Educause Security Discussion mailing list archives

Re: Do you block P2P ?

From: Josh Richard <jrichar4 () D UMN EDU>
Date: Thu, 17 Sep 2009 10:18:36 -0500

We block P2P using a shaper.  It has been very effective in reducing
DMCA related complaints.  Some games students use require BT to locate
and play online games.  If the game is newer, it is misclassed as BT and
it does not work.  Other legit apps suffer the same fate.  In my
opinion, that is an unfair model which leaves us to say not through
words, but actions that you can use the Internet, but not all if it will
work.  We work with the vendor and participate in generating new
classifications.  Some work.  Human nature wins and eventually we stop
listening due to work 'that matters' or fires.  

This complaint can be generalized across all shapers which identify
applications as the drift, update, drift, update problem.  If anyone
knows of an application based shaper which works differently, I would be
interested in your experiences.  Please do not misread my comments, I do
not like application based shapers -- I struggle with the benefit vs.
burden of the approach given the following:

On the campus side, we are unshaped, open and the DMCA complaints are
few and far between. 

Our guest wireless system is very different.  It is web only, and uses a
protocol agnostic rate limiting technique to limit the aggregate traffic
to a specific rate.  From there, I used a queuing discipline (SFQ) to
ensure the resource was delivered in a nearly completely fair manner.
This has worked very well.  True fairness is achieved using an
implementation of the Nagle algorithm provided through tc/tcng on GNU
Linux.

Philosophically, I feel the agnostic approach is more fair, sustainable
and therefore, more correct.  Columbia is not alone in the agnostic
approach as others have taken this tack through this problem.

For us, the difference between campus and reshall network behavior is
one of end user education.  Faculty and staff education has paid
dividends.  

Regards,

Josh Richard
University of MN Duluth
Duluth, MN

Attachment: signature.asc
Description: This is a digitally signed message part

Current thread:

Re: Do you block P2P ?, (continued)
- Re: Do you block P2P ? Gregg, Christopher S. (Sep 04)
- Re: Do you block P2P ? Cal Frye (Sep 05)
- Re: Do you block P2P ? Cal Frye (Sep 05)
- Re: Do you block P2P ? Miller, Duke (Sep 16)
- Re: Do you block P2P ? Raymond, Jessica (Sep 17)
- Re: Do you block P2P ? Joel Rosenblatt (Sep 17)
- Re: Do you block P2P ? Stanclift, Michael (Sep 17)
- Re: Do you block P2P ? Deke Kassabian (Sep 17)
- Re: Do you block P2P ? Dan Oachs (Sep 17)
- Re: Do you block P2P ? Massa, Michael (Sep 17)
- Re: Do you block P2P ? Josh Richard (Sep 17)
- Re: Do you block P2P ? Jeff Kell (Sep 17)
- Re: Do you block P2P ? Jeff Kell (Sep 17)
- Re: Do you block P2P ? Stanclift, Michael (Sep 17)