跳转至

VOIP & CONTENT DISCRIMINATION

VoIP Call

This section investigates potential traffic differentiation policies (such as blocking or throttling) that may hamper Voice over IP (VoIP) communications for a roaming user in comparison to a home user. We focus on three popular VoIP applications: FaceTime [4], Facebook Messenger, and Whatsapp [6].

Experiment Design. We begin with checking whether the MNO allows successful audio/video VoIP calls by carrying out some manual experiments with smart phone running the original applications and making calls among roaming SIMs. This lets us verify possible filtering or blocking in place at the time of the test. If successful, we then check for traffic differentiation mechanisms that could affect the call quality.

The experiment makes three audio and video calls using each application running on a regular mobile phone connected using an instrumented WLAN access point (AP) in our lab. Packet traces were recorded using tcpdump resulting in 18 traces, each with duration between [60,80] s. We verify the call-setup phase, which used a complex mix of

TCP, STUN [25], and custom protocols to setup the end-toend communication. From each trace, we then extract the actual audio/video streams. In the next step, we create a Docker container with pre-loaded traces, which we replay using tcpreplay to properly edit them so that packets are directed toward dedicated receivers hosted in our premises.

All applications run SRTP [10] on top of UDP, enabling easy adjustment of the packet timing and updating of the source and destination IP addresses. The dedicated server in each country acts as a UDP receiver with a custom signalling TCP connection to log the status of the node (visited network, node identifier, metadata, experiment type, etc.) and the experiment associated with the receiver. In each test, the mobile node sequentially replays the pre-recorded traces with two receivers: a call to a destination in the home country, and a call to a destination in the visited country. For each call, we record pcap traces on both the client and server sides. We post-process these traces to check for traffic differentiation.

Results. We first verify that calls can be freely made from the tested network. We found that all operators allow users (even when roaming) to freely make VoIP calls using popular applications on their smart-phone. This confirms that no filtering was in place at the time of testing.

Next, we consider eventual traffic differentiation. We analyze well-known QoS metrics for real-time VoIP applications: packet loss, instantaneous bit rate, and Inter-Packet Gap (IPG), the time difference between two consecutive packets, to detect traffic differentiation. The results show that the packet loss ratio is less than 1% in all experiments. We conclude that no operators introduce artificial packet loss during our tests. MNOs could do so if desired to reduce the quality of calls for these applications and enforce traffic policing.

For each trace, we compare the bit rate we observe at the sender side and at the receiver side. Fig. 6a presents this as an ECDF for the three applications. Solid/dashed lines indicate the sender/receiver side when calling a receiver in the home or visited country (operator O2 DE). The applications use different audio/video codec combinations with different bit rate requirements. We observe no differences when using the tested network and the home network.

Fig. 6b shows a mobile user of the O2 DE operator making a Facetime call to our server in Germany while roaming. The periodic 60 ms long IPG is typical of low rate audio codecs the modern VoIP applications use. We observe some differences when comparing measurements at the sender (solid line) and the receiver (dashed lines – one for each visited country). Some gaps are compressed (a smaller IPG), while others become expanded (a larger IPG). We observe this in all experiments with all operators when the sender is in its home country. We ascribe this to the modulation of the IPG by 3G/4G access mechanisms. Given the IPG is bounded to less than 80 ms, we conclude that this would not hamper voice quality, and expect these variations to be absorbed by the receiver playout buffer [11].

All experiments give very similar results, pointing to no evidence of traffic manipulation. We summarize these findings using the well-known KS Test [7] and P-Value [28] to determine whether the ECDFs differ between the sender (our reference) and the receiver. If statistically similar, the KS would be close to 0 while P-Value would be close to 1. If significantly different, the KS would be greater than 0, and the P-Value close to 0. Fig. 6c shows the scatter plot of the (KS, P-Value) points. Our results confirm that the receiver throughput is statistically identical to the sender throughput in all experiments. The IPG statistics are affected by the 3G/4G access mechanisms that alter the distribution (albeit not impairing the VoIP quality).

Finally, while QoS in terms of IPG and throughput are good, the total end-to-end delay could be significantly higher when roaming because of the HR solution. The one-waydelay could thus grow excessively large when two roaming SIMs call each other, making the interactive voice conversation difficult. The same effect was faced in GSM networks, and fixed by anti-tromboning [9] solution (e.g., allowing local breakout for voice traffic).

Takeaway. We do not observe any traffic differentiation on any of the 16 MNOs we measure. However, the additional delay of HR could impair real-time applications. This is an old issue (typically referred to as tromboning) which has been solved in GSM networks, but persists for 3G/4G VoIP applications.

