It can take a while depending on the size of the document..please wait
Discuto
0 days left (ends 29 Aug)
description
Further info
LATEST ACTIVITY
LEVEL OF AGREEMENT
MOST DISCUSSED PARAGRAPHS
LATEST COMMENTS
MOST ACTIVE USERS
P88
This chapter describes recommendations for detecting traffic management practices that affect the connectivity and reachability of individual applications. This use case includes the detection of blocked applications and content (e.g. network based content filtering, such as ad-blocking and blocked web content). In addition end users could be restricted from using and providing applications by blocking communication ports, URLs and IP addresses. Many applications can be blocked by blocking the communication port used by the application. Therefore the connectivity measurements described below are an essential part of the net neutrality assessment methodology and should be used according to the need in each national market.
Add comment
4.1.1Blocked ports
P89
Blocked ports can be detected by establishing a connection to the port being tested, using the transport protocol in question. With TCP, a port can normally be considered as being open if the 3-way handshake completes. However, some network equipment may even complete the handshake on behalf of measurement server. Therefore, it is recommended to send some data and verify the integrity of the received data to ensure that the connection is established to the measurement server.
Add comment
P90
Given the connectionless nature of UDP, a measurement system must define a feedback mechanism that tells whether the packet was received.
Add comment
P91
Measurement tools should be able to test for blocked ports at least over the following:
Add comment
P94
• Uplink (connections from the end user to internet host) and downlink (connections from the internet towards the end user); and
Add comment
P96
It is also worth noting that network address translation (NAT) which might be used by ISPs affects downlink connectivity such that by default all communication ports are effectively blocked. This must be taken into account when assessing the measurement results.
Add comment
P97
It is important to take into account that the end user environment (especially firewalls) may also affect the results. However, in the case of crowdsourcing approach it may be possible to compare large number of results from different end users. Setups or disturbances in the end user environment may produce measurement results that incorrectly indicate certain traffic management practices. In case a large number of measurements indicate the same traffic practice, the likelihood that these practices are indeed occurring due to the operator's network setup increases.
Add comment
4.1.2IP addresses blocking
P98
The measurement tool must be able to perform this test using both IPv4 and IPv6 protocols. The purpose of this test is to if certain IP addresses are blocked. This check is executed by attempting to connect to well-known ports on the address being tested against. The test methodology is similar to the port-oriented connectivity check described in the previous chapter, but in this case the focus is on the specific IP address.
Add comment
P99
A successful connection to any port (or indeed any response from that address) is not sufficient to detect that the IP address is not blocked, since some ISPs could use middle-boxes to simulate a connection, and even answer on the established connection. Therefore, it is recommended to also send some data and verify the integrity of the received data.
Add comment
P100
If the connection cannot be established or the received data is not as expected, a new measurement should be performed using a VPN to access a proxy server outside ISPs control so that the ISP does not see the real destination address. If the connection via proxy is successful, this can be seen as an indication that something in the ISP network is blocking the IP address.
Add comment
4.1.3DNS manipulation
P101
DNS manipulation refers to a situation where a DNS reply is received (on an A or AAAA request) which falsely indicates that the domain is unknown or where an incorrect IP address is returned. The result of this manipulation is that the client is redirected to a different address.
Add comment
P102
DNS manipulation can be detected by analysing the responses to DNS requests on known targets (e.g. DNS records of specific domains under the control of the NRA).
Add comment
P103
Note that end user environment (especially firewalls) may affect the results. However, in the case of a crowdsourcing approach it may be possible to compare thousands of results from different end users and using different DNS resolvers which could solve the problem.
Did you know you can vote on comments? You can also reply directly to people's comments.