How Is My GRE-Tunneled Packet Being Routed?

Deep Packet Inspection: How do mobile carriers detect VoIP streams inside an encrypted connection and are able to interpret (just) them?

T-Mobile Germany (D1-Netz) disallows the use of VoIP and Skype via the Terms of Service. But it obviously goes much further. With some sort of deep packet inspection T-Mobile monitors the connections and interrupts only the forbidden one even inside of an encrypted and/or tunneled connection. How is that even technically possible? Are there other service providers out there doing the same?
Answer:

They are not. Most DPI devices have application ready intelligence, i.e. They are able to classify the packets based on either their initial communication with a host and/or in the case they are not encrypted based on the contents of the packet themselves. Unencrypted VOIP packets can very easily be detected. Skype is detected based on the initial connection and communication between two peers based on that initial connection is then disturbed or blocked. Pure encrypted tunnels like VPNs carrying voice or Skype traffic cannot be detected by DPI devices.

Was this solution helpful to you?

Other answers

Many carriers use DPI for various purposes - not strictly for blocking. Tethering detection is a common use and the carrier may then measure that separately and charge a separate price for it. Which is fair as a smartphones can only drive a limited amount of data usage - tethering can drive much higher volumes. DPI capabilities vary quite a bit between the engines and DPI is probably the incorrect term for it. Done well it is a combination of techniques including DPI, fingerprinting application behavior and then applying it in the wild. As Faisal states, encryption is a good countermeasure - but using a variety of techniques it is not guaranteed.

Stephen Bryant

Its not about inspecting the payload but building a meta-data profile. You can analyse protocol streams and build a library of unique characteristics about different traffic types. You can use this meta-data to fingerprint what is being used and then block it using devices that analytic and processing power to handle that.

Greg Ferro

Related Q & A:

How to open a new ng-view inside ng-view?Best solution by Stack Overflow
how to change the position of item inside the listview dynamicly in android?Best solution by Stack Overflow
How can we get SBJSON connectionDidFinishLoading method inside array data in another class?Best solution by stackoverflow.com
How do I get spots that are inside my camera lens out?Best solution by Yahoo! Answers
How much is it to install an inside/outside home audio system?Best solution by homeadvisor.com

Just Added Q & A:

How many active mobile subscribers are there in China?Best solution by Quora
How to find the right vacation?Best solution by bookit.com
How To Make Your Own Primer?Best solution by thekrazycouponlady.com
How do you get the domain & range?Best solution by ChaCha
How do you open pop up blockers?Best solution by Yahoo! Answers

For every problem there is a solution! Proved by Solucija.

Got an issue and looking for advice?
Ask Solucija to search every corner of the Web for help.
Get workable solutions and helpful tips in a moment.

Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.