Ellacoya
I new my simple explaination would be mis-interpreted... oh well let's try and fill in the whole I appear to have fallen into 
....
As I said it is a complex process.....
The packet inspection does not mean ALL the data in every packet is looked at and remembered/stored for future reference, it is just certain parts of the packet primarily header info that is looked at so your analogy of reading peoples mail is not the same thing.
PlusNet use what are called signature files, which is information that can be used to determine the type of data passing through the Ellacoya. This could be things like IP address, port number(s), protocols (HTTP, HTTPS, FTP, NNTP etc), certain key features of games packets etc. In many cases it is the packets used to initialise a TCP connection that are checked, and once the type of connection is determined, subsequent packets are just passed through unchecked if allowed by the various traffic allowances / product definitions. UDP packets by their nature would have to be checked more often as no actual connection is set-up.
When a new game is created, a signature file has to be created for it so it can be identified as a game packet and given the highest priority over PNs network.
No info about the contents of the packets is remembered. Once a packet or stream has been determined the info in the packet is forgotten.
Does that help?
....As I said it is a complex process.....
The packet inspection does not mean ALL the data in every packet is looked at and remembered/stored for future reference, it is just certain parts of the packet primarily header info that is looked at so your analogy of reading peoples mail is not the same thing.
PlusNet use what are called signature files, which is information that can be used to determine the type of data passing through the Ellacoya. This could be things like IP address, port number(s), protocols (HTTP, HTTPS, FTP, NNTP etc), certain key features of games packets etc. In many cases it is the packets used to initialise a TCP connection that are checked, and once the type of connection is determined, subsequent packets are just passed through unchecked if allowed by the various traffic allowances / product definitions. UDP packets by their nature would have to be checked more often as no actual connection is set-up.
When a new game is created, a signature file has to be created for it so it can be identified as a game packet and given the highest priority over PNs network.
No info about the contents of the packets is remembered. Once a packet or stream has been determined the info in the packet is forgotten.
Does that help?
AIUI Ellacoya's are basically just Layer3 or Layer4 switches (Depending on model deployed) on a large scale: Huge throughput, and advanced QoS tools/utilities. (Although they also have L1-7 awareness)
Looking at the image below you can see the layers of the OSI model.
Your data starts at the top layer (typically) and works through the subsequent layers to the bottom, at which point the signal is an electrical one which can be passed down the wire.
To take different forms of hardware as examples of the highest layer they can operate;
A network hub would operate at layer1 - it receives the signal, and repeats it to all ports. The destination port has to ignore the packets not addressed to it, and process the packets either addressed to it, or which it can forward on to the packet destination.
A typical network switch (think about the switch built into modern internet modem/routers) will operate at layer1 and layer2 - it can see where the packet should go, and can send it to the appropriate port. It can't tell anything else about the packet, so all packets are treated equally.
A switch used in larger corporate networks may be a layer3 switch - this can see what type of data the packet contains (is it a http request? Is it a VoIP packet? etc) This type of switch can be programmed to give priority to different types of packet: http: requests would likely be lower than database calls or VoIP packets for example.
Not all corporate networks use L3 Switching, but its becoming increasing common as costs decrease and demand for bandwidth increases - use of interactive media such as VoIP or video conferencing also increases the need for advanced switching and traffic prioritisation)
A Layer 4 Switch has extra abilities, as it can do stuff with the next layer up too - for example if an onward packet is lost, it can retransmit it rather than having to pass the retransmit request back down the line to the originating host. (The amount of packet caching depends upon the deployment and hardware.)
The top end Ellacoyas claim to be 1-7 aware, although they only appear to be deployable at layers 1-4, so quite what they do with the other layers, if anything, is a bit of a mystery - perhaps this ability is what is leveraged to perform inspection of packets with spoofed headers to provide true DPI (Deep Packet Inspection)? (DPI is similar again to the process used by the SPI [Stateful Packet Inspection] that goes on in most modern internet router firewalls, except that SPI works at fewer levels of the OSI model to try to make sure that the packet is what it claims to be)
Anyway, regardless of the actual deployment, you can be fairly certain that the operation of the Ellacoyas is purely transitive - they handle so much throughput it would be difficult, and *very* expensive to do much more with the traffic as it passes through - the lack of latency on packets is very important, so everything has to happen as quickly as possible - you might also notice an absence of a pricelist for the kit - I think the adage "If you have to ask, you can't afford it" applies here.
[iurl=http://www.tutorial5.com/content/view/26/79/]
[/iurl]
For another viewpoint on DPI, take a look at this article too:
http://arstechnica.com/articles/culture/Deep-packet-inspection-meets-net-neutrality.ars/2
Hopefully my assumptions aren't too misleading - but do remember they are based on very little knowledge, and a lot of guesswork.
If anybody can/needs to correct me - please do so - I'm interested too!
Looking at the image below you can see the layers of the OSI model.
Your data starts at the top layer (typically) and works through the subsequent layers to the bottom, at which point the signal is an electrical one which can be passed down the wire.
To take different forms of hardware as examples of the highest layer they can operate;
A network hub would operate at layer1 - it receives the signal, and repeats it to all ports. The destination port has to ignore the packets not addressed to it, and process the packets either addressed to it, or which it can forward on to the packet destination.
A typical network switch (think about the switch built into modern internet modem/routers) will operate at layer1 and layer2 - it can see where the packet should go, and can send it to the appropriate port. It can't tell anything else about the packet, so all packets are treated equally.
A switch used in larger corporate networks may be a layer3 switch - this can see what type of data the packet contains (is it a http request? Is it a VoIP packet? etc) This type of switch can be programmed to give priority to different types of packet: http: requests would likely be lower than database calls or VoIP packets for example.
Not all corporate networks use L3 Switching, but its becoming increasing common as costs decrease and demand for bandwidth increases - use of interactive media such as VoIP or video conferencing also increases the need for advanced switching and traffic prioritisation)
A Layer 4 Switch has extra abilities, as it can do stuff with the next layer up too - for example if an onward packet is lost, it can retransmit it rather than having to pass the retransmit request back down the line to the originating host. (The amount of packet caching depends upon the deployment and hardware.)
The top end Ellacoyas claim to be 1-7 aware, although they only appear to be deployable at layers 1-4, so quite what they do with the other layers, if anything, is a bit of a mystery - perhaps this ability is what is leveraged to perform inspection of packets with spoofed headers to provide true DPI (Deep Packet Inspection)? (DPI is similar again to the process used by the SPI [Stateful Packet Inspection] that goes on in most modern internet router firewalls, except that SPI works at fewer levels of the OSI model to try to make sure that the packet is what it claims to be)
Anyway, regardless of the actual deployment, you can be fairly certain that the operation of the Ellacoyas is purely transitive - they handle so much throughput it would be difficult, and *very* expensive to do much more with the traffic as it passes through - the lack of latency on packets is very important, so everything has to happen as quickly as possible - you might also notice an absence of a pricelist for the kit - I think the adage "If you have to ask, you can't afford it" applies here.
[iurl=http://www.tutorial5.com/content/view/26/79/]
[/iurl]For another viewpoint on DPI, take a look at this article too:
http://arstechnica.com/articles/culture/Deep-packet-inspection-meets-net-neutrality.ars/2
Hopefully my assumptions aren't too misleading - but do remember they are based on very little knowledge, and a lot of guesswork.
If anybody can/needs to correct me - please do so - I'm interested too!
