In fact, the three large carriers provide 98.5% of China’s total transnational bandwidth. We observe this across all the three large carriers, as well as one smaller carrier, CERNET(China Education and Research Network). Best, Pengxiong Zhu Department of Computer Science and Engineering University of California, Riverside On Mon, Mar 2, 2020 at 12:12 PM Ben Cannon <ben@6by7.net> wrote:
On Mar 2, 2020, at 11:38 AM, Pengxiong Zhu <pzhu011@ucr.edu> wrote:
Those are good insights. Our first guess is censorship too, and we discussed the possibilities of censorship side effects in Section 5.1 *Censorship*.
It’s the Government doing mandatory content filtering at the border.
Their hardware is either deliberately or accidentally poor-performing.
However, GFW operates as an on-path system [72], which only processes copies of existing packets without the ability to discard existing packets. Evidently, prior work has shown that GFW fails to inject RST packets during busy hours while the packets containing sensitive keywords are still delivered successfully [34]. However, we are unable to rule out the possibility that GFW has evolved to acquire the capability to discard packets.
Maybe... I dunno.... get rid of the Great Firewall of China?
We designed a small experiment to locate the hops with GFW presence, and then try to match them with the bottleneck hops. We found only in 34.45% of the cases, the GFW hops match the bottleneck hops.
My guess is that it’s all the DDoS traffic coming from China saturating
the links.
In fact, Great Canon (GC) [55] is such an in-path system. But it is known for intercepting a subset of traffic (based on protocol type) only. What’s more, GC has been activated only twice in history (the last one in 2015 [55]). However, it might be the case that the in-path capability is re-purposed to perform general traffic throttling. If that is the case, they have done a good job because the throttling resembles natural congestion from the loss rate and latency point of view.
I believe this is what’s happening, and I believe they are rate-limiting and causing actual congestion, as opposed to simulating it. The losses would be real, actual saturation, on simply rate-limited flows. Unclear if this is being done on a per-flow basis or per-source or what. You might be able to find out. I’m curious if you see this across all carriers or only the larger ones?
-Ben.
The asymmetric performance between downstream and upstream traffic can be explained by the natural imbalance of transnational traffic (where the upstream traffic from China to outside is not significant enough to throttle).
Best, Pengxiong Zhu Department of Computer Science and Engineering University of California, Riverside
On Mon, Mar 2, 2020 at 8:11 AM Compton, Rich A <Rich.Compton@charter.com> wrote:
My guess is that it’s all the DDoS traffic coming from China saturating the links.
*From: *NANOG Email List <nanog-bounces@nanog.org> on behalf of Pengxiong Zhu <pzhu011@ucr.edu> *Date: *Monday, March 2, 2020 at 8:58 AM *To: *NANOG list <nanog@nanog.org> *Cc: *Zhiyun Qian <zhiyunq@cs.ucr.edu> *Subject: *China’s Slow Transnational Network
Hi all,
We are a group of researchers at University of California, Riverside who have been working on measuring the transnational network performance (and have previously asked questions on the mailing list). Our work has now led to a publication in Sigmetrics 2020 and we are eager to share some
interesting findings.
We find China's transnational networks have extremely poor performance when accessing foreign sites, where the throughput is often persistently
low (e.g., for the majority of the daytime). Compared to other countries we measured including both developed and developing, China's transnational network performance is among the worst (comparable and even worse than some African countries).
Measuring from more than 400 pairs of mainland China and foreign nodes over more than 53 days, our result shows when data transferring from foreign nodes to China, 79% of measured connections has throughput lower than the 1Mbps, sometimes it is even much lower. The slow speed occurs only during certain times and forms a diurnal pattern that resembles congestion (irrespective of network protocol and content), please see the following figure. The diurnal pattern is fairly stable, 80% to 95% of the transnational connections have a less than 3 hours standard deviation of the slowdown hours each day over the entire duration. However, the speed rises up from 1Mbps to 4Mbps in about half an hour.
[image: blob:null/71cf5a6a-3841-41ce-a1d4-207b59182189]
We are able to confirm that high packet loss rates and delays are incurred in the foreign-to-China direction only. Moreover, the end-to-end loss rate could rise up to 40% during the slow period, with ~15% on average.
There are a few things noteworthy regarding the phenomenon. First of all, all traffic types are treated equally, HTTP(S), VPN, etc., which means it is discriminating or differentiating any specific kinds of traffic. Second, we found for 71% of connections, the bottleneck is located inside China (the second hop after entering China or further), which means that it is mostly unrelated to the transnational link itself (e.g., submarine cable). Yet we never observed any such domestic traffic slowdowns within China.
Assuming this is due to congestion, it is unclear why the infrastructures within China that handles transnational traffic is not even capable to handle the capacity of transnational links, e.g., submarine cable, which maybe the most expensive investment themselves.
Here is the link to our paper:
https://www.cs.ucr.edu/~zhiyunq/pub/sigmetrics20_slowdown.pdf
We appreciate any comments or feedback.
--
Best, Pengxiong Zhu Department of Computer Science and Engineering University of California, Riverside The contents of this e-mail message and any attachments are intended solely for the addressee(s) and may contain confidential and/or legally privileged information. If you are not the intended recipient of this message or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and any attachments. If you are not the intended recipient, you are notified that any use, dissemination, distribution, copying, or storage of this message or any attachment is strictly prohibited.