[Forwarded with grateful acknowledgement from Dave Farber's IP list. --Declan] --- From: "Robert J. Berger" <rbergerat_private> Date: Mon, 04 Nov 2002 13:21:39 -0800 To: Dewayne Hendricks <dewayneat_private>, Dave Farber IP <daveat_private> Subject: Panama begins blocking IP ports to prevent VoIP http://www.linuxandmain.com/modules.php?name=News&file=article&sid=277 Panama begins blocking IP ports (updated) Date: Sunday, November 03 @ 21:36:03 EST Topic: News In an apparent attempt to stem telephone company revenue losses due to Internet telephony, the government of Panama has decreed that 24 UDP ports be blocked by all Internet service providers. The ports include ones that are commonly used for voice over IP as well as some that are used for other purposes, apparently with the idea that these, too, could be used to circumvent the POTS (plain old telephone system, a term of art) in making telephone calls. In the decree (http://www.ersp.gob.pa/busqueda/show_resol.asp?id=JD-3576&idsector=1), the Panamanian government requires "that within 5 days of publication, all ISPs will block the 24 UDP ports used for VoIP and any other that could be used in the future (which could end up being all UDP ports)," according to a reporter and computer consultant there, and that "the ISPs will block in their firewall or main router and in all their Border routers that connect with other autonomous systems." This "unequivocally decrees that all routers, including those not carrying traffic from Panama, but that might be traversing Panama, have the 24 UDP ports blocked." The significance of the government action affects areas far beyond that nation. Due to its geographical location, numerous undersea cables connect in the country, making it a substantial hub for international IP traffic. Among the services that are to be disrupted are NetMeeting, Dialpad, and Net2phone, which labels itself "communication without borders," a claim which apparently will no longer be true if one of those borders is Panamanian or communication is between two countries whose IP traffic passes through Panama. The decree is apparently rooted in complaints by Cable & Wireless Panama (Motto: "If you're worried about your data, voice, or Internet service provider, we're here to help"), which says it is losing money due to users employing the Internet to make otherwise expensive internetional telephone calls -- calls that would otherwise be listed on Cable & Wireless bills. The UDP ports involved include: 1034, 1035, 2090, 2091, 5000, 6801, 6802, 6803, 9900, 9901, 12080, 12120, 12122, 22555, 26133, 30582, 35061, 38000, 38100, 38200, 47563, 48310, 51200, and 51201. The decree was published October 25. Among the services that employ some of those ports are "nlockmgr," the NFS lock manager responsible for rpc.statd and rpc.lockd, which in turn are responsible for crash recovery functions for locked files and for processing file locking requests, respectively; telnet; and numerous VoIP services. In addition to those who wish to save on their phone bills, the government order blocks the perfectly lawful use of those ports by businesses that have legitimate VoIP applications allowed in the country. There were reports late Sunday that Panamanian ISPs were planning a demonstration aimed at exhibiting their displeasure with the government action. Update: A call has been issued for proxies that can be used for VoIP, preferably more important, less-easily blocked ports. Anyone with knowledge of this may contact us here and we'll see that your message gets through. -- US Citizens: Vote for Regime Change in the United States on Tuesday Nov 5 Robert J. Berger - Internet Bandwidth Development, LLC. 15550 Wildcat Ridge Saratoga, CA 95070 408-882-4755 Fax: 408-490-2868 rbergerat_private http://www.ibd.com --- From: "David P. Reed" <dpreedat_private> Date: Mon, 04 Nov 2002 17:45:51 -0500 Subject: Re: <[IP]> Panama begins blocking IP ports to prevent VoIP The Panama "UDP Port block" is interesting from a technical point of view. Routers are not supposed to inspect anything outside the IP header in making their routing decisions. That's what the Internet standard says. If some device looks at the UDP data (which technically means the first few bytes of the data in an IP datagram that has a particular protocol number), it is not a router. It is something that is sometimes called a "middlebox". What Panama is doing is asking for the Internet to be redesigned and rearchitected in order to inflict a policy that relates to competition. The result is not the Internet. It is important for the IAB and IETF to point out to the government of Panama that the service they are asking to be deployed is NOT the Internet. It violates the Internet standards, by incorporating an end-to-end protocol into the routers between adminstrative domains. This is not trivial. The Internet architecture is designed so that the IP transport layer does not need to know, and cannot know, the meaning of the bits contained in the data portion of the datagrams. ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ Declan McCullagh's photographs are at http://www.mccullagh.org/ ------------------------------------------------------------------------- Like Politech? Make a donation here: http://www.politechbot.com/donate/ Recent CNET News.com articles: http://news.search.com/search?q=declan -------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Mon Nov 04 2002 - 22:52:54 PST