What Can We Do About Net Neutrality?

VPNs, Peer-to-Peer, and Community Networks Only Go So Far

Approximately three weeks ago, the FCC voted to rescind the 2015 Open Internet Order with an order called Restoring Internet Freedom [you can read my take, if you want]. Many people see this as a direct attack on net neutrality. It rolls back protections which prevent companies from throttling traffic from edge services like Netflix and charging those companies additional charges to restore the previous level of service to them. This has sent many people searching for way to protect their internet access.

People are now looking at:

• VPNs
• TOR, I2P, Hyperborea (based on cjdns), or other overlay networks
• P2P hosting, like Holo
• Community Mesh Networks

All of these are actually great options for very specific use cases, but ensuring net neutrality is not one of them. All have weaknesses when it comes to maintaining a strong form of net neutrality. The biggest problem is ignoring the shape of the networks and how they interact with the internet. The only way around this is to build our own community owned ISPs. Every other attempt at net neutrality cannot bypass the control now given to Broadband Internet Providers to limit and shape traffic traveling through their networks between our computers and the internet proper.

Only by replacing ISPs with our own providers built to be more open from the ground up, can we bypass their newfound ability to control what travels over their networks.

How They Fail

Let’s take a look at a VPN scenario. A VPN is wonderful for hiding network traffic as it traverses from a computer to the VPN server. This means requests for web content and responses from web servers, including video streaming from Netflix or Youtube, can’t be inspected anywhere from the computer making those requests through to the VPN edge service; but it is fair game after it gets to the VPNs network. The VPN edge service will use its own IP transport provider to finish making the requests so it looks like the requests are coming from the VPN server, but this part is open for inspection unless it’s using HTTPS or some other secured protocol — but even then the IP transport provider sees the connection being made to a specific server. If the VPN edge service uses CenturyLink (previously Level 3) to reach out to Netflix, CenturyLink can charge them extra for transporting so much video traffic. Additionally, the originating computer’s IP transport provider (typically and ISP) can now charge the VPN edge service a transport surcharge for so much bandwidth usage. All these fees will be passed on to the edge provider’s customers which means the cost of VPNs, Netflix, and Youtube will go up. This means more ad revenue is needed to support freemium business models and it means a worse experience for more people. Please don’t use a VPN to watch videos.

1. Mobile phone creates a request. 2. House router/cable modem combo creates a request to the ACME ISP network. 3. Request goes from the ISP to the actual internet (may traverse several other networks before the internet). 4. Request arrives at the VPN Edge service. The VPN edge service makes the request like it came from the VPN’s network. 5. The video provider receives the request from the VPN and sends a request back to the VPN. 6. (not pictured) The VPN sends a response of the connection opened by the mobile phone. No one on the return path of the network is any wiser about the mobile phone actually talking to “Interflix”.

In the case of an overlay network, one might think that everything would all work out and one’s traffic would be fully anonymized. That’s not the case. That only works for short lived requests, where it can route each request and response over different paths on the network. When the request is for video, the response is a stream which has to be routed over a steady route or it might experience a lot of hiccups. If the overlay network has some ordering guarantee because one of the nodes is willing to do a ton of work to break up the stream and send it over multiple paths, then the stream might be able to be buffered and replayed locally without too many problems. An ISP could easily cut off certain kinds of traffic which could put an end to an overlay network. If the goal of using the overlay network was to maintain anonymity, streaming video without built-in multicast support from the overlay network is a perfect way of giving away one’s location and, possibly, identity. If the goal was to maximize the number of routes the video took to get to one’s computer in an attempt to minimize bandwidth going through each node, this might work if one exit node is willing to do a lot of work in routing the data coming from the streaming service. On the other hand, it might also just drive up bandwidth usage across several nodes and IP transport providers. This could still have the effect of raising IP traffic settlement costs to those nodes.

