Introducing the ICSI NetalyzrAnother tool to help you detect connection problems... 05:31PM Tuesday Jun 09 2009 by Karl Bodetags: business · bandwidth · networkingThere's no limit to the ingenuity employed by ISPs to shape, throttle cap and otherwise deliver bandwidth that's a little less than pure -- and it's not always easy for regular users without networking knowledge to test the quality of their connection. With that in mind there's been a growing number of tools and tests designed for regular users, one of the more recent being the Google-driven MLAB -- a suite of tools to which Google lent resources, helping them in their network neutrality battle against giant carriers. Many users are oblivious to whether outbound services are blocked or whether there problems with their ISP's DNS servers. To that end, researchers at the International Computer Science Institute say they've developed a new java applet connection analyzer dubbed the ICSI Netalyzr. Netalyzr allows users to probe their network to discover various properties and problems, hidden HTTP proxies and caches, port filtering, IPv6 connectivity, latency, bandwidth, buffer properties, and DNS server health. The tools don't just help users -- they help ISPs as well by fact-checking user claims, and helping to eliminate cries of network neutrality wolf. For instance, Slashdot today directed their users to this post from a user claiming that Comcast was messing about with port 53 traffic to force customers to use Comcast DNS servers (and by proxy their DNS redirection ads). Except Comcast argues this isn't the case, and user tests using the new Netalyzr tool seem to confirm Comcast's side of the story.
Related:- Exaflood Pseudo-Scientists Need A New Gimmick
- Cox Scraps App-Specific Throttling Trials
- Cisco: Average Connection Consumes 11.4 GB Per Month
- Neutrality Rules Won't Impact Investment
- Metrocast Offers Fiber To The Home
- Comcast Still Fighting FCC Throttling Sanction
- Sandvine: P2P Now Just 20% Of Internet Use
- AT&T: No, We Didn't Misconfigure Our 3G Network
|
 |  | 
SSidlov
Other Things On My Mind
Premium
join:2000-03-03
Pompton Lakes, NJ
 ·Optimum Online
 ·Cingular Wireless
| Tried on OOL Boost w/OpenDNS WRT54G Noteworthy Events
Major Abnormalities
* We received unexpected and possibly dangerous results when looking up important names
Minor Aberrations
* Your DNS resolver returns results even when no such server exists
Address-based Tests
NAT detection: NAT Detected
Your global IP address is xxx.xxx.xxx.xxx while your local one is 192.168.2.122. You are behind a NAT. Your local address is in unroutable address space.
Your NAT renumbers TCP source ports sequentially. The following graph shows connection attempts on the X-axis and their corresponding source ports on the Y-axis.
port sequence plot
DNS-based host information: OK
You are not a Tor exit node for HTTP traffic.
You are listed on the Spamhaus Policy Based Blacklist, meaning that your provider has designated your address block as one that should not be sending any email.
The SORBS DUHL believes you are using a dynamically assigned IP address.
Reachability Tests
General connectivity: OK
Basic UDP access is available.
Direct UDP access to remote DNS servers (port 53) is allowed.
The applet was also able to directly request a large DNS response.
Direct UDP access to remote MSSQL servers (port 1434) is allowed.
Direct TCP access to remote FTP servers (port 21) is allowed.
Direct TCP access to remote SSH servers (port 22) is allowed.
Direct TCP access to remote SMTP servers (port 25) is prohibited.
This means you cannot send email via SMTP to arbitrary mail servers. Such blocking is a common countermeasure against malware abusing infected machines for generating spam. Your ISP likely provides a specific mail server that is permitted. Also, webmail services remain unaffected.
Direct TCP access to remote DNS servers (port 53) is allowed.
Direct TCP access to remote HTTP servers (port 80) is allowed.
Direct TCP access to remote POP servers (port 110) is allowed.
Direct TCP access to remote RPC servers (port 135) is allowed.
Direct TCP access to remote NetBIOS servers (port 139) is blocked.
