I know this thread is a little bit old, but I think I have an understanding of what problems may be preventing seeding (or seeding well) while routing bittorrent traffic over any type of commercial VPN.
Regardless whether this is L2TP, SSTP, or OpenVPN (tcp / udp), what I believe the "peer listening port" configuration is in any bittorrent client is basically a way to let other peers know how to establish an inbound connection to you, without you having been the one who initially created the connection. So this explains the poor seeding ability, however we're still able to seed somewhat since we've provided peers we're downloading from a non-privileged port to connect back to via SYN/ACK/FIN handshake, sort of how active mode FTP functions. With this method our client need not have that port forwarded inbound (normally it's done via UPnP), because it's not an inbound connection like the ports on your computer a webserver talks to. I could be wrong about all that I've just said, but this is just a hunch.
My own VPN provider seems to be filtering all ports both tcp/udp so at this point it's really pointless to try to establish a method of providing a clear shot to an open inbound port on the VPN WAN side.
In the below data, my public VPN WAN IP is
141.101.153.214 and my internal is
10.10.10.27 with my bittorrent client listening port
8998.
Code:
[visualblind@transmission /var/lib]# netstat -4nxhwl
Name Mtu Network Address Ipkts Ierrs Idrop Opkts Oerrs Coll
lo0 - 127.0.0.0/8 127.0.0.1 774 - - 12k - -
epair - 10.10.10.0/24 10.10.10.27 46M - - 30M - -
tun0 - 141.101.153.1 141.101.153.214 43M - - 30M - -
[visualblind@transmission /var/lib]# netstat -4nxhl -p tcp
Active Internet connections
Proto Recv-Q Send-Q Local Address Foreign Address R-MBUF S-MBUF R-CLUS S-CLUS R-HIWA S-HIWA R-LOWA S-LOWA R-BCNT S-BCNT R-BMAX S-BMAX rexmt persist keep 2msl delack rcvtime
tcp4 0 0 10.10.10.27.8998 210.186.79.20.53798 0 0 0 0 0 0 0 0 0 0 0 0 0.00 0.00 0.00 0.00 0.00 0.00
tcp4 0 0 10.10.10.27.9091 63.143.42.247.3283 0 0 0 0 0 0 0 0 0 0 0 0 0.00 0.00 0.00 0.00 0.00 0.00
tcp4 0 0 141.101.153.214.19762 2.24.78.196.51413 0 0 0 0 66248 33800 1 2048 0 0 529984 270400 0.00 0.00 7199.90 0.00 0.00 0.10
tcp4 0 0 141.101.153.214.50012 70.185.237.45.57274 0 0 0 0 66248 33800 1 2048 0 0 529984 270400 0.00 0.00 7186.68 0.00 0.00 13.32
tcp4 0 0 141.101.153.214.54671 141.101.153.214.8998 0 0 0 0 0 0 0 0 0 0 0 0 0.00 0.00 0.00 0.00 0.00 0.00
tcp4 0 0 141.101.153.214.58644 60.54.65.127.34399 0 0 0 0 0 0 0 0 0 0 0 0 0.00 0.00 0.00 0.00 0.00 0.00
tcp4 0 0 141.101.153.214.35188 90.185.33.116.22768 0 0 0 0 0 0 0 0 0 0 0 0 0.00 0.00 0.00 0.00 0.00 0.00
