Deep packet inspection (DPI), a technique for identifying the contents of individual data packets running across IP networks, has wound up at a messy intersection of competing interests. Content providers love it, as it might enable ISPs to block pirated material flowing across their networks. ISPs have their own reasons for using DPI, as P2P traffic can account for over 90 percent of the bandwidth usage under some circumstances. But implementing DPI could be a necessary step for the creation of a non-neutral 'Net, which creates a number of issues.

Lost in all of the debate is the question of how well DPI works at the implementation level. If the hardware either severely restricts bandwidth or fails to recognize the traffic it's supposed to throttle, then all the arguing is a bit irrelevant. Recently, Internet Evolution and the French equivalent of the RIAA attempted to perform lab tests on DPI hardware from a variety of vendors, and their effort produced a clear conclusion: most hardware vendors don't want you to know how well their equipment works.

The groups identified 28 different hardware makers and sent invites to all of them, allowing them to send engineers to ensure that the tests were performed fairly. All but five declined, and those that agreed reserved the right to refuse publication of the test results. Three of those vendors ultimately exercised that right. In the end, that meant that the test results for a grand total of two pieces of hardware wound up being published. The brave companies were Arbor/Ellacoya and ipoque GmbH.

Obviously, the companies weren't all that brave—had the test results been bad, they probably wouldn't have appeared. It seems almost redundant to report that the hardware performed well. The Ellacoya E30 handled slightly higher bandwidth and added a smaller latency, while the ipoque PRX-5G seemed to do slightly better at recognizing P2P traffic and didn't bog down as much under load. Neither seemed susceptible to false positives. Although both were good with the most popular P2P protocols, they were to varying degrees blind to some of the more obscure ones, and fared worse when the traffic was obscured by encryption.

If these two vendors produce hardware that's representative, then DPI appears ready for primetime. Only P2P traffic was throttled, and the remaining traffic was only minimally delayed. The biggest concern identified by the tests were the blind spots to some protocols and encryption techniques. The nature of P2P traffic has the ability to turn on a dime with a single software update, so the vendors may find their abilities challenged by the changing landscape. All of these conclusions, however, are predicated on the "if" that started this paragraph, which is a very significant conditional. One could imagine that other tests results were suppressed by the vendors for lack of decent performance or overzealous filtering.