This is probably for security reasons, as this protocol is generally not designed for use outside the local network.
Direct TCP access to remote IMAP servers (port 143) is allowed.
Direct TCP access to remote SNMP servers (port 161) is allowed.
Direct TCP access to remote HTTPS servers (port 443) is allowed.
Direct TCP access to remote SMB servers (port 445) is blocked.
This is probably for security reasons, as this protocol is generally not designed for use outside the local network.
Direct TCP access to remote SMTP/SSL servers (port 465) is allowed.
Direct TCP access to remote secure IMAP servers (port 585) is allowed.
Direct TCP access to remote authenticated SMTP servers (port 587) is allowed.
Direct TCP access to remote IMAP/SSL servers (port 993) is allowed.
Direct TCP access to remote POP/SSL servers (port 995) is allowed.
Direct TCP access to remote SIP servers (port 5060) is allowed.
Direct TCP access to remote BitTorrent servers (port 6881) is allowed.
Network Access Link Properties
Network latency measurements: Latency: 16ms Loss: 0.0%
The round-trip time (RTT) between your computer and our server is 16 msec, which is good.
We recorded no packet loss between your system and our server.
TCP connection setup latency: 19ms
The time it takes your computer to set up a TCP connection with our server is 19 msec, which is good.
Network bandwidth measurements: Upload 5.2 Mbit/sec, Download >20 Mbit/sec
Your Uplink: We measured your uplink's sending bandwidth at 5.2 Mbit/sec. This level of bandwidth works well for many users.
During this test, the applet observed 4 reordered packets.
Your Downlink: We measured your downlink's receiving bandwidth at >20 Mbit/sec. This level of bandwidth works well for many users.
Network buffer measurements: Uplink 340 ms, Downlink is good
We estimate your uplink as having 340 msec of buffering. This level may serve well for maximizing speed while minimizing the impact of large transfers on other traffic.
We were not able to produce enough traffic to load the downlink buffer, or the downlink buffer is particularly small. You probably have excellent behavior when downloading files and attempting to do other tasks.
HTTP Tests
Address-based HTTP proxy detection: OK
There is no explicit sign of HTTP proxy use based on IP address.
Header-based HTTP proxy detection: OK
No HTTP header or content changes hint at the presence of a proxy.
HTTP proxy detection via malformed requests: OK
Deliberately malformed HTTP requests arrive at our server unchanged. We are not able to detect a proxy along the path to our server using this method.
Filetype-based filtering: OK
We did not detect file-content filtering.
JavaScript-based tests: OK
The applet was not run from within a frame.
Your web browser reports the following cookies for our web page:
* netAlizEd (set by our server)
Your web browser was unable to fetch an image using IPv6.
HTTP caching behavior: OK
There is no suggestion that a transparent HTTP cache exists in your network.
DNS Tests
Restricted domain DNS lookup: OK
We are able to successfully lookup a name which resolves to the same IP address as our webserver. This means we are able to conduct many of the tests on your DNS server.
Unrestricted domain DNS lookup: OK
We are able to successfully lookup arbitrary names from within the Java applet. This means we are able to conduct all test on your DNS server.
DNS resolver address: OK
The IP address of your ISP's DNS Resolver is 208.67.217.8, which resolves to bld3.nyc.opendns.com.
DNS resolver properties: Lookup latency: 360ms
Your ISP's DNS resolver requires 360 msec to conduct an external lookup, and 170 msec to lookup an item in the cache.
Your resolver is using QTYPE=A for default queries.
Your resolver also performs IPv6 queries in addition to IPv4 queries.
Your DNS resolver does not use EDNS.
Your resolver does not use 0x20 randomization, but will pass names in a case-sensitive manner.
Your ISP's DNS resolver respects a TTL of 0 seconds.
Your ISP's DNS resolver respects a TTL of 1 seconds.
DNS glue policy: OK
Your ISP's DNS resolver accepts generic glue records located in subdomains of the queried domain.
Your ISP's DNS resolver accepts additional (glue) records for nameservers located in subdomains of the queried domain.
