Talk:Deep packet inspection

From Wikipedia, the free encyclopedia
Jump to: navigation, search
WikiProject Internet (Rated C-class, Top-importance)
WikiProject icon This article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the internet on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
C-Class article C  This article has been rated as C-Class on the project's quality scale.
 Top  This article has been rated as Top-importance on the project's importance scale.
WikiProject Computing / Networking (Rated C-class, Low-importance)
WikiProject icon This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
C-Class article C  This article has been rated as C-Class on the project's quality scale.
 Low  This article has been rated as Low-importance on the project's importance scale.
Taskforce icon
This article is supported by Networking task force (marked as High-importance).

Comment from[edit]

DPI allows phone and cable companies to "readily know the packets of information you are receiving online--from e-mail, to websites, to sharing of music, video and software downloads"[1] - as would a network analysis tool. <---seems a bit too political and unencyclopedic...citations or not.

Why don't people learn to keep their paranoias out of encyclopedias and the public discourse in general. (— Preceding unsigned comment added by (talk) 04:41, December 18, 2006‎

Points not clear in this article[edit]

  • BACKGROUND section is completely out of the scope and this section which should introduce the theme is only restricting. neorider 12:00, 28th June 2012 (UTC)
  • Why do ISPs not generate revenue from delivering P2P traffic to their subscribers? How does this differ from non-P2P traffic?
  • Don't ISPs generate revenue from subscriptions by customers who want this service? Won't there be "customer churn" if the provider fails to supply good P2P service?
  • What does it mean when "P2P traffic goes off-net"?
  • Why is this a problem? For small vendors in particular?
  • What are the costs associated with P2P?
  • What does "has emerged from the enterprise world" mean? Was this technology already developed and used for other things? If so, what, and where did it come from? Or was it simply developed to deal with the P2P problem? In which case why not say that instead of mushing about the "enterprise world"?
  • Why do smaller DSL operators suffer most from P2P-generated off-net traffic?
  • What's the significance of DPI "alongside" IPTV?

I have no axe to grind; the article just seems slightly one-sided, and it assumes familiarity with issues whose significance the general reader won't understand.  Elphion 18:28, 29 September 2007 (UTC)

Lawful Inspection?

Is DPI going to be become a solution, or part of a solution - for Lawful Intercept?

Yes. CALEA lawful interception is done at Traffic access points. Some DPI products that are "CALEA-compliant" can be used as a TAP to collect a user's datastream. But generally a DPI is much too expensive for this function. TAPs are typically intercepting proxy servers. TAP vendors include Fluke Networks, Network Critical and NetOptics.Kgrr (talk) 17:05, 1 March 2008 (UTC)

Vendor presence in this article[edit]

Per WP:EL, WP frowns on external links in articles. Wikipedia is not a directory. Companies that are notable enough to be on this page should have WP articles. Be forewarned that your company's article may be deleted if you can't stake a claim for notability, and that claim is harder to defend if you write an article for your own company.

I've scrubbed the article down to notable companies and, per Network Access Control, reworded the vendor list to a "See also", which is the proper wikified way to list the section. "See also" links point exclusively to Wikipedia articles.

--- tqbf 00:36, 7 December 2007 (UTC)

Ellacoya on this page[edit]

I wouldn't AfD an article about Ellacoya --- start one here if you'd like. A long time ago, I worked at an Ellacoya competitor (I have no financial interest in this space whatsoever anymore).

However, until you do add that article, do not add links to Ellacoya to this article. Wikipedia is not a directory, and "See also" sections shouldn't have extlinks. See WP:EL.

