(Accedian Networks') EtherNEWS Blog

The Death of DPI

As providers struggle to maintain the competing demands of customer QoS and efficient networks, many have waded in (at least to their ankles) to Deep Packet Inspection (DPI) technology.  Using DPI to examine the content of traffic one packet at a time, the theory goes that they can throttle bandwidth-hogging, undesirable flows, keeping peer-to-peer downloads and remote backups from sucking the life out of their networks.  Of course there’s the privacy challenges and protests, but probably more likely to derail this technique is the shear expense and technology expertise required to maintain and scale DPI as traffic and applications continue to grow.  In fact with applications becoming DPI savvy, they’re mimicking innocent payloads or encrypting their contents to provide their packets a free ride with a Teflon coating.  Check out a quick summary from my previous posting on bandwidth control techniques.

Such as it is, it was interesting when a colleague I met at Cabletec two weeks back suggested that DPI can’t be considered more than an interim solution, that its death is imminent.  He pointed out that intelligent policy management could easily replace DPI as an elegant and exponentially more efficient solution to traffic management.  Policy management means identifying and prioritizing traffic at network ingress (customer premises or terminal equipment such as a switch, NID or mobile base station).  It does this without extensive examination of payload, without the need for application signatures or any complex processing – instead it relies on packets honestly declaring their protocol and assigned priority in the packet header, from which any decent network element (NE) can take over from there, applying any number of hierarchical QoS schemes to ensure traffic is properly groomed as it enters the network.

While some simple form of this is already practiced by operators (think of triple play, where voice gets highest priority, then video, then Internet), today’s policy management is reasonably crude, and may be only port-based.  Although the technology exists to do otherwise, with marvellous techniques such as zero-latency traffic shaping, it takes some trust that traffic declares itself for what it is, or can be easily identified by frame characteristics (such as destination IP address, port, class of service, etc.).  In the corporate world a well run deployment can achieve this utopia, largely because it’s a highly controlled environment – the IT department can express to the provider which traffic they want prioritized and provide the profile.  In a home environment this is more difficult, as all Internet traffic appears “the same”, in that home gateways are unlikely to respect any QoS tagging applications vie for.

For this to work in general, all applications – including peer-to-peer – will have to play fair and agree upon their just priority.  Sound impossible?  Not nearly.  With the swashbuckling traffic control tactics MSOs and telcos have implemented to varying degrees on peer-to-peer applications, some app providers have confessed they’d rather identify their traffic than take chances that their content suffers an even worse fate in the traffic meat grinder.  Kazaa and BitTorrent have both expressed a desire to make their traffic self-regulated and more identifiable in exchange for what may be a license to survive.  As an example of what’s possible under pressure:

BitTorrent explains that it is offering ISPs its technology called “uTP“, a transport service on top of UDP. It describes uTP as putting a “yield sign” in front of any traffic sent by the client and gives way to other applications that need the network. BitTorrent is trying to gain acceptance of uTP within the IETF and is co-chairing (alongside a Microsoft rep) a working group aimed at dealing with network congestion issues.  BitTorrent said it worked with Comcast to implement a network management policy that manages heavy users, rather than applications. And only in times of intense congestion.  Read Article.

And this article goes into depth on the Comcast & BitTorrent “partnership”.

If this is possible, so is effective policy management – even in the most difficult cases.  I suppose it’s all about compliance – those applications that don’t offer to play fair can get throttled at their own expense.  If the biggest players are conceding, somehow I think this will all work itself out – but at the expense of DPI.

This entry was posted on Friday, November 13th, 2009 at 10:40 am and is filed under Applications, Opinion, Solutions. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.