C: Deep Packet Inspection
Posted by Laurel L. Russwurm on October 28, 2009
[The First Part of this series was <<A: Open Source. The Second Part of this series was <<B: Packets and the Internet. Apologies for the protracted delay....I didn't think this would be so difficult to write and get right... added to the breaking news of the spyware bill followed closely by the CRTC's supposed Net Neutrality decision (which advised everything but) ... needless to say getting this online took longer than planned. This is the third installment of my Stop Usage Based Billing alphabet series. The fourth part will be >>D: BitTorrent]
NOTE: There were some problems with the latter portion of this article that have been brought to my attention. It seemed important to rework the ending for clarity, beginning at “A Piece of the Action“. –llr
“Canadians are paying some of the highest costs for some of the lowest speeds. A small cabal of cable giants have been allowed to squeeze out competition and slow down innovation while dinging the consumer for third-rate service…
“The United States is enshrining net neutrality principles as a fundamental principle for economic restructuring. The Europeans are setting benchmarks for open access to high speed. Meanwhile, the Conservatives are giving the cable giants a free pass to gouge consumers.”
what is Deep Packet Inspection?
Bell Canada is currently using Deep Packet Inspection or DPI equipment to “throttle” Canadian Internet use. Explaining DPI in Canadian English is actually pretty difficult for a variety of reasons.
[Special thanks to Ed and Bob for explaining these terms well enough for me to get it.]
The newness of the technology added to the flexible use of jargon have erected barriers to understanding just what is going on. Since the jargon is not standardized the jargon doesn’t always mean the same thing. Although Bell Canada utilizes words of jargon that are used elsewhere, Bell Canada assigns its very own “Bell Canada” meanings. Whether this is deliberate or a simply happy accident, the upshot is that it makes it extraordinarily easy to be misled into thinking that Bell Canada means one thing when they are talking about something completely different.
Policing traffic above a certain rate simply consists of allowing dropped packets when there is Internet congestion. Using the infamously overused highway analogy, if there were two westbound lanes of traffic and the lead car in the fast lane has a blow-out and slams on the brakes and skids to a stop, the other cars in the fast lane can either rear-end this car or overflow the highway into the center ditch. Or both. The traffic in the slow lane just keeps moving along and none of it is lost.
So if the Internet truly is congested, some of it will go through fine but whatever doesn’t fit will simply be discarded, and become “lost” or “dropped” packets. The traffic that is not dropped moves as smoothly as ever. Without an acknowledgment of receipt, the dropped packets will eventually be resent when the recipient system places a “resend” request after the congestion has cleared up. Because this method of clearing up Internet congestion does not target any particular type of Internet traffic, it does not require the invasive deep packet inspection process.
Traffic Shaping or Throttling
The practice known as “Traffic Shaping” can also be called “throttling”.
Traffic Shaping is applied to Internet congestion by forcing all the traffic to slow down and conform to a certain speed by pushing it through a bottleneck.
In this process, no traffic is lost, it is simply delayed in a huge queue. Your computer’s packets will take longer to cross the Internet, and generally your computer will slow down its demands until the congestion is cleared. Revisiting the highway analogy, if we funnel four lanes of traffic into one, everyone gets to where they’re going, but the trip might take an hour instead of fifteen minutes.
This process called interchangably Traffic Shaping or Throttling does not require the invasive Deep Packet Inspection process either, again for the same reason: it is not targetting a specific type of traffic, it slows down everything.
“ ‘Policing’ drops packets when a bandwidth threshold is exceeded, while ‘traffic shaping’ queues packets during high bandwidth use and releases them when bandwidth use reduces. No data is lost with ‘traffic shaping’. (Cisco, Comparing Traffic Policing and Traffic Shaping for Bandwidth Limiting)
‘Policing’ and ‘traffic shaping’ are protocol agnostic; all traffic is equally affected. Neither ‘policing’ nor ‘traffic shaping’ requires DPI.
Bell Canada’s throttling does neither.”
–Bob Jonkman, Sobac Microcomputer Services
What Bell Canada calls “throttling” is not the same thing as what the rest of the world calls “throttling”.
What Bell Canada means by “Throttling”
“ Bell uses Deep Packet Inspection (DPI) to identify peer-to-peer (P2P) traffic (CRTC filing), and most likely the Bittorrent protocol in particular. Bell Canada uses Sandvine’s equipment for DPI and throttling. With throttling, a forged reset is sent to the client for a percentage of transmitted packets. The client needs to re-establish the connection, as well as re-transmit the lost data (Robb Topolski first discovered the use of forged reset packets). Since Bittorrent transmits as much data as it receives, the re-transmission costs are significant.
In the US, this practice was ruled illegal by the FCC .
