No 'Peer' Relief for This Back-to-School Season


The annual return of our nation's children to school used to invoke a transitory calm in the people who track bandwidth consumption to and from cable modems.

As the yellow buses rumbled off, broadband networks settled down. Bandwidth spikes shrunk; congestion eased. Life was good again -— at least for seven hours a weekday.

Alas, the autumn of 2003 offers no such relief to the industry's data engineers. As is necessarily the case with better mousetraps, the tools available for peer-to-peer networking, abbreviated as "P2P," are advancing.

Keep on spiking

It no longer matters, for example, whether there's someone at the PC, to skipper the tugging of more music, images or video files. The spikes of P2P can keep spiking, and the congestion can keep congesting, unattended.

The files shared among P2P participants are also getting bigger: It's not just little audio files anymore. Video comprises about 15% of the P2P traffic ripping through today's Internet routers, according to the companies who monitor this stuff.

That percentage is being feverishly stoked for growth.

It's a fairly safe bet, for example, that DVD burners with file-sharing capabilities will be available by year-end. That means enormously fat files, with spigots tooled for broadband.

One movie weighs hundreds of megabytes — sometimes gigabytes — and that's not including any DVD extras. That's a lot of bits to move. Naturally, they move fastest over broadband's roomy avenues.

Runaway consumption

The actual and anecdotal evidence about P2P's insatiable nature is alarming, even to data stalwarts. Six percent of broadband Internet customers consume 60% of bandwidth. One guy uploaded 300 gigabytes in a month. (That's roughly equivalent to 1.2 million Web pages, or about five movies a day.)

Adding more bandwidth to fix the problem is about as effective as adding acreage to a forest fire. Like a gas, P2P traffic always seems to fill all available space.

So, shut it off, you say. Don't let P2P traffic in. Or only let some of it in.

That method did work, for a while. Understanding why it doesn't work now requires a bit of detail about how P2P traffic moves.

Say you've downloaded a file sharing program, like KaZaa, onto your PC. First, the program needs to identify itself to the PC's operating system. Because it needs to communicate over the Internet, it gets what's called a "port number," so that the machines the application encounters along the way know where to listen for it, and talk to it.

Port 80

Massively used applications, like Web browsing, use an agreed-upon port number, assigned by the Internet Engineering Task Force (IETF). The identification number for Web browsing happens to be port 80.

In the early days of P2P, downloaded "client" applications used a static port number. KaZaa used port 1214, for example. Static numbers can be physically filtered out at headend routers, and the traffic disallowed.

(If this sounds unfriendly, consider the operator who throttled P2P traffic way back, without getting a single angry customer call. Or the operator who stunted P2P traffic and saw a 50% decline in those cranky "tell me again why I'm paying you extra for your slow service" calls. Harnessing P2P traffic gives the majority of customers more room for their transmissions.)

These days, though, P2P applications are more skillful. Static port numbers are out. Port hopping is in.

It's not unusual for P2P to identify its packets not with a fixed port number, but with the "port 80" of Web browsing applications — which makes P2P packets look like any other Web page request.

Other times, P2P clients do what data technicians call "port hopping," which is the use of random port numbers that are privately agreed upon between P2P users. Envision this as two P2P applications stepping off the network, and saying "meet me over there." The "over there" is the random port number.

The next mousetrap is encrypted P2P traffic, which will happen, and will be all the harder to detect and manage.

Data forensics

The good news is, there are tools to deal with P2P now. They're brute force tools, but they're tools: Cable modems, and their headend controllers, can be set to impose speed and consumption limits.

A growing number of companies are also building forensic tools that can look harder into packets to see how they relate to each other. This helps to "shape" cable-modem traffic, either to cap "bad" traffic, or to apply business policies. Maybe this means making authorized P2P applications work better on broadband.

For now, as the days shorten and the air cools, there are three things to know about P2P on broadband networks. One, it isn't going away. Two, it's growing fast. Three, it won't stop seeking ways to ride broadband.

Those are the current events of P2P traffic. Next time: More on the methods to make P2P more harmonious with broadband providers.

Stumped by gibberish? Send translatables