China’s Slow Transnational Network

Hi all,

We are a group of researchers at University of California, Riverside who have been working on measuring the transnational network performance (and have previously asked questions on the mailing list). Our work has now led to a publication in Sigmetrics 2020 and we are eager to share some
interesting findings.

We find China’s transnational networks have extremely poor performance when accessing foreign sites, where the throughput is often persistently
low (e.g., for the majority of the daytime). Compared to other countries we measured including both developed and developing, China’s transnational network performance is among the worst (comparable and even worse than some African countries).

Measuring from more than 400 pairs of mainland China and foreign nodes over more than 53 days, our result shows when data transferring from foreign nodes to China, 79% of measured connections has throughput lower than the 1Mbps, sometimes it is even much lower. The slow speed occurs only during certain times and forms a diurnal pattern that resembles congestion (irrespective of network protocol and content), please see the following figure. The diurnal pattern is fairly stable, 80% to 95% of the transnational connections have a less than 3 hours standard deviation of the slowdown hours each day over the entire duration. However, the speed rises up from 1Mbps to 4Mbps in about half an hour.

We are able to confirm that high packet loss rates and delays are incurred in the foreign-to-China direction only. Moreover, the end-to-end loss rate could rise up to 40% during the slow period, with ~15% on average.

There are a few things noteworthy regarding the phenomenon. First of all, all traffic types are treated equally, HTTP(S), VPN, etc., which means it is discriminating or differentiating any specific kinds of traffic. Second, we found for 71% of connections, the bottleneck is located inside China (the second hop after entering China or further), which means that it is mostly unrelated to the transnational link itself (e.g., submarine cable). Yet we never observed any such domestic traffic slowdowns within China.
Assuming this is due to congestion, it is unclear why the infrastructures within China that handles transnational traffic is not even capable to handle the capacity of transnational links, e.g., submarine cable, which maybe the most expensive investment themselves.

Here is the link to our paper:
https://www.cs.ucr.edu/~zhiyunq/pub/sigmetrics20_slowdown.pdf

We appreciate any comments or feedback.

Maybe… I dunno… get rid of the Great Firewall of China? https://en.wikipedia.org/wiki/Great_Firewall

My guess is that it’s all the DDoS traffic coming from China saturating the links.

It’s the Government doing mandatory content filtering at the border. Their hardware is either deliberately or accidentally poor-performing.

I believe providing limited and throttled external connectivity may be deliberate; think of how that curtails for one thing; streaming video?

-Ben.

It also gives local competitors a leg up by helping domestic apps perform better simply by being hosted domestically (or making foreign players host inside China).

This sentence is missing a 'not'. However, I can't tell if it's "not treated equally"
or "not discriminating"....

Yes, the sentence is missing a ‘not’. Sorry about that. It’s not discriminating or differentiating any specific kinds of traffic.

Those are good insights. Our first guess is censorship too, and we discussed the possibilities of censorship side effects in Section 5.1 Censorship.

My guess is that it’s all the DDoS traffic coming from China saturating the links.

Maybe… I dunno… get rid of the Great Firewall of China?

What do you mean? Do you mean the slow traffic is to bypass the GFW or the slow traffic is caused by GFW?

Yes, we agree. The poor transnational Internet performance effectively puts any foreign business that does not have a physical presence (i.e., servers) in China at a disadvantage.

The challenge is to find out direct evidence to prove mandatory content filtering at the border, if the government is actually doing it.

Best,
Pengxiong Zhu
Department of Computer Science and Engineering
University of California, Riverside

You’ve pretty much determined there is nothing we can do on this side of the Chinese mainland to improve throughput - the bottlenecks are all inside China.

As you noted, ~35% of the bottlenecks were GFW related. I wonder how many retransmissions that results in, slowing everything down that much further? Until the mainland Chinese Government allows the free passage of information, there will be bottlenecks. And bottlenecks have a habit of affecting traffic flows outside of their own area.

I doubt that any one thing is the source of the entire problem. But add them all together…

Poor network performance between the Chinese networks and the rest of the world is not a bug ; it’s an intentional feature. The government of China has constructed these multiple systems to both control what information is or is not received by their citizens, but also to ensure that domestic internet companies and services face little to no competition from the outside world.

As we’ve unfortunately seen domestically as well, it’s a lot easier to convince people to use YOUR service if performance to the other services kinda sucks. This is the exact same thing, just at a national scale.

In fact, the three large carriers provide 98.5% of China’s total transnational bandwidth. We observe this across all the three large carriers, as well as one smaller carrier, CERNET(China Education and Research Network).

find out direct evidence of mandatory content filtering at the border

You seem to be implying that you don't believe/can't see the GFW, which
seems surprising. I've personally had issues with traffic crossing it
getting RST'd (luckily I was fortunate enough to cross through a GFW
instance which was easy to avoid with a simple iptables DROP), but its
also one of the most well-studied bits of opaque internet censorship
gear in the world. I'm not sure how you could possibly miss it.

Matt

Did you compare CERNET with commodity networks? (My anecdotal observations from a couple years ago suggest that Internet2 to CERNET is very good when other paths are poor to unusable.)

–David Burns

You seem to be implying that you don’t believe/can’t see the GFW

Yes, CERNET has indeed smaller slowdown period(4 hours) than commodity networks(12 hours), but still has slowdown.

DDoS traffic is coming from China to the outside world, which should saturate the upstream link of China, however, what we observed is that the upstream link has high and stable performance, while the downstream link of China, which is traffic coming from the outside world to China, is suffering from slow speed.

Most of the performance hit is because of commercial actions, not censorship.

When there is a tri-opoly, with no opportunity of competition, its easily possible to set prices which are very different than market conditions. This is what is happening here.

Prices are set artificially high, so their interconnection partners wont purchase enough capacity. additionally, the three don’t purchase enough to cover demand for their own network. Results in congestion.

Most countries in Africa do not implement great big firewalls. Our
problems are quite different :-\...

Mark.

We've seen somewhat similar behaviour from these networks when peering
outside of China, perhaps, to influence the flow of money and traffic.

We have zero patience for such things.

Mark.