Jump to content
Not connected, Your IP: 34.231.247.139
wintermute1912

Modem router losing connection during torrent download

Recommended Posts

Someone I might know has found recently while torrenting the download speed suddenly drops dramatically to almost zero and on many occasions the modem router suddenly loses line sync. Prior to disconnection openvpn (running in a terminal window) reports numerous possible replay attacks.

 

Setup is Ubuntu 16.06 LTS running openvpn with ovpn files from config generator (keys separate, hosts resolved). Numerous different servers and ports have been tried. ovpn files modified to run update-resolv-conf on up / down. ipv6 disabled in grub.cfg. ufw used to deny all incoming ports except 67,68/udp 80,443/tcp and the airvpn mapped port over tcp (further restricted to tun0 interface).

 

Are they just being paranoid or is their ISP or some other actor able to detect torrent activity and cause the router to disconnect?

 


VG8gZXJyIGlzIGh1bWFuLCB0byByZWFsbHkgZnVjayB1cCB0YWtlcyBhIGNvbXB1dGVyIQ==

Share this post


Link to post

Hello,

 

  • Torrent traffic can sometimes trigger replay attack messages even though no real attack is happening. So if this is why you're being disconnected try TCP.
  • Some routers don't like UDP so try TCP
  • Your ISP may detect openvpn traffic, try tls-crypt (IP 3 and 4 in Eddie)

Share this post


Link to post

Thank you for the reply. The Eddie client is not being used but rather running openvpn in a terminal window specifying an ovpn file. Is there an option one can add to ovpn file to enable tls-crypt?

 

Also it has been noted that using rtorrent does not seem to result in any problems but a GUI torrent client like qbittorrent does cause the problem.

 

 

Hello,

 

  • Torrent traffic can sometimes trigger replay attack messages even though no real attack is happening. So if this is why you're being disconnected try TCP.
  • Some routers don't like UDP so try TCP
  • Your ISP may detect openvpn traffic, try tls-crypt (IP 3 and 4 in Eddie)

VG8gZXJyIGlzIGh1bWFuLCB0byByZWFsbHkgZnVjayB1cCB0YWtlcyBhIGNvbXB1dGVyIQ==

Share this post


Link to post

Hello!

 

Please make sure that the router firmware is up to date. The condition you report might be caused by a router bug which is triggered by sustained UDP throughput. In spite of the fact that only some torrent software causes the issue (which does not fit in the explanation), it's worth anyway a try.

 

Kind regards

Share this post


Link to post

Thank you for the reply. The Eddie client is not being used but rather running openvpn in a terminal window specifying an ovpn file. Is there an option one can add to ovpn file to enable tls-crypt?

You need to regenerate config files. Select "Advanced Mode", ">=2.4".

You'll see tls-crypt connections in the protocols.

Share this post


Link to post

Thank you to those who replied. config files have been regenerated selecting protocol option with tls-crypt support. Had to upgrade openvpn to version 2.4 from the following instructions:

 

https://community.openvpn.net/openvpn/wiki/OpenvpnSoftwareRepos

 

Noticed many of the servers become greyed out when selecting tls-crypt protocol - imagine they do not support it yet but will do soon?

 

Modem router firmware is up to date but is a very old model (originally used as ADSL but now FTTB VDSL) and can't discount the possibility its hardware is inadequate for the current amount of throughput.

 

Will test and advise outcome.


VG8gZXJyIGlzIGh1bWFuLCB0byByZWFsbHkgZnVjayB1cCB0YWtlcyBhIGNvbXB1dGVyIQ==

Share this post


Link to post

Update: seems to be an issue with the torrect client.

 

Despite taking measures above adding a maglink to qbittorrent (apt package) caused an immediate flood of "AEAD Decrypt error: bad packet ID (may be a replay)" errors.

 

Tried same maglink with Transmission (original package included in Ubuntu 16.04) and did not get any errors.

 

Is the qbittorrent package possibly dodgy?


VG8gZXJyIGlzIGh1bWFuLCB0byByZWFsbHkgZnVjayB1cCB0YWtlcyBhIGNvbXB1dGVyIQ==

Share this post


Link to post

This has been happening to me for months ever since Comcast increased their speed, my AirVPN speed has also been reduced by about 60% since Comcast increased their speed. I get these errors..