tcp4 0 0 141.101.153.214.35183 87.98.162.88.80 0 0 0 0 66248 33800 1 2048 0 0 529984 270400 0.00 0.00 7186.31 0.00 0.00 13.69
tcp4 0 0 141.101.153.214.35110 212.178.135.62.42771 0 0 0 0 9464 33800 1 2048 0 0 75712 270400 45.54 0.00 7080.81 0.00 0.00 119.19
tcp4 0 0 10.10.10.27.9091 10.10.10.1.46920 0 0 0 0 65700 33580 1 2048 0 0 525600 268640 0.00 0.00 7199.51 0.00 0.00 0.49
tcp4 0 0 141.101.153.214.44837 213.34.77.254.42771 0 0 0 0 9464 33800 1 2048 0 0 75712 270400 29.81 0.00 7050.82 0.00 0.00 149.18
tcp4 0 0 141.101.153.214.44836 212.178.135.62.42771 0 0 0 0 9464 33800 1 2048 0 0 75712 270400 22.72 0.00 7050.75 0.00 0.00 149.25
tcp4 0 24 141.101.153.214.35573 14.231.161.219.51413 0 1 0 0 9464 33800 1 2048 0 256 75712 270400 20.25 0.00 6997.99 0.00 0.00 202.01
tcp4 0 0 141.101.153.214.12165 213.34.167.254.8999 0 0 0 0 9464 33800 1 2048 0 0 75712 270400 57.40 0.00 6946.22 0.00 0.00 253.78
tcp4 0 0 141.101.153.214.61852 213.34.77.254.6881 0 0 0 0 9464 33800 1 2048 0 0 75712 270400 58.81 0.00 6946.22 0.00 0.00 253.78
tcp4 0 0 141.101.153.214.25627 212.178.154.174.52085 0 0 0 0 9464 33800 1 2048 0 0 75712 270400 33.88 0.00 6946.16 0.00 0.00 253.84
tcp4 0 0 141.101.153.214.43735 213.34.77.254.42771 0 0 0 0 9464 33800 1 2048 0 0 75712 270400 30.42 0.00 6917.82 0.00 0.00 282.18
tcp4 0 0 141.101.153.214.34608 213.34.167.254.8999 0 0 0 0 9464 33800 1 2048 0 0 75712 270400 32.47 0.00 6911.80 0.00 0.00 288.20
tcp4 0 0 141.101.153.214.10642 213.34.77.254.6881 0 0 0 0 9464 33800 1 2048 0 0 75712 270400 1.66 0.00 6911.69 0.00 0.00 288.31
tcp4 0 0 141.101.153.214.49267 212.178.154.174.52085 0 0 0 0 9464 33800 1 2048 0 0 75712 270400 43.08 0.00 6912.47 0.00 0.00 287.53
tcp4 0 0 141.101.153.214.56338 213.34.77.254.42771 0 0 0 0 9464 33800 1 2048 0 0 75712 270400 11.27 0.00 6820.96 0.00 0.00 379.04
tcp4 0 0 141.101.153.214.22615 213.34.77.254.42771 0 0 0 0 9464 33800 1 2048 0 0 75712 270400 22.38 0.00 6790.18 0.00 0.00 409.82
tcp4 0 0 141.101.153.214.22614 212.178.135.62.42771 0 0 0 0 9464 33800 1 2048 0 0 75712 270400 30.03 0.00 6792.24 0.00 0.00 407.76
tcp4 0 0 141.101.153.214.14592 196.207.110.168.26145 0 0 0 0 9464 33800 1 2048 0 0 75712 270400 0.00 0.00 6655.61 55.60 0.00 544.39
tcp4 254292 74880 141.101.153.214.48136 80.167.128.52.51413 214 25 214 25 295624 123912 1 2048 493056 108800 2097152 991296 0.42 0.00 7199.98 0.00 0.00 0.02
tcp4 0 0 141.101.153.214.61448 185.45.195.171.20040 0 0 0 0 262856 33800 1 2048 0 0 2097152 270400 0.00 0.00 7188.90 0.00 0.00 11.10
tcp4 31096 0 141.101.153.214.25499 187.3.11.20.32109 23 0 23 0 99016 33800 1 2048 52992 0 792128 270400 0.00 0.00 7200.00 0.00 0.09 0.00
tcp4 47264 0 141.101.153.214.53768 142.196.132.12.51413 35 0 35 0 213704 33800 1 2048 80640 0 1709632 270400 0.00 0.00 7200.00 0.00 0.00 0.00