1. A mobile phone creates a request on the overlay network. 2. (let’s just assume the routers are running the overlay software) The node of the overlay network routes the traffic to another node within the same ISP (not necessarily always the path). 3. The second node routes the request to another node on another ISP through the internet. 4. Route the requests to as many nodes and combination of nodes to obfuscate the source and destination of the traffic. 5. The request is routed to the video service over the internet, and the response is routed back through a random path. The only caveat, is the route has to stay the same over the duration of the streaming.

P2P hosting is one way of bringing the control of the internet back into the hands of the people. Unfortunately, it is plagued by a paradox of giving people control and the ability to create their own content to share far and wide, while at the same time suffering from lack of adoption because people just want to use Facebook, Twitter, Youtube, Netflix, Hulu, and Spotify — none of which would be willing to switch to a P2P architecture. If we all collectively decided that P2P was the way to go, we could make our own distributed Facebook-like service. We could make our own TV shows and let people download the shows and watch them, but with internet access as it is in the US, we couldn’t stream the video from our computers at scale — unless we seed content like Napster and Bittorrent. Our upstream speeds are too slow for streaming at scale without central servers which can handle multicasting.

1. A mobile device makes a request to an app from a peer on the same ISP in the same city. 2. A mobile device makes a request to an app from a peer, but has to traverse the internet backbone across two ISPs. 3. A user gets tired of waiting for video to stream over a peer’s low bandwidth connection and starts entertaining themselves with our beloved centralized internet video streaming service in a totally non-P2P fashion. Tsk, tsk.

P2P hosting is another avenue where ISPs can shape traffic and make it impossible to access content on one’s personal server from anywhere outside one’s home network. As long as the goal of having a P2P server is to allow the greater world to access one’s content, doing away with net neutrality does away with being able to reliably serve content from one’s home — depending on what one’s ISP thinks “reasonable network management practices” are — unless one is willing to pay for incoming connections. The people behind Holo think it’s highly unlikely, but they agree that ultimately this would need to fund a mesh network.

Community Wireless Mesh is one way of providing more internet access to more people. Typically these networks are set up with a bunch of wireless routers all in close proximity of each other. Nodes with an internet connection are called exit nodes, as all requests to the internet exit the mesh network at those nodes. If networks are constructed like this, the access to the internet is still dependent on one or more ISPs.

All the wireless routers close to each other can route to each other. 1. A mobile phone connects to the video service through two wireless mesh hops and an exit node connected to an ISP. 2. A mobile phone connects to a network running completely in the mesh network — P2P style. 3. A mobile phone connects to the video service over three mesh network hops using a different exit node than in (1).

The Way Forward

Projects like the People’s Open Network based out of Oakland, CA is talking about buying bandwidth from Hurricane Electric. If they do this, they can effectively bypass ISPs and have direct connectivity with the larger internet. They will still have a problem to solve of effectively distributing high bandwidth internet. They will have to start doing what Detroit’s Equitable Internet Initiative has done. They have bought dark fiber with gigabit bandwidth and are using it to provide high speed internet access to people via high speed wireless networks which span the city and branch out.

Same network as above, but two of the ISPs have been replaced by community owned network operations centers (NOCs) with high speed wireless back hauls from the mesh network. Now the community NOCs will hopefully never change an interconnect for the high speed applications on the internet unless absolutely necessary.

Optimally, a community will be able to develop to the point where it owns all of it’s infrastructure. Hopefully, it will have fiber to all the houses, but in some cases the existing cable and telephone infrastructure will be bought by the community and taken over by the NOC. If any ISP business want to be started locally, the can use the cities NOC and provide additional services on top. An example of this would be the Ashland Fiber Network in Ashland, OR. They own all the cable and fiber network. Charter communications and several other ISPs provide additional services and customer service beyond what the NOC provides. Tech savy people can just deal with the NOC directly and pay the city for internet access.

Communities need their people to organize into their own ISP cooperatives. Geeks Without Bounds is starting to raise funds to help communities do exactly this and there may be other organizations following in suite. Only by replacing ISPs with our own providers built to be more open from the ground up, can we bypass their newfound ability to control what travels over their networks. If enough communities build their own high speed wireless networks, we can connect each network together across the country and truly build a more spacious, open internet for all.