 

OpenVPN > AEAD Decrypt error: bad packet ID (may be a replay): [ #113589 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings

 

In the log they seem to occur when Updating systems & servers data, they don't cause a disconnect/reconnect but they cause my speed to go to zero and I lose internet access for 15 seconds to 15 minutes. Eddie currently shows I have been connected for 90 hours and 24 minutes but I lost internet access 3 times yesterday that I know of.

 

I started another thread here a while back and the only guesses were my modem was causing the problem since it started when Comcast increased their speed. I checked the specs on my modem and it's fully capable of handling my speed, although a newer modem with more channels couldn't hurt. Through my modem or modem->router I get about 140Mbps on a 100Mbps plan and on AirVPN I've been getting 30-50Mbps. On my 75Mbps plan before Comcast increased their speed I consistently got 90Mbps on my modem, modem->router and modem->router->VPN.

 

I read somewhere here that someone was able to stop the packet errors by getting a new ASUS router so I just got a new ASUS AC1900 (RT-AC68U) and it made no difference. I just updated Eddie to 2.16.3 a couple days ago and it made no difference.

 

I haven't seen a real answer to this problem here or in other forums I've posted in about this problem.

 

The ONLY thing I can think of trying is upgrading my modem.

 

I've been reluctant to post about this again until I upgrade all my hardware and eliminate everything on my end. If I upgrade my modem and still have the problem then it has to be something Comcast did.

 

When I first started getting packet errors (different ones then the errors this thread is about) and my speed went to hell after Comcast increased their speed I tried uTorrent and I still got errors. I tried switching my reserved ports, switching protocols, continuously lowering my download speed cap in Vuze and nothing helped. The only thing that that seemed to help for a few days was uninstalling and reinstalling Eddie.

 

I'm using Windows 7 and Vuze and for years I had no problem with AirVPN. I used to try multiple servers and run speed tests just to get a few extra Mbps now I don't even try because unless my speed is to slow to load the sites I visit it's so erratic there's no point in hunting down a faster server.

 

At this point I'm out of options but some days AirVPN is almost unusable because my speed is so slow and I lose internet access ever 5-10 minutes.

 

Again I have to stress that before Comcast increased their speed i had ZERO problems, amazing speed and I changed NOTHING on my end so I can only conclude it's something Comcast did or is doing. 


 

Share this post


Link to post

Is this a cable connection a la DOCSIS?


Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

Is this a cable connection a la DOCSIS?

 

Yes. My current modem is a dumb DOCSIS 3.0 modem I rent from Comcast. I need a telephony modem so buying my own isn't really an option right because they are to expensive and I just bought a new router.

Share this post


Link to post

This has been happening to me for months ever since Comcast increased their speed, my AirVPN speed has also been reduced by about 60% since Comcast increased their speed. I get these errors..

 

OpenVPN > AEAD Decrypt error: bad packet ID (may be a replay): [ #113589 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings

 

In the log they seem to occur when Updating systems & servers data, they don't cause a disconnect/reconnect but they cause my speed to go to zero and I lose internet access for 15 seconds to 15 minutes. Eddie currently shows I have been connected for 90 hours and 24 minutes but I lost internet access 3 times yesterday that I know of.

 

I started another thread here a while back and the only guesses were my modem was causing the problem since it started when Comcast increased their speed. I checked the specs on my modem and it's fully capable of handling my speed, although a newer modem with more channels couldn't hurt. Through my modem or modem->router I get about 140Mbps on a 100Mbps plan and on AirVPN I've been getting 30-50Mbps. On my 75Mbps plan before Comcast increased their speed I consistently got 90Mbps on my modem, modem->router and modem->router->VPN.

 

I read somewhere here that someone was able to stop the packet errors by getting a new ASUS router so I just got a new ASUS AC1900 (RT-AC68U) and it made no difference. I just updated Eddie to 2.16.3 a couple days ago and it made no difference.

 

I haven't seen a real answer to this problem here or in other forums I've posted in about this problem.

 

The ONLY thing I can think of trying is upgrading my modem.

 

I've been reluctant to post about this again until I upgrade all my hardware and eliminate everything on my end. If I upgrade my modem and still have the problem then it has to be something Comcast did.

 

When I first started getting packet errors (different ones then the errors this thread is about) and my speed went to hell after Comcast increased their speed I tried uTorrent and I still got errors. I tried switching my reserved ports, switching protocols, continuously lowering my download speed cap in Vuze and nothing helped. The only thing that that seemed to help for a few days was uninstalling and reinstalling Eddie.

 

I'm using Windows 7 and Vuze and for years I had no problem with AirVPN. I used to try multiple servers and run speed tests just to get a few extra Mbps now I don't even try because unless my speed is to slow to load the sites I visit it's so erratic there's no point in hunting down a faster server.

