On October 25, the Technology Liberation Front, a technology
policy weblog, hosted an online discussion
recent actions by Comcast Corporation to limit certain types of
traffic on its network in order to manage demand. This is an edited
transcript of that discussion.
Adam Thierer: The Associated Press reported this week
that cable giant Comcast is apparently engaging in certain
"traffic-shaping" techniques as they relate to BitTorrent, a
peer-to-peer file-sharing protocol. What exactly is Comcast up to,
and what are the ramifications of the company's traffic-shaping
activities for the longer term debate over net neutrality policy in
this country? That's going to be the focus of this discussion.
Joining me for this discussion are Jerry Brito of the Mercatus
Center; James Gattuso of The Heritage Foundation; Ed Felten, who is
a professor of computer science and public affairs and director of
the Center for Information Technology Policy at Princeton
University; and Richard Bennett, who has spent the last 30 years
designing network traffic systems and is an expert on network
Jerry Brito, before we get into the meat of the issue, could you
describe exactly what is happening in this case?
Jerry Brito: Sure. The AP conducted an investigation of
Comcast's traffic management and basically found that in certain
instances, whenever they used BitTorrent to transfer a file or try
to upload a file, the connection would be reset. Upon further
investigation, they found that whenever a file was trying to be
uploaded, Comcast would, essentially, pretend to be the user on the
other end of the transfer and send a reset message so that the
connection would be dropped.
This caused a big uproar among the blogs and also among some
newspaper columnists. Look, they said, this is more evidence that
the big providers need to be regulated; we need to have net
neutrality regulation. Now, what's interesting to me about this is
that Comcast definitely has an interest in managing its network
because BitTorrent traffic accounts for a lot of bandwidth use and
affects other users on the network. But the way that they're doing
it is that they're blocking an entire protocol, it seems. They're
not going after heavy users, they're going after an entire
protocol, and that's what seems to be enraging the net neutrality
Adam Thierer: Ed, can you give us your perspective on
this and what's going on here?
Ed Felten: Sure. I think there are really two issues
here. One is that Comcast has not been upfront with people about
what they're doing. What we know about what's happening has been
discovered by experiments, like the experiments that the AP did,
and, by inference, from things that happen in other people's
networks. But as far as we know, what Jerry described is basically
right: Comcast is apparently looking for certain uses of the
BitTorrent protocol and then intervening by essentially telling
each end of the network connection that the other end has hung
Second, this is not the usual way of managing and dealing with
congestion on the Internet or in large networks. There are other
mechanisms that are built into TCP which to me seem like more
natural and more friendly ways to shape traffic. But what Comcast
is doing is, I think, a bit sneakier.
Adam Thierer: What would be the friendly way to manage
traffic, in your opinion?
Ed Felten: Well, the usual way of dealing with a
congested network is to have the network drop individual packets of
data. When you communicate across the Internet, the data that you
sent is divided up into packets. The usual thing that happens in
congestion is that individual packets get lost or dropped when the
network in the middle is overwhelmed, and the hosts at the
endpoints that are communicating recognize the dropped packets and
say, okay, the network must be congested, so let's slow down. And
there's a really exquisitely engineered mechanism by which the end
hosts can react to congestion on the Internet. But all that relies
on the network in the middle responding to congestion in a certain
way--by dropping packets--whereas Comcast did something else.
Adam Thierer: I see. Let's bring Richard Bennett in at
this point and ask him for his thoughts on this issue and exactly
how he would respond to what Professor Felten said.
Richard Bennett: I really don't see Comcast as the
wrongdoer here. They do have a responsibility, as Jerry pointed
out, to their customers to keep their network stable and
responsive, and that appears to be just exactly what they've done.
And it is worth clarifying that they don't block or meter the
normal use of BitTorrent for downloading distributions of open
source files or movies or whatever. The restrictions that they
place on their network are a slow rate of BitTorrent uploads, which
means that if you're operating BitTorrent after your download is
completed--that is, you're serving up files to the rest of the
internet-- they put a cap on the amount of bandwidth that they will
let you have to do that based on the conditions on the network at
that particular point in time.
Now, Ed has criticized Comcast because it's not using the
standard mechanism in TCP that was supposedly engineered to control
congestion on the Internet, and I think it's worth pointing out
about that that's not really a general purpose solution to all
sorts of network congestion problems. The TCP mechanism, which is
called "slow-start," is actually a point solution that was rapidly
tacked onto the Internet protocol suite in the mid-1980s to solve
the problem called "congestion collapse" that was caused a very
different protocol, FTP.
