

funchords

Hello

MVM

join:2001-03-11

Yarmouth Port, MA 4 edits 2 recommendations funchords MVM Comcast is using Sandvine to manage P2P Connections



WHAT: A device that monitors P2P activity and interferes with requests for the peer within Comcast to UPLOAD data (downloads appear to be not affected, uploads within Comcast are not affected, transfers already in progress are not affected, and a small percentage of the new transfer requests are still permitted),



WHERE: On the boundaries, at the point where Comcast connects to other points of the Internet,



WHEN: Earliest evidence is 6 months ago, but use appears to have increased or become more "clamped-down" recently,



WHY: To reduce costs associated with P2P bandwidth growth



HOW IT WORKS:



- The Sandvine application reads packets that are traversing the network boundary



- If the application senses that outbound P2P traffic is higher than a threshold determined by Comcast, Sandvine begins to interrupt P2P protocol sequences that would initiate a new transfer from within the Comcast network to a peer outside of the Comcast network



- The interruption is accomplished by sending a perfectly forged TCP packet (correct peer, port, and sequence numbering) with the RST (reset) flag set. This packet is obeyed by the network stack or operating system which drops the connection.



In eDonkey connections, for example, queued UPLOADS (to others) will not be honored to some percentage of non-Comcast P2P users. Immediately after the peer requests ranges to be transferred, the connection is dropped in the above manner. Gnutella transfers are similarly affected in the same manner.



In BitTorrent connections, the RST message is sent well after the handshake, and often after some data has been exchanged. The Sandvine filter interferes during lulls (NOOP and HAVE commands) as well as the moment of transition from the ending of sending one complete piece. When I am not using Comcast, BitTorrent disconnections due to peer resets (RST flag) are 3%. Using Comcast, 39% of connections are terminated using the RST flag.



In Summary: The Sandvine filter has taken steps to try to make the filtering experience innocuous (nearly invisible) to the user. Some transfers are allowed, the interruption seems to come from the distant peer, and it relies on the P2P protocol being used to either find another peer (hopefully a Comcast one) or retry that peer later.



WHY THIS MAY BE GOOD:



- There is reduced cost, and perhaps higher download and upload speeds for everyone (regardless of P2P use), if P2P data requests can be fulfilled entirely within the Comcast network.



- Because a peer will retry to get a file or a piece of a file, uploads are merely delayed. The peer may have to return to the back of a queue and go through the above cycle several times before the transfer request is honored.



WHY THIS MAY BE BAD:



- The decision whether to interrupt a transfer is without regard as to whether there are non-Comcast sources for a file. For example, an amateur band releasing their music on the P2P networks is at a disadvantage. The time it would take to get a complete copy of a music file to a point outside of the Comcast network is dramatically increased.



- Comcast is not the only customer for Sandvine and the like. Other ISPs will and have adopted this and similar technologies and tactics. As they do, the amount of outgoing P2P data that each allows on the wire becomes a competitive element.



- Some P2P networks punish non-sharers. Upon detecting that files offered for sharing cannot be transferred, the network can reduce access to the peer that cannot transfer.



MY OPINION:



I tried to write the above evenhandedly.



As an enthusiast, I use P2P for an IPTV application, Skype, and to deliver Ubuntu Linux and Shareaza, two open-source applications. My music is Tin-Pan Alley and I really watch very few movies. I'm not the guy that RIAA or the MPAA are looking for: I like old ragtime music, historical film, and old magazines. But I know the P2P protocols very well I and noticed something was wrong a few months ago.



What cracked the case for me was when I was telling someone in Brazil about the upload resets (error 10053), and he offered me a VPN connection for comparison. No drops.



The protocol analyzer told the "RST" of the story. And yesterday, I learned about Sandvine and got word from another Sandvine customer that they're bragging about their Comcast deployment in order to make sales.



I am not against this, per se. They are allowing some P2P sharing to points outside of their network, even though they can detect and prevent it. I might even be able to live with it, if I knew exactly what to expect and how to override it if it was stupidly hampering something. (I am convinced it is designed to make P2P prefer Comcast clients when possible, but not designed to hamper communications when there are no alternatives).



However:



- I have always paid for unfettered internet access. No filtering, please. It wasn't filtered when I first signed up, I don't want it filtered now. In this case, they are filtering ME!!



- These are being installed silently -- why? Why not install them noisily, and provoke action on the makers of P2P applications to seek out peers with lower TTLs (translation: electrically closer, more likely to be 'in-network').



- These smart filters are still rather dumb. After a threshold is reached, the interrupting of new transfer requests is made. The app doesn't know whether or not the transfer is important or unimportant, rare or common. (And do we really want our ISP deciding what is important and urgent to us?)



P2P is not illegal. People are currently downloading more media than they can possibly use in a lifetime -- that fruitless task is a fad that will wear off. Comcast may have had what they thought was a good idea, here. But, as implemented, it is having bad effects and puts Comcast in the seat of interfering with my end-to-end client communications.





Update requested by funchords :



** Updated information 2007-08-29 -- »UPDATE Re Comcast is using Sandvine to manage P2P Connection



** See also these topics ---> »[Speed] There are good resets and there are bad resets...



»Man, more fishy stuff going on with Comcast and bittorent?



»[Speed] workaround for Comcast Throttling issues.. (torrent)



»[NEWS] Comcast 'Delaying' Not 'Blocking' Traffic



»Comcast, Sandvine, and the latest WoW patch (v2.3.0)



»FCC to investigate Comcast sandvine packet blocking - YES!!!



