OIT filters Dropbox broadcast traffic on the wireless networks operated by OIT.
We do so because we have found that this traffic contributes to the unecessary broadcast traffic degrading wireless network services provided by OIT, while at the same time being unnecessary for network functionality. Filtering this traffic does not prevent customers from using Dropbox software.
We installed the filter in several stages during mid-October 2010 - early-November 2010.
Dropbox is a popular third-party application which provides online backup, file synchronization, and sharing services among multiple devices. Versions of the software are available for a variety of popular platforms.
When Dropbox's "LAN Sync" feature is enabled, the application periodically transmits a small amount of broadcast traffic to the network. This feature is enabled by default.
According to the vendor's documentation, the "LAN Sync" feature allows Dropbox to synchronize files among clients which happen to be simultaneously on the same IP subnet faster than it would otherwise. Without the "LAN Sync" feature, the application continues to function, but synchronization can take longer.
Our experience is that without the "LAN Sync" feature, synchronization does continue to work, and does so quite rapidly.
Although the volume of broadcast traffic sent by any individual Dropbox client is low, this broadcast traffic adds up when many devices attached to the same network are running Dropbox software. This is the case on our wireless network, as many customers have installed the software on their devices.
We found that 6% of all broadcast/multicast traffic on our wireless networks was Dropbox broadcast traffic.
Because high broadcast traffic rates is one factor which degrades the performance of the wireless networks, and because this broadcast traffic from Dropbox is not necessary, OIT filters this traffic.
Our decision to filter Dropbox broadcast traffic does not indicate that OIT believes that there is anything wrong with Dropbox, and should not be interpreted as criticism of the product. We simply believe that this is broadcast traffic which may be safely filtered on our network to help improve network performance without seriously impeding the use of the Dropbox application.
The traffic is filtered at the campus network's core Ethernet switches; all buildings (or groups of buildings) are attached to these core switches. It's installed in such a way as to apply only to those networks supporting wireless services provided by OIT. This causes the filter to apply to traffic (for our wireless networks) as that traffic passes through the campus core on its way from one leg of the network to another. (In some cases, multiple buildings share a single connection to the campus core, so this filter doesn't affect traffic which remains within that group of buildings.)
The filter is also applied at the edge of the wireless services provided by OIT, so it also applies to traffic sent by a wireless client as that traffic arrives at the wireless access point or the wireless controller. This filters the traffic before it would be flooded to other clients (wireless or wired), even if those clients are on the same leg of the network, or behind the same wireless access point.
It is possible that in the future, the filter installed at the network core might be expanded to also include the wired (non-wireless networks).
IPv4 traffic destined to UDP port 17500 is discarded by the filter if the traffic is destined to the IPv4 limited broadcast address, or the IPv4 subnet-directed broadcast address.
We do not filter other Dropbox traffic. The Dropbox application will continue to function; it simply will not be able to use broadcast traffic to locate other Dropbox clients on the same IP subnet. It will still be able to communicate with Dropbox's servers on the Internet, allowing the Dropbox application to function.