Deep packet inspection

Deep packet inspection

Adrian Sunderland
Griffin Internet’s CTO, Adrian Sunderland

This month Griffin Internet’s CTO, Adrian Sunderland, writes about the role that Deep Packet Inspection plays in controlling broadband bandwidth and improving the end-user experience.

Usually when I ask people what they know about Deep Packet Inspection (DPI) they have never heard of it and suspect it’s something that customs officers might get up to when somebody shifty arrives off the plane from Columbia. If they have heard of it they often associate DPI with ISPs spying on their customers and using the information gained to sell advertising.

I think Deep Packet Inspection is an absolutely essential component in delivering business broadband. I don’t believe it is possible to provide an affordable service to the business customer, which is profitable for the reseller, whilst providing a predictable end-user experience, without DPI.

Carrier-class Deep Packet Inspection is carried out on dedicated hardware ‘traffic manager’ devices that logically sit between the ISP’s network and the Internet. Dedicated hardware is used because ISP networks carry millions of packets per second, and the act of inspecting, classifying and managing each of those packets requires some serious processing power. You can do elementary traffic management on standard routers or even for free using Linux software, however these don’t classify traffic based on signatures, but try to decide what to do based on looking at the packet header. The problem is that there isn’t really enough information in the packet header to tell you everything you need to know.


Should you treat packets used to download a pirate movie by the junior IT guy the same as the packets used to access the CRM system by the Sales Director? They could both be using the HTTP port 80 and without DPI, the network couldn’t tell the difference. You need to look inside the packet to really know what is going on. With thousands of application signatures being constantly updated by the vendors, carrier-class DPI allows ISPs to make fine grain decisions about what applications should be given what priority and how much bandwidth should be allocated to them.

So, DPI helps provide predictable Quality of Service and if you’re selling VoIP services then this will keep your customers smiling. The other side of the same coin is also beneficial, because DPI can also help resellers save money. Once you get to a reasonable volume of broadband lines, the chances are you’re going to pay a low tail circuit price and then pay for the aggregate bandwidth that your customers use, either based on the peak Mbit/s or on the total Gigabytes transferred in a month. So, your profit is directly linked to the amount of bandwidth that your customers use.

The counter-intuitive aspect of the broadband business is that an average business broadband user consumes about 1/3rd the bandwidth compared to an average consumer broadband user. The reason for this is that a small number of consumers use technology called peer-to-peer (P2P) to share files. Whilst there are some legitimate uses of P2P, the vast majority of P2P traffic in the UK is used for exchanging pirate software, music or movies.

So, sounds like tough luck for the consumer ISPs, but why should we care in the business-tobusiness world? Well, those consumers install their P2P software on computers that they carry into work and plug into broadband lines that you’re selling. This puts their employer at risk of legal action and uses more bandwidth and makes your profit go down. The graph is from the Griffin DPI platform and shows the effect of P2P control being turned off at 18:00 on a reseller’s traffic. The effect is dramatic in this example because lots of P2P traffic was being held back and therefore the ‘back pressure’ caused a very high peak. However, back pressure aside, we typically see a bandwidth saving of 20-50% when we apply our business-focussed DPI profile to a reseller’s traffic.

Most resellers don’t realise that it is within their power to control traffic and make use of technology like DPI. So, if you are planning to add broadband to your portfolio, or if you already sell broadband and recognise that your bandwidth per customer is rising, seek out an ISP that has experience of applying carrier-class DPI in a business-to-business marketplace. If you get this right you can deliver the win-win of making sensible profits and having happy customers.