»Comcast and P2P filtering (Sandvine)



»Richard Bennett: It'll be like DSL, only Faster



WHO: Comcast and Sandvine, a peer-to-peer (P2P) management application,WHAT: A device that monitors P2P activity and interferes with requests for the peer within Comcast to UPLOAD data (downloads appear to be not affected, uploads within Comcast are not affected, transfers already in progress are not affected, and a small percentage of the new transfer requests are still permitted),WHERE: On the boundaries, at the point where Comcast connects to other points of the Internet,WHEN: Earliest evidence is 6 months ago, but use appears to have increased or become more "clamped-down" recently,WHY: To reduce costs associated with P2P bandwidth growthHOW IT WORKS:- The Sandvine application reads packets that are traversing the network boundary- If the application senses that outbound P2P traffic is higher than a threshold determined by Comcast, Sandvine begins to interrupt P2P protocol sequences that would initiate a new transfer from within the Comcast network to a peer outside of the Comcast network- The interruption is accomplished by sending a perfectly forged TCP packet (correct peer, port, and sequence numbering) with the RST (reset) flag set. This packet is obeyed by the network stack or operating system which drops the connection.In eDonkey connections, for example, queued UPLOADS (to others) will not be honored to some percentage of non-Comcast P2P users. Immediately after the peer requests ranges to be transferred, the connection is dropped in the above manner. Gnutella transfers are similarly affected in the same manner.In BitTorrent connections, the RST message is sent well after the handshake, and often after some data has been exchanged. The Sandvine filter interferes during lulls (NOOP and HAVE commands) as well as the moment of transition from the ending of sending one complete piece. When I am not using Comcast, BitTorrent disconnections due to peer resets (RST flag) are 3%. Using Comcast, 39% of connections are terminated using the RST flag.In Summary: The Sandvine filter has taken steps to try to make the filtering experience innocuous (nearly invisible) to the user. Some transfers are allowed, the interruption seems to come from the distant peer, and it relies on the P2P protocol being used to either find another peer (hopefully a Comcast one) or retry that peer later.WHY THIS MAY BE GOOD:- There is reduced cost, and perhaps higher download and upload speeds for everyone (regardless of P2P use), if P2P data requests can be fulfilled entirely within the Comcast network.- Because a peer will retry to get a file or a piece of a file, uploads are merely delayed. The peer may have to return to the back of a queue and go through the above cycle several times before the transfer request is honored.WHY THIS MAY BE BAD:- The decision whether to interrupt a transfer is without regard as to whether there are non-Comcast sources for a file. For example, an amateur band releasing their music on the P2P networks is at a disadvantage. The time it would take to get a complete copy of a music file to a point outside of the Comcast network is dramatically increased.- Comcast is not the only customer for Sandvine and the like. Other ISPs will and have adopted this and similar technologies and tactics. As they do, the amount of outgoing P2P data that each allows on the wire becomes a competitive element.- Some P2P networks punish non-sharers. Upon detecting that files offered for sharing cannot be transferred, the network can reduce access to the peer that cannot transfer.MY OPINION:I tried to write the above evenhandedly.As an enthusiast, I use P2P for an IPTV application, Skype, and to deliver Ubuntu Linux and Shareaza, two open-source applications. My music is Tin-Pan Alley and I really watch very few movies. I'm not the guy that RIAA or the MPAA are looking for: I like old ragtime music, historical film, and old magazines. But I know the P2P protocols very well I and noticed something was wrong a few months ago.What cracked the case for me was when I was telling someone in Brazil about the upload resets (error 10053), and he offered me a VPN connection for comparison. No drops.The protocol analyzer told the "RST" of the story. And yesterday, I learned about Sandvine and got word from another Sandvine customer that they're bragging about their Comcast deployment in order to make sales.I am not against this, per se. They are allowing some P2P sharing to points outside of their network, even though they can detect and prevent it. I might even be able to live with it, if I knew exactly what to expect and how to override it if it was stupidly hampering something. (I am convinced it is designed to make P2P prefer Comcast clients when possible, but not designed to hamper communications when there are no alternatives).However:- I have always paid for unfettered internet access. No filtering, please. It wasn't filtered when I first signed up, I don't want it filtered now. In this case, they are filtering ME!!- These are being installed silently -- why? Why not install them noisily, and provoke action on the makers of P2P applications to seek out peers with lower TTLs (translation: electrically closer, more likely to be 'in-network').- These smart filters are still rather dumb. After a threshold is reached, the interrupting of new transfer requests is made. The app doesn't know whether or not the transfer is important or unimportant, rare or common. (And do we really want our ISP deciding what is important and urgent to us?)P2P is not illegal. People are currently downloading more media than they can possibly use in a lifetime -- that fruitless task is a fad that will wear off. Comcast may have had what they thought was a good idea, here. But, as implemented, it is having bad effects and puts Comcast in the seat of interfering with my end-to-end client communications.

DoYouKnowMe

join:2007-05-13 DoYouKnowMe Member While I feel your pain, since you are a residential customer (I am presuming), you are bound by the Terms Of Service agreement that was provided to you at time of sign-up and which is easily accessible through their website. A few key passages:



"We may change our prices, fees, the Services and/or the terms and conditions of this Agreement in the future. Unless this Agreement or applicable law specifies otherwise, we will give you thirty (30) days prior Notice of any significant change to this Agreement. If you find the change unacceptable, you have the right to cancel your Service(s). However, if you continue to receive Service(s) after the end of the notice period (the "Effective Date") of the change, we will consider that you have accepted the changes. You may not modify this Agreement by making any typed, handwritten, or any other changes to it for any purpose."