The mechanism works for FTP because FTP only opens one socket
pair for its file transfer. BitTorrent, however, opens multiple
socket pairs, and so if one of those streams is suppressed by the
slow-start algorithm, it simply shifts over to the other streams
that haven't been slow started and continues transferring data.
BitTorrent's goal is to maintain a constant rate of upstream
traffic, and because it has that goal, it will defeat the standard
anti-congestion mechanism that's used by FTP.
So what Comcast is doing is actually a very common technique
that every firewall uses for exactly the same purpose: using "TCP
resets" to control access to and traffic within a network that's
connected to the Internet. They're managing their private network,
and they're doing it in a rational way.
Adam Thierer: Professor Felten, what is your response to
Richard Bennett? Also, if Comcast has the ability to take other
approaches, what are they and where would the approach that they've
taken fit in that pecking order?
Ed Felten: First, I want to agree with Richard that part
of the problem here is that Comcast is not talking about what
they're doing and not explaining themselves or indeed even really
admitting that they're using this particular method. I think it
would help everyone if Comcast would just explain what they're
doing and why--their justification--because certainly, I think no
one is arguing that they shouldn't be able to manage the traffic on
their network when it becomes congested.
My questions are: Are the methods they used aimed well at
dealing with the congestion? Do they have other goals? And why
haven't they explained to their customers what they're doing? There
was a considerable period when most of the Comcast customers who
were affected by this were unaware of what was going on, and I
don't think that helps anybody. If Comcast's goal is to reduce the
use of BitTorrent, or certain uses of BitTorrent, they ought to
explain to their users that if you use BitTorrent in this way,
you'll get performance that you may not like because of the traffic
Adam Thierer: Professor Felten, I actually agree with
that; if there's one thing everyone can agree on, it's that the
more transparency, the better, as concerns these traffic-shaping or
network management activities. Seemingly, Comcast is coming around
to that view.
However, it also seems clear that more transparency would not be
enough to satisfy some of the critics out there and that the
practices that we're describing here, which Richard describes as
fairly routine, are drawing these critics' ire. Would you say that
there's something wrong with these techniques or that there's a
preferable way to do this?
Ed Felten: Well, I can imagine that the mechanism they're
using may be justified, but they have not offered a justification,
so we can't really look at what they're doing and draw a conclusion
about whether it's justified or not. In other words, we can't
really evaluate yet whether the accusations of their harshest
critics are actually correct at a technical level. And they could
clear that up, assuming that they actually are behaving
appropriately, by just talking about what they're doing.
Richard Bennett: I think they are trying to set the
record straight. The basic details have actually been known by the
BitTorrent community for several months. There was also a third
article by the AP reporter who broke this story in the mainstream
media that was a little bit more sympathetic to the Comcast point
of view. In that article, Comcast was a little bit more forthcoming
about what they're doing and why, and they made the point that
they're not actually blocking these uploads altogether but just
essentially rescheduling them for some future time when the network
is not so busy.
You have to understand that Comcast is playing a cat and mouse
game with BitTorrent. And if you look into the details of how
BitTorrent is engineered, it's fairly obvious that concealment of
BitTorrent streams from traffic shaping and admission control and
other sorts of network management technologies is an explicit goal
of the project. Every concealment method that you can think of is
used by BitTorrent to escape detection by the kind of network
management systems that people like Comcast have to run. So to the
extent that Comcast is transparent, they're simply making
themselves vulnerable to a new version of BitTorrent that can
escape whatever techniques they're employing.
Adam Thierer: Interesting. James and Jerry, what are the
ramifications for the broader policy debates here in D.C. and
across the country about net neutrality?
James Gattuso: What struck me about the press coverage of
this is that a lot of it has a fairly cartoon version of net
neutrality. A lot of people are writing about how net neutrality
means that you can't prioritize anything on a network, and you have
to treat everything equally. That is one version, but I think that
the generally accepted version of network neutrality accepts that
network management and prioritization has its role. Really, the
focus in recent months has been on whether you can charge for
prioritization. This is not a case in which Comcast was trying to
create two tiers in order to get more money from one user or trying
But reading the press, you would think that network management
in itself was a violation, which just is not where the debate
Jerry Brito: Professor Susan Crawford and others point
out that the technique that Comcast has chosen here entails that it
basically pretends to be the client or the server and send the
other party hang-up commands. They say this is fraudulent or
impersonation, almost like identity theft. So is it something
nefarious, or is it something common?