tcp4 0 0 141.101.153.214.39496 50.47.137.78.51413 0 0 0 0 66248 33800 1 2048 0 0 529984 270400 0.00 0.00 7199.64 0.00 0.00 0.36
tcp4 26094 0 141.101.153.214.64446 216.195.173.184.8999 20 0 20 0 99016 33800 1 2048 46080 0 792128 270400 0.00 0.00 7200.00 0.00 0.09 0.00
tcp4 0 0 141.101.153.214.31017 152.250.1.127.16881 0 0 0 0 66248 33800 1 2048 0 0 529984 270400 0.00 0.00 7197.39 0.00 0.00 2.61
tcp4 442405 0 141.101.153.214.31016 108.16.8.105.45226 328 0 328 0 443080 33800 1 2048 755712 0 2097152 270400 0.00 0.00 7199.89 0.00 0.00 0.11
tcp4 28500 0 141.101.153.214.31007 73.166.78.135.51413 19 0 19 0 180936 33800 1 2048 43776 0 1447488 270400 0.00 0.00 7200.00 0.00 0.09 0.00
tcp4 22391 0 141.101.153.214.30997 201.231.1.33.8999 17 0 17 0 148168 33800 1 2048 39168 0 1185344 270400 0.00 0.00 7200.00 0.00 0.09 0.00
tcp4 12482 196 141.101.153.214.30993 87.115.9.75.64441 9 1 9 0 131784 33800 1 2048 20736 256 1054272 270400 4.03 0.00 7200.00 0.00 0.00 0.00
tcp4 317437 0 141.101.153.214.30977 108.230.187.107.8999 238 0 238 0 361160 33800 1 2048 548352 0 2097152 270400 0.00 0.00 7200.00 0.00 0.00 0.00
tcp4 205037 0 141.101.153.214.30954 74.105.137.144.51413 154 0 154 0 279240 33800 1 2048 354816 0 2097152 270400 0.00 0.00 7199.92 0.00 0.01 0.08
tcp4 173002 0 141.101.153.214.30913 2.10.241.37.51413 130 0 130 0 295624 33800 1 2048 299520 0 2097152 270400 0.00 0.00 7199.99 0.00 0.08 0.01
tcp4 0 0 141.101.153.214.30912 85.201.233.184.8999 0 0 0 0 66248 33800 1 2048 0 0 529984 270400 0.00 0.00 7199.42 0.00 0.00 0.58
tcp4 0 0 141.101.153.214.30904 90.164.123.112.51413 0 0 0 0 66248 33800 1 2048 0 0 529984 270400 0.00 0.00 7199.46 0.00 0.00 0.54
tcp4 171941 0 141.101.153.214.30894 100.38.225.138.51413 129 0 129 0 246472 33800 1 2048 297216 0 1971776 270400 0.00 0.00 7199.97 0.00 0.06 0.03
tcp4 0 0 10.10.10.27.9091 10.10.10.1.43216 0 0 0 0 65700 33580 1 2048 0 0 525600 268640 0.00 0.00 7187.40 0.00 0.00 12.60
tcp4 14872 0 141.101.153.214.30517 186.19.228.23.16043 11 0 11 0 180936 33800 1 2048 25344 0 1447488 270400 0.00 0.00 7199.94 0.00 0.00 0.06
tcp4 113991 0 141.101.153.214.30516 142.196.132.12.51413 86 0 86 0 295624 33800 1 2048 198144 0 2097152 270400 0.00 0.00 7200.00 0.00 0.09 0.00
tcp4 585701 0 141.101.153.214.30515 88.129.251.150.8999 433 0 433 0 672456 33800 1 2048 997632 0 2097152 270400 0.00 0.00 7199.92 0.00 0.00 0.08
tcp4 670238 0 141.101.153.214.30514 81.171.9.207.11164 501 0 501 0 737992 33800 1 2048 1154304 0 2097152 270400 0.00 0.00 7199.96 0.00 0.05 0.04
tcp4 0 0 141.101.153.214.30510 46.246.42.141.51413 0 0 0 0 65688 33488 1 2048 0 0 525504 267904 0.00 0.00 7199.25 0.00 0.00 0.75
tcp4 0 0 141.101.153.214.30509 89.115.89.188.61236 0 0 0 0 0 0 0 0 0 0 0 0 0.00 0.00 0.00 0.00 0.00 0.00