"4. CHANGES TO SERVICES

Subject to applicable law, we have the right to change our Services, Comcast Equipment and rates or charges, at any time with or without notice. We also may rearrange, delete, add to or otherwise change programming or features or offerings contained in the Services, including but not limited to, content, functionality, hours of availability, customer equipment requirements, speed and upstream and downstream rate limitations. If we do give you notice, it may be provided on your monthly bill, as a bill insert, in a newspaper or other communication permitted under applicable law. If you find a change in the Service(s) unacceptable, you have the right to cancel your Service(s). However, if you continue to receive Service(s) after the change, this will constitute your acceptance of the change. Please take the time to read any notices of changes to the Service(s). We are not liable for failure to deliver any programming, services, features or offerings except as provided in Section 11e."



"7. USE OF SERVICES

You agree that the Services and the Comcast Equipment will be used only by you and the members of your immediate household living with you at the same address and only for personal, residential, non-commercial purposes, unless otherwise specifically authorized by us in writing. You will not use the Comcast Equipment at any time at an address other than the Premises without our prior written authorization. You agree and represent that you will not resell or permit another to resell the Services in whole or in part. You will not use or permit another to use the Comcast Equipment or the Service(s), directly or indirectly, for any unlawful purpose, including, but not limited to, in violation of any posted Comcast policy applicable to the Services. Use of the Comcast Equipment or Services for transmission, communications or storage of any information, data or material in violation of any U.S. federal, state or local regulation or law is prohibited.



You acknowledge that you are accepting this Agreement on behalf of all persons who use the Comcast Equipment and/or Services and that you shall have sole responsibility for ensuring that all other users understand and comply with the terms and conditions of this Agreement and any applicable Comcast policies including, but not limited to, acceptable use and privacy policies. You further acknowledge and agree that you shall be solely responsible for any transactions, including, without limitation, purchases made through or in connection with the Services. You agree to indemnify, defend and hold harmless Comcast and its affiliates, suppliers, and agents against all claims and expenses (including reasonable attorney fees) arising out of the use of the Services, the Comcast Equipment and/or the Customer Equipment or the breach of this Agreement or any of the applicable Comcast policies by you or any other user."



Now, they key point to the use of Sandvine, of which I have not confirmed due to lack of research ( I am lazy ), is pointed out in Section 7. A P2P connection requires you to "authorize" someone else to use the service for a potentially unlawful purpose. Not that any company wants to think that their customers are out to do wrong, but to physically track EVERY connection and monitor the connection's contents would: a)be an unlawful invasion of privacy, b)cost an enormous amount of money, c)create an undesirable product as all costs would be passed on to the consumer ( even higher monthly charges ) and cause bandwidth availability to drop ( slower speeds ).



Naturally, a company would seek to be proactive rather than reactive to a hot topic issue that is greatly influenced by one of their services, such as the use of P2P to violate copyrights or the proliferation of malicious software. The end results are an improved corporate image, which from what I understand, is something that Comcast REALLY, REALLY needs any way they can get it, and to hinder all the responsible subscribers who use the service legally.



In "short" (lol) blame the idiots out there who force ISP's to take this action or have them do you some "favors"

rody_44

Premium Member

join:2004-02-20

Quakertown, PA 1 edit rody_44 to funchords

Premium Member to funchords

any facts that back up your claim? or do we just take your word on it. something in the line of real facts and not this person told this person type of stuff. salesman lie all the time. and just because you changed to vpn doesnt mean jack. i mean your routing also changed correct?



funchords

Hello

MVM

join:2001-03-11

Yarmouth Port, MA 2 recommendations funchords MVM said by DoYouKnowMe:



A P2P connection requires you to "authorize" someone else to use the service for a potentially unlawful purpose. A P2P connection requires you to "authorize" someone else to use the service for a potentially unlawful purpose. said by DoYouKnowMe:



but to physically track EVERY connection and monitor the connection's contents would: a)be an unlawful invasion of privacy, b)cost an enormous amount of money, c)create an undesirable product as all costs would be passed on to the consumer ( even higher monthly charges ) and cause bandwidth availability to drop ( slower speeds ). but to physically track EVERY connection and monitor the connection's contents would: a)be an unlawful invasion of privacy, b)cost an enormous amount of money, c)create an undesirable product as all costs would be passed on to the consumer ( even higher monthly charges ) and cause bandwidth availability to drop ( slower speeds ).



As for the invasion of privacy aspect, this is a grey area. It may be one reason they have silently implemented Sandvine. It is not good PR to peer into their customer's packets for the purpose of deciding whether or not they will interfere with them. said by rody_44:



any facts that back up your claim? or do we just take your word on it. any facts that back up your claim? or do we just take your word on it.



I'm hoping that others will run their own tests. If they don't, I hope the facts that I'm a qualified expert on the subject, posting under my own name, will carry some weight. said by rody_44:



something in the line of real facts and not this person told this person type of stuff. salesman lie all the time. something in the line of real facts and not this person told this person type of stuff. salesman lie all the time.



Sandvine said it has signed a contract with a Tier 1 U.S. service provider ... Sandvine did not identify the company, but it said its new customer has over 5 million residential high-speed Internet subscribers.



Sandvine already counts top U.S. cable provider Comcast Corp among its customers, Barron's said. said by rody_44:



and just because you changed to vpn doesnt mean jack. i mean your routing also changed correct?

and just because you changed to vpn doesnt mean jack. i mean your routing also changed correct?



