ISP Network Monitor

From VuzeWiki
Jump to: navigation, search


For some time, we have been aware that some network operators have taken steps that are designed to interfere with the free flow in Internet traffic through their networks. Traffic associated with Bittorrent protocol-based applications, like Vuze (Azureus), has been particularly targeted. - DSL Reports - AP Discovers traffic shaping

Some Internet users have reported that they believe these efforts have impacted their access or services. Network operators have generally not informed their customers what they are doing. ISP denials

We at Vuze (Azureus) created this plug-in in order to gather information relating to network interference, in particular, to shed light on which ISPs are forging RST packets. Every ten minutes, the plug-in detects from your computer the number of reset tcp connections, and then displays the results to you. By selecting the "share results" check-box you can share these results with our central server, which enables us to then compare your results with customers of other ISPs. Sharing this data with us does not involve any of your personally identifiable information. We may aggregate the data collect and talk about it or disclose it publicly, but not data about any specific user will be disclosed.

Thank you for your cooperation in this research. We hope that providing more complete factual data into the debate over appropriate "network management" will lead to better solutions.

Visit the The Vuze Internet Future page if you would like to know more and get involved.

UPDATE: Initial Results[edit]

The initial results are here!! On April 21, 2008 we released the initial results from this plug-in, with more then 1 million hours of data collected from greater than 8,000 users across the world. As promised, we now share those results here. PDF Report

We are also sharing all of the raw data associated with this report which you can get from these links, this is a 40 MB compressed zip file. It has instructions to import the data into a MySQL database, and a script to determine which Autonomous System Number (ASN) you are using. Download torrent file here. A web link is here to 40 MByte zip file.


  • Some ISPs have started forging RST packets as a way to limit clients seeding. Often these ISPs are not telling their customers what they are doing.
  • Collects data from the Azureus client and uploads it to gather information about which ISPs are forging RST packets and where.
  • As of release 0.3 here is a list of data collected.
    • Number of connections closed via RST packets in 10 minute intervals
    • Number of new active connections open in 10 minute intervals
    • Number of new passive connections open in 10 minute intervals
    • Number of failed connections in 10 minute intervals
    • Number of currently open connections in 10 minute intervals


  • Alan Snyder (ranul at users dot sourceforge dot net)
  • Mac-support added by: Dalmazio Brisinda (dbrisinda at gmail dot com)


Installation Wizard Instructions[edit]


Latest Stable v0.3 plug-in is currently in beta mode.
Latest Beta v0.3

Share Results[edit]

In addition to the displaying the data, you can voluntarily share this data with us. It will be collected and aggregated to create a map of which ISP might be forging RST packet.

To share this data make sure the Share ISP Monitor Results is selected.

None of the data sent identifies a user. We are interested in comparing groups of users with different ISP with each other. Here is the data sent to the version server. It is aggregated once per hour and sent either once per day or on start-up.

  • Active TCP connections opened
  • Passive TCP connections opened
  • TCP connection failures
  • TCP connections Reset (RST packets)
  • Currently open TCP connections.

This data is stored per (ASN) which identifies the ISP you are using.

How to interpret results[edit]

The plug-in is currently in phase one, of collecting data from as many clients as possible to gather data on which ISPs are throttling internet traffic by forging RST packets. To do this we ask as many people as possible to download the plug-in. The second phase will be to open share this data users, so they can compare the results of their ISP with other ISPs. The third phase will be to improve the plug-in, to make is more precise and when possible to detect other types of throttling.

Below is a list of columns and how to interpret the data. Keep in mind at this point we are gathering data, which is more valuable when compared with other results. I high result for one individual might not be an indication of something, but a consistently high result or many within an ISP could be.

  • Time - time data was taken.
  •  %RST - Percentage of RST connections in the time interval
  • #RST - Total #RST TCP connections in the time interval
  •  %inbound conn - Percent inbound connections. (peers contacting your client)
  • current open - Current open TCP connections.
  • # Active Open - Outbound connections
  • # Passive Open - Inbound connections
  • # Failed - Connection attempts that failed.

The plug-in summarizes the data once an hour and then send that data - without any personally identifiable information - to a central place to be compare all the ISPs.

Version Notes[edit]

  • 0.36  : (in progress) Display ASN data, more advanced data collection, Mac support.
  • 0.3  : Make plug-in unload-able.
  • 0.2.2 : Upload hours results to version server.
  • 0.2  : Initial version only works on windows machines.

 User Comments  (please add your comments, tips, tricks, suggestions, reviews, and etc. here)
  • Question: OK I see what it does, but why would I want to use it? Answer: If you think your ISP might be forging RST packets to disconnect bittorrent clients. This plug-in can help diagnose it. It will help efforts to identify which ISPs are doing this without informing their customers.
  • Question: Can you predict a timeline when the plugin will work with non-windows machines? (I have Linux.)Answer: Mac will work with the basic version when 0.36 is released. Linux might work with current version. Someone with Linux is welcome to send an e-mail to the author for testing information.
  • Question: Can the plugin identify users who are taking avoidance measures to avoid traffic shaping? For example, I am a Comcast customer applying Level 5. I am also Torifying my tracker announces as an extra precaution (since I am limiting the tracker announce size and frequency, this should not affect the Tor network's bandwidth overmuch). Shouldn't the results be able to take avoidance into account?

Back to Plugin List