[AusNOG] News: Telstra to clamp down on peer-to-peer
Mark Newton
newton at atdot.dotat.org
Fri Feb 8 12:15:54 EST 2013
On Wed, Feb 06, 2013 at 12:19:27PM +1100, Skeeve Stevens wrote:
> Which brings the question. Given some P2P is encrypted and is hard to
> discern from other encrypted traffic, how are they going to tell what is
> P2P and what isn't?
DPI systems look at packet contents, and also at flow behaviours.
There are behavioural heuristics they can use to come up with a 95%
guess that traffic is probably bittorrent (for instance) even if they
can't see specific encrypted bytes.
There are other behavioural heuristics they can use to make a 95%
confident guess that a different flow happens to be another p2p protocol
that looks approximately like Skype.
It's all very statistical, nothing is guaranteed but it's generally
"near enough" for bulk aggregated traffic purposes. So even if they
can't "squeeze" 100% of their BitTorrent users, perhaps they achieve
their cost-cutting goals if they succeed with 60% of them.
The goal of an individual DPI-aware end user, of course, will be to
shift their traffic into the remaining 40%. It should go like greased
lightning, with the DPI gear squeezing 60% of the users who are
contending for the same bandwidth :)
So users of bleeding-edge versions of BT clients might actually find
that they get better performance, as long as they can stay one
point-revision ahead of the DPI vendor.
Arms race. How do you think that'll turn out?
- mark
More information about the AusNOG
mailing list