Content Discrimination

In this section, we evaluate the availability of content when roaming, in particular whether MNOs filter website content and apply geographical restrictions. There are many reasons operators could have content filtering, which include complying with government guidelines or following court orders, e.g, to restrict access to file-sharing websites in the UK [24], or the use of ’opt-out’ parental filters. We refer to any differences in the availability of websites and their content due to network interference as "content discrimination". When this difference is attributed to geographical location rather than the studied network, it is known as "content geo-restriction".

Experiment Design. The Open Observatory of Network Interference (OONI) [13] provides software tests for detecting censorship, surveillance and traffic manipulation in the Internet, using open source software. We ran two measurement campaigns using OONI’s tool ooniprobe to detect network interference in home and roaming scenarios, geared at both content discrimination and content geo-restriction. We use the experimental setup described in Section 2.

The ooniprobe web connectivity test [5] performs the following steps over both the network of interest (tested network, using both home and roaming SIMs) and the Tor network [19]: resolver identification, DNS lookup, TCP connect and HTTP GET requests. First, ooniprobe performs DNS queries to disclose the IP endpoint of the DNS resolver in the tested network, and records the response, alongside a control response returned by Google’s DNS resolver. Then, a TCP connection on port 80 (or port 443 for URLs that support TLS) is attempted using the list of IP endpoints identified in the DNS responses. HTTP GET requests are sent towards a list of URLs over both the tested network and over the Tor network and the responses are recorded. Differences in the results for the two tests are indicative of network interference. The results are made available to the public via the OONI API 5 . Our first set of tests considers 50 randomly selected websites from ooniprobe’s default global censorship list [12] contributed by users, seeking to identify content discrimination for roaming users. For the second set of measurements, we provide a list of 15 websites known to be available locally in the tested countries, but geo-restricted abroad. Beside network interference profile matching for the home and visited results, we additionally searched HTTP responses for known geo-restriction indicators and warnings. The high latency of the Tor network and data quota limitations limited us to test only a small number of websites.

Results. We create a network interference profile for each measurement, containing the names of blocked websites and the HTTP body responses. For each visited website, we compare the responses observed using the plain connectivity against the one obtained using the TOR network. If those are different, this is an indication of manipulation. We then consider the home country interference profile as the baseline profile against which we compare the roaming profiles for that MNO to check if additional filtering is in place when roaming. If the HTTP response was unavailable due to censorship, we record the blocking mechanism as reported by ooniprobe.

We tested a mixture of dynamic and static websites and saw no content discrimination, with a perfect match of 95% and above of the tests between the home and roaming case. That is, if any censorship or blocking is present, it is the same in home and roaming case (this is consistent with HR again). The detailed results (shown in Table 3) are consistent with HR for all MNOs. The only exception is the case for Vodafone UK, where 3 websites were blocked (by DNS) in the home country, but were instead available in Spain. We double checked this, and found them to be a measurement artefact where ooniprobe incorrectly reported the blocking method, but we could not reproduce it later. We note N/A in the table where the results could not be collected at the time of measurement.

The findings are similar for the geo-restricted content tests. Here we check if a geo-restricted content that is accessible from home could be accessed also when roaming. To detect this, we search the body of the websites for known content indicating geo-restriction. We found results consistent with HR: content available in a user’s home country remains available when roaming. Table 4 presents the profile match between the roaming profile and that of the visited network, for geo-restricted content. We did not observe substantial differences between the content policy of the two scenarios. We did also further (manual) investigation to verify video streaming application behaviour. We observed 10 cases where the website was accessible with no limitations, but then the actual video streaming was blocked with an alert to the user on the restriction.

It is worth noting that different countries may have different interference profiles. This can be due to, e.g., different court rules or legal guidelines. Given HR, a roaming user is always subject to his home country rules, even when visiting a foreign country where different laws are in place. This justifies the slightly lower figures in Table 4.

Takeaway. We found no evidence of content discrimination and geo-restriction for users in roaming scenarios, and the experience of browsing websites was the same in roaming and at home. However, there are clear differences between experience of a user of a network and a user visiting the same network, including the inability to retrieve geo-restricted content and the availability of different content.