Once you have that, then this testing is not hard. Set up Wireshark and start your P2P client. Using Comcast, Sandvine will start sending TCP packets with the RST flag set. Not using Comcast, you will see very few such packets. No more or less than an Instant Messenger connection does. All things have potentially unlawful purposes. They are not, in and of themselves, unlawful.Earlier in this same mentioned, you said that you had not researched this. Had you looked into it, you would have found that this technology is available today and is for sale to ISPs. The cost of the technology is offset by lower payments to backbone providers and the ability to delay expansions of capacity. With somewhere around 75% of all internet traffic being P2P, reducing that traffic that exits the network could provide substantial savings.As for the invasion of privacy aspect, this is a grey area. It may be one reason they have silently implemented Sandvine. It is not good PR to peer into their customer's packets for the purpose of deciding whether or not they will interfere with them.I have already presented facts. Regardless, unless you run your own tests, you'll have to decide whether to take my word on it.I'm hoping that others will run their own tests. If they don't, I hope the facts that I'm a qualified expert on the subject, posting under my own name, will carry some weight.I doubt Comcast will let me in to look. The evidence is circumstantial, but the amount is overwhelming.And so did my packet size. I have accounted for the latter with some other testing. For the former, one should need a VPN endpoint that terminates within Comcast at some points other than Hillsboro, OR..Once you have that, then this testing is not hard. Set up Wireshark and start your P2P client. Using Comcast, Sandvine will start sending TCP packets with the RST flag set. Not using Comcast, you will see very few such packets.



fuziwuzi

Not born yesterday

Premium Member

join:2005-07-01

Palm Springs, CA ·Charter

Technicolor TC8715D

Asus RT-AC87

(Software) Asuswrt-Merlin

fuziwuzi to funchords

Premium Member to funchords





Now if only the Comcast network was as fast as their fanboys who quickly denounce any criticism of them. The few times I've used bittorrent transfers in the last few weeks I have noticed many disconnects on the up side. I didn't know what was causing it, but your analysis makes sense now.Now if only the Comcast network was as fast as their fanboys who quickly denounce any criticism of them.



Morty7

Premium Member

join:2004-09-18 Morty7 to funchords

Premium Member to funchords

Sandvine said it has signed a contract with a Tier 1 U.S. service provider to supply its 10 Gbps Policy Traffic Switch platform.



Comcast is not a Tier 1 provider. In fact, the there are only two Tier 1's on that possible list, Vz and ATT. My hunch is with ATT.



Your other article states:



"Sandvine Corp. (SVC.TO: Quote, Profile , Research) could see a boost in demand for their technologies, which could be used to give services such as Web video or voice priority over less urgent Internet traffic, according to Barron's April 9 edition." and then goes on to state "Sandvine already counts top U.S. cable provider Comcast Corp among its customers, Barron's said."



CableTool

Poorly Representing MYSELF.

Premium Member

join:2004-11-12 CableTool Premium Member And we all know Comcast prioritizes its Voice packets. None of which have anything to do with DE prioritizing torrent traffic.



funchords

Hello

MVM

join:2001-03-11

Yarmouth Port, MA funchords to fuziwuzi

MVM to fuziwuzi

said by fuziwuzi:



The few times I've used bittorrent transfers in the last few weeks I have noticed many disconnects on the up side. I didn't know what was causing it, but your analysis makes sense now. The few times I've used bittorrent transfers in the last few weeks I have noticed many disconnects on the up side. I didn't know what was causing it, but your analysis makes sense now. said by fuziwuzi:



Now if only the Comcast network was as fast as their fanboys who quickly denounce any criticism of them. Now if only the Comcast network was as fast as their fanboys who quickly denounce any criticism of them.



I imagine a lot of P2P these days are popular CDs and Movies. These being copyright violations aside, I'm sure that for any given highly-popular file, enough sources exist within Comcast's netblocks to fill any request quickly. That's smart. I'm sure that's what they were thinking, too.



The problem is that not every file is so popular, the rare files (and those most likely to be completely legal to share, BTW), are badly punished by this filter. Glad I could help.LOL, well I'm mostly a fan-boy too. I even think this Sandvine idea is well-intended, albeit misguided.I imagine a lot of P2P these days are popular CDs and Movies. These being copyright violations aside, I'm sure that for any given highly-popular file, enough sources exist within Comcast's netblocks to fill any request quickly. That's smart. I'm sure that's what they were thinking, too.The problem is that not every file is so popular, the rare files (and those most likely to be completely legal to share, BTW), are badly punished by this filter.

funchords 2 edits funchords to Morty7

MVM to Morty7

said by Morty7:



Sandvine said it has signed a contract with a Tier 1 U.S. service provider to supply its 10 Gbps Policy Traffic Switch platform.



Comcast is not a Tier 1 provider. In fact, the there are only two Tier 1's on that possible list, Vz and ATT. My hunch is with ATT.

Sandvine said it has signed a contract with a Tier 1 U.S. service provider to supply its 10 Gbps Policy Traffic Switch platform.Comcast is not a Tier 1 provider. In fact, the there are only two Tier 1's on that possible list, Vz and ATT. My hunch is with ATT.



I'm a little lost as to what you're arguing, here. Do you think Sandvine is not installed at Comcast?



