This Is the Way the Internet Ends: Not with a Bang, but DPI

This is the way the Internet ends: not with a bang, but DPI

Free Press claims that deep packet inspection could bring about the end of the Internet "as we know it." But the rest of the world knows it all too well already.

By Nate Anderson

ars technical

March 20, 2009

Does deep packet inspection mean the end of the Internet?

Deep packet inspection (DPI) gear has always been marketed to ISPs as a way to earn more money by scanning Internet traffic and charging more for various services. Want to game online? Better upgrade to the "Gaming Xtreme!" plan. Want to use VoIP? Prepare to open your wallet. Watch much streaming video? Well, it would be a whole lot smoother if you just paid another $2.99 a month.

DPI vendors haven't tried to hide this; one company's marketing literature suggests that it can help "reduce the performance of applications with negative influence on revenues" (e.g. competitive VoIP services).

ISPs want to avoid becoming a low-margin "bit pipe"—a dumb communications network that just enables companies like Google to make bazillions of dollars. And one good way to do that is to sell expensive services, using DPI to identity and categorize Internet traffic, then degrade or prioritize protocols and applications to fit the service profile.

It doesn't happen much in the US, where consumers are accustomed to one monthly payment covering access to every service on the 'Net without degradation. ISPs therefore deploy DPI gear at their peril, as Comcast found out when it begin forging TCP reset packets to slow BitTorrent uploads. Consumer reaction came quickly, and FCC oversight soon followed.

The same thing happened with NebuAd, the company that hoped to monitor ISP networks to deliver targeted advertising to end-users based on their surfing habits. After outrage and congressional involvement, the company lost its CEO and dropped the controversial approach.

Despite the difficulty that "bad" DPI has faced in the US, the advocacy group Free Press issued a brief paper yesterday claiming that DPI might destroy "the Internet as we know it."

Discrimination abomination

The standard case studies of Comcast and NebuAd are present, along with the admission that DPI gear itself can be used for all sorts of "good" things like DDoS filtering and spam and virus blocking. The usual (and compelling) arguments against picking winners and losers on the Internet are made. Future doomsday scenarios are conjured. But the question remains: why now?

Aussie ISPs like BigPond routinely offer bandwidth caps that appear absurdly low by world standards (how does AUS$29.95 a month for a 256Kbps connection and a 200MB cap grab you?)

One good reason for keeping the issue in the public eye at the moment is Cox's already-announced (and quite brazen) plan to start dividing Internet traffic into two categories: time-sensitive and everything else. Who decides what traffic goes in what category? Cox does, and it has already made clear that streaming video and VoIP should get priority while P2P and FTP should not (though the system only kicks in during periods of congestion, which Cox says are relatively infrequent).

Given the FCC's recent ruling against Comcast (and that company's decision to make the commendable switch to drop protocol discrimination), Cox's move is perplexing. In announcing the trials of the new system, Cox essentially invited an FCC proceeding, and at a time when the incoming FCC chairman, along with the current president, have said that they broadly support "neutral" networks.

Should Cox be allowed to continue the system, protocol discrimination would suddenly create new barriers for users and developers, who would suddenly need "permission" from ISPs (in the sense of using approved protocols) if they want their applications to function better. Hulu, which streams content using HTTP, might come out of this well; Vuze, which offers legal video content using P2P, might have its business negatively affected—and those effects could be different at each ISP.

Free Press warns of an "encryption arms race" if this happens, since encryption means that DPI gear can no longer peer inside packet payloads (though it can still try to identify the type of content based on overall flow patterns, originating IP addresses, handshake signatures, etc.).

And if an "arms race" isn't enough, consider the "balkanization of the Internet" into a place "in which every ISP operates according to its own set of rules." Scary.

Welcome to everywhere else

On the other hand, it's also how ISPs all over the world operate right now. Aussie ISPs like BigPond routinely offer bandwidth caps that appear absurdly low by world standards (how does AUS$29.95 a month for a 256Kbps connection and a 200MB cap grab you?)—but they also routinely offer "unlimited" access to preferred services like streaming video. Talk about picking winners and losers on the 'Net; this approach basically guarantees that Internet users will go with the ISP's preferred service, making it difficult for independent services to compete.

Or take Canada, where just about every major ISP in the country has admitted to regulators that it uses DPI gear to throttle traffic, often singling out P2P protocols. Bell Canada's system throttles P2P for nearly half the day, and it applies the same limits to those who buy and resell its wholesale service.

For the reasons that Free Press and many others have outlined, these seem like bad outcomes... but neither Canada nor Australia has suffered some kind of Internet apocalypse. On the other hand, they are definitely not hubs of Internet innovation.

The network neutrality fight that seemed so pressing in Washington a year or two ago has died down to embers. The FCC has made clear it can and will act to enforce its Internet Policy Statement, even if it won't issue specific new rules. But as Cox and new services like ZillionTV demonstrate, the issue of traffic discrimination hasn't gone away, and Free Press appears determined to keep the issue on the government's agenda.