Jump to content


Photo

Modem router losing connection during torrent download

modem router torrent

  • Please log in to reply
17 replies to this topic

#1 wintermute1912

wintermute1912

    Member

  • Members2
  • PipPip
  • 23 posts

Posted 20 July 2018 - 04:05 AM

Someone I might know has found recently while torrenting the download speed suddenly drops dramatically to almost zero and on many occasions the modem router suddenly loses line sync. Prior to disconnection openvpn (running in a terminal window) reports numerous possible replay attacks.

 

Setup is Ubuntu 16.06 LTS running openvpn with ovpn files from config generator (keys separate, hosts resolved). Numerous different servers and ports have been tried. ovpn files modified to run update-resolv-conf on up / down. ipv6 disabled in grub.cfg. ufw used to deny all incoming ports except 67,68/udp 80,443/tcp and the airvpn mapped port over tcp (further restricted to tun0 interface).

 

Are they just being paranoid or is their ISP or some other actor able to detect torrent activity and cause the router to disconnect?

 


VG8gZXJyIGlzIGh1bWFuLCB0byByZWFsbHkgZnVjayB1cCB0YWtlcyBhIGNvbXB1dGVyIQ==

#2 nick75

nick75

    Advanced Member

  • Members
  • PipPipPip
  • 175 posts

Posted 20 July 2018 - 01:27 PM

Hello,

 

  • Torrent traffic can sometimes trigger replay attack messages even though no real attack is happening. So if this is why you're being disconnected try TCP.
  • Some routers don't like UDP so try TCP
  • Your ISP may detect openvpn traffic, try tls-crypt (IP 3 and 4 in Eddie)


#3 wintermute1912

wintermute1912

    Member

  • Members2
  • PipPip
  • 23 posts

Posted 23 July 2018 - 01:57 AM

Thank you for the reply. The Eddie client is not being used but rather running openvpn in a terminal window specifying an ovpn file. Is there an option one can add to ovpn file to enable tls-crypt?

 

Also it has been noted that using rtorrent does not seem to result in any problems but a GUI torrent client like qbittorrent does cause the problem.

 

Hello,

 

  • Torrent traffic can sometimes trigger replay attack messages even though no real attack is happening. So if this is why you're being disconnected try TCP.
  • Some routers don't like UDP so try TCP
  • Your ISP may detect openvpn traffic, try tls-crypt (IP 3 and 4 in Eddie)

VG8gZXJyIGlzIGh1bWFuLCB0byByZWFsbHkgZnVjayB1cCB0YWtlcyBhIGNvbXB1dGVyIQ==

#4 Staff

Staff

    Advanced Member

  • Staff
  • PipPipPip
  • 7792 posts

Posted 23 July 2018 - 09:28 AM

Hello!

 

Please make sure that the router firmware is up to date. The condition you report might be caused by a router bug which is triggered by sustained UDP throughput. In spite of the fact that only some torrent software causes the issue (which does not fit in the explanation), it's worth anyway a try.

 

Kind regards



#5 nick75

nick75

    Advanced Member

  • Members
  • PipPipPip
  • 175 posts

Posted 23 July 2018 - 11:20 AM

Thank you for the reply. The Eddie client is not being used but rather running openvpn in a terminal window specifying an ovpn file. Is there an option one can add to ovpn file to enable tls-crypt?

You need to regenerate config files. Select "Advanced Mode", ">=2.4".

You'll see tls-crypt connections in the protocols.



#6 wintermute1912

wintermute1912

    Member

  • Members2
  • PipPip
  • 23 posts

Posted 26 July 2018 - 03:28 AM

Thank you to those who replied. config files have been regenerated selecting protocol option with tls-crypt support. Had to upgrade openvpn to version 2.4 from the following instructions:

 

https://community.openvpn.net/openvpn/wiki/OpenvpnSoftwareRepos

 

Noticed many of the servers become greyed out when selecting tls-crypt protocol - imagine they do not support it yet but will do soon?

 

Modem router firmware is up to date but is a very old model (originally used as ADSL but now FTTB VDSL) and can't discount the possibility its hardware is inadequate for the current amount of throughput.

 

Will test and advise outcome.


VG8gZXJyIGlzIGh1bWFuLCB0byByZWFsbHkgZnVjayB1cCB0YWtlcyBhIGNvbXB1dGVyIQ==

#7 wintermute1912

wintermute1912

    Member

  • Members2
  • PipPip
  • 23 posts

Posted 26 July 2018 - 04:40 AM

Update: seems to be an issue with the torrect client.

