cannot conclude
> definitively that any particular network operator is
> engaging in artificial or false [reset] packet behavior.'"

Interesting that they're denying something /very/ specific, and not absolutely denying the accusation overall.

also interesting that they're effectively saying "could be, couldn't say for sure".

What I don't und

Why not just filter the RST packets client side?

[LinuxDon]

I've had some bad issues with RST packets in the past which were generated by the modem or whatever. Also back in the day they were frequently used to disconnect people from IRC.

These issues can be solved easily by filtering those packets.
iptables -A INPUT -p tcp --tcp-flags RST RST -j DROP
(Please correct me if the command isn't entirely correct.)

It might fix the entire problem, it would be worth a try.

Don't flame so soon

[slimjim8094]

I've explicitly seen them 'look the other way' with regard to music piracy:

Our Policy on Internal Worldnet Newsgroups & MP3s

Posting of MP3 files is a copyright violation. We do not patrol or monitor the public Usenet newsgroups but the local-only newsgroups (the internal Worldnet newsgroups) are our responsibility, and we may be liable for copyright issues.

As such, MP3 postings should not be placed in the members-forum.non-text newsgroup, or any Worldnet internal newsgroup, and will be removed. The members-forum.non-text newsgroup newsgroup was not intended for MP3s and should not be used for that purpose.

There are available public Usenet newsgroups dedicated for those types of posts.

We appreciate your cooperation, and thank you for your understanding.

http://care.att.net/bulletins/general.html#Newsgroups&MP3s [att.net]

From a network standpoint, it's doubtful that they're the originating host. The packets are forged, therefore anybody can forge them (because it's already not from the true source, right?). There are many, many, many routers on the Internet and any one could send a reset.

Perhaps the spillover 5% is from connections to Comcasties? If Comcrap is already willing to forge id

AT&T wants to Minimize Potential Lawsuits

[CodeBuster]

AT&T said it wants to monitor its network traffic for IP violations.

They only said that because there is nothing to be gained from telling the truth, namely that the really don't give crap about IP as long as they are not sued and their customers continue paying for their Internet service. They probably care somewhat about bandwidth, but that is a separate issue from intellectual property (IP). Corporations care about profit and whatever else they say must be viewed through the profit lens because it is probably being said (or spun to put it more precisely) in service of t

My brilliant idea

[Slur]

Shouldn't the big networks instead take steps to improve the efficiency of filesharing applications, rather than trying to curtail them?

If the big networks like AT&T are honestly troubled by the use of torrent - which according to some reports is something like 90% of all internet traffic - it seems that the best technical solution would be to install distributed torrent nodes and predictively cache files in closer proximity to their destinations.

They could outsource it to Akamai... just a thought.

RST Packets on comcast

[Douglas Goodall]

After I recently purchased an advanced firewall router I became aware of the spurious RST packets that will appearing in the COMCAST environment. I had my firewall router configured to report these packets by email and I received so many of these emails I had to discontinue the reporting. During the time I say the packets, I was not using any p2p protocols but in fact was using a web browser to operate the ebay website. I did notice these packets around the time web content was being provided by akamai ser

FAIL! Not resetting solely P2P connections.

[cyberbill79]

Deny all they want. I continually have to reset my modem when uploading via ftp to my website just for maintenance! Even with as little as 3k sometimes! Often I make all my changes at home, and end up uploading it from work. When I contacted them about this, they stated there was a problem on the line and they would have to send someone out to check it out at my expense (if it was a non-comcast issue). Not 2 hours after this call did my speeds pick back up. However a few days later, back to normal. I avoid

Re:

[cyberbill79]

Okay. I fail. Aparently I saw 'P2P throttling' and got reved-up and made an ass-umtion. Off with his head! Sorry guys. :)