Enabling Bittorrent at the University Level? 145
Sorthum asks: "I'm a network administrator for a small university (approximately 5000 students all told). We're running NAT in the dorms, which obviously restricts BitTorrent traffic. We do an annual student survey, on which 'Residential Network' is listed as the number 2 complaint. This translates more or less into 'Bittorrent is slow here.' My boss is in a frenzy to appease the users at virtually any cost, but it seems to me from my research that the only real way to improve Bittorrent speeds is to start assigning public IPs to the dorms. Add to that the potential liability of making a service that by most reports has upward of 90% of its traffic fall into a 'legally questionable' gray area, how can I win in this situation?"
You have to decide what's important (Score:5, Insightful)
On the other hand, almost all (or at least a great deal) of the BitTorremt traffic may be currently used for sharing copyrighted materials. We all know that to be the case. Is it responsible to open up the pipes for what you know is almost exclusively illegitimate usage, within the context of the law (regardless of how you or anyone else feels about copyright infringement, and so on)?
On yet another hand, what happens if BitTorrent usage becomes largely legitimate because some large legitimate service begins using it? (And yes, to those reading this, I'm more than aware BitTorrent is used for a variety of legitimate large downloads.) In that event, can you afford to continue treating any protocol or service as if it's illegitimate, just because some level of it is now?
During the heyday of Napster (1999-2000), UW-Madison estimated that Napster accounted for over half [wisc.edu] (!) of our inbound and outbound traffic. There was a lot of talk about how to deal with this. Ultimately, UW-Madison decided that as a large public research university, we can't afford to police a particular kind of traffic wholesale: any network protocol can be abused, used for illegal purposes, and so on. We felt that the academic arguments and responding to usage demands of the campus trumped making judgment calls about the appropriateness of the use. Granted, the appropriate use policy [wisc.edu] of the university forbade some of the things people were using the network for, but we didn't actively police (or restrict) traffic. In the end, this provided the university with the impetus to examine ways of meeting increased demand and come up with novel solutions to our neverending bandwidth needs. One interesting example is that we now locally host a collection of Akamai's servers on our own network, which serves UW-Madison, the 25 other UW System Schools, and WiscNet. However, some of the smaller schools couldn't afford to make those same determinations: they either restricted or blocked Napster (and other things, like Gnutella) completely.
Today, the university does shape and restrict traffic [wisc.edu] to the residence halls in various ways; but it's designed to do so in a way such that users almost always won't notice any impact and allows equal access for all. All of our residence halls feature 100mbit ethernet, and that full pipe may be taken advantage of. Some users do use the network for inappropriate purposes, and those cases are dealt with individually when needed. Still, there is no proactive policing unless there are clear abuse/misuse issues. For what it's worth, BitTorrent (and all other protocols) are fully usable here.
If you can afford it, politically and financially, I'd say you should be looking into opening this up. The school does not bear responsibility for the actions of its users unless there is a lack of good faith attempts to stop abuse when requested by, e.g., copyright holders. There always is the argument of customer satisfaction, as well, that must be responded to - whether some students' use is appropriate or not.
Re: (Score:2, Informative)
Re: (Score:3, Interesting)
Residents get 5GB/week off-campus (unlimited on-campus). If they go over this limit, their off-campus connectivity speed is reduced until their traffic usage goes below a 4GB for the previous 7 day period. Campus traffic is never affected.
We haven't had any complaints about usability of the residence hall connections. All other connections on campus (non-residence halls) are generally unrestricted, and almost all are 10
Re: (Score:1)
I'm an admin at University of Miami and we have no bandwidth usage policy, and you know what? We don't hear a single complaint from students about speed. If someone does something against the AUP, either our firewall
Re: (Score:3, Interesting)
I would disagree that 5GB/week is really enough, but aside from that, I consider this a perfectly reasonable policy.
The problem is that the AUP you linked to flatly contradicts the bandwidth limitation policy as you described it. The real policy is that what you describe only happens the first time the 5GB
Re: (Score:2)
How many Linux distributions can you download and USE in one day?
While I could certainly download tens of GBs, I wouldn't be able to actually use it. There aren't enough hours in the day to more than boot the 10 or so distributions that would make up 5GB. I have better things to do. And I would hope that most students at a university are similar.
Now, there will be exceptions (e.g. freely available census/seismic/GIS data), but most uses of >5GB are not urgent and I
Re: (Score:2)
I routinely use 20-30 GB/month, and that's when I don't use BitTorrent. 5 GB/week would keep me pretty much perpetually bandwidth-limited.
The last Debian release alone was 8.5 GB [kernel.org], and that's only for i386. Source code is another 8.8 GB [kernel.org]. (These links are for reference only, if you want to download Debian CD/DVDs, go here [debian.org] to avoid flooding the kernel.org mirror.)
On top of that, you'll probably want
Re: (Score:2)
Re: (Score:2)
In principle this system sounds fair, but I can think of at least one improvement...
5G external is (more than) enough for education-related traffic (assuming you have decent internal mirrors), but you should have a system where students are allow to pay an additional (re
Limit how? (Score:3, Informative)
#1. Shrink the individual pipes to total_bandwidth/number_of_students? So you always get sucky performance?
#2. Cap the daily/weekly/monthly download/upload? So you get sucky performance during the first half of that period, but great performance once everyone else has hit their caps. And what happens when you have a legit need to go to a site after you've hit your cap?
#3. Do it like Frame Relay where you can "burst" to the available bandwidth? But if everyone
Re: (Score:2)
Re: (Score:2, Interesting)
Re: (Score:2)
Some files are bigger than your caps, and the user has little control.
Personally I don't like caps and instituting them seems like a waste of resources that could be better spent on faster connections.
Re: (Score:2)
Well, this worked for me... (Score:1)
UPnP? (Score:4, Insightful)
http://en.wikipedia.org/wiki/Internet_Gateway_Dev
Re: (Score:2, Insightful)
Plus, its a scary idea. A protocol to poke arbitrary holes in firewalls? Brilliant!
Re: (Score:2)
Re: (Score:2)
Leave it (Score:2, Insightful)
Re: (Score:2)
Re:Leave it (Score:5, Insightful)
They could even use mediawiki to allow the students to take some control of the cache.
Re: (Score:2)
Re: (Score:2)
Do you really believe bittorrent is mainly about inux distros, game patches, movies that are in the public domain?
If so, welcome to Earth. You must be new here.
Re: (Score:2)
Re: (Score:2)
If you think all college students are going to download over BitTorrent is shit from Archive.org and/or Debian, you're more than a little deluded.
Your fucked (Score:3, Insightful)
2) There was an article a little while back on rate shaping
You do have to question why the network is really there. Maybe you just need to tell your boss to get a grip.
I hate to say it, but does bittorrent (For non-uni use) really fall into the "supported" category? I know it's going to be something that everyone is going to try to find a way around as most uni networks have pretty good internet connections, but on a large scale like this you have to get an official statement from your boss as to say whether it's supported or not.
Sorry I can't give you better news.
Re: (Score:3, Insightful)
You do have to question why the network is really there. Maybe you just need to tell your boss to get a grip.
I hate to say it, but does bittorrent (For non-uni use) really fall into the "supported" category?
I don't know if you've ever been to a University before (and if so if you've ever stayed in a dorm), but you've got to rememebr for most of these kids, the Internet pipe that comes with their dorm is *their only option*. Lots of caompuses do not let students get their own DSL/Cable installed in thei
Are you sure that you're paying? (Score:3, Insightful)
Well, yes and no. If the university has a clear $50/month charge on the bill then I'd say yes. I'm not sure all of them do though. If students really want ISP level internet access then they'd better be willing to pay for it, but I'm not sure that just because you're paying several thousand per year for tuition means that you get top-rate internet service. I really don't see internet access any different than dorm, fo
has *nothing* to do with tuition. (Score:2, Insightful)
And when that rent lists "high speed internet included" as an option, and on top of that you are not allowed to procure your own alternative internet access, that Internet access should be as unencumbered as is reasonable.
Re: (Score:2)
Sorry if I wasn't clear. I wasn't trying to argue that they were linked. I know because I just paid separate fees for my kid's college bill recently. The bill is broken out into four charges: (1) tuition, (2) room, (3) meals, and (4) technology access and student activity fee. Because internet access is broken out separately, we know what it's worth. And I'll te
Re: (Score:2)
Indeed, but the option should be there. Keep in mind that not every student is fresh out of high school, and even the ones that are might need more Internet access if they're in technical fields than they would in, say, language arts.
Re: (Score:2)
Incorrect!
Unless you're allowed to seek your own, it should be unencumbered, period.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
None, but how many first-year students can afford a lawyer to fight it? Heck, how many students have time to launch a class-action lawsuit for this kind of crap?
The same kind of crap happened at my university. They implemented a mandatory health/dental plan (which doesn't even cover major things like reconstructive surgery) at my former university. You could "opt out", but only if you proved to the insurance company that you had equivalent-o
Re: (Score:2)
Re: (Score:2)
Either way, (My
Social problem needs social solution (Score:2)
Bingo; yet again, it's an attempt to solve a policy/managerial/social problem with a technological solution. Almost any time this is attempted, failure results.
As to the OP, if you want to provide customer satisfaction, and your customers want BT, then you need to provide externally-facing IP addres
Wonderful FUD (Score:2)
Re: (Score:2)
Public IPs aren't the problem in and of themselves, the poster has said though that they are limiting the people who they connect through by using NAT. Public IP addresses get rid of this obstacle.
Re: (Score:2)
Re: (Score:2)
Can you tell him how to get around this issue?
Re: (Score:2)
No, I don't have a technical answer. It's not a technical problem, as you have already pointed out [slashdot.org].
Re: (Score:2)
Re: (Score:2)
Do what universities do here? (Score:4, Insightful)
Make the services available over net.
Kick residential networks completely away from university network.
Then you won't have to worry about what students do in their network, since it's operated by third party operator, not by university.
Third-party operators here are student unions etc, which partly/entirely own the housing which students rent,
and network policies are set at student level.
Re: (Score:2)
Slightly offtopic, when I was at Uni in 1991 (Warwick, UK) the department of computer services, CSV, had a similar issue with what would now be called "chat rooms" (I personally believe that this was where Internet chat was invented), although the problem was that the chat servers were being hosted I guess 'illega
Re: (Score:2)
Re: (Score:2)
Other than that the guy could have a full (and anonymous) discu
Re: (Score:1)
If a university does not have the capability to limit bandwidth on
Re: (Score:2)
Re: (Score:2)
Aww, idn't that just too bad? The wittwe pipes awen't handwing the twaffic!
For what they charge in tuition, -GET- -BIGGER- -PIPES-! Not throttle! Either that or allow students to seek outside solutions.
Operate like an ISP (Score:3, Insightful)
Give them public ip addresses, but make them dynamic, possibly make each user connect using PPoE, so there is a username and password, limit the bandwidth, block inbound windows SMB/LSH/NetBIOS ports such as port 139, 137 incoming to each user, etc.
Keep logs of what user logs in to what ip address. As an ISP you aren't responsible for the details of exactly they do online, you have no idea about the nature of their activities, or if they're legal or not: make sure you stay within the DMCA safe harbour, and clearly document the contact information as required, so the ISP can receive DMCA letters.
ISP responsibilities should be mostly met by being able to match an ip address to an individual who is responsible for that node.
How are they using BT? (Score:3, Insightful)
Are the students using BT for legitimate academic purposes, or are they using it to download entertainment? Don't even get into the "gray area" of judging whether the content being downloaded is legal or not. If they have educational needs that are being met by BT, then there's an argument for "improving" that service. If not, why spend the time and bandwidth money on it?
If it's about Linux ISOs, set up a local mirror for the student body and ask them to use that. Bonus being that they'll download it faster than they ever could with BT.
Re: (Score:1)
Re: (Score:1, Troll)
BT uses bandwidth, and bandwidth costs money. Room & board are billed separately from all other university services, and that room & board bill doesn't include internet in most cases. Housing, contrary to what you may believ
Re: (Score:2, Insightful)
Are you insane? What the hell makes you think that students living in the dorms don't pay for water, electricity, maintenance, food, cleaning, heat and maintenance?! Just the fact that we don't get a monthly bill for it?
I'll let you in on a little secret: the cost to a student of living in a dorm has all these facto
Re: (Score:1)
The university is doing them a favor by providing a service they are not obligated to provide. Students may examine the lease, or the rental agreement they sign when they buy use of a room. The services the university is required to provide in consideration for the amount they pay for rent will be listed.
Internet service may not be listed, and there may indeed be an additional charge to use internet access. I know for a fact that a number of universities require payment of a fee to access the int
Re: (Score:2)
Here at EIU we cannot buy third party access. If we do so, we violate our residance agreements. Furthermore, we can't setup wireless APs ourselves, we can't log on without doing the following (for windows), have CleanAccessAgent running, have bridge networking turned off, have every Windows Update, have one of three major AV programs (Symantic
MOD PARENT UP (Score:2)
You might want to block email as well. (Score:2)
Well as long as you are at it, you might as well block email given that there are reports that upward of 82% [internetnews.com] of it is spam. 419 scams, get-rich-quick schemes, multi-level-marketing, fake viagra, medication without a prescription, blatant fraud, identity theft, phishing, Pump & Dump stock trades, you name
Re: (Score:1)
yeah, well, most people communicate through email (including professors) and email is light for the most part, light bandwidth, so you don't even have a va
Limiting upload speeds? (Score:1)
Re: (Score:2)
This generation of gamers is showing a distinct lack of interest in Nethack.
--- and while it would be nice to think that listeners are more interested in product from the independent labels, I suspect the "top of the chart" hits on BT pretty much track those posted by Billboard.
How much bandwith do you have (Score:1)
Local Cache? (Score:3, Insightful)
Re: (Score:2)
A rather important reason why NAT is considered evil by a lot of networking people.
IPv6? (Score:2)
You can still effectively firewall. You don't HAVE to NAT to have an effective firewall. Somewhere along the line this came into thought. Granted, that means all IP's are world-accessible, but that doesn't mean you have to allow traffic to reach those machines from outside.
allow tcp 22 from any to (ipv6 hosts allowed ssh)
allow tcp 80 from any to (ipv6 hosts allowed web access)
block icmp from any to (ipv6 network)
block from any to any
You can get
Re: (Score:2)
block smb from IPv6 network to world
block databasing from IPv6 to world
Probably a few others you'll want to toss in there that really should never go to the outside world. With windows hosts, you have to be careful.
Re: (Score:2)
allow tcp 80 from any to (ipv6 hosts allowed web access)
What would this solve? You only need one open port to be able to host anything you want, including ssh and http.
We have public IPs at Leeds (Score:3, Interesting)
You don't need public IPs (Score:3, Insightful)
Essentially what you need to do is have students connect to a server with a public IP via SSH, and set their BitTorrent client to report that server's IP to the tracker. The idea is that you set up an SSH tunnel that accepts connections on the remote end and forwards it over SSH. Most SSHv2 clients (such as PuTTY) support this functionality.
Assign each user a specific port on the server (There are over 65 thousand ports, and each person needs just one), and provide them with a nice little automated solution to set up the tunnel. PuTTY has a command-line version called "plink" that makes this super easy. Just write a short VisualBasic application that does nothing but show a window with a button to start up and connect plink to the server, and shut down the process when the user is done. This way, all a user has to do if he wants to use bittorrent is run the application and click a button. Or better yet, just write a short batch script that the user can launch when they want to do torrent-related stuff.
This is only one of the possible methods. As you can see, a computer doesn't need a public IP address in order to accept incoming connections via BitTorrent, since you can tunnel them. It should be noted that many BitTorrent clients also support proxies. uTorrent even supports proxies for peer-to-peer connections. And you may also want to look into P2P caching solutions, which could potentially significantly reduce the impact of BitTorrent on your university's connection.
My university... (Score:2)
Basically, they decided that the web (port 80) needed to be as fast as possible, becau
P2P cache (Score:1)
Connection flood (Score:1)
Now I have 1(one) instance of an emule client running, with a web interface where everyone can "order" some files, and a public share where
Run Teh Internal Tracker (Score:2)
Re: (Score:2)
public IP space (Score:2)
Like others have said... (Score:2)
If they (the users) are downloading illegal stuff they should be prohibited to do that.
What I've read most of Slashdot users are suggesting is to set up mirrors of those stuff to let them download it of local network - great idea. But add to it that you do not need to make yourself an admin of those mirrors. Just set up an apply process for a
Re: (Score:2)
> up mirrors of those stuff to let them download it of local network
> - great idea. But add to it that you do not need to make yourself
> an admin of those mirrors. Just set up an apply process for a mirror
> maintainer and let the students maintain the mirrors themselves
> (even give the admin-ones way to use BT to mirror).
Actually all you need to do is give them (the maintainers) an account of one of the servers with proper she
Change the way they use the internet? (Score:2)
Separate residential network from the rest of the university.
Give it big fat internal pipes.
hint that there would be nothing to stop someone from running an internal tracker that wouldn't be limited in speed.
Let them do what they will with it.
It probably wouldn't take long for someone to set something up and people were sharing most of what they wanted anyway over it.
Mirror linux distros and other legit items, or create an electronic form where a student could request a copy of a legit it
Try to move most of the traffic inside (Score:2)
Until we have strong AI so that a cyber-lawyer inside your firewall can figure out whether a packet should have the 'evil bit' set or not, nobody is going to be able to identify whether a bittorrent (or any other protocol's) transaction is legal or not. It's no use to try. So I wouldn't worry about whether it's legal or not: you're never going to know.
Students sign a waiver saying they will be held... (Score:2)
What about: (Score:2)
Simple solution (Score:2)
DNAT that port. Voila, full-speed bittorrent. Moreover, the user is identifiable by port, so you need not fear liability any more than does my cable company. You are protected under U.S. law, as long as you do take downs upon
accusation, and restore service if the accusation is contested.
In the university environment, I think you'll find that illicit use of BT is probably lower than is i
Peercache (Score:2)
The basic problem of having machine behind NAT, and thus unable to accept incomming connections, seems impossible to avoid unless you can get a block of 1000+ IPs.
dialup over a digital PBX phone! (Score:4, Interesting)
Procedure:
1. take handset off hook
2. tell modem to dial (any number will do)
3. dial the real number using buttons on the phone
4. enjoy the 9.6 kb/s connection
Re:They should be lucky... (Score:2)
Re: (Score:1)
Also, wait till they get in the real world where their employment will be terminated for abusing the "free" internet at work. I've personally seen people terminated on the spot and esco
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
No. The school doesn't have this obligation, not unless they provided it in the housing agreement.
The students want and expect internet access for school and pleasure. But this is something different from the school having an obligation to provide the same. A school, if it wishes, has the option of having no internet access on campus, whatsoever. They will seem to be living in the dark ages to most, and students will avoid the school as a result, but that is an option that schools have.
The student
Re: (Score:2)
Not to say that Amish University couldn't get off the ground and running, just that most colleges at this point are rather locked into what they said they'd do.
Re: (Score:2)
Whoa! Go back and re-read what you wrote. Why would the school have an obligation to provide for "pleasure" or leisure.
Higher education is not required by law. You don't *have* to attend an university. If you do so, it's under their rules. If they decree that you have to leave in their dorms but can't have internet, or cable TV or telephone or whatever... well, it sucks but it's their prerogative. I'm sure
Re: (Score:2)
DOH! I meant live.
Re: (Score:2, Informative)
If your client does not accept incoming external connections and share torrents (if your client is not on an externally accessible device and you don't have port forwarding configured), all other peers will assign you a priority lower than every other peer that is sharing.
This doesn't just mean you will be last in line to receive the requested torrent. It means that all other clients will relegate your request to the sm
Re: (Score:1, Insightful)
As a University student I find comments like that very frustrating. Making bittorrent faster (by opening incoming ports) will make it faster for *every* use, whether academic or otherwise. I'm not going to argue that most home bittorrent use is not
Re: (Score:2)
Any client that relies on the fact that other peers cannot accept inbound connections is broken. A better design is based on the upload/download ratio. As long as the peer is capable of uploading (even if it is a seeder that makes outbou
Re: (Score:2)