Torrents Resulting in WAN Packet Loss
-
Wanted to post this here to get some thoughts or experiences from others. Or, if I'm way off and it is pfSense, I'd be curious to hear about that.
I recently swapped back to my Netgate 6100 due to issues I was having with my Unifi Dream Machine Pro Max (and just general meh-ness of it).
One of the issues I was hoping I would resolve with this was horrible packet loss that happened every time I would start up my seed box (hosting legit Linux ISOs). I presumed the issue was the number of connections overwhelming the Unifi gear, but turns out that wasn't it.
My torrents are all public, not behind a VPN, since again they're literally Linux ISOs, and anytime I turn them on within a few minutes I start to get bad packet loss (sometimes as high as 30%), I'm starting to think my ISP is doing this intentionally, since I'm nowhere near the limits of what the 6100 is capable of, and my WAN speed is 8/8 gigabit (not that the 6100 can hit quite that but 3/3 is common) and the torrents will be consuming sub 100Mbps traffic.
Anyone heard of an ISP not just throttling torrent traffic, but nuking an entire network due to torrents being detected?
Either way, going to spin a VPN to try this out, but it's odd behavior to say the least. Only other thought is maybe the ISP can't handle this number of connections, but that would also be odd in my experience.
Notably, this didn't create an issue until about a week ago, for a while it was fine, but my peer count has gone way way up during the last 2 weeks.
-
@planedrop said in Torrents Resulting in WAN Packet Loss:
Anyone heard of an ISP not just throttling torrent traffic, but nuking an entire network due to torrents being detected?
Officially ? Never
Have ISP being suspected of filtering and limiting ? All the time.
Of course they do.
Because we all would do the same thing when we detect that the little brother was gobbing the entire home network as he was coping the entire pirate bay content on his laptop.
So, most of us just pulled his plug, or put him behind a limiter.The ISP is/does the same thing, just one set higher.
I'm not saying it's ok or even justified, but maybe torrent traffic makes them nervous.No "help me" PM's please. Use the forum, the community will thank you.
Edit : and where are the logs ?? -
Check the pps rate. That can be very high on torrents and might be hitting a limit.
But where are you seeing the packet loss? Just on the gateway monitoring? Are you monitoring something external?
-
@stephenw10 I'll do some checking on this, though I somewhat doubt that is the issue considering how little traffic I was actually seeing.
As for the packet loss, not just gateway monitoring, but also traffic dropping when trying to load websites and pings from clients being dropped entirely as well.
Pings to external services, to be clear.
Also becomes really obvious with things like voice chat services, lots of disconnected/cutouts/roboting.
I'm heavily leaning towards it being the ISP but it's odd that they aren't just throttling and instead I'm just seeing overall packet loss. I can run a speed test during it and still get pretty good bandwidth.
-
@Gertjan said in Torrents Resulting in WAN Packet Loss:
@planedrop said in Torrents Resulting in WAN Packet Loss:
Anyone heard of an ISP not just throttling torrent traffic, but nuking an entire network due to torrents being detected?
Officially ? Never
Have ISP being suspected of filtering and limiting ? All the time.
Of course they do.
Because we all would do the same thing when we detect that the little brother was gobbing the entire home network as he was coping the entire pirate bay content on his laptop.
So, most of us just pulled his plug, or put him behind a limiter.The ISP is/does the same thing, just one set higher.
I'm not saying it's ok or even justified, but maybe torrent traffic makes them nervous.Pulled the monitoring data for PPS, figured it would be easiest to just show it, the first is my PPS graph and the second is my packet loss and latency graphs for the same time period, so they do line up (not that that's surprising).
Maybe this many pps was overwhelming the ISP?
-
Is the ISP router in the path? Even in bridge mode they track states. Running out of states can cause odd things to happen. ATT routers has state table that is only 8192. Similar to you I have a seed box for Linux ISOs and it can easily cause me to exceed 11k states. You might try limiting the global max peers to a much smaller number and see if that resolves the problem. When the ATT router was in my path I had the global peers set to 75.
A VPN will make this problem go away, but add latency to the seed box.
-
@AndyRH I do have their router inbetween, though it's in theory in passthrough mode, but I haven't dived into what all that actually means and whether or not it's performing any actual routing functions.
I know some people have gotten this fiber link to work with direct to the firewall connectivity, so I may give that a shot just to eliminate it from the picture.
This is a great question though so thanks for bringing it up. I may end up going with a VPN just to eliminate the headache of this, they're not that expensive anyway.
-
@planedrop A search for "8311project" will lead you to the solution I used to rid myself of ATT HW.
-
@AndyRH Yeah I've heard of this, thanks for the reminder. I might go down this path just to see if it fixes the issue, if not I'll do a VPN, but this would be free so might as well give it a shot.
I don't really foresee the 6100 being the limit here though, sure it's a lot of pps and connections, but shouldn't be enough to slow it down I wouldn't think.
-
@planedrop said in Torrents Resulting in WAN Packet Loss:
I don't really foresee the 6100 being the limit here
I have a 7100, same CPU, and it is not troubled by my ~20 ISOs seeding. Last I looked I was running about 11k open states. My torrent client has a global max of 500.
-
@AndyRH OK yeah figured that was the case, in theory it should have more than enough oomph to handle something like this.
I'll look into bypassing the ONT and see if that makes a difference, otherwise I'll go with a VPN.
For reference, I was seeding 200 ISOs, in less than 1 month I'm already over 10TiB of uploads with it lol, so was definitely doing a lot of it but it still should be within the realm of possibility.
Considering it worked fine for a while, I am wondering if my ISP is just being awful and I'm on a "blacklist" so to speak.
-
Latency at >1s is pretty bad!
What sort of WAN connection do you have? Failing modem perhaps?
-
@stephenw10 Correct, but that was only during the torrents, otherwise latency is like 5ms.
Something about the torrenting in specific is making my ISP crap the bed basically, and I'm trying to get to the bottom of whether it's my ONT, just my provider in general, or something intentional from the provider.
(and initially posted here to make sure it wasn't pfSense possibly causing the issue, though I didn't think so)