‘Policing’ and ‘Traffic Shaping’ sound like industry weasel words to make it sound like they’re doing a good thing. ‘Policing’, ‘traffic shaping’ and ‘throttling’ all degrade service for the party being policed, shaped or throttled. Of the three, Bell has chosen to use ‘throttling’, the technique that’s most disruptive to its customers.”
–Bob Jonkman, Sobac Microcomputer Services
In 2008 Bell Canada acquired Sandvine‘s Deep Packet Inspection equipment with the intention of charging their own customers for their bandwidth usage. Using the DPI process to peel back the packet layers, Bell Canada is able to acquire a lot of information from the packets that make up our Internet traffic. Unfortunately, DPI also shows the Carrier what the content is, unless the content is encrypted. If the content IS encrypted, DPI lets Bell Canada know it’s encrypted. Essentially Deep Packet Inspection gives Bell Canada the capability of reading any unencrypted packets we send across the Internet.
The original application of DPI was to allow Bell Canada to keep track of their customers’ bandwidth use. This necessarily requires information about both senders and recipients, because you can’t reasonably charge Usage Based Billing without knowing which customers used what amount of bandwidth. Bell Canada did not require permission to do this to their own retail customers, because the CRTC does not set Internet pricing. The CRTC allows the ISPs freedom to charge what they want, since the CRTC believes Canada enjoys competition. The idea here is that customers who are dissatisfied with the price or the service terms they are getting are able to change ISPs.
Interestingly enough, at the same time that Bell was busily “throttling” customers, it seems that Bell Canada had begun a new business enterprise: The Globe and Mail: Bell launches video download store. Although customers using Peer to Peer file sharing protocols for downloading were being throttled, it seems subscribers to Bell Canada’s own download service were not.
The problem began when Bell Canada took things too far. After deploying their Deep Packet Inspection package, it wasn’t long until Bell Canada took it a step further– Bell Canada began to use DPI to “throttle” their wholesale customers’ Internet traffic as well.
It is important to understand that the only reason Bell Canada offers wholesale bandwidth is because they have been compelled to do so by the Canadian Government. Left to their own devices, Bell Canada would never have done this, because these wholesale Customers compete directly with Bell’s own Sympatico Internet Service. But the Canadian government thought (and rightly so) that Canadians need the ability to access modern technology at reasonable prices if we are going to be able to successfully complete in the global economy. So the Canadian government opened the market to Independent Service providers who would access the Internet through Bell Canada’s Gateway Access Service (GAS).
It is also important to understand that the reason Canada has an existing infrastructure of Internet Carriers is because these Carriers were given both Canadian government protection and assistance to allow their establishment starting with the special act of the Canadian Parliament which incorporated Bell Canada in 1880. One of the key reasons Internet Carriers exist today are government granted easements which allow them to run their equipment and wires across privately held Canadian property– not just the property of their customers. Every Canadian landowner can refer to their deed to find the portion of their land which offers access to these and other utilities. It doesn’t matter if the property owner does not use these services, the Canadian Government has enforced these easements across Canada in the name of the public good.
When Bell Canada and the other Internet Carriers take the Independent ISPs to task for not running their own wires directly to customers’ homes, bear in mind that these Internet Carriers conveniently neglect to mention their own preferential status in the matter of easements. After all, the only reason they are in a position to offer Internet or phone service is because the Canadian government has graciously allowed their wires and equipment to occupy our soil, for the public good.
It is critical to understand that Bell Canada’s wholesale customers are Bell Sympatico’s direct competition, the Independent ISPs. These Independent ISPs purchase bulk blocks of bandwidth from Bell Canada then repackage and apportion out this bandwidth as they see fit in order to offer Internet Sevice to Canadian retail customers.
Bell Canada’s Secret “Throttling” Exposed
As I understand it, customer complaints about a sudden drop in efficiency first alerted the Independent ISPs that there was a serious problem with Canadian Internet service. The Independent ISPs investigation into the matter discovered that Bell Canada was interfering with their retail customer’s Internet traffic.
The concerned Independent ISPs took their complaint to the CRTC.
Having been caught in the act, Bell Canada admitted to “throttling” and I believe it was also the first time that Bell Canada came up with the excuse that they had to “throttle” customers because the Internet was congested. Bell Canada claimed that they were only “throttling” for the good of the Internet.
Because Bell Canada talked about “Traffic Shaping” and “throttling”, they gave the impression that they were simply following the standard network maintenance operating procedures described above. Bell Canada convinced the CRTC that there was too much traffic on the Internet, although to date have not offered proof of this allegation. Once Bell Canada had the CRTC convinced there was a problem, they explained that “throttling” was necessary in order to clear the congestion. Bell Canada was given the CRTC’s blessing to “throttle” Internet speeds by artificially slowing certain traffic during peak usage hours.
Does the CRTC believe whatever Bell Canada tells them?
