Interesting People mailing list archives
Re: An outage because Comcast is managing p2p traffic? [Typos fixed]
From: David Farber <dave () farber net>
Date: Sun, 6 Apr 2008 13:45:10 -0700
We shall see. Waiting for Comcast!! ________________________________________ From: Brett Glass [brett () lariat net] Sent: Sunday, April 06, 2008 4:33 PM To: David Farber; ip Subject: Re: [IP] An outage because Comcast is managing p2p traffic? [Typos fixed] At 01:12 PM 4/6/2008, Steven Bellovin wrote:
My cable modem service was out for eight hours yesterday. Tests I did -- ICMP could get through to various destinations; TCP could not -- make me believe that the problem is due to Comcast trying to treat p2p traffic differently. See http://www.cs.columbia.edu/~smb/blog/2008-04/2008-04-06.html for more details.
The fact that ICMP traffic seemed to be getting through but TCP traffic did not is unusual (and, obviously, dysfunctional). But it is not indicative of management or throttling of P2P traffic. We've noted that many providers and private network administrators implement firewall rules that do the reverse: Blocking ICMP while allowing TCP through. This has severe negative consequences, because it blocks messages which report the largest packet size that can be sent between two communicating hosts without fragmentation (the MTU). Unfortunately, some network administrators are not knowledgeable about this. They think that by blocking ICMP they are enhancing security by blocking "ping scans" -- a technique used to scan ranges of IP addresses for "live" hosts. But be this as it may, the fact that TCP traffic was not getting through does not indicate blocking of P2P. It could simply have been due to a bad firewall rule or a programming error in a set of firewall rules. It also may have been that only some TCP sessions were blocked by an equipment failure. For example, if the provider uses a transparent, caching Web proxy -- a "Web accelerator" which speeds up browsing and thus is good for customers -- and that proxy goes down, one will likely find that TCP to port 80 on a remote machine will not work but TCP to other port numbers will. Some providers also route different types of traffic via different upstream connections for the sake of efficiency (for example, they might route Web traffic over asymmetrical links and VoIP over symmetrical ones). Again, this sort of cost-effective policy can cause network or equipment failures to impact one protocol more than another. It is also worth noting that not all P2P traffic uses TCP. Many P2P programs use UDP primarily or exclusively (especially certain ones, like Skype, which specialize in "firewall punching"). Management of these applications -- which sometimes set up rogue servers called "supernodes" on a network without the operator's consent -- does not involve TCP traffic. While blocking of P2P by Internet service providers is, IMHO, perfectly justifiable for reasons I've laid out elsewhere (see my slides at http://www.brettglass.com/ITIF), it is inappropriate to jump to conclusions and blame every network outage on this practice. --Brett Glass ------------------------------------------- Archives: http://www.listbox.com/member/archive/247/=now RSS Feed: http://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Re: An outage because Comcast is managing p2p traffic? [Typos fixed] David Farber (Apr 06)