Networking Questions

hello

today, i was arguing with some guy (no names) over three networking issues. this guy seemed to argue with me over the fundamentals of internet connections and was convinced that he was right. i just want to run these by to make sure that im not this stupid. if im am, then my views on netwoking are seriously scewed.

1) for example, if you have 6MB/s download and 3MB/s upload and you are capping your uploading at 3MB/s, you still have 3MB/s download, right? this guy seemed to think that all your download would be used.

2) this guy claimed that bittorrent hogged up all "network resources". even if you weren't capping your download speed (i.e. using all 6MB/s downloading a torrent), he says bittorrent still uses those "resources" and wouldn't let anyone else on the network have them. i do know that while you are downloading a torrent, bittorrent continuously searched for new seeds, but that doesn't take up all bandwidth.

3) i am in a vpn network at my dorm room running fedora core 4. i went and hand-customized my iptables to only allow smb, ftp, and http within my router. this guy claims that, since i am attached to the dorm firewall and server, the server can port-scan my computer and gain access to my files and search my computer. again, i have my router block all incoming connections and my iptables block all incoming connections except those ports mentioned earlier.

im almost positive that this guy is wrong, but i need outside assurance as to weather this guy needs institutional help.

thank you
andrew

I would say he is wrong.

I am going go out on a limb and say he was a college network admin, so of course he is going to give you a bs story about bittorrent and firewalls. They don't want you to use them :wink:

My knowledge of bittorrent comes from using Azureus so it may not be universally applicable, but here goes:

1. Are you sure you meant capping your upload speed? Limiting your upload speed does limit your download speed but it's not 1:1. You'd probably still chew up all of the download speed. Also, allowing bittorrent to use the entire upload bandwidth means no-one else can make requests, effectivly denying everyone else access, no matter what the download cap is.

2. If you limit the connection speed bittorrent, at least Azureus, seems to respect it. That makes sense though, otherwise what would be the point in setting up caps.

3. I think we need more details about the network layout. I don't understand how the various devices connect to each other and where the VPN comes in.

Vergil83: I understand why a College admin not want people to use bittorrent, but why would they not want users to use a firewall?

Hey Andrew (and anyone else who might read this update)

1.
Im no professional on any of these matters, but from my understanding, theoretically there should not be a direct relationship between the upload and download speeds. I mean, isnt that what we pay for? Saying that, I've noticed with BitLord that there sure is a relationship. This is where I could give you a theoretical BS answer about "Windowing", and how for a cirtain number of download packets you recieve you will also upload a cirtain number of packets. All I could think of here, is that if someone else is uploading from your computer, and hogging your bandwidth by using your uploads, then your downloads may be hindered... as your next group of downloadable packets wont download until the computer your recieving from hears that your computer has safely recieved it's packets. But this is not a 1:1 ratio of UL:DL. (in fact, the idea of windowing is to get the DL ratio as high as possible, PROVIDING that the application is based on TCP/IP. If the app is based on UDP, ignore anything regarding windowing you read here!).

2.
I have found in my personal experience that BitLord hogs the entire bandwidth no matter how you shape it. That doesnt mean that nothing else will work, it just means that if I really want to check my emails, surf the web or download something, I have to stop bitlord in order to do it. thanks to kakariko I think I'll change over to Azureus and see if that application does a better job. HOWEVER a friend of mine who actually runs the network at his boarding house (for around 80 computer users) says that he is able to divide up the bandwidth based on what applications you have connected to the Internet. In my friends case, he said that if a user had a torrent application connected, their entire bandwidth was adjusted accordingly (ie to prevent all bandwidth from being used by those users.) Using similar technology I susspect that our ISP's have become smart with us downloading hogs, and have done a similar thing, restricting our broadband capabilities if we are running a torrent application. Maybe some ISP's have not caught on to this trick yet. Perhaps this is more BS.

3.
You have a VPN? Though you did not specifiy to whom or with whom you are connected to. I'd presume you VPN into the 'dorm firewall' (which has endpoints on it, or maybe the server is set up for VPN.. not sure). While I dont know the exact nature of your VPN, I'd not disqualify what your 'friend' is saying. Port-scan, yes. To gain access to your machine, (notice now Im assuming your are VPN'ing into the server) I bet there would be a way to do that, though none that I know of for Fedora Core (if It were a Windows system, id just say straight out.. YES).