If Sandvine were not installed on Comcast, and the RST-flagged packets I received were coming from other networks, then the VPN statistics and the Comcast statistics would be similar. They're not. They're very different. Then argue that point with Sandvine. Read the linked article more closely. You'll find that they were the guys that mentioned Comcast in their (rather silly) PR release.I'm a little lost as to what you're arguing, here. Do you think Sandvine is not installed at Comcast?If Sandvine were not installed on Comcast, and the RST-flagged packets I received were coming from other networks, then the VPN statistics and the Comcast statistics would be similar. They're not. They're very different.



Morty7

Premium Member

join:2004-09-18 Morty7 Premium Member Then read what I posted more carefully, that news release isn't about Comcast. It states their new subscriber is a tier 1 ISP, Comcast and TW are Tier 2 ISPs, that leaves you with Vz and ATT. The other news release that mentions Comcast as an existing subscriber (which pretty much every telcom equipment company falls under at some point) doesn't state anything about the service in which you are talking about. While it's all nice to speculate and try and stir stuff up, this is an internet help forum. Maybe you want to also post this in the Comcast.net forums to see if you get an actual answer from Comcast about it?



jbob

Reach Out and Touch Someone

Premium Member

join:2004-04-26

Little Rock, AR ·Comcast XFINITY

Motorola MB8600

Asus RT-AC86

Asus RT-AC66U B1

1 recommendation jbob Premium Member said by Morty7:



While it's all nice to speculate and try and stir stuff up, this is an internet help forum. Maybe you want to also post this in the Comcast.net forums to see if you get an actual answer from Comcast about it?

While it's all nice to speculate and try and stir stuff up, this is an internet help forum. Maybe you want to also post this in the Comcast.net forums to see if you get an actual answer from Comcast about it? quote: The Comcast forum is for discussions about Comcast's cable internet service; its use, availability, features, customer service issues and general information.

Sounds like an appropriate discussion to me. Actually it says at the very top of this forum:Sounds like an appropriate discussion to me.



Morty7

Premium Member

join:2004-09-18 Morty7 Premium Member The issue is you can't really have a great discussion over something that is 100% speculated. If it was known that Comcast actually uses this product, for the reasons stated in the op's thread, then I can see why it would be useful. But at the current time, without more information it isn't very useful. With my recommendation, you'd at least get an answer from Comcast, and from there an actual, informed discussion of the subject could take place. I stated that it was a help forum, and thank you for posting what I said in different words (the ones it says at the top), informed "discussions" into things relating to Comcast's HSI and CDV are helpful, ones filled with "he said, she said" are not.



funchords

Hello

MVM

join:2001-03-11

Yarmouth Port, MA 1 recommendation funchords MVM Joe,



You still have me lost. What is your concern, again? I told you what the tests were, I told you what the results were. It is observable!



Do you think that the forums at Comcast.net is a placed to have an informed discussion about this? If you do, then I understand why I am lost.



Why on Earth would I discuss an issue that I want brought into the light on a Comcast-controlled forum? The users on those forums are not informed. I'm not asking whether Comcast is filtering -- it is a fact. I've demonstrated it, published my methods and my results, and you can reproduce it.



My objectives are this:



1. To end the secrecy around this project



2. To explain a phenomena that others users may be experiencing



That's it. I'm not stirring anything up. Facts and evidence have no agenda. I've added my opinion -- quite separately from the facts. But, as the "stir machine" goes, my opinion on the matter is relatively tame.



Now, instead of repeating what you've said, do you have anything to add?



NormanS

I gave her time to steal my mind away

MVM

join:2001-02-14

San Jose, CA TP-Link TD-8616

Asus RT-AC66U B1

Netgear FR114P

NormanS to funchords

MVM to funchords

said by funchords:



WHO: Comcast and Sandvine, a peer-to-peer (P2P) management application,



WHAT: A device that monitors P2P activity and interferes with requests for the peer within Comcast to UPLOAD data (downloads appear to be not affected, uploads within Comcast are not affected, transfers already in progress are not affected, and a small percentage of the new transfer requests are still permitted)...

WHO: Comcast and Sandvine, a peer-to-peer (P2P) management application,WHAT: A device that monitors P2P activity and interferes with requests for the peer within Comcast to UPLOAD data (downloads appear to be not affected, uploads within Comcast are not affected, transfers already in progress are not affected, and a small percentage of the new transfer requests are still permitted)...



»www.sandvine.com/product ··· itch.asp



Looks like device, not application. Oh, and here is a competitor:



»www.ellacoya.com/



It seems to me that Comcast is spending money on the wrong equipment. Instead of throttling their users, shouldn't they be adding capacity?



That question is, largely, rhetorical. As the messenger, I hardly expect you to be able to answer it, anyway. Well? Which is Sandvine? Application? Or device?Looks like device, not application. Oh, and here is a competitor:It seems to me that Comcast is spending money on the wrong equipment. Instead of throttling their users, shouldn't they be adding capacity?That question is, largely, rhetorical. As the messenger, I hardly expect you to be able to answer it, anyway.



Morty7

Premium Member

join:2004-09-18 Morty7 to funchords

Premium Member to funchords

There are no facts posted. Just because you believe it does not make it a fact. Your articles contradict each other, and the other states nothing about the described product in question from this vendor. I did not suggest having the discussion in that forum, I suggested asking for an answer in that forum as to whether or not they actually use it. If they say they do, then sure you can actually have a discussion over it.



hobgoblin

Sortof Agoblin

Premium Member

join:2001-11-25

Orchard Park, NY hobgoblin to NormanS

Premium Member to NormanS

said by NormanS:



It seems to me that Comcast is spending money on the wrong equipment. Instead of throttling their users, shouldn't they be adding capacity?



