P2P

Comment: Canadian ISPs and Internet Traffic Management

/ Christopher Parsons / 1 Comment

I’ve recently put up a document that summarized most of the first round of filings for the CRTC’s investigation of Canadian ISP traffic management practices (PN 2008-19), and thought that I’d post a few things that I thought were most interesting (for me). Keep in mind that many of my interests revolve around deep packet inspection.

Network Use Averages

  1. Bell filed their specific data points in confidence, though from what they provided we can see that the top 5% of usage on the network has declined from 61.1% to 46.6%, and the top 10% of network usage has declined from 77.1% to 62.6%.
  2. In TELUS’ case, we find that their retail customers have decreased the amount of content they are uploading, though they are downloading more. Their wholesale customers are both downloading and uploading more than in 2006. Specific traffic data was filed in confidence to the CRTC.
  3. Bell finds that P2P and HTTP/Streaming traffic are the most commonly used end-user categories that contribute to bandwidth usage.

Canadian ISPs Admitting to Traffic Management

  1. Bell Wireline (excludes Bell Mobility and Bell Aliant Atlantic). DPI technology is used, though the vendor and products are filed in confidence.
  2. Cogeco uses DPI, but has filed the vendor and products in confidence.
  3. Rogers filed their comments in confidence, but from past information that has emerged we know that they are using DPI equipment.
  4. Shaw Communications Inc. uses Arbor-Ellacoya devices, though the particular products are filed in confidence.
  5. Barrett Xplore Inc. Uses VoIP prioritization, provisioning of modems, and DPI. Specifics are filed in confidence.
  6. While not explicitly stated, is appears as though Bragg Communications Ltd. also uses DPI.

Canadian ISPs Not Using Traffic Management

  1. MTS Allstream Inc.
  2. SaskTel (though they do use Arbor Peakflow SP, dominantly for network security purposes)
  3. Primus Telecommunications Canada Inc.
  4. Telus

What is Being Filtered/Throttled?

  1. Bell acknowledges that they do throttle traffic between 1630 and 0200 each day by limiting bandwidth available to P2P applications. A detailed listing of applications is not publicly mentioned.
  2. Cogeco currently uses management technologies against: eDonkey/eMule, EmuleEncrypted, Kazaa, Fast Track KaZaA Networking, Napster, Bittorrent, Dijjer, Manolito, Hotline, Share, Soulseek, v-share, Zattoo, Joost, KuGoo, Kuro, DHT, Commercial File Sharing, Baidu Movie, Club Box, Winny, Gnitella, Gnutella Networking, WinMX, Direct Connect, PeerEnabler, Exosee, Further, Filtopia, Mute, NodeZilla, waste, Warez, NeoNet, PPLiveStream Misc, BAIBAO, POCO, Entropy, Rodi, Guruguru, Pando, Soribada, Freenet, PacketiX, Feidian, AntsP@P, Sony Location Free, thunder, Web Thunder. They only look at the specific signature of P2P applications.
  3. Rogers “looks at header information embedded in the payload and session establishment procedures.” What is unclear to me is how they are suggesting that header information is embedded in the payload itself – these are two separate spaces in packets, as I understand networking 101. Specifics P2P that are filtered is not mentioned, though they only concentrate on uploaded content.
  4. Shaw doesn’t say – they’ve filed their findings in confidence.
  5. Barrett doesn’t say – they’ve filed their findings in confidence.
  6. Bragg targets: Bittorrent, News, DirectConnect, Blubster, gnutella, KaZaA, WinMX, eDonkey, Filetopia, Hotline, GuruGuru, Soribada, Soulseek, Ares, JoltID, eMule, Waste, Konspire2b, ExoSee, FurtherNet, MUTE, GNUnet, Nodezilla. Bragg focuses on the packet headers and the behaviour of packet exchanges, and avoiding learning about the content of packet flows.

Under What Conditions Non-Management ISPs Would Manage Their Networks

  1. MTS Allstream notes that only if a capital investment analysis found traffic management technologies to lead to enhanced revenue would they invest in management technologies.
  2. SaskTel has three conditions that would lead them to adopt management technologies: (a) customer demand outstrips capacity and augmentation could not be economically accomplished; (b) if competitive forces require the introduction of alternate service definitions; (c) if there was a need to enforce the aUP so that there was sufficient network capacity for end-users.
  3. TELUS does not currently use management technologies such as DPI, and has no plans to do so.

There is more in the document that is of note, but insofar as it pertains to DPI I thought that these were probably core points that people would be interested in.

P2P and Complicity in Filesharing

/ Christopher Parsons

I think about peer to peer (P2P) filesharing on a reasonably regular basis, for a variety of reasons (digital surveillance, copyright analysis and infringement, legal cases, value in efficiently mobilizing data, etc.). Something that always nags at me is the defense that P2P websites offer when they are sued by groups like the Recording Industry Association of America (RIAA). The defense goes something like this:

“We, the torrent website, are just an search engine. We don’t actually host the infringing files, we are just responsible for directing people to them. We’re no more guilty of copyright infringement than Google, Yahoo!, or Microsoft are.”

Let’s set aside the fact that Google has been sued for infringing on copyright on the basis that it scrapes information from other websites, and instead turn our attention to the difference between what are termed ‘public’ and ‘private’ trackers. ‘Public’ trackers are available to anyone with a web connection and a torrent program. These sites do not require users to upload a certain amount of data to access the website – they are public, insofar as there are few/no requirements placed on users to access the torrent search engine and associated index. Registration is rarely required. Good examples at thepiratebay.org, and mininova.org. ‘Private’ trackers require users to sign up and log into the website before they can access the search engine and associated index of .torrent files. Moreover, private trackers usually require users to maintain a particular sharing ration – they must upload a certain amount of data that equals or exceeds the amount of data that they download. Failure to maintain the correct share ratio results in users being kicked off the site – they can no longer log into it and access the engine and index.

Continue reading

Comment: Virgin Takes Aim At BitTorrent

/ Christopher Parsons

In the US, Comcast is presently using what is referred to as ‘protocol agnostic’ filtering‘ – effectively, if you use the full amount of bandwidth that you are paying for for more than a few minutes, they decrease your available bandwidth for a while. This was, in part, a reaction to their sending RST packets to BitTorrent users – these packets would ‘kill’ connections that individuals had with other P2P users, but were also catching some other programs in the crossfire. What’s more, they were using a technique referred to as ‘packet forging’, which is involves changing packets in-stream. After a substantial amount of public criticism and backlash, Comcast stopped using their DPI equipment for this purpose and instead shifted to using them for protocol agnostic filtering.

Let’s turn to Virgin, who is currently implementing protocol agnostic filtering, but there are rumblings that the way that they’ve deployed it may not be the best solution to combatting what is perceived as the real problem: BitTorrent traffic. From a DSLreports article:

[A] customer on Virgin’s 10Mbps/512kbps “L” tier loses 75% of his throughput for five hours should he download more than 1200MB between 4 and 9PM. (Source)

There are several issues with this kind of agnostic filtering.

Continue reading

Internet: Drowning in the Bits of UDP

/ Christopher Parsons

Over the past few months I’ve been watching news that is emerging from think tanks, independent researchers, and news analysts about the ‘dramatic’ increases in bandwidth usage in North America. In this post I’d like to pull together a host of sources on the recent use of the UDP protocol for transferring files, and how that relates to bandwidth scarcity. Over the next month or so, I’m hoping to put together some additional pieces on packet inspection, Enhanced Drives Licenses (EDLs), and more topical IT and privacy issues. But first, to UDP data traffic…

Peer-to-Peer and Link Points

This summer Bell Canada argued that they needed to use Deep Packet Inspection (DPI) devices to stem the use of peer-to-peer (P2P) applications during peak usage time, because P2P applications were causing congestion at major link points along Bell’s network. Bell’s practices became an issue when the Canadian Association of Internet Providers (CAIP) filed a complaint with the CRTC; Bell’s traffic shaping was being applied to all traffic that ran along Bell’s ADSL lines, rather than being localized to Bell’s customer. CAIP lost their complaint, with the CRTC noting that Bell was not discriminating against CAIP customers. The CRTC decision did not, however, condone or authorize the legality of Bell’s use of DPI technologies to filter data traffic.

Continue reading

Comment – Major ISPs To Deploy P4P Within Months

/ Christopher Parsons

In the US, several ISPs (e.g. AT&T, Verizon, Comcast) have been testing the effectiveness of using Pando Networks’ own P2P client, which localizes transfered files, to increase the transfer speeds of files while reducing the flow of traffic between ISPs. These tests have demonstrated that Pando’s solution to P2P traffic ‘overwhelming’ network traffic has largely been successful; far less data is passing between ISPs, with a huge portion of the P2P traffic now being contained to the respective ISPs’ networks . DSLreports is concerned that, there may be hidden costs to the roll-out of these technologies. Perhaps individuals will need to pay a fee to enjoy the enhanced speeds. Perhaps this will correspond with a more invasive content analysis system. Maybe there will be blocks put on ‘non-authorized’ P2P clients.

Personally, I expect that P4P will be used to let ISPs compete in the media-content selling business. Imagine: you can get a movie from iTunes in 20 minutes, or in 2-4 from your ISP. Sure, the analysis and filtering that DSLreports notes could be coming, but I have a suspicion that P4p will be used to undermine the current content distributors first, and that other uses of P4P will follow only after that business model/technique is tested.

Continue reading