Your ISP's DNS resolver follows CNAMEs when it is in the same domain.
DNS resolver port randomization: OK
Your ISP's DNS resolver properly randomizes its local port number.
The following graph shows DNS requests on the x-axis and the detected source ports on the y-axis.
port sequence plot
DNS lookups of popular domains: Warning
You appear to be using OpenDNS as your DNS resolver. One known issue with OpenDNS is that, by default, OpenDNS acts as a Man-in-the-Middle for some servers, returning the address of one of their servers that acts as an intermediary, rather than the final result. This can both slow down searches and may break other functionality. As a result, 1 lookup appears to be anomalous.
Name IP Address Reverse Name/SOA
www.google.com 208.67.217.231 google.navigation.opendns.com
74 of 74 popular names were resolved successfully. Show all names.
In the following table reverse lookups that failed but for which a Start Of Authority (SOA) entry indicated correct name associations are shown using an "X", followed by the SOA entry. Absence of both IP address and reverse name indicates failed forward lookups.
Name IP Address Reverse Name/SOA
www.abbey.co.uk 165.160.13.20 X (pdns1.cscdns.net)
ad.doubleclick.net 216.73.86.152 annymegaadvip2.doubleclick.net
www.alliance-leicester.co.uk 194.130.105.121 X (alice.ioko365.com)
www.amazon.com 72.21.210.250 210-250.amazon.com
www.ameritrade.com 204.58.27.113 beta-new.tdameritrade.com
www.bankofamerica.com 171.161.161.173 www.bankofamerica.com
www.bankofscotland.co.uk 195.171.171.21 X (ns0.bt.net)
www.bankofthewest.com 207.114.194.101 X (dns1a.bankofthewest.com)
www.barclays.co.uk 213.219.1.141 X (dns1.lon7.telecityredbus.net)
www.capitalone.com 208.80.50.112 X (chia.arin.NET)
www.careerbuilder.com 208.82.6.22 X (smokey.careerbuilder.com)
www.chase.com 159.53.60.105 X (ns1.jpmorganchase.com)
chaseonline.chase.com 159.53.60.54 resources-cdc1.chase.com
www.citi.com 192.193.232.227 X (ns.citicorp.com)
www.citibank.com 192.193.232.227 X (ns.citicorp.com)
www.citimortgage.com 192.193.218.222 X (ns.citicorp.com)
www.cnn.com 157.166.224.25 X (twdns-02.ns.aol.com)
www.desjardins.com 142.195.128.44 desjardins.com
www.deutsche-bank.de 217.73.49.24 www.deutsche-bank.de
www.e-gold.com 209.200.169.10 unknown.prolexic.com
www.ebay.com 66.135.200.27 hp-core.ebay.com
www.etrade.com 12.153.224.22 etrade.com
www.facebook.com 69.63.184.143 www-11-03-ash1.facebook.com
www.fdic.gov 192.147.69.84 www.fdic.gov
www.friendfinder.com 208.88.180.81 X (ii53-30.friendfinderinc.com)
www.geocities.com 98.137.46.72 intl1.geo.vip.sp2.yahoo.com
www.halifax.co.uk 212.140.245.97 www.halifax.co.uk
www.hsbc.co.uk 193.108.74.126 X (ns3.hsbc.com)
www.jpmorganchase.com 159.53.60.166 X (ns1.jpmorganchase.com)
www.lloydstsb.com 193.34.230.181 X (ns2.lloydstsb.co.uk)
mail.google.com 66.102.1.19 he-in-f19.google.com
mail.live.com 64.4.20.186 dp4.mail.live.com
mail.yahoo.com 69.147.112.160 l2.login.vip.re3.yahoo.com
www.mbna.com 209.135.59.10 X (ns1.usi.net)
www.mbna.net 209.135.59.10 X (ns1.usi.net)
www.meebo.com 208.81.191.110 X (ns1.meebo.com)
messenger.yahoo.com 68.142.230.204 myc1.msg.vip.re2.yahoo.com