Of course the practice Bell Canada calls “throttling” actually adds packets to the Internet, so instead of clearing congestion, it slows the traffic by adding to the congestion. Bell Canada neglected to mention any of this when they asked the CRTC to condone their practice.
If the CRTC doesn’t understand something technical, isn’t it their business to find out?
Bell Canada’s friends at the CRTC gave them permission to “throttle” the customers of the Independent ISPs who were in direct competition with Bell Sympatico. Since we know that Bell Canada’s kind of “throttling” doesn’t clear up Internet congestion, it adds to it, is this a sign of CRTC incompetence or just another indication of CRTC disregard for the rights of Canadian consumers?
License to Discriminate
Bell Canada has indicated that they aren’t going to “throttle” everything, just the heavy users (BitTorrent traffic from P2P sites). This is why Bell Canada needs to use Deep Packet Inspection, so they only interfere with specific Internet traffic that Bell Canada doesn’t like. The CRTC has given Bell Canada permission to discriminate against Canadians based on the contents of their Internet packets.
Adding injury to insult, CRTC gave permission to deliberately degrade the quality of the access these Canadian citizens are paying for. Bell Canada claims that this is necessary because these heavy users are using more than their fair share of Internet bandwidth. Never mind the fact that these Internet Users are paying for this access– in many cases these Internet users are paying a premium for a larger slice of bandwidth precisely because they are heavy users.
The Bell Video Store did not prove successful and has since gone out of business. However, the practice of “Throttling” can still be profitable since Bell Canada will still be able to charge Internet customers for the deliberately inflated bandwidth.
In order to achieve this legal discrimination, the Deep Packet Inspection software has to look inside the packets so Bell Canada can decide which packets to interfere with.
what about the issue of privacy?
“What would you think if you wrote a letter and it could be opened up by a postal or a courier service before it reaches its destination? What would you think if that happened to your online communication? It’s not necessarily a hypothetical question.”
The Privacy Commissioner’s question isn’t hypothetical anymore.
Bell Canada says that they need to use Deep Packet Inspection to identify the traffic they wish to throttle.
The CRTC has given Bell Canada permission to look inside the packets. Everything on the Internet is packed in packets. Every email, every instant message, every web page, every transaction we make is now available to Bell Canada scrutiny.
The CRTC doesn’t seem to think this is a bad thing. Of course, its my privacy they are putting at risk, and yours, not their own. Its easy for them to be magnanimous with my privacy.
“One issue that has been the focus of much debate is the use of deep packet inspection (DPI) to shape/control traffic. So, what is the privacy issue? Well, there is the potential for DPI technology to peek into an individual’s entire on-line activity, which may include sensitive personal information. When DPI is used, it is also seemingly “invisible” to individual users. It is important that we are made aware of DPI’s potential use to manage our activities on the Internet.”
I’m curious if the CRTC members would be so eager to pass out copies of their own personal house keys to the same Bell Canada employees who will have access to our Internet privacy. Oh, I’m sure that a clear majority of Bell Canada employees are completely ethical and wouldn’t dream of invading anyone’s privacy. It’s just the one that isn’t trustworthy that worries me.
Bell Canada is a corporation. A corporation does not have ethics, it has a bottom line.
Even if the people at the corporation’s helm may choose not to abuse this extraordinarily broad power today, their successors of tomorrow may not.
The CRTC may trust Bell Canada to behave ethically but I don’t. What’s more I shouldn’t have to since Bell Canada is not my ISP.
Bell Canada has no business peeking in my packets.
I don’t have any business relationship with Bell Canada at all. I’m not even using Bell Canada telephone service anymore. I cancelled my Bell land line and switched to Teksavvy. If nothing else it’ll save me a bit of money which I can put toward future Internet use when Usage Based Billing is implemented.
Bell Canada’s only relationship to me is an arms length one: Bell Canada is merely the Internet Carrier — a utility company — to the Independent ISP where I get my Internet service. The electric company I get my power from doesn’t try to tell me what appliances I can run. They may suggest it would be better not to use an air conditioner on a hot day, but if I do they don’t slow down the current I receive or drop me off the grid. If all the electric customers choose to use their air conditioners anyway, the entire system might crash. But the electric company does not deliberately sabotage their customers.
In anticipation of the possibility of power power failure, the electric company has been constantly improving the way that they run the power grid over the years. The electric company doesn’t try to force their customers to slow down, they work hard to find ways to keep ahead of the demand. They are always searching for new ways of doing things that will allow them to continue to provide the valuable commodity they offer.
How can the CRTC give Bell Canada permission to bill non-customers?
This is the big question that I just can’t get my head around. The Internet service I subscribe to is Teksavvy’s. I do NOT subscribe to Bell Canada’s Sympatico service. Teksavvy is an independent ISP. Teksavvy is Bell Sympatico’s direct competition.
