Transaction Based Settlements Encourage Waste (was Re: B
deepak at ai.net
Mon Aug 24 21:49:48 UTC 1998
> I think everyone agrees that the above statement is true in today's Internet
> model, where customers are charged flat rates for their connections. But if
> we change the peering model, why should we not change the model for
> charging customers? If we do that, then settlements can work, and the
> problem of metrics for how to charge should become much easier...
> Take the aggregate traffic from A --> B, and from B--> A, and whoever receives
> more bits pays the other provider. Say it is A that has to pay B, as B is a
> content provider and A is a big dial ISP. Now, if A charges $19.95/month flat
> rate to all of its dial users, A instantly loses. But if A charges its dial
> based on the bits received, or time connected, perhaps it becomes more even.
In a model where dial ISP A already pays some transit provider X for all
transit that isn't already carried by a peering relationship, it is
possible that settlement based peering will allow ISP A to peer with networks
that they wouldn't have been able to peer with earlier.
This may in fact reduce A's operating costs significantly over paying X
for shall-we-say "unoptimized" transit. Which in turn means A could (in
theory) reduces its costs to its customers and gain market share.
Obviously widely-peered transit provider X would be the big loser if A
could talk to
all of X's peers and pay them for the traffic they are transiting which
may represent the majority of the traffic that X was carrying. These new
peers may be glad to peer with A because A's settlements typically mean
more money in their pockets. In an environment where X's flows typically
balanced out payments X would make to peers, the loss of A and other
customers like A might mean that X is either a) saving settlement fees
(and losing revenue from customers A, etc) , or b) has to pay additional
fees because their flows don't even out the way they did before.
> Network A can't win in a settlement based peering relationship unless he passes
> the costs on to his customers, and at flat-rates, whether it is dial up or
> leased line,
> that is not happening. So, charge the content provider for outbound *and*
> traffic. This can and should be subsidized by advertisers, as the more 'hits'
> site generates, the more $$ you can charge. (Of course, this only works when
> advertisers are willing to pay to be on your site, but if they aren't
> willing, either
> your site has content that doesn't have mass appeal or the advertiser doesn't
> want to be associated with your content. For the former, you probably aren't
> getting enough hits to worry about usage based costs. For the latter, find
> advertiser or someone else to pay...) For the dialup user, charge him a lower
> monthly cost of, say $5, but charge him for the traffic to and from him.
> What's the
> cost? Whatever it takes to make money while remaining competitive!
> There are still problems with DOS based attacks, but those need to be resolved
> anyway. As for writing 'fraudulant apps' that generate asymmetric flows to
> try to
> 'even out' the peering relationship, it doesn't work anymore for creating flow
> to your own network. Your paying the other provider because they are sending
> you more traffic than you are sending them. For the opposite direction, if you
> can write an app that sends more traffic out to the other network, you'll need
> valid host to talk to. I'm sure the other provider won't have one of their own
> machines doing that, so you'll need a customer of the other network to receive
> that traffic. But now that they are charged for it, that won't happen. (I'm
> someone out there can think of ways around this, but I imagine there are
> solutions to them. If its fraudulent traffic, and you face serious fines and/or
> periods of time where you have to shut down your network, would you really
> take the chance?)
I don't think many systems bill customer fraud into their billing model.
Credit cards for example typically eat 1-3% in fraud, but its typically
predictable and their business model supports it. The cost is split
amongst all customers, almost never born solely by the customer that
experiences the fraud. I don't think the occassional SMURF attack from a
university or other customer should be considered the norm rather than a
very low percentage of the traffic a typical large network carries (say
over 100MBit/s of sustained traffic) at any moment of the day.
How hard would it be to have access/portal-type customers be required to
disable directed-broadcast on their router interfaces on their contract
renewals? How many people would object? It seems like there is a
collective disinterest in addressing the problems of SMURFing at the
source, when nowadays virtually every university or access provider is
paying someone for their connectivity. And whomever is collecting those
fees can have their downstreams add that to their configuration settings
easily (just like when the same upstream has to call the customer to tell
them a circuit is being reterminated, or a router interface is changing
-- in theory).
Even providers who make more money (in theory) from usage-based pricing
typically try to stamp out SMURFing at the source end because it doesn't
look good to be carrying a zillion SMURF packets per second.
With the exception of a few networks who aren't very excited about
helping track down SMURF originators, most everyone is willing to filter
and provide whatever information they trap today.
> Of course, the first ISP that starts to do usage-based charges may stand a good
> chance of losing many of their customers, so this would have to be Industry
> wide. And
> the peering charges would have to be the same (or at least on the same order of
> magnitude) between all ISPs, or peering imbalances will quickly be created.
> there will most likely have to be, at a minimum, an Independent Peering
> Council, or
> at worst, government regulation, to make this happen. :-(
More information about the NANOG