www.microsoft.com 207.46.193.254 wwwtk2test2.microsoft.com
www.nationwide.co.uk 155.131.127.10 www.nationwide.co.uk
www.networksolutions.com 205.178.187.13 www.networksolutions.com
www.newegg.com 216.52.208.185 X (pdns1.ultradns.net)
www.nordea.fi 195.215.15.166 www.nordea.fi
online.citibank.com 192.193.180.87 citibankonline.com
online.wellsfargo.com 151.151.13.132 psaltery-on.wellsfargo.com
www.orange.fr 193.252.122.103 www.orange.fr.b2.fti.net
pagead.googlesyndication.com 66.102.1.166 he-in-f166.google.com
partner.googleadservices.com 66.102.1.166 he-in-f166.google.com
www.paypal.com 64.4.241.49 node-64-4-241-4[...]orks.paypal.com
www.rbs.co.uk 155.136.80.222 X (ns0-08.dns.pipex.net)
www.schwab.com 162.93.224.80 wwwschwab-vip.schwab.com
www.sears.com 96.6.73.99 a96-6-73-99.dep[...]echnologies.com
www.secureworks.com 65.114.32.183 www.secureworks.net
smartzone.comcast.net 76.96.26.12 webmail3.emeryv[...]ail.comcast.net
www.smithbarney.com 192.193.20.126 X (ns.citicorp.com)
www.sparkasse.de 195.140.127.130 www.sparkasse.de
www.sterlingsavingsbank.com 12.19.55.215 sterlingsavingsbank.com
www.tdameritrade.com 204.58.27.105 beta-new.tdameritrade.com
www.ticketmaster.com 69.192.20.199 a69-192-20-199.[...]echnologies.com
www.trendmicro.com 204.141.87.33 X (auth1.ns.gin.ntt.net)
us.etrade.com 12.153.224.21 us.etrade.com
www.verisign.com 65.205.249.60 www.verisign.net
www.wachovia.com 169.200.183.139 X (sls-ns1.wachovia.com)
www.wamu.com 167.88.184.51 www.wamu.com
www.wellsfargo.com 151.151.88.133 percussion-dd.wellsfargo.com
westernunion.com 206.201.227.250 wumt1.westernunion.com
windowsupdate.microsoft.com 207.46.225.221 X (msnhst.microsoft.com)
wireless.att.com 135.209.208.191 origin-busine[...]eless.att.com
www.yahoo.com 69.147.76.15 f1.www.vip.re1.yahoo.com
2 popular names have a mild anomaly. The ownership suggested by the reverse name lookup does not match our understanding of the original name. The most likely cause is the site's use of a Content Delivery Network. Show all names.
Name IP Address Reverse Name/SOA
www.postbank.de 195.50.155.73 X (ns1.arcor-ip.de)
www.usbank.com 170.135.216.181 facts529.com, frysvisa.net, frysvisa.org, u-s-bank.us, u-s-bank.biz, u-s-bank.net, u-s-bank.org, usbanksl.com, usbtrust.com, vailbank.com, cachevisa.com, usbancorp.cc, usbancorp.us, usbancorp.biz, usbancorp.net, usbancorp.org, usbancorp.info, vailbanks.com
3 popular names have a mild anomaly: we are unable to find a reverse name associated with the IP address provided by your ISP's DNS server. This is most likely due to a slow responding DNS server or misconfiguration on the part of the domain owner. Show all names.
Name IP Address Reverse Name/SOA
www.f-secure.com 216.246.75.83 X
www.irs.gov 216.246.75.73 X
www.visa.com 216.246.75.91 X
DNS results wildcarding: OpenDNS
You appear to be using OpenDNS. OpenDNS, by default, deliberately returns addresses even for domain names which should not resolve. Instead of an error, the DNS server returns an address of 208.67.217.132, which resolves to hit-nxdomain.opendns.com. You can inspect the resulting HTML content here.
