Summary: BitTorrent users used up lots of space in the NAT port table in Windows NT. Because there are only 64k ports available, this is a big problem if more than a couple of users are using BitTorrent.
Interestingly, they did not not see this as a flaw in the Windows kernel. You can get a data structure which allows 2^48 concurrent connections by NAT on a single IP address if you map based on (destination IP address,port) rather than just (port).
OpenBSD does this, to avoid the very problem these Microsoft people solved by complex tools and a rick roll.
Uh, what do you think I'm arguing about? I'm drawing a parallel between a Microsoft oversight dating from the DOS days and the current oversight with port numbers.
But if you think I'm taking a position, please explain. (I'm reminded of Herman Melville reacting to various academic's analysis of symbolism in Moby Dick. Something to the effect that he didn't know that stuff was in there!) Unjustified projection of fictional intention is just as cheap as putting words into another's mouth.
I was about to do this, actually, so I can have a 40GB "system" partition and put my "data" partition in "My Documents." But I still get the joy of seeing my "C:" drive in XP.
I am referring to the mapping on the NAT router. And the source does know the destination IP address, because it addresses the packet to that address. The NAT router rewrites the ports and source address on all the packets traversing it.
I think you're talking about outgoing connections. The number of incoming connections is the problem here. That's limited in all operating systems as IPv4 only supports 64k ports
did they ask people to stop? i read through the text and couldn't see that mentioned, which struck me as odd. i'm pretty sure that it wouldn't have stopped everyone, but to not ask people first seems a bit misguided to me.
[edit: my comment on that page asking about this hasn't been answered, but there's a reply to another comment saying "people were approached" that refers to the previous post - http://www.techedbackstage.net/2010/02/17/bittorrent-traffic... - that does describe in more detail what happened. and there's still no description of a general announcement.
i do understand their frustration, but to take an approach like this without any announcement is going to encourage some people to "fight back". a sympathetic announcement with an explanation would have got the majority of users "on their side", producing peer pressure and setting expectations that would reduce the amount of conflict. not doing so comes across as passive aggressive and encourages an "arms race"]
I think that if you find yourself banned, and then change your MAC to get back on the network to continue the abuse, that constitutes being asked to stop.
i've edited my comments to make it clearer that this isn't about whether or not people understood why they were being blocked, but about social management.
I've found that asking people to stop at large events doesn't usually make them stop. Tragedy of the commons style, people justify to themselves that one more person wont break the network.
Of course asking people to stop, explaining why stopping would fix the network problems and stating abusers will get kicked are the correct first step just to let people know what's going on.
> RRAS, we found, only uses the machine base IP address for the outside of the NAT. It will not use additional IP addresses in the public address pool, no matter how many IP addresses are in that pool.
<facepalm> Why exactly did they gloss over this as if it was no big deal? </facepalm>
The way that I see it they should either:
1) Fix RRAS to use all IPs in the public address pool.
2) Fix ipnat.sys to use a lookup table that keys on external_destination_ip+port rather than just port.
3) Make an announcement that several users are abusing the network with excessive BitTorrent usage which is taxing the NAT. State that BitTorrent users will be kicked from the network if the situation does not improve.
4) Make an announcement asking BitTorrent users to limit the total number of ports their client is using. Most BitTorrent clients (even rtorrent) allow you to limit the number of connections on a global or per-torrent basis. There really is no reason that one needs to have upwards of 800 (or even 2500) ports at a given time.
In general, #1 and #2 should be done anyways regardless of how they solved the immediate situation at the conference.
Given the lack of free or even affordable WiFi in Australia, I'm not surprised that people would leech when given the opportunity. During my travels there last year I found very little that didn't cost $4/hr, outside of a pittance available for free at McDonald's.
Certainly, after paying to attend the conference I'd feel entitled to some bandwidth as well. If the network is using a poor NAT implementation, that's negligent network planning and the admins should shoulder the blame instead of screwing with the users.
"The next morning we found that ipnat.sys developer (being in India) suffered all sorts of Internet and power problems overnight and was unable to finish the utility. It was a new day when we received this news so we completed the utility ourselves…"
I've heard that one before! (Not that they don't actually have those problems in India)
Could you update your comment with a link to the HN article where we called it cute when Google couldn't figure out how to manage its WiFi network and rickrolled its users? I can't find it at the moment.
Pointing out where anyone called Microsoft evil or a monopoly on this page would be helpful as well.
Interestingly, they did not not see this as a flaw in the Windows kernel. You can get a data structure which allows 2^48 concurrent connections by NAT on a single IP address if you map based on (destination IP address,port) rather than just (port).
OpenBSD does this, to avoid the very problem these Microsoft people solved by complex tools and a rick roll.