Re: classifying P2P traffic - what about legit uses?

[Cal Frye <cjf () CALFRYE COM>]

Hi, Randy. I think we're on the same general side of the issues,
overall. Specific comments below:

Randy Marchany wrote:
> 1. With all of the "monitoring" and "rate limiting" strategies, how does your
> institution deal with legit uses of P2P? We're a land grant and our extension
> division may use P2P to distribute videos/sound recordings of their products
> to extension agents around the state.  Obviously, blocking all P2P would
> prevent them from doing their business. Music students working on projects and
> putting their "product" on the net for download (legit because permission was
> given to distribute) is another example.

Oberlin Conservatory students and faculty are also rightly concerned
with our approach to rate limiting. Our position has always been that if
Networking imposes a burden on legitimate traffic, we will work to
further the business of the College within the limitations of available
resources. To date, their concerns have been more with web hosting
and/or streaming of music files rather than BitTorrent, per se.
> 2. How many BitTorrent servers or other P2P servers are on your campus nets?
> What type of scanning or metrics do you collect about p2p traffic? The usual
> suspects like excessive traffic to/from IP address is nice but what do you do
> to keep tabs on "normal" P2P traffic?

This is something best monitored by the devices used to manage that
bandwidth, with the caveat that you may not be identifying all such
traffic ;-)  I think I've got a pretty good idea, even of the encrypted
traffic, using our bandwidth manager. Any folks not having to worry
about managing their bandwidth have my mute envy.
> 3. An observation: I'm a security type and a musician. I've always thought
> that banning P2P traffic because of the potential "copyright" problems was
> like banning the US Postal Service (Fedex, UPS) because someone xeroxed a book
> and use them to mail the book. I don't buy the volume issue (it's much faster
> using P2P than USPS....duh!) because that's a smoke screen. The real issue is
> making sure users understand copyright issues and know what the potential
> penalties are.  There are legit uses of P2P in our world and I don't see
> forcing users to jump through hoops to do real work as being an effective
> practice. If it's too cumbersome, they'll circumvent it. Having IPS rulesets
> blocks the casual user but not the determined user. I can remember not being
> able to download tunes from our band www site because of an arbitrary block
> while visiting an EDU. Never mind that it was legal (we, the copyright owners,
> give permission to distribute freely). The block prevented a legit use of P2P.

I agree. We do not attempt to block P2P traffic absolutely, although we
do restrict outbound file transfers a bit more severely than inbound
traffic. Overall, however, our goal is to limit the aggressive traffic
so other activities, like web browsing, Skype, or even gaming, can get
the bandwidth and low latency they require. In my direct experience on
our network, BitTorrent can be an effective DoS of a portion of our
ResNet if not limited. Your architecture may vary.
> 4. Another observation: are we taking the easy way by arbitrarily blocking P2P
> because a) we're short staffed b) we're lazy c) we don't have resources for
> user education d) we don't have upper mgt support d) we're afraid of the
> RIAA/MPAA e) all of the above? Shouldn't we be investing more in the short
> term (policy enforcement, user education, categorizing P2P traffic to id the
> illegal stuff)? This short term effort would eliminate a good chunk of the
> longer term problem.

Your last item is most interesting, but I'm not sure how workable
"identifying the illegal stuff" may, in fact, be. One of our MPAA
complaints refered to a file named "Entourage" which appears to have
been the email application of the same name exposed through a too-open
P2P client sharing most of the individual's filespace. Not that I'm
holding up the **AA as examples of how to run a network...

--
Regards,
-- Cal Frye, Network Administrator, Oberlin College

   www.calfrye.com,  www.pitalabs.com

"Protecting the rights of even the least individual among us is
basically the only excuse the government has for even existing."
--Ronald Reagan.