Working around flaky internet connections

Unfortunately not all WiFi connections work perfectly all the time. They’re fraught with unexpected problems including dropping out entirely, abruptly killing connections, and running into connection limits.

Thankfully with a little knowledge it is possible to regain productivity that would otherwise be lost to a flaky internet connection. These techniques are applicable to coffee shops, hotels, and other places with semi-public WiFi.

Always have a backup connection

Depending on a WiFi connections as your sole source of connectivity is a losing proposition. If all you’re doing are optional tasks it can work, although critical tasks demand a backup source should the primary fail.

This usually takes the shape of a cellular data connection. I USB or WiFi tether my laptop to my cell phone. This is straightforward in your home country, where you have a reliable data connection already. If working from another country it is advisable to get a local prepaid SIM card with data plan. These are usually inexpensive and never require a contract. Almost all Android devices support this behavior already.

If you’re too lazy to get a local SIM card, or are not in a country long enough to benefit from one (I usually use 1 full week as the cutoff), T-Mobile US’s post-paid plans offer roaming data in other countries. This is only EDGE (2.5G) connectivity, but is still entirely usable if you’re careful and patient with the connection.

Reducing background data

Some of the major applications that you’re using do updates in the background, including Firefox and Chrome. They can detect that your computer is connected to an internet connection, and will attempt to do updates anytime. Obviously if you’re using a connection with limited bandwidth, this can ruin the experience for everybody (including yourself).

You can disable this feature in Firefox by navigating to Edit -> Preferences -> Advanced -> Update, and switching Firefox Updates to Never check for updates.

Your operating system might do this as well, so it is worth investigating so you can disable it.

Mosh: The Mobile Shell

If you’re a command-line junkie or a keyboard cowboy, you’ll usually spend a lot of time SSHing into other servers. Mosh is an application like SSH that is specifically designed for unreliable connections. It allows some conveniences like resume-after-sleep even if your connection changes, and local echo so that you can see/revise your input even if the other side is non-responsive. There are some known security concerns with using Mosh, so I’ll leave it as an exercise to the reader if they feel safe using it.

It should be noted that with proper configuration, OpenSSH can also gain some of this resiliency.


Often the small wireless routers you’re connecting to are not configured to handle the load of several people. One symptom of this is the TCP connection limit. The result of the router hitting this limit is that you will no longer be able to establish new TCP connections until one is closed. The way around this is to use a tunnel.

The simplest method to do this is a SOCKS proxy. A SOCKS proxy is a small piece of software that runs on your laptop. Its purpose is to tunnel new connections through an existing connection. The way I use it is by establishing a connection to my colocated server in Portland, OR, then tunneling all my connections through that. The server is easy to set up.

The simplest way to do this is with SSH. To use it, simply open up a terminal and type the following command (replacing my host name with your own)

$ ssh -v -N -D1080

This will open a tunnel between your laptop and the remote host. You’re not done yet though. The next part is telling your software to use the tunnel. In Firefox this can be done in Edit -> Preferences -> Advanced -> Network -> Connection Settings -> Manual Proxy Configuration -> SOCKS Host. You’ll also want to check “Remote DNS” below. You can test this is working by visiting a web site such as

Command-line applications can use a SOCKS proxy by using the program called tsocks. Tsocks will transparently tunnel the connections of your command-line applications through your proxy. It is invoked like this:

$ tsocks curl

Some other methods of tunneling that have been used successfully include real VPN software such as OpenVPN. There is an entire market of OpenVPN providers available that will give you access to endpoints in many countries. You can also just run this yourself.

An alternative to that is sshuttle. This uses iptables on Linux (and the built-in firewall on OS X) to transparently tunnel connections over a SSH session.All system connections will transparently be routed through it. One cool feature of this approach is that no special software needs to be installed on the remote side. This means that it’s easy to use with several different hosts.

Local caching

Some content can be cached and reused without having to hit the Internet. This isn’t perfect, but reducing the amount of network traffic should result in less burden on the network and faster page-load times. There are a couple pieces of software that can help achieve this.

Unbound is a local DNS caching daemon. It runs on your computer and listens for applications to make DNS requests. It then asks the internet for the answer, and caches that. This results in less DNS queries hitting the internet, which reduces network burden and theoretically loads pages faster. I’ve been subjecting Unbound to constant daily use for 6 months, and have not attributed a single problem to it. Available in a distro near you.

Polipo is a local caching web proxy. This is a small daemon that runs on your computer and transparently caches web content. This can speed up page load times and reduce amount of network traffic done. It has a knob to tune the cache size, and you can empty the cache whenever you want. Again, this should be available in any major package manager.

Ad blocking software

Privoxy is a web proxy that filters out unwanted content, such as tracking cookies, advertisements, social-media iframes, and other “obnoxious internet junk”. It can be used in conjunction with polipo, and there is even a mention in the docs about how to layer them.

SomeoneWhoCares Hosts File is an alternative /etc/hosts file that promises “to make the internet not suck (as much)”. This replaces your /etc/hosts file, which is used before DNS queries are made. This particular /etc/hosts file simply resolves many bad domains to ‘’ instead of their real address. This blocks many joke sites (goatse, etc) as well as ad servers. I’ve used this for a long time and have never encountered a problem associated with it.

AdBlock Plus might be a Firefox extension you’re familiar with it. It is a popular extension that removes ads from web pages, which should save you bandwidth, page load speed, and battery life. AdBlock Plus is a heavy memory user, so if you’re on a device with limited memory (< 4GB) it might be worth considering an alternate ad blocking extension.

Second browser instance (that doesn’t use any of the aforementioned)

As great as these pieces are, sometimes you’ll encounter a problem. At that point it could be advantageous to have a separate browser instance to access the internet “unadulterated”. This will let you know if the problem is on your side, the remote host, or your connection.

I hope that using these techniques will help you have a better experience while using questionable connections. It’s an ongoing struggle, but the state of connectivity is getting better. Hopefully one day these measures will be unnecessary.

Please leave a comment if you learned something from reading this, or notice anything I missed.