tcp4 153784 0 141.101.153.214.30508 109.172.13.104.31337 115 0 115 0 279240 33800 1 2048 264960 0 2097152 270400 0.00 0.00 7200.00 0.00 0.00 0.00
tcp4 0 0 141.101.153.214.32200 169.0.148.54.24111 0 0 0 0 9464 58376 1 2048 0 0 75712 467008 0.00 0.00 7199.45 0.00 0.00 0.55
[visualblind@transmission /var/lib]# netstat -4nxhl -p tcp
Active Internet connections
Proto Recv-Q Send-Q Local Address Foreign Address R-MBUF S-MBUF R-CLUS S-CLUS R-HIWA S-HIWA R-LOWA S-LOWA R-BCNT S-BCNT R-BMAX S-BMAX rexmt persist keep 2msl delack rcvtime
tcp4 0 0 141.101.153.214.8998 141.101.153.214.58334 0 0 0 0 81720 49032 1 2048 0 0 653760 392256 0.00 0.00 7190.26 0.00 0.00 9.74
tcp4 0 0 141.101.153.214.58334 141.101.153.214.8998 0 0 0 0 8192 49032 1 2048 0 0 65536 392256 0.00 0.00 7190.36 0.00 0.00 9.64
tcp4 0 0 141.101.153.214.63107 187.115.245.2.48107 0 0 0 0 0 0 0 0 0 0 0 0 0.00 0.00 0.00 0.00 0.00 0.00
tcp4 0 0 141.101.153.214.26180 123.201.57.84.39223 0 0 0 0 9464 33800 1 2048 0 0 75712 270400 0.00 0.00 7134.47 534.47 0.00 65.53
tcp4 30820 0 141.101.153.214.20065 109.172.13.104.31337 23 0 23 0 279240 33800 1 2048 52992 0 2097152 270400 0.00 0.00 7200.00 0.00 0.09 0.00
tcp4 512536 0 141.101.153.214.47336 81.171.9.207.11164 383 0 383 0 1622728 33800 1 2048 882432 0 2097152 270400 0.00 0.00 7200.00 0.00 0.09 0.00
tcp4 0 0 10.10.10.27.9091 10.10.10.1.47290 0 0 0 0 65700 33580 1 2048 0 0 525600 268640 0.00 0.00 7199.37 0.00 0.00 0.63
nmap -Pn 141.101.153.214 -p50500-50510
Starting Nmap 7.60 ( https://nmap.org ) at 2019-05-01 04:15 PDT
Nmap scan report for 141.101.153.214
Host is up.
PORT STATE SERVICE
50500/tcp filtered unknown
50501/tcp filtered unknown
50502/tcp filtered unknown
50503/tcp filtered unknown
50504/tcp filtered unknown
50505/tcp filtered unknown
50506/tcp filtered unknown
50507/tcp filtered unknown
50508/tcp filtered unknown
50509/tcp filtered unknown
50510/tcp filtered unknown
Nmap done: 1 IP address (1 host up) scanned in 5.07 seconds
nmap -v -sU -Pn 141.101.153.214
Starting Nmap 7.60 ( https://nmap.org ) at 2019-05-01 04:35 PDT
Initiating Parallel DNS resolution of 1 host. at 04:35
Completed Parallel DNS resolution of 1 host. at 04:35, 0.01s elapsed
Initiating UDP Scan at 04:35
Scanning 141.101.153.214 [1000 ports]
UDP Scan Timing: About 15.50% done; ETC: 04:38 (0:02:49 remaining)
UDP Scan Timing: About 30.25% done; ETC: 04:38 (0:02:21 remaining)
UDP Scan Timing: About 45.25% done; ETC: 04:38 (0:01:50 remaining)
UDP Scan Timing: About 60.05% done; ETC: 04:38 (0:01:20 remaining)
UDP Scan Timing: About 75.05% done; ETC: 04:38 (0:00:50 remaining)
Completed UDP Scan at 04:38, 201.28s elapsed (1000 total ports)
Nmap scan report for 141.101.153.214
Host is up.
