Gerk
join:2008-07-02
Oakville, ON
 ·TekSavvy Solutions..
| This is old news and doesn't work here
Not sure if it's working for your network segments, but in the Toronto area this hasn't worked for a long while now. Also they are using DPI on ALL ports, all types of traffic, all encrypted traffic here, including VPN is throttled even through other ISPs (this is the whole point of the CAIP CRTC complaint).
VPN, scp, sftp have all but stopped here as well. I really really hope that the CRTC can do something about this. |
|
mlerner
Premium
join:2000-11-25
Nepean, ON
·TekSavvy Solutions..
·Bell Sympatico
| said by Gerk  :Also they are using DPI on ALL ports, all types of traffic, all encrypted traffic here, including VPN is throttled even through other ISPs (this is the whole point of the CAIP CRTC complaint). If you use standard VPN protocols (L2TP and PPTP) on standard ports it works fine.
--
"If bullshit was money this guy would be richer that Bill Gates." - quote by olebiker on Mirko Bibic |
|
smcallah
join:2004-08-05
Home
| reply to Gerk
Yeah, DPI doesn't care about ports. DPI looks at every packet, regardless of port and determines what is in the packet and then categorizes it. That is why it's called, DPI, Deep Packet Inspection.
If Bell Canada's DPI is fooled by a port, then it's not that much of a DPI product. If you set a webserver to VPN ports, DPI would easily still be able to tell that it's a webserver. Just like it should be able to see that BitTorrent or any other P2P application has moved to another port. |
|
mlerner
Premium
join:2000-11-25
Nepean, ON
·TekSavvy Solutions..
·Bell Sympatico
| said by smcallah :Yeah, DPI doesn't care about ports. DPI looks at every packet, regardless of port and determines what is in the packet and then categorizes it. That is why it's called, DPI, Deep Packet Inspection. If Bell Canada's DPI is fooled by a port, then it's not that much of a DPI product. If you set a webserver to VPN ports, DPI would easily still be able to tell that it's a webserver. Just like it should be able to see that BitTorrent or any other P2P application has moved to another port. It looks at protocol AND port.
--
"If bullshit was money this guy would be richer that Bill Gates." - quote by olebiker on Mirko Bibic |
|
smcallah
join:2004-08-05
Home
| Then it's not much of a DPI product they're using. Since DPI should not care about ports, as it is looking at every packet regardless of the port and determines what the protocol is by the packet headers and deeper. It should never care about the port, since you can run anything on any port. |
|
mlerner
Premium
join:2000-11-25
Nepean, ON
·TekSavvy Solutions..
·Bell Sympatico
| said by smcallah :Then it's not much of a DPI product they're using. Since DPI should not care about ports, as it is looking at every packet regardless of the port and determines what the protocol is by the packet headers and deeper. It should never care about the port, since you can run anything on any port. Yes but these Ellacoya boxes they're using are capable of much more than DPI even though it is their main function. The main reason Bell configured it this way I think is because Bell uses port 995 for SSL over pop3. Not only does it do port filtering, they can use it to identify subscribers, measure usage etc.
--
"If bullshit was money this guy would be richer that Bill Gates." - quote by olebiker on Mirko Bibic |
|
PerVices
join:2008-07-08 | reply to Gerk
Hi,
We are located in East Toroto (15min East of downtown core), and this works for us. YMMV.
Regards,
Applied Research
Per Vices Corporation |
|