 

Despite taking measures above adding a maglink to qbittorrent (apt package) caused an immediate flood of "AEAD Decrypt error: bad packet ID (may be a replay)" errors.

 

Tried same maglink with Transmission (original package included in Ubuntu 16.04) and did not get any errors.

 

Is the qbittorrent package possibly dodgy?


VG8gZXJyIGlzIGh1bWFuLCB0byByZWFsbHkgZnVjayB1cCB0YWtlcyBhIGNvbXB1dGVyIQ==

#8 MrRandom

MrRandom

    Advanced Member

  • Members2
  • PipPipPip
  • 53 posts

Posted 04 November 2018 - 04:49 AM

This has been happening to me for months ever since Comcast increased their speed, my AirVPN speed has also been reduced by about 60% since Comcast increased their speed. I get these errors..

 

OpenVPN > AEAD Decrypt error: bad packet ID (may be a replay): [ #113589 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings

 

In the log they seem to occur when Updating systems & servers data, they don't cause a disconnect/reconnect but they cause my speed to go to zero and I lose internet access for 15 seconds to 15 minutes. Eddie currently shows I have been connected for 90 hours and 24 minutes but I lost internet access 3 times yesterday that I know of.

 

I started another thread here a while back and the only guesses were my modem was causing the problem since it started when Comcast increased their speed. I checked the specs on my modem and it's fully capable of handling my speed, although a newer modem with more channels couldn't hurt. Through my modem or modem->router I get about 140Mbps on a 100Mbps plan and on AirVPN I've been getting 30-50Mbps. On my 75Mbps plan before Comcast increased their speed I consistently got 90Mbps on my modem, modem->router and modem->router->VPN.

 

I read somewhere here that someone was able to stop the packet errors by getting a new ASUS router so I just got a new ASUS AC1900 (RT-AC68U) and it made no difference. I just updated Eddie to 2.16.3 a couple days ago and it made no difference.

 

I haven't seen a real answer to this problem here or in other forums I've posted in about this problem.

 

The ONLY thing I can think of trying is upgrading my modem.

 

I've been reluctant to post about this again until I upgrade all my hardware and eliminate everything on my end. If I upgrade my modem and still have the problem then it has to be something Comcast did.

 

When I first started getting packet errors (different ones then the errors this thread is about) and my speed went to hell after Comcast increased their speed I tried uTorrent and I still got errors. I tried switching my reserved ports, switching protocols, continuously lowering my download speed cap in Vuze and nothing helped. The only thing that that seemed to help for a few days was uninstalling and reinstalling Eddie.

 

I'm using Windows 7 and Vuze and for years I had no problem with AirVPN. I used to try multiple servers and run speed tests just to get a few extra Mbps now I don't even try because unless my speed is to slow to load the sites I visit it's so erratic there's no point in hunting down a faster server.

 

At this point I'm out of options but some days AirVPN is almost unusable because my speed is so slow and I lose internet access ever 5-10 minutes.

 

Again I have to stress that before Comcast increased their speed i had ZERO problems, amazing speed and I changed NOTHING on my end so I can only conclude it's something Comcast did or is doing. 


 



#9 giganerd

giganerd

    I shall have no title

  • Members2
  • PipPipPip
  • 2687 posts
  • LocationGermany

Posted 04 November 2018 - 08:01 PM

Is this a cable connection a la DOCSIS?


Always remember:
There's a guide to AirVPN,

Amazon IPs are not dangerous here,
running TOR exits is discouraged,

using spoilers for your logs helps us read your thread.

~ Furthermore, I propose that your paranoia is to be destroyed. ~

Instead of writing me a personal mail, consider contacting me via XMPP at gigan3rd@xmpp.airvpn.org or join the lounge@conference.xmpp.airvpn.org. I might read the mail too late whereas I'm always available on XMPP ;)


#10 MrRandom

MrRandom

    Advanced Member

  • Members2
  • PipPipPip
  • 53 posts

Posted 05 November 2018 - 04:31 AM

Is this a cable connection a la DOCSIS?

 

Yes. My current modem is a dumb DOCSIS 3.0 modem I rent from Comcast. I need a telephony modem so buying my own isn't really an option right because they are to expensive and I just bought a new router.



#11 wintermute1912

wintermute1912

    Member

  • Members2
  • PipPip
  • 23 posts

Posted 06 November 2018 - 02:40 PM

This has been happening to me for months ever since Comcast increased their speed, my AirVPN speed has also been reduced by about 60% since Comcast increased their speed. I get these errors..