First the CRTC gave Bell Canada the right to “throttle” me, even though I am not a Bell Canada customer. (How can they DO that?)
Now the CRTC is adding injury to insult by allowing the implementation of Usage Based Billing. The CRTC has given Bell Canada the right to charge me an additional sum of money for the exact same service I am currently paying for, even though I am not a Bell Canada customer.
The CRTC has actually given Bell Canada the right to interfere in my business relationship with a competitor.
What gives the CRTC the right to do this at all?
A Piece of the Action
Maybe its time for the electric company to petition the CRTC for the right to institute an additional Internet fee structure specifically for Bell Canada.
Lets call it “A Piece of the Internet Action” billing. The CRTC could simply order Bell Canada to pay half of their Internet Usage Based Billing windfall to the the electric company. Since Bell Canada hasn’t actually done anything to earn the increased fees they will be charging courtesy of the CRTC’s largesse, it should be no hardship for Bell Canada. Since the CRTC wants to rejig the world of economics, this would give them expanded scope to inflict even more havock on the Canadian Economy.
Can the Internet run without electricity? Certainly not. Bell Canada’s Internet equipment doesn’t run on good wishes, it runs on electricity. Oh sure, Bell Canada is already paying for the electricity they use. (Just as we lowly customers are already paying for the Internet service we are getting.) That shouldn’t stop the CRTC. They see nothing wrong in allowing one company to bill another company’s customers; in comparison a ruling like this would be seem logical.
This would be a way for Bell Canada to share the excessive profits they will make as an Internet utility with the Internet’s real Backbone Utility. After all, without electricity there would be no Internet.
The CRTC’s approval of this “division of the spoils” type of billing would give the electric company a chance to step up to the plate for what clearly should be their cut.
Of course the simplest way to assess “A Piece of the Internet Action” billing would be to divide Bell Canada’s Internet profit column– lets say by a 50% split– down the middle. It would be a simple matter for Bell Canada to cut a monthly check. That’s not so much… after all the electricity utility makes the Internet possible.
Of course if Bell decides to ignore this CRTC ruling (as they have so many others), the best part is that the CRTC wouldn’t even have to do anything about it (the CRTC’s preferred course of action) because the electric company could just turn off Bell Canada’s power until they made the required payments.
Since the CRTC finds it is reasonable to double fees without improving the service this would even fall within CRTC precedent.
How much Bell Canada equipment runs without electricity?
How much electricity does it take just to run the lights Bell Canada uses so their employees can work?
- How much recording equipment does Bell Canada use (for monitoring their employee’s calls)?
- How many Bell Canada computers Canada run on electricity?
- How many servers?
- How many electric pencil sharpeners?
- Coffee machines?
- Air conditioners?
- Electric drills?
- Vacuum cleaners?
How many Bell Canada employees would climb all the way to the top floor of the Bell Canada building if the electric company decided to cut off Bell Canada’s power and they couldn’t use the elevator?
Not because they’ve earned it, just because they want it.
The point is that the electric company doesn’t have any more or less claim to additional funds for our Internet usage than Bell Canada does.
And the electric company is NOT demanding an entire new fee structure in the form of an additional Internet charges.
Because it makes no sense.
In exactly the same way that Usage Based Billing makes no sense.
I’m only a consumer, but I have some serious issues here. Deep Packet Inspection is at best dangerous, offering a whole catalogue of ways that the privacy and security of Canadians could be compromised. If the object is truly to manage congestion DPI is unnecessary, because either Policing or real Traffic Shaping would do the job. Government authorized discrimination against particular users engaging in perfectly legal access that they have paid for is— at best— apalling.
Canada has certainly come a long way since Pierre Trudeau famously insisted that:
“There’s no place for the state in the bedrooms of the nation.”
It seems Canadians no longer need to worry about government invasion of privacy, we just need to worry about the corporations the CRTC allows to invade our privacy.
(We won’t even think about the fact that Bell Canada is also interfering in Internet business by throttling encrypted Internet packets on the grounds that it might contain P2P traffic. )
The best option available to Canadians seems to be the routine encryption of everything we do online. I will start looking into encryption options, and I’d appreciate hearing any pro & con advice from users who have used encryption.
Of course, once we stsrt using encryption to protect our privacy, we KNOW Bell Canada will throttle our Internet traffic.
The part that is really really bad is the part where a corporation has been given the right to deploy this incredibly invasive technology. Worse, this corporation has been given legal permission to use this means of breaching of Canadian privacy with absolutely no oversight. Bell Canada says they will only use this awesome power for good.
That isn’t good enough.
If you haven’t signed the petition, it’s available online at
If you have signed, encourage other Canadian Internet users to sign. After all, Usage based Billing will affect all of us.
It’s up to 9139 signatures!
[....the next segment in the alphabet series will be D: BitTorrent]