This is central to OpenDNS's business model. In order to profit from an otherwise free service, OpenDNS presents the users with advertisements whenever they make a typo in their web browser. You can disable this behavior through the OpenDNS Dashboard.
The big problem with this behavior is that it can potentially break any network application which relies on DNS properly returning an error when a name does not exist.
The following lists your DNS server's behavior in more detail.
Your ISP's DNS server returns IP addresses even for domain names which should not resolve. Instead of an error, the DNS server returns an address of 208.67.217.132, which resolves to hit-nxdomain.opendns.com. You can inspect the resulting HTML content here.
There are several possible explanations for this behavior. The most likely cause is that the ISP is attempting to to profit from customer's typos by presenting advertisements in response to bad requests, but it could also be due to an error or misconfiguration in the DNS server.
The big problem with this behavior is that it can potentially break any network application which relies on DNS properly returning an error when a name does not exist.
The following lists your DNS server's behavior in more detail.
* www.{random}.com is mapped to 208.67.217.132.
* www.{random}.org is mapped to 208.67.217.132.
* fubar.{random}.com is mapped to 208.67.217.132.
* www.yahoo.cmo [sic] is mapped to 208.67.217.132.
* nxdomain.{random}.netalyzr.icsi.berkeley.edu is mapped to 208.67.217.132.
Host Properties
System clock accuracy: OK
Your computer's clock agrees with our server's clock.
Browser properties
The following parameters are sent by your web browser to all web sites you visit:
* User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10 (.NET CLR 3.5.30729)
* Accept: text/html,application/xhtml+xml,application/xml; q=0.9,*/*; q=0.8
* Accept Language: en-us,en;q=0.5
* Accept Encoding: gzip,deflate
* Accept Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
--
»www.Warpstock.org
| |
| 
pokesph
It Is Almost Fast
Premium
join:2001-06-25
Sacramento, CA
clubs:
·Comcast
2 edits | neat tool.. ..for some basic info (most of which was already known)
could be useful to those less in touch with their systems.
»netalyzr.icsi.berkeley.edu/
and its good to know Comcast isn't messing with my connection beyond the normal slowness and other quirks we Comcast users have to put up with.
--
Webmaster - Steve
- - - - - - - - - - - -
»www.1-gb.net
»www.ppnstudio.com | |
| | 
tschmidt
Premium,MVM
join:2000-11-12
Milford, NH | Re: neat tool.. Agree - netalyzr is a nifty little tool.
/tom | |
| | 
S_engineer
join:2007-05-16
Chicago, IL
·Comcast
1 edit | said by pokesph  :..for some basic info (most of which was already known) could be useful to those less in touch with their systems. and its good to know Comcast isn't messing with my connection beyond the normal slowness and other quirks we Comcast users have to put up with. you know your link provides everybody with your IP as well as open ports...may I suggest an edit!
--
BF69~~~Please stop suffocating gerbils! | |
| | |
pokesph
It Is Almost Fast
Premium
join:2001-06-25
Sacramento, CA
clubs:
·Comcast
| Re: neat tool.. said by S_engineer : you know your link provides everybody with your IP as well as open ports...may I suggest an edit! yeah I think an edit is warranted too..
still its a pretty useful tool
--
Webmaster - Steve
- - - - - - - - - - - -
»www.1-gb.net
»www.ppnstudio.com | |
| | | |
S_engineer
join:2007-05-16
Chicago, IL
·Comcast
| Re: neat tool.. i agree...I received a report stating that it was incomplete, however, it did give me other information that I found useful. But the Kaspersky version for Windows 7 absolutely hates that site. I've recieved numerous warnings during test and in one case it completely blocked the site when trying to see it through browser IE 8. I suppose thats what I get for using 2 betas.
--
BF69~~~Please stop suffocating gerbils! | |
|
S_engineer
join:2007-05-16
Chicago, IL
1 edit | Anti virus My kaspersky sees this as a virus...
6/9/2009 4:14:38 PM file: n12.netalyzr.icsi.berkeley.edu/eicar-standard-av-test-file.com detected: virus 'EICAR-Test-File'
--
BF69~~~Please stop suffocating gerbils! | |
| | SystemCrash
join:2004-08-28
Mississauga, ON | Re: Anti virus so does NOD32 | |
| | | 
fphall
The Guardian
Premium
join:2003-11-01
Bristol, CT | Re: Anti virus so does avira | |
| | | | | | | | | AstroBoy
join:2008-08-08
Parkville, MD | Re: Anti virus AVG did not complain. Bad AVG. | |
| | 
Nicholas Weaver
@Berkeley.EDU
 from:
catseyenu
| This is a feature: its how we check for network processes (eg, host antivirus, network gateways, etc) which block known viruses. The file is not an actual virus, but the EICAR virus "test" file, a small harmless .com that the AV vendors have largely agreed to recognize as a "virus" to enable testing:
Q: My anti-virus program triggered an alert while Netalyzr was running. Why?
A: As part of our content-filtering tests, we download the EICAR antivirus test file into the applet. This file is harmless and designed to test correct functionality of antivirus software. Any related warnings or alerts thus merely signal correct functioning of your antivirus installation and can safely be ignored.
»www.eicar.org/anti_virus_test_file.htm | |
| | | 
Noah Vail
Premium
join:2004-12-10
Lorton, VA | Re: Anti virus Thanks for stopping in.
NV | |
| 
ExitWound
Porsche Snob
join:2001-12-13
State College, PA
 ·Vonage
| OpenDNS OpenDNS returns red flags because unknown lookups don't work as intended, and are instead redirected to OpenDNS ads page. The description explicitly describes why it's both okay (OpenDNS needs to make money) and how it can break functionality sometimes though.
--
»www.theexitwound.com | |
| ross
join:2000-08-16
 ·Digizip
1 edit | Can anybody tell me about this buffer cache problem Can someone interpret my results for me?
I don't understand where the buffering cache is located; i.e., my computer, my router, my gateway, my ISP (Digizip) or at COVAD.
I have a COVAD ADSL circuit over AT&T copper. There have been mighty speed, latency and bounce problems on my internet connection. I pay for 6/1 service, and am safe moded to 1.5/768, and receive 1.2/.5 actual. | |
| | 
SLD
Premium
join:2002-04-17 | Re: Can anybody tell me about this buffer cache problem My Comcast connection reports the same issue with the upload buffer caching. Download is OK. | |
| | | | | | | | ross
join:2000-08-16
·Digizip
| Re: Can anybody tell me about this buffer cache problem said by MxxCon :next time instead of attaching a mile long, impossible to properly read image, why don't you paste the provided perma-link to your results?! Because I don't want my IP exposed for general consumption. See other posts above re posting unedited results.
I have uploaded an edited PDF file with the results. Take a look and try to help with an answer, instead of a bullshit complaint. | |
| | | | | | | | | | | 
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| said by ross :Can someone interpret my results for me? I don't understand where the buffering cache is located; i.e., my computer, my router, my gateway, my ISP (Digizip) or at COVAD. I have a COVAD ADSL circuit over AT&T copper. There have been mighty speed, latency and bounce problems on my internet connection. I pay for 6/1 service, and am safe moded to 1.5/768, and receive 1.2/.5 actual. Your modem has this buffer, and this usually only poses a problem when you're uploading en masse while also trying to do something requiring generally low latency.
This problem has existed for years, it's as old as broadband. (Telephone modems had flow control.)
--
Robb Topolski -= funchords.com =- District of Columbia -- KJ7RL | |
| | | 
GOLFnSUN
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
·Sprint Mobile Broa..
·Comcast
1 edit | Re: Can anybody tell me about this buffer cache problem said by funchords :Your modem has this buffer, and this usually only poses a problem when you're uploading en masse while also trying to do something requiring generally low latency. This problem has existed for years, it's as old as broadband. (Telephone modems had flow control.) I saw hardly any buffer delays(up or down) to an ethernet connected desktop to my wireless Linksys router. But there was significant delays to my wireless connected laptop attached thru the same router. To try and improve throughput I suspect that wireless cards are doing more buffering than an ethernet card does.