 

OpenVPN > AEAD Decrypt error: bad packet ID (may be a replay): [ #113589 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings

 

In the log they seem to occur when Updating systems & servers data, they don't cause a disconnect/reconnect but they cause my speed to go to zero and I lose internet access for 15 seconds to 15 minutes. Eddie currently shows I have been connected for 90 hours and 24 minutes but I lost internet access 3 times yesterday that I know of.

 

I started another thread here a while back and the only guesses were my modem was causing the problem since it started when Comcast increased their speed. I checked the specs on my modem and it's fully capable of handling my speed, although a newer modem with more channels couldn't hurt. Through my modem or modem->router I get about 140Mbps on a 100Mbps plan and on AirVPN I've been getting 30-50Mbps. On my 75Mbps plan before Comcast increased their speed I consistently got 90Mbps on my modem, modem->router and modem->router->VPN.

 

I read somewhere here that someone was able to stop the packet errors by getting a new ASUS router so I just got a new ASUS AC1900 (RT-AC68U) and it made no difference. I just updated Eddie to 2.16.3 a couple days ago and it made no difference.

 

I haven't seen a real answer to this problem here or in other forums I've posted in about this problem.

 

The ONLY thing I can think of trying is upgrading my modem.

 

I've been reluctant to post about this again until I upgrade all my hardware and eliminate everything on my end. If I upgrade my modem and still have the problem then it has to be something Comcast did.

 

When I first started getting packet errors (different ones then the errors this thread is about) and my speed went to hell after Comcast increased their speed I tried uTorrent and I still got errors. I tried switching my reserved ports, switching protocols, continuously lowering my download speed cap in Vuze and nothing helped. The only thing that that seemed to help for a few days was uninstalling and reinstalling Eddie.

 

I'm using Windows 7 and Vuze and for years I had no problem with AirVPN. I used to try multiple servers and run speed tests just to get a few extra Mbps now I don't even try because unless my speed is to slow to load the sites I visit it's so erratic there's no point in hunting down a faster server.

 

At this point I'm out of options but some days AirVPN is almost unusable because my speed is so slow and I lose internet access ever 5-10 minutes.

 

Again I have to stress that before Comcast increased their speed i had ZERO problems, amazing speed and I changed NOTHING on my end so I can only conclude it's something Comcast did or is doing. 


 

What you're describing sounds like "peer flooding" I think. There are servers out there that once they realise you're in a swarm they effectively try to DDos you. I think this is precipitated by DNS leakage. The only was I have been able to avoid replays is to NOT use Eddie and learn Ubuntu so I can run openvpn in a terminal windows using already resolved airvpn hostnames - see my post here: https://airvpn.org/topic/29877-dns-leak-dangers/.


VG8gZXJyIGlzIGh1bWFuLCB0byByZWFsbHkgZnVjayB1cCB0YWtlcyBhIGNvbXB1dGVyIQ==

#12 wintermute1912

wintermute1912

    Member

  • Members2
  • PipPip
  • 23 posts

Posted 06 November 2018 - 02:46 PM

I will take some time to write up my complete setup for using AirVPN on Ubuntu 16.05. I never get replays. I never get DNS leakage.

Give me a day or two and I'll post it :good:


VG8gZXJyIGlzIGh1bWFuLCB0byByZWFsbHkgZnVjayB1cCB0YWtlcyBhIGNvbXB1dGVyIQ==

#13 giganerd

giganerd

    I shall have no title

  • Members2
  • PipPipPip
  • 2687 posts
  • LocationGermany

Posted 06 November 2018 - 03:13 PM

Mr. wintermute1912, your given info is not quite accurate, I fear. I use a EuroDOCSIS internet connection with vanilla OpenVPN via terminal on Linux, static AirDNS, and constantly experience these Bad Packet ID errors. So it's not the solution, and the "DDoS servers" are not the cause.

I mostly figure it's some sort of QoS packet reordering going on and my traffic gets passed on from node to node directly during transmission. Recently I noticed that I can't connect to Share-Online.biz at all from my ISP's line. DNS resolves, but packets get lost somewhere in the router jungle. I figure my ISP is guilty of DPI which could explain the Bad Packet ID errors thrown by OpenVPN to some extent.

 

Before you do your tests make sure you are on a (Euro)DOCSIS line like Unitymedia in Germany or Virgin in UK. Otherwise it's for nothing.

 

I never get DNS leakage but I still get replay warnings. ;)


Always remember:
There's a guide to AirVPN,

Amazon IPs are not dangerous here,
running TOR exits is discouraged,

using spoilers for your logs helps us read your thread.

