NNSquad - Network Neutrality Squad

NNSquad Home Page

NNSquad Mailing List Information


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Re: U. of Colorado: Comcast now resetting wide range of TCPtraffic

AFAICT, what they've published doesn't make much of a case, yet.  But it's
worth watching and definitely worth encouraging them to keep monitoring.

They inject 100 SYN packets per second to an off-net IP address.  Except for
the first 2-3 seconds of restarting a stopped task on a poorly-configured
P2P client (and many are poorly configured), the colorado.edu experiment
does not mirror traffic common to any typical use, including P2P.

It does however mirror a client participating in a SYN flood DDOS attack,
similar to the Blaster worm DDOS behavior.  If the offnet address was
randomized, it would look like such a worm trying to find another host to

They describe their findings as a "shift" but they don't mention what the
"before" state was.

I have sent members of their team some suggestions and questions.

Robb Topolski

   [ Agreed, the test behavior appears to represent a highly atypical
     usage pattern, and we need more information.  But a question:
     Is general use of ISP-inserted RST packets ever an appropriate
     traffic management mechanism under the established protocol
     regimes?  If so, when is it appropriate, and when is it not?

       -- Lauren Weinstein
          NNSquad Moderator ]

-----Original Message-----
From: nnsquad-bounces+robb=funchords.com@nnsquad.org
[mailto:nnsquad-bounces+robb=funchords.com@nnsquad.org] On Behalf Of Lauren
Sent: Sunday, April 06, 2008 6:15 PM
To: nnsquad@nnsquad.org
Cc: lauren@vortex.com
Subject: [ NNSquad ] U. of Colorado: Comcast now resetting wide range of

 The University of Colorado at Boulder is reporting that Comcast has
shifted from inserting "forged" reset packets solely to disrupt P2P
traffic, to algorithms that can disrupt a wide range of traffic,
apparently irrespective of protocol, including potentially e-mail
and Web browsing.  

If verified, this suggests that instead of developing a sensible
traffic management policy, Comcast may have simply extended their
disruptive reset strategy more generally. 

First-hand reports or other additional info on this are welcome.  

The U. of C. report is at:


NNSquad Moderator