Peer-to-Peer Flow Analysis in an Institutional Regional Network

A.M. Guirado-Puerta, F. Burrull, M. Escudero, P. Manzanares, J.C. Sánchez, and F.M. Monzo-


Peer to peer, protocol identification and analysis, networkmanagement technologies.


Peer-to-peer (P2P) file-sharing applications are drastically changing future role of the Internet Service Providers (ISP) and institutional regional networks. This is due mainly because it consumes a lot of unexpected network bandwidth, breaking the balance between costs and benefits. In addition, as it is well-known, a non-negligible percentage of P2P traffic consists of illegal information such as copyrighted music or films. It is obvious that network administrators do not want to assume the responsibility to carry this type of data traffic. This paper proposes a methodology to identify traffic generated by eDonkey clients. It is applied to real traces captured in a real institutional network called CTnet (Red de Ciencia y Tecnologa, the Regional Science and Technology Network of Murcia, Spain). The results show that the eDonkey traffic is distributed in arbitrary ports. TCP port numbers used by eDonkey strongly depends on shaping or traffic limitations applied to default TCP ports (4661 and 4662). Furthermore, we demonstrate that traditional packet filtering is not able to smooth this traffic, since it generally identifies the application protocol by matching TCP or UDP port number and IP address. Therefore, any eDonkey control policy must use the application level to smooth or limit this traffic efficiently.

Important Links:

Go Back