--- tqbf 14:09, 7 December 2007 (UTC)

Kerio Winroute[edit]

I added WinRoute and Kerio Technologies as a vendor. WinRoute in fact does have DPI. Check their website. I believe it should be reinstated. Shootthedevgru (talk) 00:42, 10 December 2007 (UTC)

I agree that the title of this article is ambiguous, but nobody is ever going to deploy this product at a service provider. The same logic calls Tcpdump "DPI". The article is talking about high-speed deep packet inspection; the concept of forwarding packets based on application-layer details, something service providers cannot yet do effectively. --- tqbf 00:45, 10 December 2007 (UTC)
Although the article does mention DPI's purpose for ISPs and other large networks, it does not rule out the use of DPI in smaller settings. Smaller applications implementing DPI with a wide user base is still quite valid for the purpose of this article.
The first sentence says "viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information. It also called Content Inspection or Content Processing". WinRoute is capable of performing almost all of the above. If the intro did say something about high speed DPI in specialised hardware boxes, then I wouldn't have put the Winroute link in. Maybe there should be a new section talking about DPI in non-service provider scenarios. Shootthedevgru (talk) 01:01, 10 December 2007 (UTC)
I understand where you're coming from, and I don't blame you for bringing this up. But "Deep Packet Inspection" is an industry term that connotes "high speed". It is not computer science-interesting to perform DPI functions at low speeds or on Windows end-stations; a typical end-station doesn't generate enough traffic to make that a hard problem.
The irony here is that products like yours probably perform more "deep packet" inspection than DPI products; DPI products push the limit of what can be done at 10-100 gig speeds, and are limited to relatively superficial functions (like "detecting BitTorrent").
I buy that this article could be renamed, and definitely that the lede could be cleaned up. But it has no meaning if it covers host firewalls or software intrusion prevention products for small/medium enterprises. --- tqbf 01:07, 10 December 2007 (UTC)
By the way, thanks for taking the time to write here; less careful editors would just revert the changes. --- tqbf 01:08, 10 December 2007 (UTC)
No problem. I may consider starting a different article or modifying this one (or others) if no one else does. Shootthedevgru (talk) 01:31, 10 December 2007 (UTC)
Consider Network firewall? --- tqbf 01:33, 10 December 2007 (UTC)


This article was marked with an NPOV tag here. I will respect that. However, tagging an article with NPOV is insufficient and must be accompanied by an objection which must be resolved.

I found the article to be written from the Open Internet viewpoint. And both sides of the Network Neutrality argument are not represented here. Also, the article was written from a viewpoint that makes the service providers look like they have a need to spy on people. On the whole this is not true.Kgrr (talk) 14:21, 2 March 2008 (UTC)

I feel that the section on DPI at ISPs needs to be reviewed again. It seems to was edited too far in the other direction. While the information provided (About the motives behind some (which?) ISP's using DPI may be true, the tone is far from neutral, and this article is not balanced any longer because of the ISP-Favoring leaning of this section. I can clarify, if needed, however I feel the tone of this entire section needs to be changed. Ill look through the history and try to find a happy middle ground... Nigtv (talk) 02:49, 8 April 2010 (UTC)

External references[edit]

I removed the reference to because it appears to be spam to a pro-net neutrality blog. I will attempt to summarize the DPI/Net Neutrality argument and will use solid references instead.Kgrr (talk) 14:21, 2 March 2008 (UTC)

False statements without reference[edit]

I deleted the following false statement: " In the U.S., multiple system operators large cable operators were early adopters of the technology. This is because Cable Operators faced greater challenges than DSL providers in the last mile. For a Cable Operator, the last-mile bandwidth is shared among users, whereas in a DSL network a dedicated link is established for each subscriber. Smaller DSL operators were generally early adopters of DPI, as they suffered most from P2P-generated off-net traffic and peering costs.[citation needed]"

Both DSL and Cable providers have problems with bandwidth abuse. Cable operators offer a large shared bandwidth from the subscriber's cable modem to the cable router. The cable router in turn is connected to an aggregation router at the POP via a fiber link. On the other hand, DSL providers have a limited bandwidth from the subscriber's DSL modem to the DSLAM. The DSLAM in turn is connected to an aggregation router at the POP via a fiber link. In both cases P2P traffic from applications like Napster, Gnutella and most recently BitTorrent are a three-fold concerns for the ISP: CALEA, Bandwidth and having to deal with Copyright letters from the RIAA and the MPAA.Kgrr (talk) 22:18, 2 March 2008 (UTC)

