Canadian TV, Computing and Home Theatre Forums banner

Bell throttles VPN connections

49K views 39 replies 18 participants last post by  bell frustrates 
#1 ·
Bell throttles VPN connections

I just got the new Fibe 25 service and have discovered that if you use a VPN to connect to your business VPN Bell will detect the use of a VPN and cap your 25 Mbit Fibe 25 connection to only 4 Mbit when using the VPN.

So I had our business IT tech drop by my home and run a bunch of tests over the new Fibe 25. We confirmed that indeed Bell was capping the speed when a VPN was being used. He also tried SSH tunnelling and that too was hindered by Bell’s actions

So I called Bell and asked about it.. the tech I spoke to first denied that Bell was doing anything. I then told him we’re IT professionals and we can clearly see you’re capping the speed. He then put me on hold for 10 minutes to talk with his supervisor.. he then came back on the phone to tell me “I have some bad news for you…. Yes we do cap VPN speeds” I asked why and he had no answer… only answer was to give me a phone number of the head office to complain.
 
#3 ·
Although I don't necessarily agree, Bell might be thinking that since you are using a residential service for business purposes, they have the right to restrict your access. If you ran a business out of your home, you should be paying more for your basic phone service - not just the residential rates.

I assume, that business fiber service from Bell would be higher cost than residential (is this true?)

Just some thoughts.
 
#7 ·
Bell might be thinking that since you are using a residential service for business purposes
I assume, that business fiber service from Bell would be higher cost than residential (is this true?)

Just some thoughts.
Their business service is only 6 down and 800K up for about the same price as a Fibe 25.
The thing is you pay for the bandwidth as they cap that too. So why hinder people from using it?
 
#5 ·
What type of VPN connection are you using and do you have the option of switching to an SSL based vpn? It might be harder for them to throttle that. I'm using the Cisco AnyConnect client to my work through Cogeco and they don't appear to be throttling it, at least not today.

-Mike
 
#6 ·
PPTP VPN will get knocked down to 4 Mbit and OpenVPN will get hit too but not as bad.

We believe they are using DPI to detect the headers. PPTP is a dead giveaway as to what it is and they take it out with precision. OpenVPN has no headers and can use any port so to the DPI system it can't really tell what it is... or just yet.

We'll give an SSL VPN over 443 a shot and see what they do.
 
#9 ·
Although I don't necessarily agree, Bell might be thinking that since you are using a residential service for business purposes, they have the right to restrict your access.
A VPN doesn't mean business use. I've been running OpenVPN for years because it gives me access to my home network & mail server from elsewhere. Also, I've recently started using IPv6 via a gateway and client that create an encrypted VPN tunnel. No business use here either. It's long been obvious that ISPs should be made common carriers, which would put an end to this sort of nonsense and other.
 
#10 ·
Bell might be thinking that since you are using a residential service for business purposes, they have the right to restrict your access.
Some people can tele-commute. I'm not running a business, I'm just working from home. Or sometimes I need to urgently connect to a client's network after hours to troubleshoot. Or we may have internal conference calls at odd hours because of our international offices.
 
#11 ·
^^^^
Strickly speaking, those could be considered "business use", but I certainly agreee with you. I don't have a problem with usage limits etc., but they shouldn't be looking to see how you're using your internet connection, short of a court order.
 
#12 ·
HDTV, can you give me a bit more detail around this? I'd be more than happy to look into this for you... I can confirm with 100% certainty that Bell does not traffic shape anything other than P2P.

The tech you were speaking to has absolutely no idea what he's talking about.

What time of day were you testing?
Furthermore, we know for a fact that thousands of P2P users are masking their P2P traffic through SSL - which is not shaped. So i'm not sure why that didn't work either.

Can you PM me some more details and i'll investigate?
 
#14 ·
I have Fibe 16 and felt I was not having your issues. So, I just ran a dozen or so speedtests to VPN connections in US (3); Canada (1); Europe (3) through speedtest.net and selected a few random locations as the speedtest option on each. I averaged between 9-14megs depending on the location for stateside and Canadian connections. A little slower (as low as 5 to Europe), but there is lots of explanations for that.

I had similar data overhead losses when I was on a 6meg connection before.

I also did some hard wiring this weekend and before I was back on a wired LAN I was seeing more data loss then this wirelessly.

Long story short, I don't think I'm seeing a cap on my end. Possible the traditional DSL which is used for 16 is different than the 25.
 
#15 ·
^^^^
It shouldn't make a difference. With DSL, you have exclusive use of the bandwidth on the pair, going all the way back to the DSLAM shelf. Frome there, you connect to the same network backbone as everyone else.
 
