It's a net neutrality whodunnit: Boffins devise way to detect who's throttling transit

Simple, really – follow the congested links

Back when net neutrality was a thing, engineers at the Center for Applied Internet Data Analysis (CAIDA) tested US interdomain links, and found them mostly flowing freely.

News of Verizon throttling a California fire department's data suggest things have already changed in America, but if CAIDA's work gets legs, the world will at least have a new way to detect that kind of behaviour.

Published this month after winning the ACM's SIGCOMM 2018 "best paper" accolade, "Inferring Persistent Interdomain Congestion" offers an architecture for what its 10 authors called "large-scale third-party monitoring of the Internet interconnection ecosystem".

When the group did its data gathering between March 2016 and December 2017, its focus was on how disputes between different players – ISPs, content providers, clouds, and transit providers – would end up in throttled links and degraded end user performance.

As the paper stated: "There is a dearth of publicly available data that can shed light on interconnection issues." Hence even though an interconnection dispute, throttled links, or even misconfiguration can affect people far beyond the scope of an affected link, the researchers noted that "limited data is available to regulators and researchers to increase transparency and empirical grounding of debate".

Instead, it becomes a matter of accusation and counter-accusation in the tech press (such as when Netflix went public against AT&T in 2014, before the two inked a peering agreement).

CAIDA - throughput in times of congestion

Rising ping times, hinting at latency, correlated well against falling throughput in CAIDA's research

With probes at 86 vantage points in 47 ISPs, CAIDA's boffins created "a system that conducts ongoing congestion measurements of thousands of interdomain links", the paper said. The vantage points were fitted with "Time Series Latency Probes" (TSLP), which the paper said was "consistent with those obtained from more invasive active measurements (loss rate, throughput, and video streaming performance)".

That data was validated by the operators themselves, CAIDA's team said.

The TSLP approach is simplicity itself: as congestion rises, packets get buffered, latency rises – and CAIDA's deep knowledge of the underlying network topology (built into another tool to identify which links to probe) made it possible to infer where the latency, and therefore congestion, occurred.

"If the latency to the far end of the link is elevated but that to the near end is not, then a possible cause of the increased latency is congestion at the interdomain link," the paper said.

The probes also measured packet loss on similar reasoning: an excessively congested link will see packets dropped when their time-to-live (TTL) expires (*CAIDA's Amogh Dhamdhere e-mailed us with a more accurate, and more detailed, description, added below).

There's a presentation slide deck for the paper here (PDF), and CAIDA's analysis scripts, data sets (via a visualisation interface), and query API are available by request to, and the organisation is hoping ISPs will volunteer to help gather data. ®

*Correction: The Register slipped up in summarising the methodology, and Amogh Dhamdhere, a co-author of the paper, has provided a more detailed summary via e-mail.

"The TSLP technique uses the same probing method to measure both latency and packet loss. The method consists of sending probes towards a destination and setting the Time To Live (TTL) of the packets to expire along the path, such that the packets expire at the two ends of the interdomain link we are measuring. We deliberately set the TTLs in this way to get responses from the routers at the endpoints of the interdomain link. We can then use those responses to measure latency and packet loss. The losses we measure are not due to the fact that the TTL expires, but rather because the queue at the router is full.

"The difference between latency and packet loss measurements is that our latency measurements are done at a very low frequency (once every 5 minutes) while the loss rate measurements are done at a higher frequency (once a second)."

Other stories you might like

  • Talos names eight deadly sins in widely used industrial software
    Entire swaths of gear relies on vulnerability-laden Open Automation Software (OAS)

    A researcher at Cisco's Talos threat intelligence team found eight vulnerabilities in the Open Automation Software (OAS) platform that, if exploited, could enable a bad actor to access a device and run code on a targeted system.

    The OAS platform is widely used by a range of industrial enterprises, essentially facilitating the transfer of data within an IT environment between hardware and software and playing a central role in organizations' industrial Internet of Things (IIoT) efforts. It touches a range of devices, including PLCs and OPCs and IoT devices, as well as custom applications and APIs, databases and edge systems.

    Companies like Volvo, General Dynamics, JBT Aerotech and wind-turbine maker AES are among the users of the OAS platform.

    Continue reading
  • Despite global uncertainty, $500m hit doesn't rattle Nvidia execs
    CEO acknowledges impact of war, pandemic but says fundamentals ‘are really good’

    Nvidia is expecting a $500 million hit to its global datacenter and consumer business in the second quarter due to COVID lockdowns in China and Russia's invasion of Ukraine. Despite those and other macroeconomic concerns, executives are still optimistic about future prospects.

    "The full impact and duration of the war in Ukraine and COVID lockdowns in China is difficult to predict. However, the impact of our technology and our market opportunities remain unchanged," said Jensen Huang, Nvidia's CEO and co-founder, during the company's first-quarter earnings call.

    Those two statements might sound a little contradictory, including to some investors, particularly following the stock selloff yesterday after concerns over Russia and China prompted Nvidia to issue lower-than-expected guidance for second-quarter revenue.

    Continue reading
  • Another AI supercomputer from HPE: Champollion lands in France
    That's the second in a week following similar system in Munich also aimed at researchers

    HPE is lifting the lid on a new AI supercomputer – the second this week – aimed at building and training larger machine learning models to underpin research.

    Based at HPE's Center of Excellence in Grenoble, France, the new supercomputer is to be named Champollion after the French scholar who made advances in deciphering Egyptian hieroglyphs in the 19th century. It was built in partnership with Nvidia using AMD-based Apollo computer nodes fitted with Nvidia's A100 GPUs.

    Champollion brings together HPC and purpose-built AI technologies to train machine learning models at scale and unlock results faster, HPE said. HPE already provides HPC and AI resources from its Grenoble facilities for customers, and the broader research community to access, and said it plans to provide access to Champollion for scientists and engineers globally to accelerate testing of their AI models and research.

    Continue reading

Biting the hand that feeds IT © 1998–2022