Removed Refimprove[edit]

I removed the {{Refimprove|date=December 2007}} tag after adding 11 references and text.Kgrr (talk) 15:51, 4 March 2008 (UTC)

Removed weasel[edit]

I removed the {{weasel}} tag after copyediting the article.Kgrr (talk) 15:54, 4 March 2008 (UTC)


Isn't this a non-issue with end-to-end-encrytion, e.g. https? —Preceding unsigned comment added by (talk) 16:41, 6 April 2008 (UTC)

DPI can proxy HTTPS, SSH and DNS tunnels and insert themselves in the middle or block them altogether. It's not a non-issue.Kgrr (talk) 14:44, 27 November 2008 (UTC)
That's not quite true. DPI can do that, but the user is notified about it. It will get a new certificate or an incorrect one. —Preceding unsigned comment added by (talk) 20:04, 25 April 2009 (UTC)

See also[edit]

I removed the following link from the see also section:

The See also section is for internal links inside Wikipedia only. Wikipedia is not a collection of links, it's an encyclopedia. If it's important information, feel free to add it to the article and properly reference it. However, as such, is a blog site and not what would qualify as a credible source. The bylines don't have real names, there are no dates on the articles and furthermore, the site is not published. Please read WP:REF. Kgrr (talk) 15:02, 12 March 2008 (UTC)

Reversion of edits[edit]

I cleaned up a couple of drive-by edits. The edits substantially changed the meaning of the sentences. 1) Copyright filtering is a subset of copyright enforcement. DPI can be used in other ways to help enforce copyrights other than just filtering-out items that are copyrighted. 2) DPI can look into both headers and the data. Kgrr (talk) 14:38, 27 November 2008 (UTC)


"US ISPs monitoring their customers include Knology,[9]" - This statement is not backed up by the citation, which is a link to a Charter page (a wholly different ISP) that says "Charter Communications is not providing enhanced online advertising services at this time." —Preceding unsigned comment added by (talk) 05:20, 18 April 2010 (UTC)


There's a lot of bias in this article. There isn't a criticism section, and it just seems to promote it. (talk) 18:15, 23 June 2010 (UTC)


(Added to the article by, moved here by User:A. Parrot)

As i understand that ISP's are using "Deep Packet Inspection" (DPI) to intercept data communications but doesnt that breach our privacy rights?

As under the Privacy and Electronic Communications (EC Directive) Regulations (PECR) and the Regulation of Investigatory Powers Act (RIPA) as well as the European ePrivacy Directive, that interception and processing of communications requires either explicit informed consent from all parties or a warrant.

Hence ilegal. !

It should be noted that there is no exemption in the regulations for the purpose of detecting illicit copyright infringement – and indeed in such cases where interception is being used for law enforcement, a warrant is required.

The introductory sentence is missing a verb[edit] the act of.... A verb - such as "intercepting", "parsing", etc., must be added. —Preceding unsigned comment added by (talk) 12:37, 8 March 2011 (UTC)

Australia to use DPI[edit]

Recently, the AU government has announced plans to introduce DPI as a 'counter terrorism'

Poor citation[edit]

According to Walid Al-Saqaf, the developer of the internet censorship circumventor, Alkasir, in February 2012 Iran used deep packet inspection, bringing internet speeds in the entire country to a near standstill. This briefly eliminated access to tools such as Tor and Alkasir.[31]

This briefly mentions Deep packet inspection, but I don't really see a timeline or a reference to tor in it. Could somebody look at this? — Preceding unsigned comment added by (talk) 20:13, 10 December 2012 (UTC)

Here is a related comment left on the page at the end of Iran section (right after section quoted above.) Moved here mostly because it was breaking page layout. (talk) 09:04, 7 April 2013 (UTC)
The above information is not accurate. Currently there is just SPI in Iran, they block anonymity tools using IP filtering. 
Due to mass bandwidth usage in Iran, they can not permanently and efficiently use DPI.