~ Furthermore, I propose that your paranoia is to be destroyed. ~

Instead of writing me a personal mail, consider contacting me via XMPP at gigan3rd@xmpp.airvpn.org or join the lounge@conference.xmpp.airvpn.org. I might read the mail too late whereas I'm always available on XMPP ;)


#14 MrRandom

MrRandom

    Advanced Member

  • Members2
  • PipPipPip
  • 53 posts

Posted 08 November 2018 - 05:25 AM

I just ran a test here https://ipleak.net/ and I have no DNS leaks, I've never seen a DNS leak on any test.

 

The thing that seems suspicious to me is I NEVER had any problem with these errors, the 0Kbps issue or speed issues until Comcast (my ISP) increased their speed. I've been using AirVPN for years with no issues until recently.  The only thing I can think of is my ISP started using DPI or something?



#15 wintermute1912

wintermute1912

    Member

  • Members2
  • PipPip
  • 23 posts

Posted 08 November 2018 - 08:46 AM

Mr. wintermute1912, your given info is not quite accurate, I fear. I use a EuroDOCSIS internet connection with vanilla OpenVPN via terminal on Linux, static AirDNS, and constantly experience these Bad Packet ID errors. So it's not the solution, and the "DDoS servers" are not the cause.

I mostly figure it's some sort of QoS packet reordering going on and my traffic gets passed on from node to node directly during transmission. Recently I noticed that I can't connect to Share-Online.biz at all from my ISP's line. DNS resolves, but packets get lost somewhere in the router jungle. I figure my ISP is guilty of DPI which could explain the Bad Packet ID errors thrown by OpenVPN to some extent.

 

Before you do your tests make sure you are on a (Euro)DOCSIS line like Unitymedia in Germany or Virgin in UK. Otherwise it's for nothing.

 

I never get DNS leakage but I still get replay warnings. ;)

You know after I posted that I got both DNS leakage and replays and I must concede I don't even know what (Euro)DOCSIS is. So I guess I am no expert but I do know my linux vpn setup is far safer than running on windows 10 ;)


VG8gZXJyIGlzIGh1bWFuLCB0byByZWFsbHkgZnVjayB1cCB0YWtlcyBhIGNvbXB1dGVyIQ==

#16 giganerd

giganerd

    I shall have no title

  • Members2
  • PipPipPip
  • 2687 posts
  • LocationGermany

Posted 08 November 2018 - 08:53 AM

DOCSIS is the specification for internet access over TV cable. :) EuroDOCSIS is.the european alteration because of the NTSC/PAL thing.

And it's indeed safer on the Linux side of things. Just don't do anything stupid, like opening attachments in mails from unknown senders or download software from websites...

Sent via Tapatalk.

Always remember:
There's a guide to AirVPN,

Amazon IPs are not dangerous here,
running TOR exits is discouraged,

using spoilers for your logs helps us read your thread.

~ Furthermore, I propose that your paranoia is to be destroyed. ~

Instead of writing me a personal mail, consider contacting me via XMPP at gigan3rd@xmpp.airvpn.org or join the lounge@conference.xmpp.airvpn.org. I might read the mail too late whereas I'm always available on XMPP ;)


#17 wintermute1912

wintermute1912

    Member

  • Members2
  • PipPip
  • 23 posts

Posted 12 November 2018 - 08:50 AM

DOCSIS is the specification for internet access over TV cable. :) EuroDOCSIS is.the european alteration because of the NTSC/PAL thing.

And it's indeed safer on the Linux side of things. Just don't do anything stupid, like opening attachments in mails from unknown senders or download software from websites...

Sent via Tapatalk.

I'm pretty careful and apart from the one weird anomaly where I got DNS leakage everything is fine since then. I also went back to only using rtorrent. Never had a replay using rtorrent. :good:


VG8gZXJyIGlzIGh1bWFuLCB0byByZWFsbHkgZnVjayB1cCB0YWtlcyBhIGNvbXB1dGVyIQ==

#18 wintermute1912

wintermute1912

    Member

  • Members2
  • PipPip
  • 23 posts

Posted 12 November 2018 - 11:05 AM

So I have posted the first part of my Ubuntu setup here: https://airvpn.org/topic/30352-my-ubuntu-16045-lts-setup-part-1/


VG8gZXJyIGlzIGh1bWFuLCB0byByZWFsbHkgZnVjayB1cCB0YWtlcyBhIGNvbXB1dGVyIQ==





Similar Topics Collapse


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Servers online. Online Sessions: 15298 - BW: 57134 Mbit/sYour IP: 3.82.52.91Guest Access.