We all have heard the allegations, but I want to know if anyone can post hard evidence that comcast is really injecting TCP reset's due to p2p suspicion. At one point I thought I was falling victim to their evil RST's, but it turns out the other clients were just disconnecting and reconnecting to me (oddly -- and as far as I could tell). I live in baltimore, and right now am uploading at my advertised and paid for rate, and have been steadily for 10 hours.

So do you think comcast is mangling your traffic? if so post some proof.

I am still not sure about mine, and if I find anything conclusive I will post it here.

Yes they do in fact inject fake RST packets into their bandwidth, which they provide you with when you subscribe to their internet service or bundled services. I use to work for them until recently. Yes they denied the allegations revolving around the use of "Sandvine" software which is used to monitor all bt traffic going through their network. The software was created by the company with the same name "Sandvine". Right now the FCC is investigating Comcast to see if their breaching Net Neutraility agreements and may be imposed with very harsh fines up to $195,000 per Comcast subscriber.

grimms is it happening to you on your home connection? It doesn't seem they are doing it to me in baltimore, but im not 100% sure ... yet ;)

All you could EVER want to know about CC and the forged RSTs...


http://www.dslreports.com/forum/r18323368-Comcast-is-using-Sandvine-to-manage-P2P-Connections

Yes...I'm a CC customer too. :sick:
Lucky for me, the day after the FCC started their investigation...my RST rate went from 80% to almost 0%! Imagine that. I'll spare you a huge rant...:shutup:

@madbeer...paste the following in notepad and save it as a .bat file. Once you finish d/ling a file and become a seed is when you'll get hit by sandvine...run this script to check your RST rate...let it run about 15 mins for a decent average. ;)


@ECHO OFF
REM
REM Title: NetStat Check Reset V3
REM
REM Description: Extract summary data from Netstat and display percentage of current, average and a histogram of connection resets.
REM
REM CURRENT percentages are the difference between the previous (20 seconds ago) and current Netstat results.
REM AVERAGE percentages are the running total of the current percentages.
REM HISTOGRAM is a ranking of the number of current percentages that occurred. This shows the distribution of resets from 1-99 percent.
REM
REM So while the Average percentage may be 35%, the Histogram may show the majority of Current percentages are in the 20% range
REM with some spikes in the 40% or 50% range. This would indicate normal reset activity to be in the 20% range and the focus would be
REM in resolving the spikes.
REM

SETLOCAL
TITLE NetStat Check Reset V3
CLS
ECHO NetStat Check Reset Batch V3 [Ctrl-c quit]

REM Initialize variables
:init

REM Histogram values
SET HST00=0
SET HST10=0
SET HST20=0
SET HST30=0
SET HST40=0
SET HST50=0
SET HST60=0
SET HST70=0
SET HST80=0
SET HST90=0

REM Histogram print strings
SET PST00=___
SET PST10=___
SET PST20=___
SET PST30=___
SET PST40=___
SET PST50=___
SET PST60=___
SET PST70=___
SET PST80=___
SET PST90=___

REM Loop counter for header print
SET /A TESTCYCLE=-1

REM run Netstat summary page, find line and save 2nd field value
FOR /F "usebackq tokens=2 delims==" %%i IN (`netstat -s ^| find "Active Opens"`) DO SET /A PRVACTI=%%i
FOR /F "usebackq tokens=2 delims==" %%i IN (`netstat -s ^| find "Passive Opens"`) DO SET /A PRVPASS=%%i
FOR /F "usebackq tokens=2 delims==" %%i IN (`netstat -s ^| find "Failed Connection Attempts"`) DO SET /A PRVFAIL=%%i
FOR /F "usebackq tokens=2 delims==" %%i IN (`netstat -s ^| find "Reset Connections"`) DO SET /A PRVRESE=%%i

REM Begin loop section
:begin

REM Increment test cycles
SET /A TESTCYCLE=%TESTCYCLE%+1
IF %TESTCYCLE% GEQ 10 SET /A TESTCYCLE=0

REM Ping to nul used as timer
REM Each ping approximately 1 second delay
REM Value of 20 used as minimum wait time for connection activity.
REM
ping -n 20 localhost >nul

REM run Netstat summary page, find line and save 2nd field value
FOR /F "usebackq tokens=2 delims==" %%i IN (`netstat -s ^| find "Active Opens"`) DO SET /A NXTACTI=%%i
FOR /F "usebackq tokens=2 delims==" %%i IN (`netstat -s ^| find "Passive Opens"`) DO SET /A NXTPASS=%%i
FOR /F "usebackq tokens=2 delims==" %%i IN (`netstat -s ^| find "Failed Connection Attempts"`) DO SET /A NXTFAIL=%%i
FOR /F "usebackq tokens=2 delims==" %%i IN (`netstat -s ^| find "Reset Connections"`) DO SET /A NXTRESE=%%i

REM Subtract Previous from Next to get Current
SET /A CURACTI=%NXTACTI%-%PRVACTI%
SET /A CURPASS=%NXTPASS%-%PRVPASS%
SET /A CURFAIL=%NXTFAIL%-%PRVFAIL%
SET /A CURRESE=%NXTRESE%-%PRVRESE%

REM Accumulate the totals for averaging
SET /A CUMACTI=%CUMACTI%+%CURACTI%
SET /A CUMPASS=%CUMPASS%+%CURPASS%
SET /A CUMFAIL=%CUMFAIL%+%CURFAIL%
SET /A CUMRESE=%CUMRESE%+%CURRESE%

REM Add Active and Passive connections then subtract Failed connections
REM Calculate Percentage of Resets
SET /A CURESTA=(%CURACTI%+%CURPASS%)-%CURFAIL%

REM Bypass divide by zero errors
SET /A CURPRCT=0
IF %CURESTA% NEQ 0 SET /A CURPRCT=(%CURRESE%*100)/%CURESTA%

REM Accumulate current results for session average
SET /A CUMESTA=(%CUMACTI%+%CUMPASS%)-%CUMFAIL%

REM Bypass divide by zero errors
SET /A CUMPRCT=0
IF %CUMESTA% NEQ 0 SET /A CUMPRCT=(%CUMRESE%*100)/%CUMESTA%

REM Load histogram with current percentages in the range of 1-99%
IF %CURPRCT% LEQ 0 GOTO display

:break00
IF %CURPRCT% GEQ 10 GOTO break10
SET /A HST00=%HST00%+1
SET PST00=%HST00%
IF %HST00% LSS 10 SET PST00=_%PST00%
IF %HST00% LSS 100 SET PST00=_%PST00%
GOTO display

:break10
IF %CURPRCT% GEQ 20 GOTO break20
SET /A HST10=%HST10%+1
SET PST10=%HST10%
IF %HST10% LSS 10 SET PST10=_%PST10%
IF %HST10% LSS 100 SET PST10=_%PST10%
GOTO display

:break20
IF %CURPRCT% GEQ 30 GOTO break30
SET /A HST20=%HST20%+1
SET PST20=%HST20%
IF %HST20% LSS 10 SET PST20=_%PST20%
IF %HST20% LSS 100 SET PST20=_%PST20%
GOTO display

:break30
IF %CURPRCT% GEQ 40 GOTO break40
SET /A HST30=%HST30%+1
SET PST30=%HST30%
IF %HST30% LSS 10 SET PST30=_%PST30%
IF %HST30% LSS 100 SET PST30=_%PST30%
GOTO display

:break40
IF %CURPRCT% GEQ 50 GOTO break50
SET /A HST40=%HST40%+1
SET PST40=%HST40%
IF %HST40% LSS 10 SET PST40=_%PST40%
IF %HST40% LSS 100 SET PST40=_%PST40%
GOTO display

:break50
IF %CURPRCT% GEQ 60 GOTO break60
SET /A HST50=%HST50%+1
SET PST50=%HST50%
IF %HST50% LSS 10 SET PST50=_%PST50%
IF %HST50% LSS 100 SET PST50=_%PST50%
GOTO display

:break60
IF %CURPRCT% GEQ 70 GOTO break70
SET /A HST60=%HST60%+1
SET PST60=%HST60%
IF %HST60% LSS 10 SET PST60=_%PST60%
IF %HST60% LSS 100 SET PST60=_%PST60%
GOTO display

:break70
IF %CURPRCT% GEQ 80 GOTO break80
SET /A HST70=%HST70%+1
SET PST70=%HST70%
IF %HST70% LSS 10 SET PST70=_%PST70%
IF %HST70% LSS 100 SET PST70=_%PST70%
GOTO display

:break80
IF %CURPRCT% GEQ 90 GOTO break90
SET /A HST80=%HST80%+1
SET PST80=%HST80%
IF %HST80% LSS 10 SET PST80=_%PST80%
IF %HST80% LSS 100 SET PST80=_%PST80%
GOTO display

:break90
IF %CURPRCT% GEQ 100 GOTO break100
SET /A HST90=%HST90%+1
SET PST90=%HST90%
IF %HST90% LSS 10 SET PST90=_%PST90%
IF %HST90% LSS 100 SET PST90=_%PST90%
GOTO display

:break100

REM Final formatting and print
:display

REM Assign values to print strings
SET PCUMESTA=%CUMESTA%
SET PCUMRESE=%CUMRESE%
SET PCUMPRCT=%CUMPRCT%
SET PCURESTA=%CURESTA%
SET PCURRESE=%CURRESE%
SET PCURPRCT=%CURPRCT%

REM Skip leading zero for negative numbers
IF %CUMESTA% LSS 0 GOTO dbreak1
IF %CUMESTA% LSS 10 SET PCUMESTA=0%CUMESTA%
:dbreak1

IF %CUMRESE% LSS 0 GOTO dbreak2
IF %CUMRESE% LSS 10 SET PCUMRESE=0%CUMRESE%
:dbreak2

IF %CURESTA% LSS 0 GOTO dbreak3
IF %CURESTA% LSS 10 SET PCURESTA=0%CURESTA%
:dbreak3

IF %CURRESE% LSS 0 GOTO dbreak4
IF %CURRESE% LSS 10 SET PCURRESE=0%CURRESE%
:dbreak4

REM Print line break and header every 10 cycles
IF %TESTCYCLE% EQU 0 ECHO .
IF %TESTCYCLE% EQU 0 ECHO %TIME% - CURRENT AVERAGE I 00%% I 10%% I 20%% I 30%% I 40%% I 50%% I 60%% I 70%% I 80%% I 90%% I

REM Print Current percentage, Average Percentage and Histogram
ECHO %TIME% - %PCURPRCT%%% (%PCURRESE%/%PCURESTA%) %PCUMPRCT%%% (%PCUMRESE%/%PCUMESTA%) I %PST00% I %PST10% I %PST20% I %PST30% I %PST40% I %PST50% I %PST60% I %PST70% I %PST80% I %PST90% I

REM Save values into Previous
SET /A PRVACTI=%NXTACTI%
SET /A PRVPASS=%NXTPASS%
SET /A PRVFAIL=%NXTFAIL%
SET /A PRVRESE=%NXTRESE%

REM Loop again
GOTO begin

Zaxx, I have read that thread.

I was just hoping to get some testimonials directly from users here as to their experiences recently.

Glad to hear your RST's are down to 0% though!!! Which method are/were you using to test?

See edit above...:)

I use OSX, and could write some python that monitors the resets (thanks for posting that script though), but how do you differentiate between legitimate resets and injected resets? I guess one shouldn't normally see shitloads of resets, right?

well based on this wireshark capture filter posted on dslreports:

(ip.src != your.own.ip.addrss) and (tcp.flags.reset ==1) and (tcp.seq >1) and (tcp.ack >1)and (tcp.dstport == BTlistenPort)

I can happily say that I am not seeing any RST's!

WOOOOOO

Yes it did happen to me and i switched providers. There are work arounds but none of them are 100% safe proof. Comcast still monitors it's users and bt traffic. Even if you have forced encryption enabled in bt clients. Zaxx posted a bat.file that could prove real useful. As far as hard evidence?... the FCC will have to ultimately decide that.

My bandwidth was raped and RST packets altered when i was with Comcast. I'm happy I switched providers. Do miss their on-demand service though. Lucky for me though i don't watch that much tv anymore, if at all.


grimms is it happening to you on your home connection? It doesn't seem they are doing it to me in baltimore, but im not 100% sure ... yet ;)

Once your bandwidth usage reaches a certain threshold (That Comcast pre determines for every subscriber, depending on ISP package), Comcast throttles the bandwidth they provide to you to significantly hinder the bandwidth they give to you to lower cost incurred to them, due to your usage. So they send forged RST to packets through your connection. If it hasn't happened to you yet. evenually it will.

Actually sandvine doesn't care which package you subscribe to..the only question is whether or not your node is connected to sandvine. Business accounts however are not hit. Since sandvine does not kick in until you become a seed, getting your files (and getting a warning for using 480GB in 1 month :shifty:) is no problem...it's seeding back that is nearly impossible if your under the 'full throttle-back' of sandvine. Some report 20% rst rate some 60%-80%..some get high rst rates during peak hours only, some get hammered 24/7. It varies from area to area and can change whenever...:wacko: