cancel
Showing results for 
Search instead for 
Did you mean: 

Is Remote Desktop traffic throttled ?

N/A

Is Remote Desktop traffic throttled ?

Hi all, just wondered if anybody knew if Remote Desktop traffic was throttled in any way (used to be called Terminal Services). I'm an occasional user of this and it was OK first couple of times, but last 2 attempts have been dire.

Thanks in advance...

Paul
38 REPLIES
N/A

Is Remote Desktop traffic throttled ?

I think RDP is secure isn't it? In which case it's probably being mistaken for encrypted P2P traffic.

For the network guys: RDP uses TCP 3389
Plusnet Alumni (retired) _CN_
Plusnet Alumni (retired)
Posts: 385
Registered: 11-06-2007

Is Remote Desktop traffic throttled ?

Thanks gotdsl for the info.

The MS-RDP has always been defined on the Ellacoya and marked into the gold queue.
N/A

Is Remote Desktop traffic throttled ?

I use terminal services more or less constantly to multiple servers and never have a problem Cheesy
N/A

Is Remote Desktop traffic throttled ?

I only have a problem with RDP when it's raining here or where the servers are. The rain ruins my ADSL connection (most likely due to crappy wiring) and also ruins the server connections as they are run from a Microwave dish and it probably turns into a small padding pool!
N/A

Is Remote Desktop traffic throttled ?

Thanks for this folks, it seems you're all saying that Remote Desktop traffic should be fine, no restrictions ?

Just one more thing to throw into the pot, would the port number make a difference ? I'm not using the default port, but 222 instead.

Thanks again...

Paul
N/A

Is Remote Desktop traffic throttled ?

Quote

Just one more thing to throw into the pot, would the port number make a difference ? I'm not using the default port, but 222 instead.

Paul


Yes, the port makes a difference. I have 2 ports open at my firewall for SSH traffic. I use port forwarding to point them both at the same local SSH server.

Traffic coming in to port 22 works fine; traffic from the same source (my work) at the same time, but to the other port, is shaped and unusable.

I moved back to the standard port just yesterday and I had a dictionary attack on my server within 24 hours. I think those sorts of attacks will just have to be par for the course from now on.
blowdart
Grafter
Posts: 93
Registered: 04-08-2007

Is Remote Desktop traffic throttled ?

Quote

Yes, the port makes a difference. I have 2 ports open at my firewall for SSH traffic. I use port forwarding to point them both at the same local SSH server.


Gee, and here was me thinking one selling point of the ellacoyas was they were signature based, not port based. If they can't even recognise traffic if the port changes they're really rather useless.
N/A

Is Remote Desktop traffic throttled ?

Quote

Gee, and here was me thinking one selling point of the ellacoyas was they were signature based, not port based. If they can't even recognise traffic if the port changes they're really rather useless.


The whole approach is fundamentally flawed, IMHO. The issue is obviously encryption - if traffic is encrypted there's no way of knowing what it is, so signature based policies are not going to work. Period. As soon as people realise that encrypted traffic on port 22 isn't agressively shaped (in order to stop hurting SSH users) they'll move their encrypted P2P traffic to port 22. Then we're back to square one.

The proper solution for ISPs is to only accept enough customers as you have bandwidth to support, and to slow people's connections based on quantity used, rather than the type of traffic they generate. Not that shaping and Quality of Service techniques don't have their place, but basing an entire network strategy on them presents all sorts of problems, as we're seeing.

Plusnet have clearly gone past the point of having too many customers and too little bandwidth for them, so they're trying to botch around the problem with this traffic shaping silliness.
gofaster
Rising Star
Posts: 361
Thanks: 10
Registered: 01-08-2007

Is Remote Desktop traffic throttled ?

An excellent post delina. I totally agree with all your points and thank you for the tip on using port 22.

I could see a system of throttling based on a persons usage in the previous 24 hours working well (or at least better than the current mess)
blowdart
Grafter
Posts: 93
Registered: 04-08-2007

Is Remote Desktop traffic throttled ?

