nanog mailing list archives

Re: Regional differences in P2P

From: Petri Helenius <pete () he iki fi>
Date: Sun, 18 Jul 2004 21:44:10 +0300


Walter De Smedt wrote:


The next step in P2P recognition seems to be deep packet inspection with
signature based detection. The major problem here is scalability - I
don't see some device analyzing 1G, the typical uplink capacity of
Internet gateways in a medium SP network, of traffic at layer 7.
If this should be feasable, what if P2P applications would employ
encryption schemes (e.g. IPSec) - this would render signature-based
recognition useless.

We can do realistically 1.3G with current bits. I´m not ready to talkabout performance by the end of the year. As a bonus, you'll getclassification and population reports for both p2p and backdoored /virused hosts without performance impact.(export these with BGP4 to fancy effects, or simple ACL / firewall listfor more traditional approach)


Pete

Current thread:

Re: Regional differences in P2P, (continued)
- - Re: Regional differences in P2P Alexei Roudnev (Jul 17)
- RE: Regional differences in P2P Michel Py (Jul 16)
  - Re: Regional differences in P2P Jared Mauch (Jul 16)
    - Re: Regional differences in P2P Petri Helenius (Jul 17)
    - Re: Regional differences in P2P Hank Nussbacher (Jul 17)
    - Re: Regional differences in P2P Walter De Smedt (Jul 18)
    - Re: Regional differences in P2P Stephen J. Wilcox (Jul 18)
    - Re: Regional differences in P2P Mikael Abrahamsson (Jul 18)
    - Re: Regional differences in P2P Walter De Smedt (Jul 18)
    - Re: Regional differences in P2P Mikael Abrahamsson (Jul 19)
    - Re: Regional differences in P2P Petri Helenius (Jul 18)
- RE: Regional differences in P2P Michel Py (Jul 17)
- RE: Regional differences in P2P Michel Py (Jul 19)