All 1000 scanned ports on 141.101.153.214 are open|filtered
Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 201.37 seconds
Raw packets sent: 2000 (57.844KB) | Rcvd: 0 (0B)
[visualblind@transmission /var/lib]# transmission-remote --auth <****:****> --session-stats
CURRENT SESSION
Uploaded: 7.30 GB
Downloaded: 59.45 GB
Ratio: 0.1
Duration: 14 hours (53190 seconds)
TOTAL
Started 23 times
Uploaded: 50.93 GB
Downloaded: 281.2 GB
Ratio: 0.1
Duration: 7 days (662301 seconds)
[root@transmission /usr/local/etc/transmission/home]# cat settings.json
{
"alt-speed-down": 3584,
"alt-speed-enabled": true,
"alt-speed-time-begin": 450,
"alt-speed-time-day": 127,
"alt-speed-time-enabled": true,
"alt-speed-time-end": 1410,
"alt-speed-up": 768,
"bind-address-ipv4": "0.0.0.0",
"bind-address-ipv6": "::",
"blocklist-enabled": true,
"blocklist-url": "http://www.wael.name/wael.list.p2p.gz",
"cache-size-mb": 4,
"dht-enabled": false,
"download-dir": "/mnt/torrent-complete",
"download-queue-enabled": true,
"download-queue-size": 5,
"encryption": 1,
"idle-seeding-limit": 300,
"idle-seeding-limit-enabled": false,
"incomplete-dir": "/mnt/torrent-incomplete",
"incomplete-dir-enabled": true,
"lpd-enabled": false,
"message-level": 2,
"peer-congestion-algorithm": "",
"peer-id-ttl-hours": 6,
"peer-limit-global": 750,
"peer-limit-per-torrent": 115,
"peer-port": 8998,
"peer-port-random-high": 65535,
"peer-port-random-low": 49152,
"peer-port-random-on-start": false,
"peer-socket-tos": "default",
"pex-enabled": true,
"pidfile": "/var/run/transmission/daemon.pid",
"port-forwarding-enabled": false,
"preallocation": 1,
"prefetch-enabled": true,
"queue-stalled-enabled": true,
"queue-stalled-minutes": 30,
"ratio-limit": 0.5000,
"ratio-limit-enabled": true,
"rename-partial-files": true,
"rpc-authentication-required": true,
"rpc-bind-address": "0.0.0.0",
"rpc-enabled": true,
"rpc-host-whitelist": "transmission.sysinfo.io",
"rpc-host-whitelist-enabled": true,
"rpc-password": "{********************",
"rpc-port": 9091,
"rpc-url": "/transmission/",
"rpc-username": "visualblind",
"rpc-whitelist": "127.0.0.1",
"rpc-whitelist-enabled": false,
"scrape-paused-torrents-enabled": true,
"script-torrent-done-enabled": false,
"script-torrent-done-filename": "",
"seed-queue-enabled": false,
"seed-queue-size": 10,
"speed-limit-down": 4608,
"speed-limit-down-enabled": true,
"speed-limit-up": 1024,
"speed-limit-up-enabled": true,
"start-added-torrents": true,
"trash-original-torrent-files": false,
"umask": 18,
"upload-slots-per-torrent": 14,
"utp-enabled": true
}
Code:
root@freenas[/mnt/pool0/iocage/jails/transmission]# cat config.json
{
"CONFIG_VERSION": "14.1",
"allow_chflags": "0",
"allow_mlock": "0",
"allow_mount": "1",
"allow_mount_devfs": "1",
"allow_mount_nullfs": "0",
"allow_mount_procfs": "0",
"allow_mount_tmpfs": "0",
