DPI & P2P
We all know that operators often buy DPI-solutions for cutting back, or even completely blocking, P2P traffic (also, in China, it is widely used to “spoil” VoIP traffic). Here, our unloved manufacturers of DPI-boxes bring a heap of all sorts of "useful" functions: inserting contextual advertising, prioritizing the "right" and much more. In general, you can think of anything your heart desires, because package can be analyzed completely. True, the performance is not as good as we would like (now there are boxes with 2 10G interfaces); here you can also mention the quality of the definition of the same P2P-protocols. Early last year, EANTC tried to test DPI systems . Moreover, the testing was carried out free of charge for equipment manufacturers - everything was paid from the pocket of the French recording and sound-saving mafia association. The results, to put it mildly, are bad :)
The situation is similar to the one on the antivirus market - P2P protocols are changing / new ones are emerging, and manufacturers of DPI-systems release signatures to determine them. For example, take the well-known BitTorrent protocol: if TCP was always used to transmit information, then UDP is now supported, which will make life much more difficult for dpi-boxes + encryption support.
But I wanted to tell you not about it, but about the system for caching P2P content, which I have already managed to get acquainted with: Oversi OverCache . The idea is relatively simple: the operator installs the cache server and control system for them.
The control system is responsible for:
How is popular content determined? Simply - for this, the control system must be mirrored (SPAN, TAP) traffic coming to upstream (30% is enough), this traffic is analyzed (eDonkey2k content, calls to torrent trackers, file hashes, etc.). Plus, you can add a “local” content search through DHT . From this information you can already identify popular content, popular trackers and make some kind of threshold for caching / lifetime of files. In order not to run into copyright advocates - the system does not cache files completely: for BitTorrent, for example, it does not download the first and last blocks of the file, which does not allow the system to become a seed.
For flash-video, everything is a bit more complicated, besides the fact that we have to intercept calls to video sites (youtube is the same), we also need to redirect the client to a local cache server. I don’t know about you, but my wife and some friends regularly watch movies using VKontakte.Ru.
According to statistics, the effectiveness of solutions up to 80% percent of the cache. Benefits are obvious: the provider receives a free uplink channel (and if there is a developed caching system and inter-regional links), customers get accelerated content download. The whole world is happy :)
The situation is similar to the one on the antivirus market - P2P protocols are changing / new ones are emerging, and manufacturers of DPI-systems release signatures to determine them. For example, take the well-known BitTorrent protocol: if TCP was always used to transmit information, then UDP is now supported, which will make life much more difficult for dpi-boxes + encryption support.
But I wanted to tell you not about it, but about the system for caching P2P content, which I have already managed to get acquainted with: Oversi OverCache . The idea is relatively simple: the operator installs the cache server and control system for them.
The control system is responsible for:
- collecting statistics;
- content management (identifying popular resources, more distant than old unpopular resources);
- announcement of the availability of content to their peers (clients from the entire address space of the operator);
- management of cache servers.
How is popular content determined? Simply - for this, the control system must be mirrored (SPAN, TAP) traffic coming to upstream (30% is enough), this traffic is analyzed (eDonkey2k content, calls to torrent trackers, file hashes, etc.). Plus, you can add a “local” content search through DHT . From this information you can already identify popular content, popular trackers and make some kind of threshold for caching / lifetime of files. In order not to run into copyright advocates - the system does not cache files completely: for BitTorrent, for example, it does not download the first and last blocks of the file, which does not allow the system to become a seed.
For flash-video, everything is a bit more complicated, besides the fact that we have to intercept calls to video sites (youtube is the same), we also need to redirect the client to a local cache server. I don’t know about you, but my wife and some friends regularly watch movies using VKontakte.Ru.
According to statistics, the effectiveness of solutions up to 80% percent of the cache. Benefits are obvious: the provider receives a free uplink channel (and if there is a developed caching system and inter-regional links), customers get accelerated content download. The whole world is happy :)
')
Source: https://habr.com/ru/post/54845/
All Articles