TL; DR

关于VoIP通话 (VoIP Call)

  • 研究目的: 调查移动网络运营商(MNO)是否针对漫游用户的VoIP通话(如FaceTime, Facebook Messenger, WhatsApp)实施流量差异化策略(如阻塞或限速),并与归属地用户进行比较
  • 实验方法:
    • 通过智能手机进行手动实验,初步检验VoIP通话(音视频)的成功率,判断是否存在基础的过滤或阻塞
    • 若通话成功,则利用预先录制的真实通话音视频流(封装在Docker容器中),通过tcpreplay在受控环境中重放,模拟呼叫归属国和到访国的接收端
    • 在客户端和服务器端记录数据包轨迹,分析 关键QoS指标:丢包率、瞬时比特率、包间间隔(IPG)
    • 使用KS检验和P值等统计方法比较发送端与接收端数据的ECDF(经验累积分布函数),以判断是否存在差异
  • 主要发现:
    • 无通话阻塞/过滤: 所有测试的运营商均允许用户(包括漫游用户)自由使用流行的VoIP应用进行通话,未发现基础的过滤行为
    • 无明显流量操控:
      • 丢包率极低(<1%),未发现人为引入丢包
      • 发送端与接收端的比特率在不同网络条件下(归属网络、漫游网络)无显著差异
      • IPG(包间间隔)虽受3G/4G接入机制影响出现一些抖动(压缩或扩展),但仍在可接受范围(<80ms),预计不会影响通话质量(可被接收端播放缓冲区吸收)
      • 统计检验表明,接收端吞吐量与发送端在统计学上一致
    • 归属路由(HR)的延迟影响: 尽管未发现直接的流量差异化对待,但归属路由(HR)策略导致的端到端高延迟,仍可能对实时VoIP通话质量造成负面影响,尤其是在两个漫游SIM卡互通时(形成“长号效应”)
  • 核心结论: 在被测的16个MNO中,未观察到针对VoIP业务的明显流量差异化策略。然而,归属路由(HR)引入的额外延迟是VoIP等实时应用在3G/4G漫游场景下仍需面对的一个老问题(长号效应),该问题在GSM网络中已通过本地疏导等方式解决
VoIP

VoIP (Voice over Internet Protocol), “互联网协议通话技术”或“网络电话”

Def: 是一种允许用户通过互联网或其他基于IP(Internet Protocol)协议的分组交换网络来进行语音通话和多媒体会话的技术

How to Work?

  1. 它将模拟的语音信号转换成数字信号,并将其打包成数据包
  2. 通过IP网络传输,而不是通过传统的电路交换电话网络(PSTN - Public Switched Telephone Network
长号效应

长号效应 (Tromboning Effect)

Def: 数据在网络中传输时,没有走最优的、直接的路径,而是像长号的拉管一样,不必要地绕道到一个或多个中间点(通常是核心网络或归属网络),然后再被路由到最终目的地的现象

Scenario:

  1. HR in Mobile Computing
  2. VPN and Net Agent

影响:

  1. 增加延迟
  2. 网络资源浪费
  3. 网络吞吐量下降

关于内容歧视 (Content Discrimination)

  • 研究目的: 评估用户在漫游状态下访问网络内容的可用性,特别是MNO是否进行 网站内容过滤(内容歧视)应用地理位置限制(内容地理限制)
  • 实验方法:
    • 使用OONI(开放网络干扰观测站)的ooniprobe工具进行两轮测量
    • 通过ooniprobe的Web连接性测试,在目标网络(归属/漫游SIM卡)和Tor网络(作为参照)上进行DNS查询、TCP连接、HTTP GET请求,对比结果以检测网络干扰
    • 内容歧视测试: 针对OONI全球审查列表中的50个随机网站进行测试,比较漫游用户与归属用户的访问情况
    • 地理限制测试: 针对15个已知在测试国本地可用但在国外受地理限制的网站进行测试,并检查HTTP响应中是否有地理限制的提示信息
  • 主要发现:
    • 漫游与归属体验一致(无额外歧视):
      • 在内容访问方面(包括受审查网站),漫游用户的体验与其在归属网络时的体验高度一致(95%以上匹配),如果存在审查或封锁,则在漫游和归属情况下均存在。这与归属路由(HR)策略一致,即漫游用户仍受其归属国网络策略的管制
      • 一个Vodafone UK的例外情况被确认为测量误差
    • 地理限制内容访问(HR一致性):
      • 用户在归属国可以访问的受地理限制内容,在漫游时通常仍然可以访问,这也符合归属路由的特点
      • 但在某些情况下,如视频流服务,网站本身可访问,但实际视频流因地理限制而被阻止播放
    • 国家间策略差异: 不同国家有不同的网络内容管理政策。由于归属路由,漫游用户始终受其归属国法规的约束,而非其当前所在的到访国的法规
  • 核心结论: 研究未发现运营商针对漫游用户施加额外的内容歧视或地理限制(与其在归属网络相比)。用户在漫游时浏览网站的体验与其在归属地基本相同。然而,由于归属路由使用户遵循其本国网络策略,因此漫游用户能访问的内容可能与到访国本地用户能访问的内容存在差异