This might explain why VOIP is not as error free over wireless connections as it is thru wired ones.
--
My BLOG .. .. Internet News .. .. My Web Page | |
| | | | patcat88
join:2002-04-05
Jamaica, NY | Re: Can anybody tell me about this buffer cache problem Remember Linksys routers have a Linux software routing core, that can create latency and jitter. Linux is not a real time OS. | |
| | | 
rawgerz
In Debt we trust
Premium
join:2004-10-03
Grove City, PA | Don't most 3rd party modem's give the option of changing it, or is only remedied via QOS? | |
| | | |
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| Re: Can anybody tell me about this buffer cache problem said by rawgerz :Don't most 3rd party modem's give the option of changing it, or is only remedied via QOS? "only" is a big word, but yes, your home gateway can use QOS to limit the rate at which your modem gets fed.
--
Robb Topolski -= funchords.com =- District of Columbia -- KJ7RL | |
| |
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| said by ross :Can someone interpret my results for me? ... I have a COVAD ADSL circuit over AT&T copper. The HTTP proxy warning in your results is very interesting. Are you running some kind of local software that creates that? Or is that a Covad or AT&T thing?
--
Robb Topolski -= funchords.com =- District of Columbia -- KJ7RL | |
| | | 
jlivingood
Premium,VIP
join:2007-10-28
Philadelphia, PA
| Re: Can anybody tell me about this buffer cache problem said by funchords :said by ross :Can someone interpret my results for me? ... I have a COVAD ADSL circuit over AT&T copper. The HTTP proxy warning in your results is very interesting. Are you running some kind of local software that creates that? Or is that a Covad or AT&T thing? I wondered the same thing when I viewed those results. The output indicates a transparent proxy. Maybe on the LAN (home gateway?) or local parental control s/w on the computer?
--
JL
Comcast | |
| | | | jerseyjoe123
join:2008-04-28
Picton, ON | Re: Can anybody tell me about this buffer cache problem I got the same message about the buffer cache. In my case, it was due to QOS being enabled on my router. Once I disabled it, the buffer cache message disappeared. | |
| |
SSidlov
Other Things On My Mind
Premium
join:2000-03-03
Pompton Lakes, NJ | Have you ever run the TCP Optimizer from the TESTS here on DSLR? If not do so.
--
»www.Warpstock.org
| |
|
Nicholas Weaver
@comcast.net
| Buffer Sizing... The buffer size is how much data the bottneck will fill up with before dropping packets.
It may be counterintuitive, but you don't actually want it too big: You want to hold ~300ms or so of packets: any more and you don't see any bandwidth improvement, but if you are doing a full rate transfer, you will see significantly higher latency. This is why, eg, if you run BitTorrent your websurfing may seem slow while BitTorrent is active, even though BitTorrent's TCP flows will happily share the network with your web surfing.
This is a very VERY common problem, and part of Netalyzr is to try to understand just how common a problem it is. Unfortunatly, there is no easy solution. | |
|
jlivingood
Premium,VIP
join:2007-10-28
Philadelphia, PA
1 edit |  Pretty Useful Tool
Thumbs up, Nick!
--
JL
Comcast | |
|
jlivingood
Premium,VIP
join:2007-10-28
Philadelphia, PA
| Another valuable attribute of ICSI Netalyzr said by karlbode :
The tools don't just help users -- they help ISPs as well by fact-checking user claims, and helping to eliminate cries of network neutrality wolf. For instance, Slashdot today directed their users to this post from a user claiming that Comcast was messing about with port 53 traffic to force customers to use Comcast DNS servers (and by proxy their DNS redirection ads). Except Comcast argues this isn't the case, and user tests using the new Netalyzr tool seem to confirm Comcast's side of the story.
