Home > Information Security > National Traffic Engineering

National Traffic Engineering

I was going through some nice reports from (Arbor Networks) and some regional ISPs showing how Iranian internet traffic was manipulated and controlled before/during and after the elections ( also applicable for any scenario in which a government is trying to be in foul control ).

The reports show that the government controlled telecom provider -Data communication Company of Iran- (or DCI) couldn’t block the internet in general because that would be impossible without impacting business ( emails …etc ) and perhaps causing further social unrest.

So (DCI) choose a more balanced approach that utilizes application firewalls to selectively rate-limit selected Internet applications (either by payload inspection or ports) , mainly trying to limit video streaming and file sharing.

As you can see from this graph (Source Arbor Network report ) showing how the video traffic was high in demand right after the elections ” due to global interest” then traffic was suddenly blocked due to (DCI’s) application filtering policies

Video streaming in Iran

Apparently the new policy was to block (SSH , Streaming Video and File sharing ) all with a blocking rate of +80% , and rate-limit (Mail, HTTP and FTP ) all around 50% block rate. (See Blow)

Block Rates

Block Rates

You can see how the internet traffic in general was suffering exactly 1 day after the elections ( Graph below )

Iranian Internet Traffic

The Full reports can be found under :

Iranian Traffic Engineering
A Deeper Look at The Iranian Firewall

My Comments: State owned and controlled communication infrastructures and national internet gateways is the common setup in many countries so a similar scenario is always a valid threat, but I think that as more businesses and more economies come to rely on the internet its unlikely that we will see that happening again. or at least it will be a much tougher and costly decision exponentially with time.

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: