reply to jap
Re: Net Neutrality is NOT about being protocol neutral
said by jap:It's really easy to talk about this and discuss the theory of it, but the actual implementation of such a system is plagued with complexity and technology limitations. Anyone who has ever implemented large scale IDS/IPS deployments knows all about the scaling factors that make this challenging. For this to work as you suggest the inspection probes would need to be placed in-line at all of the points that are being monitored today so that the packets could be touched/marked. Then you have the problem of how you place the traffic into a different class of service. Traffic shaping means queuing, and that's going to require memory on your routing hardware. Assuming right now Comcast is able to get everything done with a single queue per end-station attachment, what you propose would double the number of queues each CMTS needs to manage (one regular and one P2P queue for each end station), which could potentially drive expensive CMTS upgrades or even CMTS splits where adding more capacity to the existing hardware isn't possible.
And this article should not be titled "shaping" for the same reason. It's easy to assign BT packets a low priority relative to others and I support that practice. Complete neutrality has never existed and is a pipe dream.
said by jap:That's reading *way* too much into what is taking place. Sandvine isn't interacting with the BT protocol, or touching the payload of packets at all. It's sending a packet with the RST bit set to 1 in the TCP header. To a certain degree it is a cost cutting move, but really it's a matter of balancing access to somewhat limited resources at the edge of the network.
Note that Topolski analyzes Comcast as falsifying peer responses only at the boundary and not within their own network. That's both a cost-cutting move and a marketing manipulation which he rightly emphasizes. Sandvine is lying in the name of users
both in connection requests/acceptance and
in BT-specific communications by changing message packets which say "I need this chunk to complete this file piece" to "I've completed this file piece." It's fundamentally different to lie in someone else's name than to prioritize packets network-wide.
I find it interesting that people are treating network communications between machines as the equivalent of constitutionally protected human free speech. The only way that legal argument is even plausible is if you personify the packets in an effort to describe what is taking place. If you're going to go on a moral tirade about injected RST packets to close connections in the name of bandwidth mitigation, then you better have the same fervor in arguing against satellite providers who are performing ACK spoofing to allow TCP connections to overcome latency limitations and allow for higher transfer rates. If something is legally wrong, it's not just wrong in the cases where you don't benefit from it. Manipulation of protocols is a common practice; technologies like random early detection intentionally discard certain TCP packets to trigger TCP to make flow adjustments, Intrusion prevention systems will inject TCP resets for connections where malicious signatures are detected, and routers will spoof the ARP response of devices off-segment to allow machines with improperly set subnet masks to still function.
said by jap:I'm not sure what you are defining as "the boundary"; this implmentation is most likely taking place at the distribution / aggregation layer between the individual CMTS hardware and the upstream Internet access routers. According to posts in the forum this connection limiting is taking place even between connections that only take place on Comcast's network. This make sense because the key point of contention is not the Internet access circuits; Internet bandwidth is dirt cheap and easy to come by, especially when you have your own nationwide fiber backbone like Comcast has built out. The key limitation is the capacity available between the cable modem and the cable head-end -- that's a tougher nut to crack which carries greater expense.
It surprises that Comcast is relying on packet headers to ID the BT protocol when protocol (header) encryption has been a push-button feature in all dominant clients for over a year. It's a piece of cake to ID by user connection patterns ... just not at the boundary. Unlike Topolski's expressed opinion I consider the boundary-only practice a poor one even if it was done above board. It's a walled garden approach, albeit a half-step at the moment, and antithetic to global openness of the internet. Content originates from all over the world and Comcast's practice, if adopted by others, means content would have to be imported to each network by some other transport like FTP then re-published via p2p. Stupid and utterly anti-customer, anti-user.
I do believe that you're invoking the freedom of the Internet incorrectly here. This isn't censorship on the content, this is a limitation on the method of distribution. The freedom of the Internet is indeed a great thing, but there are costs involved in moving bits. The premise of the network has always been that as long as you were willing to pay for the cost of distribution you can pretty much move whatever content you want (subject to legal restriction). The issue here is that people have a very distorted view of how much of the actual transport costs their $42.95/mo covers. The cost model works quite well for normal traffic (surfing, email, youtube, typical downloading) but breaks horribly when heavy P2P loads are applied. There's only 2 ways out of this: reduce consumption or raise prices. If Comcast had their entire user base vote on what should be done, I think you know how that'd turn out.