"allow_mount_zfs": "0",
"allow_quotas": "0",
"allow_raw_sockets": "1",
"allow_set_hostname": "1",
"allow_socket_af": "0",
"allow_sysvipc": "0",
"allow_tun": "1",
"available": "readonly",
"basejail": "yes",
"boot": "on",
"bpf": "no",
"children_max": "0",
"cloned_release": "11.2-RELEASE",
"comment": "none",
"compression": "lz4",
"compressratio": "readonly",
"coredumpsize": "off",
"count": "1",
"cpuset": "off",
"cputime": "off",
"datasize": "off",
"dedup": "off",
"defaultrouter": "10.10.10.1",
"defaultrouter6": "none",
"depends": "none",
"devfs_ruleset": "0",
"dhcp": "off",
"enforce_statfs": "1",
"exec_clean": "1",
"exec_fib": "0",
"exec_jail_user": "root",
"exec_poststart": "/usr/bin/true",
"exec_poststop": "/usr/bin/true",
"exec_prestart": "/usr/bin/true",
"exec_prestop": "/usr/bin/true",
"exec_start": "/bin/sh /etc/rc",
"exec_stop": "/bin/sh /etc/rc.shutdown",
"exec_system_jail_user": "0",
"exec_system_user": "root",
"exec_timeout": "60",
"host_domainname": "sysinfo.io",
"host_hostname": "transmission",
"host_hostuuid": "transmission",
"host_time": "yes",
"hostid": "de2ceb18-30c5-11e9-a9c9-005056b46652",
"hostid_strict_check": "off",
"interfaces": "vnet0:bridge0",
"ip4": "new",
"ip4_addr": "vnet0|10.10.10.27/24",
"ip4_saddrsel": "1",
"ip6": "new",
"ip6_addr": "none",
"ip6_saddrsel": "1",
"jail_zfs": "off",
"jail_zfs_dataset": "iocage/jails/transmission/data",
"jail_zfs_mountpoint": "none",
"last_started": "2019-04-30 20:42:17",
"login_flags": "-f root",
"mac_prefix": "005056",
"maxproc": "off",
"memorylocked": "off",
"memoryuse": "off",
"mount_devfs": "1",
"mount_fdescfs": "1",
"mount_linprocfs": "0",
"mount_procfs": "0",
"mountpoint": "readonly",
"msgqqueued": "off",
"msgqsize": "off",
"nmsgq": "off",
"notes": "none",
"nsemop": "off",
"nshm": "off",
"nthr": "off",
"openfiles": "off",
"origin": "readonly",
"owner": "root",
"pcpu": "off",
"priority": "99",
"pseudoterminals": "off",
"quota": "none",
"release": "11.2-RELEASE-p9",
"reservation": "none",
"resolver": "/etc/resolv.conf",
"rlimits": "off",
"securelevel": "2",
"shmsize": "off",
"stacksize": "off",
"stop_timeout": "30",
"swapuse": "off",
"sync_state": "none",
"sync_target": "none",
"sync_tgt_zpool": "none",
"sysvmsg": "new",
"sysvsem": "new",
"sysvshm": "new",
"template": "no",
"type": "pluginv2",
"used": "readonly",
"vmemoryuse": "off",
"vnet": "on",
"vnet0_mac": "00505603aa46 00505603aa47",
"vnet1_mac": "none",
"vnet2_mac": "none",
"vnet3_mac": "none",
"vnet_default_interface": "auto",
"vnet_interfaces": "none",
"wallclock": "off"
}#
If I'm wrong I hope someone can correct me or maybe provide some more insight into how the bittorrent protocol works. The only way I can see around is to pay a little more premium for a VPN provider dedicated static IP offering and hopefully NAT-T or PAT-T will work some magic.