FC: Panama requires ISPs to block Internet telephony

[Declan McCullagh <declan () well com>]

[Forwarded with grateful acknowledgement from Dave Farber's IP list. --Declan]

---

From: "Robert J. Berger" <rberger () ibd com>
Date: Mon, 04 Nov 2002 13:21:39 -0800
To: Dewayne Hendricks <dewayne () warpspeed com>, Dave Farber IP
<dave () farber net>
Subject: Panama begins blocking IP ports to prevent VoIP

http://www.linuxandmain.com/modules.php?name=News&file=article&sid=277

 Panama begins blocking IP ports (updated)
Date: Sunday, November 03 @ 21:36:03 EST
Topic: News

In an apparent attempt to stem telephone company revenue losses due to
Internet telephony, the government of Panama has decreed that 24 UDP ports
be blocked by all Internet service providers.

The ports include ones that are commonly used for voice over IP as well as
some that are used for other purposes, apparently with the idea that these,
too, could be used to circumvent the POTS (plain old telephone system, a
term of art) in making telephone calls.

In the decree
(http://www.ersp.gob.pa/busqueda/show_resol.asp?id=JD-3576&idsector=1),
the Panamanian government requires "that within 5 days of publication, all
ISPs will block the 24 UDP ports used for VoIP and any other that could be
used in the future (which could end up being all UDP ports)," according to a
reporter and computer consultant there, and that "the ISPs will block in
their firewall or main router and in all their Border routers that connect
with other autonomous systems."

This "unequivocally decrees that all routers, including those not carrying
traffic from Panama, but that might be traversing Panama, have the 24 UDP
ports blocked."

The significance of the government action affects areas far beyond that
nation. Due to its geographical location, numerous undersea cables connect
in the country, making it a substantial hub for international IP traffic.

Among the services that are to be disrupted are NetMeeting, Dialpad, and
Net2phone, which labels itself "communication without borders," a claim
which apparently will no longer be true if one of those borders is
Panamanian or communication is between two countries whose IP traffic passes
through Panama.

The decree is apparently rooted in complaints by Cable & Wireless Panama
(Motto: "If you're worried about your data, voice, or Internet service
provider, we're here to help"), which says it is losing money due to users
employing the Internet to make otherwise expensive internetional telephone
calls -- calls that would otherwise be listed on Cable & Wireless bills.

The UDP ports involved include: 1034, 1035, 2090, 2091, 5000, 6801, 6802,
6803, 9900, 9901, 12080, 12120, 12122, 22555, 26133, 30582, 35061, 38000,
38100, 38200, 47563, 48310, 51200, and 51201.

The decree was published October 25.

Among the services that employ some of those ports are "nlockmgr," the NFS
lock manager responsible for rpc.statd and rpc.lockd, which in turn are
responsible for crash recovery functions for locked files and for processing
file locking requests, respectively; telnet; and numerous VoIP services.

In addition to those who wish to save on their phone bills, the government
order blocks the perfectly lawful use of those ports by businesses that have
legitimate VoIP applications allowed in the country.

There were reports late Sunday that Panamanian ISPs were planning a
demonstration aimed at exhibiting their displeasure with the government
action.

Update: A call has been issued for proxies that can be used for VoIP,
preferably more important, less-easily blocked ports. Anyone with knowledge
of this may contact us here and we'll see that your message gets through.




--
US Citizens:  Vote for Regime Change in the United States on Tuesday Nov 5

Robert J. Berger - Internet Bandwidth Development, LLC.
15550 Wildcat Ridge Saratoga, CA 95070
408-882-4755 Fax: 408-490-2868 rberger () ibd com http://www.ibd.com

---

From: "David P. Reed" <dpreed () reed com>
Date: Mon, 04 Nov 2002 17:45:51 -0500

Subject: Re: <[IP]> Panama begins blocking IP ports to prevent VoIP

The Panama "UDP Port block" is interesting from a technical point of view.

Routers are not supposed to inspect anything outside the IP header in
making their routing decisions.   That's what the Internet standard says.

If some device looks at the UDP data (which technically means the first few
bytes of the data in an IP datagram that has a particular protocol number),
it is not a router.   It is something that is sometimes called a
"middlebox".

What Panama is doing is asking for the Internet to be redesigned and
rearchitected in order to inflict a policy that relates to
competition.  The result is not the Internet.

It is important for the IAB and IETF to point out to the government of
Panama that the service they are asking to be deployed is NOT the
Internet.   It violates the Internet standards, by incorporating an
end-to-end protocol into the routers between adminstrative domains.

This is not trivial.  The Internet architecture is designed so that the IP
transport layer does not need to know, and cannot know, the meaning of the
bits contained in the data portion of the datagrams.





-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
Declan McCullagh's photographs are at http://www.mccullagh.org/
-------------------------------------------------------------------------
Like Politech? Make a donation here: http://www.politechbot.com/donate/
Recent CNET News.com articles: http://news.search.com/search?q=declan
-------------------------------------------------------------------------