Fixing YouTube Slowdowns at the Router Level

RomanAcademy
5 min readSep 10, 2024

--

Fixing YouTube Slowdowns at the Router Level

Greetings to all! On the night of August 1st, I noticed that YouTube started lagging terribly. Naturally, this did not sit well with me, especially since I rely on YouTube for streaming and content consumption. Like any rational internet user, I wanted to get to the bottom of this issue and figure out how to fix it. In this article, I’ll walk you through the steps I took to resolve the problem of YouTube slowdowns at the router level and how you can do the same in your home network.

What Happened?

First, let’s break down what might be happening and why YouTube starts “buffering.” The issue isn’t just a random slowdown but often a result of your ISP (Internet Service Provider) applying a technique called **DPI (Deep Packet Inspection)**. DPI allows ISPs to analyze the content of network traffic and “determine” what type of data is being transferred, such as streaming video or regular web browsing.

The root cause of the slowdown lies in the process of establishing **SSL connections** (the type of connection used when accessing websites over HTTPS). During this process, the domain to which you’re connecting is passed in plaintext through **SNI (Server Name Indication)**, a mechanism that helps servers understand which domain you’re trying to access. When your ISP sees the domain `googlevideo.com` (used to deliver video content for YouTube), it might apply traffic shaping or throttling to slow down the connection, resulting in poor video performance.

How to Verify the Issue?

You can verify the problem locally using the `curl` command, which helps download files from the internet. Let’s first try downloading a test file:

```bash
$ curl https://speedtest.selectel.ru/100MB -o/dev/null
```

If the download speed is high, it indicates that your internet connection is generally fine. Now let’s run a test with a YouTube domain:

```bash
$ curl — connect-to ::speedtest.selectel.ru https://manifest.googlevideo.com/100MB -k -o/dev/null
```

You’ll likely notice a significant drop in speed. This is a clear sign that traffic to `googlevideo.com` is being throttled.

With the problem identified, let’s move on to how to fix it. The main task is to mask or obfuscate the traffic so that your ISP can’t tell you’re connecting to YouTube.

How to Fix It?

The issue is clearly related to DPI being applied by your ISP. There are several ways to bypass or disguise this traffic. One approach involves using software that modifies the data packets in such a way that DPI systems can no longer correctly analyze their contents. A well-known project for this is **Goodbye DPI**, which works well for Windows systems. However, since I wanted to fix the issue for my entire home network, not just individual devices, I needed a solution that could be implemented directly on the router.

My Zyxel Keenetic Giga III Router and OPKG

My router is the **Zyxel Keenetic Giga III**, which is about ten years old. Despite its age, it has been a rock-solid performer. I was thinking about upgrading, but to my surprise, I found out that I could install **OpenWrt** binaries on it using the **OPKG** package manager. This was a pleasant discovery, as it allowed me to install the necessary tools to bypass DPI directly on the router.

Installing OPKG on Zyxel Keenetic Giga III

To start, I accessed the web interface of the router and installed all the required components for OPKG. Since the internal memory on the router is quite limited, I had to use a USB flash drive formatted to **EXT4**. On the flash drive, I created an `install` directory and downloaded the necessary binaries from the **Entware** project. For my **mipsel** platform, the installer can be found here: [EN_mipsel-installer.tar.gz](https://bin.entware.net/mipselsf-k3.4/installer/EN_mipsel-installer.tar.gz).

After installation and plugging in the flash drive, the router automatically extracted the archive, and I was able to connect via **SSH** on port 222.

Verifying the Correct Setup

If you make a mistake in selecting the platform, the error message `exec format error` will let you know. In case of success, you’ll be able to log into the system through SSH with the username `root` and password `keenetic`. Once logged in, be sure to change the password with the `passwd` command.

Now that I had a nearly full Linux system running on the router, I was ready to install the necessary software to bypass DPI.

Installing and Configuring DPI Bypass Software

With my router running Linux, the next step was to install software to bypass DPI. We’ll need a few packages:

```bash
# opkg update
# opkg install ipset curl gzip grep git-http
```

If space is limited on the router, you can manually transfer the necessary binaries from your computer using **scp**. For example:

```bash
scp -P 222 ./tpws root@192.168.0.1:/opt/root/
```

Choosing DPI Bypass Software

Among the various projects available for bypassing DPI, I found **zapret** to be particularly useful. It’s a simple project with pre-compiled binaries for various platforms that can be easily installed. I decided to use the **tpws** service from zapret, which modifies network packets to fool DPI systems.

Installing zapret and Configuring the tpws Service

To install zapret on the router, run the following commands:

```bash
# git clone https://github.com/bol-van/zapret.git
# cd zapret
# ./install_bin.sh
```

Next, create a script to automatically start the **tpws** service:

```bash
# vi /opt/etc/init.d/S51tpws
```

Insert the following code:

```bash
#!/bin/sh

SCRIPT=/opt/root/git/zapret/tpws/tpws
PIDFILE=/var/run/tpws.pid
ARGS=” — daemon — bind-addr 192.168.0.1 — port 999 — disorder — tlsrec=sni — split-pos=2 — pidfile $PIDFILE”

start() {
if [ -f $PIDFILE ] && kill -0 $(cat $PIDFILE); then
echo ‘Service TPWS is already running’ >&2
return 1
fi
$SCRIPT $ARGS
iptables -t nat -A PREROUTING -i br0 -p tcp — dport 80 -j REDIRECT — to-port 999
iptables -t nat -A PREROUTING -i br0 -p tcp — dport 443 -j REDIRECT — to-port 999
echo ‘Started TPWS service’
}

stop() {
if [ ! -f “$PIDFILE” ] || ! kill -0 $(cat “$PIDFILE”); then
echo ‘Service TPWS is not running’ >&2
return 1
fi
echo ‘Stopping TPWS service…’
kill -15 $(cat “$PIDFILE”) && rm -f “$PIDFILE”
iptables -t nat -D PREROUTING -i br0 -p tcp — dport 80 -j REDIRECT — to-port 999
iptables -t nat -D PREROUTING -i br0 -p tcp — dport 443 -j REDIRECT — to-port 999
}

status() {
if [ -f $PIDFILE ] && kill -0 $(cat $PIDFILE); then
echo ‘Service TPWS is running’
else
echo ‘Service TPWS is stopped’
fi
}

case “$1” in
start)
start
;;
stop)
stop
;;
status)
status
;;
restart)
stop
start
;;
*)
echo “Usage: $0 {start|stop|restart|status}”
esac
```

Make the script executable:

```bash
# chmod +x /opt/etc/init.d/S51tpws
```

Start the service:

```bash
# /opt/etc/init.d/S51tpws start
```

Now, all HTTP and HTTPS traffic on ports 80 and 443 will be processed through tpws, which disguises the packets to bypass your ISP’s DPI systems.

Conclusion

After setting everything up, I noticed a significant improvement in YouTube performance — videos were loading quickly without buffering. This method of fooling DPI by modifying network packets proved to be an effective solution for my entire home network, without needing to configure individual devices.

If you’re experiencing similar issues with YouTube or other services being throttled by your ISP, I highly recommend trying this approach. By running software like **zapret** and **tpws** on your router, you can mask your traffic and bypass throttling for all devices in your network.

--

--

RomanAcademy
RomanAcademy

Written by RomanAcademy

If software and web development are something you’re interested in, you’ll find a lot of helpful information on this channel.

No responses yet