Mark Newton on Telstra’s P2P DPI plans

Crikey logoMy Crikey story today on Telstra’s plan to trial the “shaping” of peer-to-peer internet traffic includes quotes from network engineer Mark Newton — but he said so many interesting things I though you should see his entire email.

Mark Newton writes:

From Telstra’s point of view, it’s a good thing: ISPs are a bit like electrical networks, in that they need to provision capacity for peak even though peak is only ever used for an hour or two per day (or, under adversity, a day or two per year: consider capacity planning for the ABC’s ISPs during flood events, or CNN on Sep 11 2001).

P2P users push the peak up, so in electrical network terms that’s like servicing a bunch of customers who leave their air conditioners on all the time.

Anything a telco can do to “squash” the peak is going to have an immediate impact on their bottom line.

If, by side effect, it inspires a bunch of the heaviest-using customers to migrate to other ISPs, that’ll reduce the profitability of those other ISPs and improve Telstra’s margins, so that’s a net positive. Why “fire” your worst customers when you can convince them to resign?

From a user’s point of view it’s more dismal, and the impact will depend on how Telstra uses their systems.

I’ve occasionally remarked that as a user on the end of an ADSL1 port on an underprovisioned RIM, I’d actually quite like Telstra to implement DPI on the RIM backhaul, so that my p2p-using neighbors would be gently moved out of the way to make room for my traffic. But that kind of micro-level control isn’t how they’ll use the systems, I’d be expecting them to apply more of a blunt instrument approach on large aggregations of customers rather than implementing different policies on a neighborhood-by-neighborhood basis.

So let’s zoom back to the macro and look at the big picture.

Firstly: Implementing DPI moves a carrier a very large step along the continuum from “common carrier” to “walled garden.” In the same way that Geoff Huston was criticizing Telstra last year for taking an unhealthy interest in the content of subscribers’ packets (“All your packets belong to us”), implementing DPI makes it completely clear that they aren’t even pretending to be common carriers anymore.

DPI systems provide ISPs with visibility and control over the applications that are traversing their networks. That inevitably changes an ISP’s focus from “packet moving” to “application moving”, making them care about the finer details of what each customer is doing far more than they ever had the capability to care previously.

Today Telstra is hating on BitTorrent, but tomorrow they could just as easily decide to molest Skype sessions, or make Foxtel movie downloads perform better than iTunes movie downloads (or even go down to the level of making Foxtel win over iTunes movie downloads specifically instigated by AppleTV set top boxes)

So this brings the “network neutrality” debate to Australian shores for the first time. We now have a major carrier who is making its own value judgements about the worth of its customers’ network traffic, in a way which overrides the value judgements preferred by its customers and with whomever they happen to choose to communicate, and it’s beyond question that they will use that capability to their commercial advantage.

Secondly: DPI comes with side effects, specifically in relation to data logging. DPI systems maintain huge databases of subscriber behaviour (one of the specific marketing messages from the vendors is about subscriber behaviour modelling and control). In a nation that’s currently engaged in a debate about the pros and cons of data retention and warrantless access to network records, seeing a national carrier set up extensive databases of subscriber behavioural profiles should be cause for disquiet.

The usual way for DPI systems to be set up is to separate aggregated traffic into per-application queues, which can then be shaped or prioritized individually, before being recombined onto trunk links. An additional “top talkers” feature is usually configured to focus on specific high-volume customers or any other customer who meets some ISP-defined heuristic, recording very detailed views of which applications they’re running, the websites they’re accessing, the VoIP calls
they’re making — basically full DPI-level logging into the database for as long as that subscriber’s behaviour continues to make them a “person of interest.”

So what’s going to happen to that data?

Finally, there’s a basic infrastructure provisioning issue at play here:

Electricity companies experimented with “demand management” (where they’d remotely disable your air conditioner for a few minutes at a time during peak demand) in the early 2000′s, and it was hugely unpopular. “Load shedding”, where they invoke deliberate blackouts on random suburbs to constrain demand on hot days, is unpopular enough to be a major political issue in some states. We pay so much for power that we expect “enough” to be available.

Water restrictions are also unpopular demand control measures, sufficiently so that taxpayers are prepared to spend hundreds of millions of dollars building desalination plants during droughts so they can keep watering their lawns. Again, the vibe is that we’re paying a lot of money for water, so we expect it to be available as and when we want it.

Utility networks have typically been the same: We’ve paid so much for network access in Australia that it really should be platinum-plated, the kind of Internet access that Harrods would sell if Harrods went into the ISP business. Instead, Telstra is providing the Internet equivalent of a toilet that backs-up all over the bathroom floor because the sewerage company hasn’t provisioned enough pipes and treatment works.

For Telstra to be resorting to DPI for demand management on their network seems to be indicative of two things: It’s either the presence of such a massive flaw in their business model that they can’t make money out of selling internet access despite their extortionate fees, or it’s just plain, simple, naked profiteering.

Or both.

Finally: DPI systems accelerate arms races between the DPI vendors and the p2p software architects. Users don’t like having their traffic measured, spindled, folded and mutilated, and they can “opt out” by using a version of the protocol that’s specifically morphed to escape the specific detection technique that the DPI engine happens to be using. As long as P2P applications can be morphed faster than the DPI vendor can produce firmware updates, P2P will always stay one step
ahead of the DPI system (and modern apps might even run faster, if the DPI system is squashing older versions of the protocol to make room)

Meanwhile, as the arms race continues, the DPI engine keeps logging and controlling everything from the customers who aren’t using P2P. Don’t let any Telstra customers think they aren’t going to be affected by this.

Tags: , , , , , , , , ,

  1. Mark Newton’s avatar

    Just realized I said, “Finally,” twice.

    Now try to un-see it :-)

    – mark

    Reply

  2. SomeBloke’s avatar

    Meanwhile in another country, the Telstra equivalent there is currently getting rid of traffic throttling.

    Reply

Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>