Jump to content


Photo

ISP Throttling VPN?

ISP throttling speed

  • Please log in to reply
40 replies to this topic

Poll: Does your ISP Throttle VPN (78 member(s) have cast votes)

Do you experience slowdowns using AirVPN

  1. No, only minor slowdown consistent with encryption overhead (32 votes [39.51%])

    Percentage of vote: 39.51%

  2. Somewhat, but speeds are still good and I am not concerned (12 votes [14.81%])

    Percentage of vote: 14.81%

  3. Yes, but it coould be a problem with my configuration (14 votes [17.28%])

    Percentage of vote: 17.28%

  4. Absolutely, I've tried everything and it must be throttling (23 votes [28.40%])

    Percentage of vote: 28.40%

Vote Guests cannot vote

#21 airvpnclient

airvpnclient

    Advanced Member

  • Members
  • PipPipPip
  • 44 posts

Posted 22 May 2013 - 01:03 PM

I am considering a complaint to the Canadian Radio and Telecommunications Commission and would like to have others sign on.  I am waiting for advice from the The Samuelson-Glushko Canadian Internet Policy and Public Interest Clinic (CIPPIC) (twitter @cippic) at the University of Ottawa.  I would like to crowd-source the data and have multiple signatories to the complaint but need to think on how to generate support.



#22 Briland

Briland

    Member

  • Members
  • PipPip
  • 10 posts

Posted 22 May 2013 - 02:16 PM

Just for the record I get 600 Mb/s from my ISP and AirVPN's American servers seem to max out at about 60 to 70 Mb/s so the server's bandwidth or speeds shouldn't be an issue.



#23 airvpnclient

airvpnclient

    Advanced Member

  • Members
  • PipPipPip
  • 44 posts

Posted 22 May 2013 - 03:25 PM

Just sent my third party ISP the following question:

 

 

If Bell is applying Internet Traffic Management Policies (ITMPs) they are to follow CRTC Guidance (see: http://www.crtc.gc.ca/eng/archive/2009/2009-657.htm)

This includes in the case where they throttle VPN generally for both their own retail customers and for wholesale customers like NCF that they need to give NCF prior notice and in any case inform you of the :

"91. For technical ITMPs applied to wholesale services that do not require prior Commission approval, the Commission considers that a description of the ITMPs in the tariffs of primary ISPs is the best means of providing information to secondary ISPs. Accordingly, primary ISPs are required, as a condition of providing service, to issue updated tariff pages describing such ITMPs. Primary ISPs are to issue revised tariff pages, sending copies to their wholesale customers, a minimum of 60 days prior to implementing the ITMP or implementing changes to the ITMP. "

Can you confirm whether the tarrif for wholesale Fibre services includes notification of VPN speed traffic management?



#24 Baraka

Baraka

    Advanced Member

  • Members
  • PipPipPip
  • 124 posts

Posted 23 May 2013 - 06:00 AM

This is an extremely important issue that has to be dealt with by Air's engineers. If Bell can play games with not only their own VPN traffic, but also that which belongs to other providers, they can eventually kill all anonymous VPN traffic altogether. If push comes to shove at some point, they might just do that. They can just ask, "What do you have to hide?" right before dropping all unidentified VPN traffic.



#25 airvpnclient

airvpnclient

    Advanced Member

  • Members
  • PipPipPip
  • 44 posts

Posted 24 May 2013 - 02:42 PM

One more thing I can try and that is OpenVPN over ssl.  Will report back on success of that approach.



#26 airvpnclient

airvpnclient

    Advanced Member

  • Members
  • PipPipPip
  • 44 posts

Posted 25 May 2013 - 04:39 PM

Currently connected to Sirius over SSL and still getting no better than 2 Mbps.  It seems that the traffic shaping on SSL is a little different, since the upload speeds are better than straight VPN without SSH or SSL.