Richard Bennett: The geeks on Slashdot point out that
this is a common technique that firewalls use. Crawford implies
that, because it's used by the great firewall of China, it's some
kind of authoritarian technique. But actually, it's a common
technique for any firewall.
And that's especially true in this case. The cable modem network
is so sensitive to upload traffic congestion that the most
efficient way to keep it clear is simply to limit the number of
connections that can be made inside the cable modem network. In
traffic engineering, we call that technique "admission control,"
and it's used to block new communication sessions when you don't
have the communications resources to supply them with the bandwidth
that they need. So I think there's really nothing wrong with
Ed Felten: I agree that it's a common technique, but if
you look at the nuts and bolts, it is an impersonation of each
party to the other in some circumstances. Apparently, it's not
broadly accepted in this instance.
So I don't think it's right to dismiss the argument that it
involves impersonation of one party, because it does, after all,
involve sending network packets that purport to come from somebody
other than the person who really is sending them. And whether you
consider that a legal violation, an ethical violation, or neither,
that's up to you. It's also worth noting that falsely attributing
the source of network packets is a technique widely used by actual
bad guys as well.
Richard Bennett: But that's like saying that bad guys use
telephones, and so anyone who uses a telephone is suspect. What I'd
like to know is what is the alternative if they're not going to use
TCP resets? Unfortunately, the IP protocol doesn't really provide
many tools to the traffic engineer to do things like this in a more
explicit way. And a TCP reset is unfortunately just the best tool
that it provides to bring about admission control when there's no
higher-level session protocol like SIP being used that could
explicitly refuse to take the call.
Ed Felten: Well, I just think we don't know, given that
Comcast is being so closemouthed about what specifically they are
doing beyond sort of stating vaguely, "We're shaping traffic." I
think we don't know--we can't tell whether what they're doing is
the best, least invasive way for them to accomplish their
legitimate network management goal or not.
Jerry Brito: Another question: Why is Comcast choosing to
sort of target an entire protocol? If what they're trying to do is
target bandwidth hogs, why not do per-user management? And in that
sense, they could then publish what their cap is and anybody who
goes above this cap is either metered or kicked off the
Adam Thierer: Jerry, let me make that a little bit more
concrete, because this is my favorite hobbyhorse, as you know--the
question of why in the world are broadband providers in this
country not dealing with this problem of excessive bandwidth use by
whatever application or party by essentially better metering the
price? That is, instead of engaging in some form of packet
discrimination, they could engage in what would be a more
reasonable form of price discrimination, using price signals to get
at users at the margin who are using bandwidth excessively. Why is
this not feasible?
Ed Felten: Technically, it's completely feasible. The
reason it mostly doesn't happen is that consumers seem to hate it.
What consumers want to buy, apparently, is a reasonably priced
service that says it provides whatever it is they're going to want.
And the ISPs are stuck here--between their customers' desire to
have unlimited service at a fixed price and the difficulty in
actually providing service to people who use everything that the
network makes available to them. So they're left trying to steer an
uncomfortable middle course, promoting the service as nearly
unlimited or essentially unlimited but then trying to actually
limit what some of their customers do.
Richard Bennett: I think that's mostly true but beside
the point. Comcast does offer different tiers of service, and they
don't claim that any of them is unlimited. They have specific
download maximums and specific upload maximums, and they offer
commercial accounts to people who want to operate servers. So the
tiered service model is essentially already in effect, and, of
course, nobody wants the commercial service because it's a lot more
expensive than the residential service.
And why target BitTorrent when what you're actually going after
is bandwidth hogs? As a practical matter, it's really the same
thing. All the bandwidth hogs are running BitTorrent, so that's
really all you have to do.
James Gattuso: A Washington Post article today put
the ISPs' dilemma this way: They want to offer unlimited service
and then hope that no one takes them up on it. Another analogy is a
bank: All banks have on-demand withdrawals, but you just have to
hope that everyone doesn't come to the bank at the same time and
ask for their money back.
Richard Bennett: Well, this is the real dilemma of
Internet engineering in general, and it's really a central point
that almost never comes up in the network neutrality debates. The
Internet is not designed to allow every person who's using it to
inject sustained traffic into it. The entire technology of packet
switching is based on the assumption that users don't all access
the network at the same time.
If you want to have a network in which everyone is guaranteed a
certain level of traffic throughput whenever they can get on the
network, we have that: It's called the telephone network, and it's
limited bandwidth. The reason that we get high performance out of
the Internet is because we have these high-speed links that are
shared by multiple people who don't use them all at the same time.
