Blocking Anything Is Difficult
Blocking anything at the home-router level is difficult. Sure, if your router has parental controls or other website-blacklisting features built-in, you could block individual websites. You could block facebook.com if you don’t want anyone accessing Facebook on your network. But there would be ways around this through VPNs and proxies.
BitTorrent is even more difficult. It’s not just blocking a single website—you’d have to block a specific protocol a computer on your network uses for peer-to-peer communication with other computers around the world. There’s no switch you can flick to block just one type of traffic, and BitTorrent has evolved to make this even more difficult.
BitTorrent Evades Blocking and Throttling
The BitTorrent protocol has had a target painted on its back for much of its history. Even internet service providers like Comcast have gone out of their way to throttle BitTorrent traffic, slowing the protocol for their customers. It’s no surprise, then, that BitTorrent has gradually evolved to be much harder to block and throttle. These tricks that help BitTorrent evade throttling by ISPs will also help it evade blocking on your home network.
You Can’t Just Block BitTorrent’s Ports
When BitTorrent was first released back in 2001, the standard ports it ran on were TCP ports 6881 through 6889. Internet service providers and other network providers caught on. Many began throttling (slowing) all traffic using these ports. Some BitTorrent trackers have banned BitTorrent clients using these ports from connecting, reasoning that these clients could slow down the overall download speed for the swarm.
Even back in those days, anyone could change the port used by their BitTorrent client to another one and evade the ban. It’s now more difficult. Modern BitTorrent clients often have built-in options to use a random port, helping evade detection.
On top of that, modern BitTorrent clients use an extension called DHT (“distributed hash table”), which means they don’t even need to rely on a centralized tracker that can be blocked—they can exchange information in a peer-to-peer fashion. When using DHT, BitTorrent clients communicate over UDP, negotiating, and using different ports for each connection.
And, while you could disable UPnP on your router to prevent BitTorrent clients from automatically forwarding ports to allow incoming connections, they could still make outgoing connections.
You Can’t Use Traffic Inspection Due to Encryption
Faced with BitTorrent clients that mostly no longer ran on predictable ports, ISPs and other network operators turned to something called “deep packet inspection.” Rather than simply checking for the port associated with a network packet and throttling or blocking those packets, they could examine all network packets for the characteristics of BitTorrent traffic, identifying those packets associated with BitTorrent and throttling or blocking those.
Unsurprisingly, that led the BitTorrent protocol to grow another feature: encryption. This may be known as Protocol Encryption (PE) or Protocol Header Encryption (PHE), depending on which BitTorrent client you’re using. This is designed to “obfuscate” BitTorrent traffic, making it harder for ISPs and network operators to detect that BitTorrent traffic and perform traffic shaping on it—in other words, making it much more difficult for ISPs to pin down and slow BitTorrent traffic.
Some routers come with Quality of Service (QoS) features that attempt to identify types of traffic and let you throttle them on your network. As you might expect, BitTorrent’s juggling of ports and protocol encryption features get in the way of your home router identifying BitTorrent traffic, too.
How to Stop (or Slow) BitTorrent on Your Network
In summary, there’s no easy technical solution. You won’t find a one-click button that will disable or even slow BitTorrent traffic on your entire home network.
Organizations do have some technical options. An organization that controls its workstations could use application whitelisting functionality to prevent employees from running BitTorrent clients on its PCs. A business hosting a public Wi-Fi network could try to block everything but standard web-browsing traffic.
At home, if someone has access to your network, they can do what they want. To kick everyone off your Wi-Fi network, just change its passphrase, and only devices with the new one can connect. You can block specific devices from your router with MAC address filtering, but this will block all connections from that device—BitTorrent as well as everything else. People with your Wi-Fi passphrase could get around it, too.
If you have a family member or roommate that just keeps torrenting and slowing everything down, we recommend skipping the technical solution and asking them to stop. If you’re concerned about them slowing down your network, ask them to set upload and download speed limits in their BitTorrent client.
If you do have a router with Quality of Service features, you can’t necessarily slow down just BitTorrent traffic. However, you could configure the router to deprioritize all traffic from the devices you know are BitTorrenting and prioritize all traffic from other devices that are easier on your network. Consult your router’s documentation for more information.