That question is, largely, rhetorical. As the messenger, I hardly expect you to be able to answer it, anyway.

It seems to me that Comcast is spending money on the wrong equipment. Instead of throttling their users, shouldn't they be adding capacity?That question is, largely, rhetorical. As the messenger, I hardly expect you to be able to answer it, anyway.



It certainly was used by Adelphia, whether Comcast are using it I don't know but it certainly sounds feasible.



Hob Sandvine can do and does everything that the OP has stated. It also can spot users who unknowingly are spamming the world and shut off their mail access, a subject you talk about continuously.It certainly was used by Adelphia, whether Comcast are using it I don't know but it certainly sounds feasible.Hob



NormanS

I gave her time to steal my mind away

MVM

join:2001-02-14

San Jose, CA TP-Link TD-8616

Asus RT-AC66U B1

Netgear FR114P

NormanS to DoYouKnowMe

MVM to DoYouKnowMe

said by DoYouKnowMe:



While I feel your pain, since you are a residential customer (I am presuming), you are bound by the Terms Of Service agreement that was provided to you at time of sign-up and which is easily accessible through their website. A few key passages:



...



"7. USE OF SERVICES

You agree that the Services and the Comcast Equipment will be used only by you and the members of your immediate household living with you at the same address and only for personal, residential, non-commercial purposes, unless otherwise specifically authorized by us in writing. You will not use the Comcast Equipment at any time at an address other than the Premises without our prior written authorization. You agree and represent that you will not resell or permit another to resell the Services in whole or in part. You will not use or permit another to use the Comcast Equipment or the Service(s), directly or indirectly, for any unlawful purpose, including, but not limited to, in violation of any posted Comcast policy applicable to the Services. Use of the Comcast Equipment or Services for transmission, communications or storage of any information, data or material in violation of any U.S. federal, state or local regulation or law is prohibited.



...



Now, they key point to the use of Sandvine, of which I have not confirmed due to lack of research ( I am lazy ), is pointed out in Section 7. A P2P connection requires you to "authorize" someone else to use the service...

While I feel your pain, since you are a residential customer (I am presuming), you are bound by the Terms Of Service agreement that was provided to you at time of sign-up and which is easily accessible through their website. A few key passages:..."7. USE OF SERVICESYou agree that the Services and the Comcast Equipment will be used only by you and the members of your immediate household living with you at the same address and only for personal, residential, non-commercial purposes, unless otherwise specifically authorized by us in writing. You will not use the Comcast Equipment at any time at an address other than the Premises without our prior written authorization. You agree and represent that you will not resell or permit another to resell the Services in whole or in part. You will not use or permit another to use the Comcast Equipment or the Service(s), directly or indirectly, for any unlawful purpose, including, but not limited to, in violation of any posted Comcast policy applicable to the Services. Use of the Comcast Equipment or Services for transmission, communications or storage of any information, data or material in violation of any U.S. federal, state or local regulation or law is prohibited....Now, they key point to the use of Sandvine, of which I have not confirmed due to lack of research ( I am lazy ), is pointed out in Section 7. A P2P connection requires you to "authorize" someone else to use the service...



P2P is not "reselling" the service, nor is it "sharing" the connection. Talk about Google getting a free ride on Ed Whitacre's "pipes"! I guess Brian Robers thinks a lot like Ed Whitacre, in the end. I suppose you could look at it that way, but...wouldn't that mean that I am authorizing my sister to use my AT&T service by giving her my 'pacbell.net' email address?P2P is not "reselling" the service, nor is it "sharing" the connection. Talk about Google getting a free ride on Ed Whitacre's "pipes"! I guess Brian Robers thinks a lot like Ed Whitacre, in the end.

NormanS NormanS to hobgoblin

MVM to hobgoblin

said by hobgoblin:



Sandvine can do and does everything that the OP has stated. It also can spot users who unknowingly are spamming the world and shut off their mail access, a subject you talk about continuously.

Sandvine can do and does everything that the OP has stated. It also can spot users who unknowingly are spamming the world and shut off their mail access, a subject you talk about continuously. It would cost Comcast less to just block outbound port 25 than to spend a wad of money on monitoring hardware which, by my MTA logs, doesn't seem to be working, anyway; assuming that they are employing Sandvine boxes to monitor SMTP traffic.



paco

@comcast.net paco Anon



"The users on those forums are not informed."



Wow !!!!! What a blanket statement !!!



I'd say that it is you who are uninformed about the users at the Comcast forums funchords stated:"The users on those forums are not informed."Wow !!!!! What a blanket statement !!!I'd say that it is you who are uninformed about the users at the Comcast forums



Combat Chuck

Too Many Cannibals

Premium Member

join:2001-11-29

Verona, PA Combat Chuck to NormanS

Premium Member to NormanS

said by NormanS:



It would cost Comcast less to just block outbound port 25 than to spend a wad of money on monitoring hardware which, by my MTA logs, doesn't seem to be working, anyway; assuming that they are employing Sandvine boxes to monitor SMTP traffic.

It would cost Comcast less to just block outbound port 25 than to spend a wad of money on monitoring hardware which, by my MTA logs, doesn't seem to be working, anyway; assuming that they are employing Sandvine boxes to monitor SMTP traffic.