It's a bursty traffic model--that's the secret sauce that makes the
Internet go. When you get applications that violate that
assumption, it's trouble.
Ed Felten: I basically agree. And this is the dilemma:
Because consumers are unwilling to accept pay-per-bandwidth, ISPs
are stuck hoping that not too many consumers use all their
bandwidth all the time.
Adam Thierer: So, one of the responses that I've heard
from a lot of bloggers is, "Well, why don't they just build more
capacity?" And I guess there's something to that, after all; if we
had unlimited capacity in the network, that would solve this
problem, right? But is that realistic, is it just a case that we
could just build a little bit more and it would solve the problem?
What are the alternatives here, and is just building capacity going
to solve the problem?
Richard Bennett: Yes, they do have to add more capacity
to the networks. Every ISP is constantly adding capacity to their
networks, because user demand for bandwidth is like user demand for
memory or CPU speed: It only increases. And the more you put out
there, the more ways people find to use it.
Jerry Brito: It's like the old iron law of expenditures.
Expenditures rise with your wages and your income. And so, more
bandwidth won't necessarily solve the problem; there'll probably be
more bandwidth-intensive things out there to use any more bandwidth
that's provided. So network management is going to continue to be
an issue even in a world of more capacity.
Richard Bennett: Absolutely. There is one thing that
Comcast really should do. Their network is highly asymmetrical;
it's tuned to handle more downloads than uploads. But the major
implication of BitTorrent becoming such a hugely popular protocol
is that traffic is becoming more symmetrical. There's a new version
of the cable modem network called DOCSIS 3.0 that's intended to
provide a more symmetrical network, and I think Comcast needs to
move in that direction. I think that will alleviate a lot of these
problems over the long term. But it's an expensive transition, and
it obsoletes all the cable modems that people have bought in order
to use the Comcast network.
Adam Thierer: Jerry and James, this Comcast controversy
comes fresh on the heels of the recent Verizon controversy with
NARAL involving supposed text-blocking activities for messages
going over their network. Do you think these incidents are the sort
of horror stories that would drive public policy or renewed
regulatory efforts, either at the FCC or in Congress, to impose net
James Gattuso: I think these incidents are enough to keep
net neutrality in the news. But by themselves, I don't see this
being enough to push forward legislation. There were non-regulatory
ways of handling each of these incidents, either through existing
legal mechanisms or through the marketplace. And none of them
violate the definition of net neutrality that would be imposed in a
lot of the bills that are out there, which involves charging money
for tiered pricing. These incidents are apples to the oranges of
the main net neutrality debate.
Jerry Brito: Remember that the FCC is still considering
its notice of inquiry, and the FCC has been very clear about what
it wants in comments: instances of blocking. When I did a count of
how many were presented, there were none. So to the extent that the
FCC might want to move in this direction, this may give them at
least some of the evidence that they were looking for.
Ed Felten: This controversy does illustrate one of the
conundrums in the net neutrality debate, which is the difficulty of
distinguishing legitimate network management from interferences
with neutrality. It's not always an easy thing to tell the
difference, as we can tell by this discussion here and in the
blogosphere. Unlike, say, the NARAL example, where it was really
about a network provider being uncomfortable with specific content,
this really does get to the heart of the regulatory difficulties
involved in network neutrality.
Richard Bennett: The network neutrality advocates really
are hoping that this will revive the issue, because network
neutrality has really been on life support for the last 14 months.
It is no accident that the people who have been the most vocal this
week and the most prone to demonize Comcast are the people who were
front and center on network neutrality when it was a live issue 14
to 18 months ago.
Adam Thierer: Well, that's going to do it for our
discussion this week. I want to thank Ed Felten, Richard Bennett,
James Gattuso, and Jerry Brito for joining me. And to read more
commentary on this and other issues, please visit us at
Adam Thierer is a Senior Fellow with
the Progress & Freedom Foundation and the Director of PFF's
Center for Digital Media Freedom. Jerry Brito is a Senior Fellow
with the regulatory studies program at the Mercatus Center at
George Mason University. Edward W. Felten is Professor of Computer
Science and Public Affairs, and Director of the Center for
Information Technology Policy, at Princeton University. Richard
Bennett is Senior Staff Engineer at Trapeze Networks and a
contributor to numerous networking standards and technologies. James L. Gattuso is Senior
Research Fellow in Regulatory Policy in the Thomas A. Roe Institute
for Economic Policy Studies at The Heritage Foundation.