#16 ·
So next we won't be able to do any talking about work on our Bell telephone lines. :eek:

Don't tell anyone but I use my home phone line to dial into a conference call in the evening once a week. Shhhhhhhhhhhhhhhhh. :)

Please keep us posted... it would be interesting to hear if this turns out to actually be correct. If we are capped on the b/w they should have zero say in what we are using our bytes for - work or personal use.
 
#17 ·
I use VPN and JUST had Fibe 25 installed at my condo. It's Cisco something VPN that I use. I'll test it when I get home tonight to see. I only telecommute I don't even have an office in my corporation I only work from home. I got the Fibe 25 for the fast upload so my IP phone won't keep disconnecting like it did before.

Just as an aside, you can get up to 16Mbps for Business with Bell. My other office has the 12Mbps guaranteed which is $92 a month.
 
#18 ·
It is my understanding that Bell wasn't capping VPN if you are using the standard port(s) for that service.

If you are setting up VPN on custom ports then maybe that's part of your problem if the above is true (ie. their DPI doesn't know what to do with it & caps it as a result thinking it is some P2P).

I'm not a Vibe user but am on Bell DSL (5M profile) & don't recall noticing my VPN being capped albeit I haven't actually tested it recently...
 
#19 ·
I didn't get a chance to test it but I will soon as I have Fibe 25. I can see them capping it if you set up your own VPN server to connect in since that's more for businesses and this is residential. But I can't see them capping your connection to your office's VPN connection. What difference would that make to bell it's not like you're running a server.
 
#20 ·
^^^^
Many people, myself included, run a VPN for strictly personal reasons. Others use one for telecommuting. In addition, I've started using IPv6, by tunnelling to a gateway. Would Bell consider that a VPN too? For business? This is why ISPs should be made into common carriers. That way, it would be illegal for them to tamper with the content of internet access.
 
#21 ·
Okay relax everyone! I'm at my condo now on Fibe 25. Did a speed test got 23Mbps which is normal over WiFi, if I plug in I usually get just over 25. Anyway, I just connected to my work VPN which is the Cisco Systems VPN Client version 5.0. Ran a speed test and I just got 22Mbps then again got 19Mbps and again got 21.5Mbps. So that puts that to rest, no cap for VPN!
 
#22 ·
Agreed... I use my VPN all the time on Bell and there is no traffic cap, no matter the time of the day. I've been doing this for years, just did it again yesterday. Whoever told you there was a cap was simply clueless...

To the OP, is it possible that your VPN system at work restricts the speed to a maximum of 4M? These VPN boxes have a finite amount of resources, so does the Internet link they connect to... Just saying.
 
#23 ·
Just an update....

The Bell CRS did admit to it that they were doing something... and the throttling kicked in a few days later after the DPI picked up on it. my VPN router is not an under powered Linksys box like some people use... yes those do max out at 3 Mbit. My VPN router is a Dell PowerEdge Server in my home with a dual core CPU and can handle up to 1 Gbit using an AES Accelerator.

This is what we noticed...

PPTP was throttled once discovered by DPI to 4 Mbit
SSH was throttled once discovered by DPI to 3 Mbit

Open VPN was the winner since it provided no headers as to the type of traffic it was.

After my posting on here and several calls to bell all throttling on my line vanished. :rolleyes:

I get 25/7 as specified by Bell.. and 24/6 through the VPN server. You lose 1 Mbit due to the VPN overhead (Packet encapsulation)


As long as things stay this way I'm now very happy!
 
#24 ·
I wasn't referring to what you have in your home but the box you connect to at work. That box may be configured to throttle individual sessions to preserve bandwidth and/or resources.

I think you may be paranoid about Bell... ;) They don't deploy specific DPI throttling that would only affect a few users. When they do something its blanket across the board. Also, the CRTC ruled (last fall as far as I remember) that although they are allowed to throttle bandwidth they must fully disclose what they are doing... If they change their practices they must give notice and again fully disclose the details.
 
#25 ·
I wasn't referring to what you have in your home but the box you connect to at work. That box may be configured to throttle individual sessions to preserve bandwidth and/or resources.
We have 40 Dell PowerEdge servers in NDC at 151 Front St W. One of them is my exclusive VPN server.. And there is nothing limiting it but the 100 Mbit port it’s connected to. I know the CRTC rules as I’ve read them. The way I see it is the average Joe can’t test a 25 Mbit VPN without having a VPN server at the other end capable of that same speed. Maybe I caught Bell by surprise? Maybe Bell is now the one that’s paranoid?
 
#28 ·
It's also possible that there was a piece of equipment at Bell's end that was misconfigured. In the past, Bell *has* used traffic shaping and port blocking on a number of different protocols and ports. That includes VPN on residential lines. The problem is cleared up now. Time to move on.
 
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top