Karl, you have a really excellent point here. Today on Slashdot was a good example of a claim being made (by an anonymous user) and the results of many Comcast users running Netalyzr were able to show that it did not have to do with Comcast's DNS servers. That is certainly a nice benefit of tools like this one. (And beyond that it is important to maintain user choice for applications, including DNS, whether someone in this case wishes to use OpenDNS, Level3's DNS, etc.)
--
JL
Comcast | |
| 
dadkins
Can you do Blu?
Premium,MVM
join:2003-09-26
Hercules, CA
·Comcast
4 edits | Tried it...
Uhm... huh? |
Hell! I get 99ms to New York!
Speed, as with any speed test is just a bit off:
Network bandwidth measurements: Upload 7.8 Mbit/sec, Download 9.8 Mbit/sec
Not even close - even with PowerBoost.
If it works for you and gives good numbers - Cool!.
Thanks anyways!
--
Think outside the Fox... Opera | |
| |
Nicholas weaver
@comcast.net
| Re: Tried it... The backend service we use is Amazon Web Services's EC2. We did not want to host at ICSI because it could possibly disrupt ICSI's normal network due to load, and we wanted to have many servers simultaneously as well (for the flashcrowd, we've scaled up to 20 nodes).
So your latency is actually to the EC2 cluster, not Berkeley. | |
| 
NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
Murfreesboro, TN
·Vonage
·Cingular Wireless
·AT&T CallVantage
·AT&T Southeast
| I wonder who really funded this project? * Who funded this work?
* We gratefully acknowledge the National Science Foundation's financial support for this project.
DNS lookups of popular domains: Warning
1 popular name has a significant anomaly. The ownership suggested by the reverse name lookup does not match our understanding of the original name. This could be caused by an error somewhere in the domain information, or it could be that your ISP's DNS Server is acting as a DNS "Man-in-the-Middle".
We attempted to download HTTP content from the IP addresses that your ISP's DNS server returned to you for these names. Where the download succeeded, you can click on the IP address in the table below to download a compressed file containing an HTTP session transcript.
Note! The session content is potentially harmful to your computer when viewed in a browser, so use caution when examining it.
Name IP Address Reverse Name/SOA
pagead.googlesyndication.com 0.0.0.0 SOA: A.ROOT-SERVERS.NET
Could at least some of the funding have come from Google? I mean who (other than Google) really considers that hosts file redirection for pagead.googlesyndication.com is "potentially harmful"?
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander. | |
| |
Nicholas Weaver
@comcast.net
| Re: I wonder who really funded this project? This work was not funded by Google.
There is malcode out there which changes people's DNS settings so that ad.doubleclick.net will point to servers which serve add for "Vimax Mail Enhancement" products and who-knows what else.
»boingboing.net/2009/01/16/how-to···-vi.html
»voices.washingtonpost.com/securi···il-.html
This is why we specifically check the advertisement/analytics server names for DNS games, because they have been manipulated by bad guys playing games in the network.
And personally, I love the idea of redirecting these servers to localhost or similar. I'll have to try that for myself. | |
| 
parkerbryan
Premium
join:2003-03-07
Dallas, TX
 ·AT&T FTTP
·Comcast
| knowledge is power I hope that this will entice ISPs to tighten up the slack on their networks. At the least, users will be knowledgeable of their ISPs (bad) habits and act accordingly.
--
Duct tape is like the force. It has a light side, a dark side, and it keeps the universe together. | |
| 
heat84
join:2004-03-11
Fort Lauderdale, FL | Down for maintenance? There's no button to start the test. I tried FireFox and IE. | |
| |
Nicholas Weaver
@Berkeley.EDU | Java is required. You have to have Java enabled. The button will not appear if you do not have Java enabled. | |
| vitocorleone
join:2000-10-01
Seattle, WA | Maybe only Earthlink? Perhaps only if you're on Earthlink via Comcast do you get this behavior. I know I do in Seattle as an Earthlink/Comcast customer. | |
| | | |
|
|
