I'm not sure that I don't, I've followed new IT-related laws in the Netherlands closely so I'm pretty sure I know what's included without looking it up. I'm more sceptical of someone who says "you have no idea" without anything to back that statement up. But for other readers, I'll elaborate.
Blocking UDP is not treating all traffic the same. Even if the law would be about treating services equally and not any IP packet equally, then it still has a different impact on services like VoIP (which are often UDP) than it does on other services. Blocking certain types of packets is not compliant with net neutrality -- at least, not in the Netherlands. If there is a different definition whereever you come from, please tell me about it.
Net neutrality is and has always been in any discussion in Switzerland, Germany, Austria, the US and everywhere I have seen else about ISP and ISP abusing their position in the market.
I have never once heard anybody claim that private institutions are not allowed to shape their own network traffic.
Unless you show me Dutch law that clearly spells this out, I will not for a second believe that it is illegal for a university to block certain protocols.
If what you say were true then pretty much every single private organization would be operating illegally, anybody that runs VoIP, blocks UDP or any other way to shape the network.
I have a feeling it's a bit more nuanced than that otherwise you're telling me a University in the Netherlands can't run a firewall on their internet link and they need to have all public addresses to get around the fact that no device dynamically NATs all L4 protocols.
I'd be willing to bet my lunch that there are exceptions for private, government, and educational institutions or that there is an exception related to security services.
> you're telling me a University in the Netherlands can't run a firewall on their internet link
Any blocks should be necessary/essential for network stability or security. If I have evidence that a trojan is using tcp port 1337, and I am not aware of any other application that uses it, then there is no problem blocking it. In practice, of course, malware would be crazy not to use tcp/443 or tcp/80, so blocking ports is rather pointless these days anyway.
As for network stability: reasons like "by blocking VoIP we can sell our services and use that money to make our network more stable" are not good enough, of course. There has to be a concrete reason why {whatever you want to block} will benefit the network.
> and they need to have all public addresses to get around the fact that no device dynamically NATs all L4 protocols.
I guess since there is scarity in v4-addresses, it's not reasonable to use public addresses for each individual, so "blocking" incoming traffic (or rather, it being unrouteable) shouldn't be an issue. It's essential for the network's operation.
Firewalls have stateful inspection and handshake inspection capabilities for known protocols on known ports. They also have URL filtering, IPS, DDoS protection, and threat monitoring. This is the big difference between an organization like a business/university vs an ISP. I wasn't talking simple ACLs, that only requires a basic switch.
Blocking UDP is not treating all traffic the same. Even if the law would be about treating services equally and not any IP packet equally, then it still has a different impact on services like VoIP (which are often UDP) than it does on other services. Blocking certain types of packets is not compliant with net neutrality -- at least, not in the Netherlands. If there is a different definition whereever you come from, please tell me about it.