Skip to main content

Traffic management - how deep packet engines will shape the Internet slow lane

Report from Broadband Traffic Management congress, London, 16-18 November 2010

An afternoon spent among the telcos and their suppliers does not bring much cheer to those who want to protect the open Internet. If deep packet inspection (DPI) is a cornerstone of the network, how should policy-makers be thinking?

* PLUS * I experience a DPI sales demo: "Content filtering ? Certainly. Which filters do you want?"

Broadband Traffic Management is a new exhibition which provides a forum for discussion of the issues surrounding the new technologies which operate and run broadband networks. A visit to it was eye-opening.

It was revelatory to see how much enthousiasm is going in to developing new ideas to alter the structure of what we know today as, 'the Internet'. The changes will be justified by

various economic rationales, but especially the expontential growth of video content.

It was evident that traffic management systems do enable the network operators and ISPs to restrict traffic on a per user basis. They can see what each individual is doing, right down to applications and content, and have functions which permit or block activity.

Deep packet inspection is the main tool which enables them to do so, and speakers discussed how DPI is no longer just an optional add-on, but a 'cornerstone' of traffic management systems.

Some of the vendors do understand that there are liability and civil liberties issues, and they expect the regulators to do the job of setting the boundaries. Jonathon Gordon, director of marketing at Allot Communications, interviewed by iptegrity, said that dpi systems do not open up the content, only the information that is readable on the outside of the packet. This is still quite a bit (see below). Mr Gordon discussed how the regulators and the law set the boundaries of what operators can do legally, and that interception of content for commercial purposes is forbidden by privacy law. He said that some EU network operators are nervous of collecting any of this data, due to the regulatory issues.

Unfortunately, not all vendors are so well informed about regulation. One seminar speaker responded to a question about liability (in this case of delayed transmission of security updates) saying 'we do not have scientific or religious discussions about this'.

Talking to the sales people manning the exhibition stands was the most revealing part of the afternoon. One salesman spoke of 'gold and silver' service levels. He justified the telcos using such differentiated service levels by saying that 'it depends on the pain points. If they don't get enough money out of subscribers, they need to squeeze out more'.

I queried it, asking if he was suggesting the creation of a slow lane?' Yes, he said, with great excitement, 'the free service is the slow lane. The medium lane is probably what everyone gets today ( fair queuing). The fast lane will charge more, that's for the elite flyers.'

Read on for my personal experience of a deep packet inspection sales demonstration. It must surely give plenty of food for thought for policy-makers.

Deep packet inspection (DPI) sales demo

I watched a demonstration of a deep packet inspection system in action. I was stood with the salesman for the company which developed the system, and two middle-eastern men from a company which installs telecoms networks in countries such as Egypt and Saudi Arabia.

The salesman demonstrated the interface, and logged in to a live network in the US (although he did not give the name). He said the system could do traffic shaping, filtering, bandwidth restriction, network protection, deep packet inspection, behavioural analysis and look inside packets.

He explained how, when a subscriber is located, it would identify the device, and for example, an iPhone user with a premium subscription could be given priority. By comparison, a low entry subscription plan could be given web-only, and a higher paying one could have streaming media enabled.

He demonstrated how the DPI systems can look into applications running on the network.

He explained that where traffic is not encrypted, the system can show the, file, web browser, and content, including for example, content of YouTube. The operator can set the permissions which determine whether or not the individual user is able to access any of these applications.

The demo investigated the peer-to-peer applications. One click on P2P in the menu revealed a list of P2P applications running, such as BitTorrent, eDonkey, FlashGet, Kazaa, Soulseek, and iMesh. A click on Bit Torrent showed up another list detailing uTorrent, KRPC, and encrypted.

It got really interesting when the salesman showed how the system could look into individual usage. He clicked on a menu label which read 'students'. This brought up the IP addresses of all the users whose accounts were stored under this category. When he clicked on the IP address, we were able to see all the applications that individual was running. In this case, the user was running the P2P protocol Bit Torrent, and we could see that he was running 13 Bit Torrent connections, which port he was using, which IP address he was connecting to, and that he was using the specific uTorrent protocol.

The salesman went on to demonstrate how the ISPs can set up the rules for their network in the DPI system, notably he mentioned filtering rules and shaping rules. It was astonishing how easy it all was.

"Content filtering?" enquired one of the middle-eastern gentlemen. "Certainly" replied the salesman, "you can have rules for filtering by destination, by application, for example, or other content filters, maybe you want to block certain URLs or you don't want your users to type in their Skype user name..." and he explained how the DPI system enabled such blocking.

As the salesman and the middle-eastern gentlemen exchanged business cards and booked a meeting, I walked away. I am sure the saleman went home happy. I am not sure that the citizens of a certain middle-eastern country will be quite so happy about this outcome.

Report from Broadband Traffic Management congress, London, 16-18 November 2010

Flattr this

This article is licensed under a Creative Commons Attribution Non-commercial-Share Alike 2.5 UK:England and Wales License. http://creativecommons.org/licenses/by-nc-sa/2.0/uk/ It may be used for non-commercial purposes only, and the author's name should be attributed. The correct attribution for this article is: Monica Horten (2010) Traffic management - how deep packet engines will shape the Internet slow lane, 19 November 2010

  • Article Views: 15572

About Iptegrity

Iptegrity.com is the website of Dr Monica Horten, independent policy advisor: online safety, technology and human rights. Advocating to protect the rights of the majority of law abiding citizens online. Independent expert on the Council of Europe Committee of Experts on online safety and empowerment of content creators and users.  Published author, and post-doctoral scholar, with a PhD from the University of Westminster, and a DipM from the Chartered Institute of Marketing.  Former telecoms journalist,  experienced panelist and Chair, cited in the media eg  BBC, iNews, Times, Guardian and Politico.