 

At this point I'm out of options but some days AirVPN is almost unusable because my speed is so slow and I lose internet access ever 5-10 minutes.

 

Again I have to stress that before Comcast increased their speed i had ZERO problems, amazing speed and I changed NOTHING on my end so I can only conclude it's something Comcast did or is doing. 

 

 

 

What you're describing sounds like "peer flooding" I think. There are servers out there that once they realise you're in a swarm they effectively try to DDos you. I think this is precipitated by DNS leakage. The only was I have been able to avoid replays is to NOT use Eddie and learn Ubuntu so I can run openvpn in a terminal windows using already resolved airvpn hostnames - see my post here: https://airvpn.org/topic/29877-dns-leak-dangers/.


VG8gZXJyIGlzIGh1bWFuLCB0byByZWFsbHkgZnVjayB1cCB0YWtlcyBhIGNvbXB1dGVyIQ==

Share this post


Link to post

Mr. wintermute1912, your given info is not quite accurate, I fear. I use a EuroDOCSIS internet connection with vanilla OpenVPN via terminal on Linux, static AirDNS, and constantly experience these Bad Packet ID errors. So it's not the solution, and the "DDoS servers" are not the cause.

I mostly figure it's some sort of QoS packet reordering going on and my traffic gets passed on from node to node directly during transmission. Recently I noticed that I can't connect to Share-Online.biz at all from my ISP's line. DNS resolves, but packets get lost somewhere in the router jungle. I figure my ISP is guilty of DPI which could explain the Bad Packet ID errors thrown by OpenVPN to some extent.

 

Before you do your tests make sure you are on a (Euro)DOCSIS line like Unitymedia in Germany or Virgin in UK. Otherwise it's for nothing.

 

I never get DNS leakage but I still get replay warnings.


Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

I just ran a test here https://ipleak.net/ and I have no DNS leaks, I've never seen a DNS leak on any test.

 

The thing that seems suspicious to me is I NEVER had any problem with these errors, the 0Kbps issue or speed issues until Comcast (my ISP) increased their speed. I've been using AirVPN for years with no issues until recently.  The only thing I can think of is my ISP started using DPI or something?

Share this post


Link to post

Mr. wintermute1912, your given info is not quite accurate, I fear. I use a EuroDOCSIS internet connection with vanilla OpenVPN via terminal on Linux, static AirDNS, and constantly experience these Bad Packet ID errors. So it's not the solution, and the "DDoS servers" are not the cause.

I mostly figure it's some sort of QoS packet reordering going on and my traffic gets passed on from node to node directly during transmission. Recently I noticed that I can't connect to Share-Online.biz at all from my ISP's line. DNS resolves, but packets get lost somewhere in the router jungle. I figure my ISP is guilty of DPI which could explain the Bad Packet ID errors thrown by OpenVPN to some extent.

 

Before you do your tests make sure you are on a (Euro)DOCSIS line like Unitymedia in Germany or Virgin in UK. Otherwise it's for nothing.

 

I never get DNS leakage but I still get replay warnings.

You know after I posted that I got both DNS leakage and replays and I must concede I don't even know what (Euro)DOCSIS is. So I guess I am no expert but I do know my linux vpn setup is far safer than running on windows 10


VG8gZXJyIGlzIGh1bWFuLCB0byByZWFsbHkgZnVjayB1cCB0YWtlcyBhIGNvbXB1dGVyIQ==

Share this post


Link to post

DOCSIS is the specification for internet access over TV cable. EuroDOCSIS is.the european alteration because of the NTSC/PAL thing.

 

And it's indeed safer on the Linux side of things. Just don't do anything stupid, like opening attachments in mails from unknown senders or download software from websites...

 

Sent via Tapatalk.


Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

DOCSIS is the specification for internet access over TV cable. EuroDOCSIS is.the european alteration because of the NTSC/PAL thing.

 

And it's indeed safer on the Linux side of things. Just don't do anything stupid, like opening attachments in mails from unknown senders or download software from websites...

 

Sent via Tapatalk.

I'm pretty careful and apart from the one weird anomaly where I got DNS leakage everything is fine since then. I also went back to only using rtorrent. Never had a replay using rtorrent.


VG8gZXJyIGlzIGh1bWFuLCB0byByZWFsbHkgZnVjayB1cCB0YWtlcyBhIGNvbXB1dGVyIQ==

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...