The REAL Fix For Comcast BitTorrent Throttling

First, a little explanation may be needed as to what is happening in between our computers, Comcast and the Internet.
Comcast is using a packet filtering platform called Sandvine. This platform is a at its core, a Quality of Service system that has legitimate uses, such as giving high priority to Xbox Live communications and VOIP packets. 

Unfortunately, Comcast has decided to use Sandvine (some say illegally) to impersonate us and send a reset packet (known as an RST flag), which is exactly like the Chinese goverment filters the internet!  (PDF)

TorrentFreak hinted on August 22nd, is that someone was working on a fix for Comcast users.

“…we know that at least two BitTorrent client developers are including this fix in their next update.” –TorrentFreak 

It’s two weeks later, where is the fix!?  And just exactly how do you find out if you’re being throttled by Comcast?  And how can we figure out how to avoid this traffic shaping?The Fix(es):

There are three ways to fix this:

  1.   Paying for and setting up SSH or some other nefarious means (lol).
    • SSH access is not free, and if it is, it’s slow, and if you steal WiFi you might as well just switch ISPs.
  2. Use iptables or ipfw, this has been posted many times around the web, but here it is just for posterity:
    iptables -A INPUT -p tcp –dport $YOURTORRENTPORT –tcp-flags RST RST -j DROP
    ipfw add deny tcp from any to any YOURTORRENTPORT in tcpflags rst

    • Unfortunately, this only works if you have a *nix-based computer, or have a Linux Firewall around somewhere. I suggest Smoothwall if you’re looking to go that route. 
  3. Use the latest version of Azureus’ nightly CVS snapshot which includes the fixed mentioned by TorrentFreak.

Obviously we are going to be using the third option.  The latest version of Azureus can be downloaded as a nightly CVS snapshot.

    NOTE: Several readers have pointed out that this does not fix the issue for them. Your Mileage May Vary!

Jog dial back a little bit, picture me surfing the Azureus wiki and finding the following article entitled “Avoid Traffic Shaping.”  The juicy bits are as follows:

Level 5 (encryption) is specifically intended for people who have problems with a specific traffic shaping method used by Sandvine traffic shaping hardware, see Bad ISPs if this applies to you.  […]  Note: This is level is available from Azureus onwards.  […]  The premise of this method is to minimize the amount of unencrypted information leaked.

Bingo! This is what TorrentFreak was talking about!

Here are the steps to fix it:

  1. Download and install the regular version of Azureus which has been rebranded as Vuse
  2. Click here to visit their CVS download page.
  3. Grab the .jar file from that page
  4. Rename it to Azureus2.jar and copy it into the Azureus folder, overwriting the old one.
  5. If you need very detailed instructions, here you go.
  6. Once you’ve got the new CVS version installed, enable these settings:
    1. Tools -> Options -> Connection -> Transport Encryption
      Enable require encryption
      Select RC4
      Disable both fallback checkboxes
    2. Tools -> Options -> Tracker -> Client
      Enable Do not announce the listening port to the tracker
      Set the peer limit to a low figure, start with 1 or 2
      Set the Minimum time between tracker announces to 900 for example
    3. Adjust DHT settings (2 mutually exclusive alternatives):
      Disable the DHT:
      Go to Tools -> Options -> Plugins -> Distributed DB
      Uncheck Enable the distributed database
    4. Try to get more peers via DHT:
      Go to Tools -> Options -> Plugins -> Distributed Tracker
      Uncheck Only track normal torrents
  7. Now try to seed a torrent you haven’t seeded within the last few hours or so before applying these settings.
  8. You should see a huge increase in seeding speed.

I’m still waiting to see conclusive results at this time. This works!  I have personally seen better total upload rates in 5 minutes than in 5 hours. I’m no longer capped at 0.1 kbps upload during a seed… I’m seeing more like what I should be – 70+ kbps.

By using these settings we only allow ourselves to connect to other clients that have enabled communication to encrypted clients. Also, when Comcast gets word that people are using this way to avoid leaking more information than needed, they can simply reconfigure Sandvine to be even more restrictive towards Internet-bound traffic and break it all over again.

How to Determine If You Are Blocked By Comcast:

The first indication that you are being throttled back is that when you finish downloading a torrent, your upload speed will absolutely STINK. I see around 0.1 kbps up. That’s a really good indicator, as my speedtest shows I can download at near 25mbit/sec and upload at around 1.5mbit/sec.

What if you REALLY want to know for SURE? I know I did. Thanks to funchords on the DSLReports forum, we have an easy way. I’ve modified it a little bit, but original credit goes to him.

In Windows, the following command will save a file onto your desktop. Click Start, then Run, and copy and paste this bit into the box and press OK.

netstat -s | find “Reset Connections” >> “%userprofile%\Desktop\reset_connections.txt”

For Linux, use this command:

netstat -s | grep -i “resets received” > ~/reset_connections.txt

Open up the reset_connections.txt file that showed up on your desktop (or Linux home directory) and record the number on a piece of paper.

This is your baseline number, it starts from here and can only go upwards. Now, start seeding ONE torrent for an hour. Many people have reported they they receive upwards of 1 RST flag per second when monitoring using a program called Wireshark (or Etheral). After one hour, record your new number by running the above command again and opening up the reset.txt file again. If the number is more than around 5000 than your first number, you are being throttled about as bad as I am.

Things to keep in mind:

Once you have torrent upload speeds working the way that it should to begin with, Comcast does terminate service for downloading more than ~200gb in a single month. I personally had ~150gb aggregate upload and download totals for several months in a row with no complaint from Comcast.

I believe that when more people are using this method, it can only get better.

  • THANKS SO MUCH!!! This actually worked for me. I am on a Vista computer with Comcast High Speed…and now I can download my shit. Thanks!

  • Mike

    Thanks for shedding some light on this. I just finished and I’m still at 1.5 kbps. I have a history of randomly slow download, even ones on limewire that aren’t tracked, but I’m still unsure about whether I’m being tracked. They found a file I downloaded a year or so ago and sent me a warning. Do I have to check if the source is encrypted? I’m just afraid of getting terminated. Also, is there any definitive way to check if they’re picking it up?

  • Kristina

    This worked for me today. It was a little challenge to get all the settings right, because the client’s interface has changed a bit since this was written (on version 4.2 now, now called Vuse). Otherwise, seeding would NOT happen with uTorrent today (was working fine two days ago), and today, seeds and download speeds went through the roof. So, thank you!

  • Tabitha

    I tried to download the .jar file from the given Azureus CVS page today but it kept timing out. Is there a problem with the site or the file?

    Any ideas?


  • kevin durant

    This really works! Comcast was kicking my ass with this garbage. I did everything it said and now I’m downloading at about 400/kbs which is a hell of a lot better than zero!


  • christina

    I don’t know how this is working for you folks! I followed every step to the letter, and am not new to computers/torrents or anything, but since we got Comcast Cable I am getting 0kb/s download speed on everything torrent-related. Absolutely appalling. If they weren’t the only option other than shit DSL in the area you can bet I wouldn’t be using them, but… Can anyone help me get this working?

  • I admire the valuable information and facts you present inside your articles.I enjoying reading your post. You make right points in a concise and pertinent fashion, I will read more of your stuff, many thanks to the author

  • PyncPrattynug

    kredyty bez bik wibor chwilówki bez bik centrum
    pożyczka bez bik nie w banku

  • Basically good writeup. The item the fact is would be a satisfaction consideration them. Glimpse state-of-the-art so that you can a lot more added in acceptable from you finding out! However, what exactly is convey?

  • Pingback: Please Tell… | Eskimo North News()