4. (Does this guy need Institutionalising?)
Hmmm, I dont think. It sounds more of a case that both of you are talking slightly different lingo. This happens all too often. So he is error of UL:DL ratios. So what. Life goes on. Does Bittorrent hog the bandwidth, maybe it does on his network. Get over it. Could he gain access to your machine (even though you have Fedora Core 4), ... has anyone ever broken into the CIA's 'unbreakable, Hardware - software firewalled, router protected, Intrusion Detection, Honeypot network'? (The answer is YES!) What makes you think your machine is that much more secure?

I dont read anything here saying he doesnt want you to use a firewall, so I dont know where Vergil picked that up from. In fact, any networking student would tell you how silly you are NOT to have some kind of firewall configured and running to protect your network. I take my hat off to you just for trying something new, Andrew.

Good luck with your investigation, Andrew.

Dartagnen ;)

Quote:

---

Originally Posted by kakariko81280

Are you sure you meant capping your upload speed? Limiting your upload speed does limit your download speed but it's not 1:1. You'd probably still chew up all of the download speed. Also, allowing bittorrent to use the entire upload bandwidth means no-one else can make requests, effectivly denying everyone else access, no matter what the download cap is.

---

True it is possible to use up all his download, but you have to be downloading a lot to be using 3 mbps connection.

Quote:

---

Originally Posted by kakariko81280

Vergil83: I understand why a College admin not want people to use bittorrent, but why would they not want users to use a firewall?

---

I didn't mean a software firewall on your computer yourself, but as in computer running as a firewall. They would assume (I bet) you are going to try and host a website or p2p. Or course this is silly, but I would not be surprised if my school said that. This is their policy about GNU/Linux

Quote:

---

Yes, but please make sure you know what you are doing. Linux has a lot of advanced network features that can cause problems for the entire campus if configured incorrectly. If your Linux box causes network disruptions, we reserve the right to shut it down. You also could be held responsible, both legally and financially, for any damage that results from a misconfigured Linux system.

---

:lol:

Quote:

---

Originally Posted by dartagnen

I dont read anything here saying he doesnt want you to use a firewall, so I dont know where Vergil picked that up from. In fact, any networking student would tell you how silly you are NOT to have some kind of firewall configured and running to protect your network.

---

I did miss-read the first post. However, my comment about a college admin not wanting someone to set up a private network is still true, IMHO. They would think you are doing p2p.

It is amazing just how scared Network Managers are of people like us that have a computer! I mean, their job is so easy, as long as no one has a computer and wants to do anything with it. I mean, this would mean they would have to learn something new, and figure out how to protect themselves from yet another aspect of networking.

Don't stop doing something because someone else tells you that it may interfere with their network. Well, I guess configuring a DHCP to run on the same network and subnet mask could cause some interesting reactions.... Hmmmm. What the heck. We only learn from our mistakes hey?

Good luck.

Dartagnen ;)

1. This Q is kind of confusing, but there should be no direct relationship between your upload bandwidth caps and download bandwidth caps. If the service is synchronous, though, this is another story. Most connections, however, are asynchronous, allowing you separate caps for upload and download traffic.

2. What he is referring to here is the fact that bittorrent inherently has a large number of connections open. You may be only taking up 25% of your download bandwidth, but it still may lag your connection if it has enough open connections to other seeds/peers.

3. ********.

For the bandwith problem, and this from experience and prolly everybody must have experienced this.
With DSL/Cable connections, ISP puts a cap so u dont kill their bandwith. But when capping the upload speed possible... it usually kills your download speed.

I work in a cyber cafe and when ppl complains about Counter-Strike having a very bad ping... i know a few too many ppl are using p2p (Ares, Morpheus, whichever...) software (downloading music usually...).

You could think even if u doing only 3mb up and 3 down that you still have 3mb down.. but it's not true in practice.
I dont have any scientific explanations, it's just how it is and from experience/observations.