Quote
Quote

Gee, and here was me thinking one selling point of the ellacoyas was they were signature based, not port based. If they can't even recognise traffic if the port changes they're really rather useless.


The whole approach is fundamentally flawed, IMHO. The issue is obviously encryption - if traffic is encrypted there's no way of knowing what it is, so signature based policies are not going to work. Period. As soon as people realise that encrypted traffic on port 22 isn't agressively shaped (in order to stop hurting SSH users) they'll move their encrypted P2P traffic to port 22. Then we're back to square one.


well indeed, and we can see that by the fact that encrypted traffic off the normal ports is being throttled down to pathetic, sometimes non-existant levels. And yet the last ellacoya press release said it would detect encrypted P2P. It seems that can't get that right, and someone, somewhere has decided any encrypted traffic just gets throttled. Of course it makes you wonder how it decides what encrypted traffic is, it looks like it's anything it can't understand.
Community Veteran
Posts: 2,835
Thanks: 153
Fixes: 2
Registered: 05-04-2007

Is Remote Desktop traffic throttled ?

So hang on a minute, the postings on this thread imply that the Ellacoyas cannot determine what type of traffic is encrypted - I thought they must be more advanced that that?

So can they determine the difference between p2p encrypted traffic on port x, and any other type of encrypted traffic on x and apply the appropriate throttling (sorry profile) accordingly?

I hope I have got this wrong, but if not then it is not exactly rocket science to work out that putting a load of encrypted signatures in a low priority queue (when they cannot tell the difference between what it is) is asking for trouble?

Of course it appears the typical PlusNet attitude of not giving 'two hoots' (though a four letter word is more suitable there) as long as it saves bandwidth costs. I bet they couldn't wait for Ellacoya to release the update, and apply it without testing when they saw more £'s going into their bank instead of BT/Tiscali's.
blowdart
Grafter
Posts: 93
Registered: 04-08-2007

Is Remote Desktop traffic throttled ?

Quote
So hang on a minute, the postings on this thread imply that the Ellacoyas cannot determine what type of traffic is encrypted - I thought they must be more advanced that that?

So can they determine the difference between p2p encrypted traffic on port x, and any other type of encrypted traffic on x and apply the appropriate throttling (sorry profile) accordingly?


They say they can. From a recent press release

"The new release adds application
detection and classification functionality for encrypted applications, including bandwidth intensive
encrypted peer-to-peer (P2P) such as BitTorrent and Skype (primarily in North America/Europe) and
Winny2P and Share (primarily in the AsiaPac markets).

...

Peer-to-peer applications such as BitTorrent have become the fastest and most efficient means
for the delivery of digital entertainment, making it critical for the network to support. Ellacoya’s
encrypted application detection enables the service provider to manage subscriber service quality,
manage operational and capital costs, and provide a high value experience for premium services."

But from the experiences on this board, where it seems any encrypted traffic off it's normal port, such as SSH, unknown VPN types, RDP, FirstClass et al. it seems that their detection algorithms are worth as much as an LLU MAC code.[/url]
Community Veteran
Posts: 2,835
Thanks: 153
Fixes: 2
Registered: 05-04-2007

Is Remote Desktop traffic throttled ?

Hmm, that press release is rather vague - doesn't make it explicitly clear as to whether it has only one classification for encrypted traffic or many.

As you say from the postings here it seems to be solely based on port number and whether encryption is enabled or not. Since the default ports can be easily changed, it makes the detection about as useful as a chocolate teapot.

Of course, as we've come to expect, this was rigorously tested first before being applied. Which is why everything non-p2p is running fine. (end sarcasm paragraph).
craign
Grafter
Posts: 122
Registered: 01-08-2007

Is Remote Desktop traffic throttled ?

Could an Ellacoya knowledgeable person give a straightforward answer to..

"Can the ellacoya distinguish between different applications communicating using encryption ? eg encrypted remote desktop and encrypted peer to peer file transfer both using port 22."

if yes - why is the port number of any relevance to ellacoy set up

if no - how do you manage, for example, encrypted p2p using a port nominally assigned to a high throughput queue

ta