I will say this however, the behavior of bittorrent on my end has changed within the last month. It seems to take longer to get started and as I look at the list of peers right now it shows all peers I'm connected were inbound connections. That doesn't prove anything (it could just be that I've had the torrent running long enough that new peers find me before I find them) but I have noticed a bit of a difference. If you look at what sandvine product can do it's more than just detect outbound spam. It appears to be more of a general purpose firewall that can do deep packet inspection and take action on what it finds, be that P2P use or outbound spam or a worm.I will say this however, the behavior of bittorrent on my end has changed within the last month. It seems to take longer to get started and as I look at the list of peers right now it shows all peers I'm connected were inbound connections. That doesn't prove anything (it could just be that I've had the torrent running long enough that new peers find me before I find them) but I have noticed a bit of a difference.



NormanS

I gave her time to steal my mind away

MVM

join:2001-02-14

San Jose, CA TP-Link TD-8616

Asus RT-AC66U B1

Netgear FR114P

NormanS MVM said by Combat Chuck:



If you look at what sandvine product can do it's more than just detect outbound spam. It appears to be more of a general purpose firewall that can do deep packet inspection and take action on what it finds, be that P2P use or outbound spam or a worm.

If you look at what sandvine product can do it's more than just detect outbound spam. It appears to be more of a general purpose firewall that can do deep packet inspection and take action on what it finds, be that P2P use or outbound spam or a worm. Just giving the goblin some feedback on his comments. What Comcast does; well, it is their network, none of us get to say how they run it.



hobgoblin

Sortof Agoblin

Premium Member

join:2001-11-25

Orchard Park, NY hobgoblin to NormanS

Premium Member to NormanS

said by NormanS:



It would cost Comcast less to just block outbound port 25 than to spend a wad of money on monitoring hardware which, by my MTA logs, doesn't seem to be working, anyway; assuming that they are employing Sandvine boxes to monitor SMTP traffic.

It would cost Comcast less to just block outbound port 25 than to spend a wad of money on monitoring hardware which, by my MTA logs, doesn't seem to be working, anyway; assuming that they are employing Sandvine boxes to monitor SMTP traffic.



Hob How much does a Sandvine Box cost?Hob



funchords

Hello

MVM

join:2001-03-11

Yarmouth Port, MA funchords to paco

MVM to paco

said by paco :



funchords stated:



"The users on those forums are not informed."



Wow !!!!! What a blanket statement !!!



I'd say that it is you who are uninformed about the users at the Comcast forums

funchords stated:"The users on those forums are not informed."Wow !!!!! What a blanket statement !!!I'd say that it is you who are uninformed about the users at the Comcast forums



"The users on those forums are not anywhere as nearly informed as they are here at BBR."



I've been here at BBR for a long time, and I've been a Comcast customer for a long time, too -- and yes, I've been to the forums.



Blanket statement -- okay, but I've seen both blankets. So what's wrong with that? Sorry."The users on those forums are not anywhere as nearly informed as they are here at BBR."I've been here at BBR for a long time, and I've been a Comcast customer for a long time, too -- and yes, I've been to the forums.Blanket statement -- okay, but I've seen both blankets. So what's wrong with that?



NormanS

I gave her time to steal my mind away

MVM

join:2001-02-14

San Jose, CA 2 edits NormanS to hobgoblin

MVM to hobgoblin

System glitch double post. How rare.

NormanS NormanS to hobgoblin

MVM to hobgoblin

said by hobgoblin:



How much does a Sandvine Box cost?

How much does a Sandvine Box cost? How much does it cost to add port 25 to an ACL?

NormanS 1 recommendation NormanS to Morty7

MVM to Morty7

said by Morty7:



Sandvine said it has signed a contract with a Tier 1 U.S. service provider to supply its 10 Gbps Policy Traffic Switch platform.



Comcast is not a Tier 1 provider. In fact, the there are only two Tier 1's on that possible list, Vz and ATT. My hunch is with ATT.

Sandvine said it has signed a contract with a Tier 1 U.S. service provider to supply its 10 Gbps Policy Traffic Switch platform.Comcast is not a Tier 1 provider. In fact, the there are only two Tier 1's on that possible list, Vz and ATT. My hunch is with ATT.

05/13/07 23:19:05 Slow traceroute 74.208.13.161

Trace 74.208.13.161 ...