#27 airvpnclient

airvpnclient

    Advanced Member

  • Members
  • PipPipPip
  • 44 posts

Posted 25 May 2013 - 04:51 PM

Summary of analysis:

 

AirVPN speeds over Bell Canada infrastructure are apparently limited by technical ITMPs to under 2Mbps.  Neither SSH, not SSL successfully evades ITMPs. 

 

The ITMPs for controlling SSL appear to be less unfavourable to uploading than the general VPN throttle.  This finding is independent of hardware on which OpenVPN is running and can be replicated.  The gateway router is a constant, and so could be the source of speed reductions, but this seems unlikely.

 

Bell Canada is not publicizing it's ITMPs and it remains to be seen if they are compliant with CRTC guidance in this regard.  I am assuming that my member-owned 3rd party service provider is not the source of IMTPs, but this is to be confirmed.



#28 GoXRUTD7k8FfZp5jmvNK4uE6

GoXRUTD7k8FfZp5jmvNK4uE6

    Member

  • Members
  • PipPip
  • 27 posts

Posted 27 May 2013 - 01:31 AM

After seeing this topic a bookmark came to mind that may aid you in determining if shaping is taking place.



#29 profits@nym.hush.com

profits@nym.hush.com

    Newbie

  • Members
  • Pip
  • 2 posts

Posted 27 May 2013 - 12:40 PM

After seeing this topic a bookmark came to mind that may aid you in determining if shaping is taking place.

 

Running this application may be a security risk

 

I got the above warning....  Is it safe do proceed?



#30 GoXRUTD7k8FfZp5jmvNK4uE6

GoXRUTD7k8FfZp5jmvNK4uE6

    Member

  • Members
  • PipPip
  • 27 posts

Posted 27 May 2013 - 12:48 PM

After seeing this topic a bookmark came to mind that may aid you in determining if shaping is taking place.

 

Running this application may be a security risk

 

I got the above warning....  Is it safe do proceed?

 

I haven't used the site in a couple years. I assume that's a warning produced by a Java applet? If so, I'd accept it as that site's intent is not malicious I believe, however it's your choice.



#31 thar3tra

thar3tra

    Newbie

  • Members
  • Pip
  • 6 posts

Posted 27 May 2013 - 10:53 PM

I guess the security message is related to certain network-related commands contained in the javascript code. Jittertest (by speedtest.net) produces the same security message.

 

The test itself tests different patterns on different ports, including a test for SSH connections, so it would probably be useless for testing with your VPN active.

Quote from their research paper on how the test operates:

 

Our current implementation of Glasnost detects traf-

fic differentiation that is triggered by transport protocol
headers (e.g., ports) or packet payload. These triggers
are more common than IP headers


#32 felixthakat

felixthakat

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 25 March 2014 - 12:21 AM

I was almost ready to give up but I gave the SSL tunnel option a try (https://airvpn.org/ssl/) over Bell fibe. It seems to work very well. Enjoy!



#33 AirBreathingNetzien

AirBreathingNetzien

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 02 April 2014 - 12:09 AM

Comcast in my area started throttling VPN big time (straight 57MB downstream, 54MB through Air, down to 1-3MB downstream ... they didn't touch the up stream).   Switched to SSL using OpenVPN and STunnel and I now get around 45MB downstream (still less than than the 54MB AirVPN downstream I started with, but acceptable considering the alternative).



#34 zz0i0XLpHPXbPOO4hv4GCumR-8

zz0i0XLpHPXbPOO4hv4GCumR-8

    Newbie

  • Members
  • Pip
  • 2 posts

Posted 06 January 2015 - 03:19 AM

Bell Fibe 50/10 here.  With OpenVPN running on my DD-WRT router I can only get 10/10.  It's throttled for sure.  I get exactly 10mbps download every time I test.  I suppose there's no way to run SSL through the VPN when running on a router?  If not this sucks.



#35 Staff

Staff

    Advanced Member

  • Staff
  • PipPipPip
  • 7792 posts

Posted 06 January 2015 - 11:16 AM

Bell Fibe 50/10 here.  With OpenVPN running on my DD-WRT router I can only get 10/10.  It's throttled for sure.  I get exactly 10mbps download every time I test.  I suppose there's no way to run SSL through the VPN when running on a router?  If not this sucks.

 

Hello,

 

many consumers' routers CPUs can't process more than 10 Mbit/s AES-256 throughput due to their processing power. Our Data Channel cipher is AES-256-CBC. Probably bottleneck is the router CPU. Try to connect directly from your computer to make a comparison.

 

Kind regards



#36 hashswag

hashswag

    Advanced Member

  • Members
  • PipPipPip
  • 65 posts

Posted 06 January 2015 - 07:42 PM

There needs to be a choice:  "Yes, my ISP heavily throttles all VPN Protocols/Options, requiring SSL encryption, slowdown is consistent with double encryption."



#37 mlp

mlp

    Member

  • Members
  • PipPip
  • 15 posts

Posted 10 January 2015 - 01:12 PM

Comcast in my area started throttling VPN big time (straight 57MB downstream, 54MB through Air, down to 1-3MB downstream ... they didn't touch the up stream).   Switched to SSL using OpenVPN and STunnel and I now get around 45MB downstream (still less than than the 54MB AirVPN downstream I started with, but acceptable considering the alternative).

 

Similar on comcast in my area, but not as severe.  30 down to about 15 down.  Recent numbers here - https://airvpn.org/topic/12406-slow-connection-using-vpn/?p=21954 .  Again, another data point for best rates are over SSL.



#38 zz0i0XLpHPXbPOO4hv4GCumR-8

zz0i0XLpHPXbPOO4hv4GCumR-8

    Newbie

  • Members
  • Pip
  • 2 posts

Posted 13 January 2015 - 01:07 AM

Hello,

 

many consumers' routers CPUs can't process more than 10 Mbit/s AES-256 throughput due to their processing power. Our Data Channel cipher is AES-256-CBC. Probably bottleneck is the router CPU. Try to connect directly from your computer to make a comparison.

 

Kind regards

 

Thank you for sharing your expertise.  I installed the AirVPN software and get far higher speeds this way, which is good.  I thought my Netgear WNDR3700 v4 router with DD-WRT would be faster than most, but I guess not.  One day I'll buy a faster router because I prefer that solution over this software solution.  Thanks again.



#39 elumiknotty

elumiknotty

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 26 February 2018 - 09:22 PM

Comcast Xfinity customer here. I get about 270 Mbps down and 45 up when not using a VPN. I'd used PIA successfully for about a year, with about 150 Mbps down and 30 up, until about 2 weeks ago when my VPN connections dropped to 45 down and 2 up, no matter what ports I connected through. I did a ton of troubleshooting, including installing PIA on other devices with different operating systems.  Same exact capped speeds.  I had a suspicion my VPN traffic was being shaped by the ISP. After researching I thought SSL or SSH would work, so I gave AirVPN a try, and it worked great for a day on the 30000-some SSH port, and then suddenly it dropped to the same 2 Mbps upload (and between 10 and 30 down).  I've been trying to connect to tens of different 5-star servers through various SSL and SSH ports, and they are all capping at 2 Mbps up as well.

Anyone have any ideas, or any info as to what this could be if you don't think it really is Comcast?



#40 madrat

madrat

    Advanced Member

  • Members2
  • PipPipPip
  • 112 posts

Posted 27 February 2018 - 03:40 AM

I'm seriously not very knowledgeable about this stuff, however, using a Vancouver server and several different protocol settings, the best I could do was 3 Mbit/s. After switching to a California server, it immediately went up to 10 Mbit/s. Of course I have no idea at all why that is. Latency for both was around 40 ms. The final test I did on Vancouver was "automatic" protocol setting. I left it on that setting for the California server test.







Similar Topics Collapse


Also tagged with one or more of these keywords: ISP, throttling, speed

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Servers online. Online Sessions: 13721 - BW: 49729 Mbit/sYour IP: 34.228.143.13Guest Access.