192.168.102.1 RTT: 1ms TTL:170 (chihiro.aosake.net ok)

192.168.0.1 RTT: 2ms TTL:170 (suzuka.aosake.net ok)

69.105.119.254 RTT: 10ms TTL:170 (adsl-69-105-119-254.dsl.pltn13.pacbell.net ok)

64.164.97.67 RTT: 11ms TTL:170 (dist2-vlan50.pltn13.pbi.net ok)

151.164.93.239 RTT: 15ms TTL:170 (No rDNS)

151.164.94.47 RTT: 13ms TTL:170 (ex2-p12-0.eqsjca.sbcglobal.net ok)

151.164.248.250 RTT: 11ms TTL:170 (as174.eqsjca.sbcglobal.net ok)

154.54.6.85 RTT: 12ms TTL:170 (t3-1.mpd01.sjc03.atlas.cogentco.com probable bogus rDNS: No DNS)

154.54.6.81 RTT: 12ms TTL:170 (v3490.mpd01.sjc01.atlas.cogentco.com probable bogus rDNS: No DNS)

154.54.2.53 RTT: 59ms TTL:170 (t7-1.mpd02.sfo01.atlas.cogentco.com probable bogus rDNS: No DNS)

154.54.6.41 RTT: 61ms TTL:170 (t2-2.mpd01.mci01.atlas.cogentco.com probable bogus rDNS: No DNS)

154.54.2.217 RTT: 61ms TTL:170 (g11-0-0.core01.mci01.atlas.cogentco.com probable bogus rDNS: No DNS)

66.28.6.238 RTT: 60ms TTL:170 (g0-2.na21.b005948-0.mci01.atlas.cogentco.com probable bogus rDNS: No DNS)

38.112.2.194 RTT: 70ms TTL:170 (schlund-partner.demarc.cogentco.com probable bogus rDNS: No DNS)

74.208.1.65 RTT: 60ms TTL:170 (te-1-1.bb-a.slr.lxa.us.oneandone.net ok)

74.208.1.102 RTT: 60ms TTL:170 (te-1-2.gw-distp-b.slr.lxa.oneandone.net ok)

74.208.1.168 RTT: 62ms TTL:170 (ae-1.gw-prtr-r5-b.slr.lxa.oneandone.net ok)

74.208.13.161 RTT: 78ms TTL: 51 (server.elitebusinesschoice.com ok)

05/13/07 23:17:54 Slow traceroute 68.34.175.134

Trace 68.34.175.134 ...

192.168.102.1 RTT: 1ms TTL:170 (chihiro.aosake.net ok)

192.168.0.1 RTT: 3ms TTL:170 (suzuka.aosake.net ok)

69.105.119.254 RTT: 11ms TTL:170 (adsl-69-105-119-254.dsl.pltn13.pacbell.net ok)

64.164.97.66 RTT: 11ms TTL:170 (dist1-vlan50.pltn13.pbi.net ok)

151.164.93.231 RTT: 11ms TTL:170 (bb1-g15-0.pltnca.sbcglobal.net ok)

151.164.191.201 RTT: 12ms TTL:170 (ex1-p9-0.eqsjca.sbcglobal.net ok)

12.122.79.101 RTT: 15ms TTL:170 (gar7.sffca.ip.att.net fraudulent rDNS)

12.122.85.142 RTT: 88ms TTL:170 (tbr2033101.sffca.ip.att.net probable bogus rDNS: No DNS)

12.122.10.41 RTT: 88ms TTL:170 (tbr1.sl9mo.ip.att.net fraudulent rDNS)

12.122.10.29 RTT: 87ms TTL:170 (tbr1.wswdc.ip.att.net fraudulent rDNS)

12.122.2.86 RTT: 84ms TTL:170 (tbr2.phlpa.ip.att.net fraudulent rDNS)

12.123.137.213 RTT: 81ms TTL:170 (gar3.phlpa.ip.att.net fraudulent rDNS)

12.118.114.14 RTT: 105ms TTL:170 (No rDNS)

68.86.211.9 RTT: 124ms TTL:170 (te-7-1-ar01.audubon.nj.panjde.comcast.net ok)

68.86.208.26 RTT: 115ms TTL:170 (po-10-ar01.wallingford.pa.panjde.comcast.net ok)

68.86.211.146 RTT: 120ms TTL:170 (po-92-ur01.claymont.de.panjde.comcast.net ok)

68.86.209.98 RTT: 86ms TTL:170 (po-10-ur01.norristown.pa.panjde.comcast.net ok)

68.86.209.102 RTT: 87ms TTL:170 (po-10-ur02.norristown.pa.panjde.comcast.net ok)

68.86.209.169 RTT: 122ms TTL:170 (po-90-ur01.plymouthmtng.pa.panjde.comcast.net ok)

* * * failed

68.34.175.134 RTT: 98ms TTL:109 (c-68-34-175-134.hsd1.pa.comcast.net ok) his customers sending HTTP GET requests down "his pipes" to Google.



This bids fair to become a "Net Neutrality" issue. I can see big money in Hollywood, and political pressure applied to use Sandvine (and Ellacoya) to eliminate the freewheeling nature of the Internet. That would be worrisome. Not that it, necessarily would involve me directly; the tier 1 AT&T backbone is part of AT&T Worldnet services, and my routing generally doesn't touch that backbone:...unless I am pushing/pulling packets where Comcast is at the far end:But, back before SBC bought them, AT&T set up NSA listening rooms. And, when the company now called, "AT&T", was known as "SBC", CEO Ed Whitacre started making noise about Google getting a "free ride" on "his pipes"; as if it wasn'tcustomers sending HTTP GET requests down "his pipes" to Google.This bids fair to become a "Net Neutrality" issue. I can see big money in Hollywood, and political pressure applied to use Sandvine (and Ellacoya) to eliminate the freewheeling nature of the Internet.

tdumaine

Premium Member

join:2004-03-14

Seattle, WA tdumaine Premium Member Wheres the line when it becomes illegal? If i alter packets going to someones computer, im doing so unauthorized and am in trouble, am i not?



NormanS

I gave her time to steal my mind away

MVM

join:2001-02-14

San Jose, CA TP-Link TD-8616

Asus RT-AC66U B1

Netgear FR114P

NormanS MVM said by tdumaine:



Wheres the line when it becomes illegal?

Wheres the line when it becomes illegal? If i alter packets going to someones computer, im doing so unauthorized and am in trouble, am i not?

Probably in violation of one, or another RFC, but not of any law that I am aware of. I am pretty sure that AFAIK, there is no such line under the law, just an ages old Internet tradition codified in the RFCs. To the extent that the RFCs amount to anything akin to a code.Probably in violation of one, or another RFC, but not of any law that I am aware of. I am pretty sure that this service would not be offered if it was illegal to alter packets in transit.

comtec5

join:2006-02-06

Glen Burnie, MD comtec5 to funchords

Member to funchords

we do indeed use sanvines on each cmts