Cable Co's Want More Control Over Your Network 726
Moonshine Coward writes: "'The CAT and the NAT' in latest issue of www.cedmagazine.com discusses Cable labs and their efforts to come up with a 'better' protocol than NAT that allows them more control over devices behind your cable modem. Their upside on this...$4.95 per IP per mth.
Their #1 concern...people putting in 802.11b hubs and sharing with their neighbors.
Fine in principle and if it gets them drooling enough to speed up the deployment of fiber to the home it might be a good thing. However I can see way too many downsides...not least of which is being nickled and dimed to death..my webcam, cable ready microwave, refrigerator, pictureframe that shows revolving jif's ... each costing me $4.95 p.m. -- all on top of regular $39.95 cost." Note: the article is written from an interesting point of view -- it's aimed at the people who want to collect the additional per-IP charges.
Why get more than one IP? (Score:2, Interesting)
I'm not sure I see the real argument (Score:5, Interesting)
I pay for a certain amount of bandwidth. Why do they care how it gets used? If I spend my 10 MB/s downloading porn or if I only use half of it and then let my neighbor use the other half...seems like the problem is not people "stealing" bandwidth but the providers not provisioning correctly.
Two computers makes me a thief? (Score:5, Interesting)
They discuss sharing amongst neighbors, but what they are really upset about is not being able to charge for every device I own or sharing amongst roommates. Nowhere is the fact that even toasters are getting IP addresses mentioned, and none of the technology they are looking forward to will allow the provider to differentiate between my toaster and my neighbor's computer.
So the interesting question to me is, why does my service provider deserve more $$$s because I own three computers, a net-connected TiVo, and an internet enabled toaster or stoplight? Aren't they still just providing me a single connection and some bandwidth? What right do they have to charge for my toaster? Do they have a contract with *me*, or with *my device*? They seem to think they are providing my computer with a service; I happen to believe my computer can't sign a contract, so the service is provided to me, and this price gouging shouldn't be allowed.
Re:Is that (Score:3, Interesting)
I would prefer a bandwith/$$ model if they are going to start nickel and diming us. Kinda like cell phones.
You get so many Megs or Gigs for $X. After that you get a message sent to either your phone or email saying that you have used up your data "minutes". You can then a)explicitly enable your connection again at $X/meg, or b) wait until next month.
Will it stop "unauthorized use" - no. Will it make it more expensive? yes. Which in turn means the cable company gets compensated and Ted has to charge his neighbors to make up the difference.
Best all around solution? No. But it works for cell phones, and would be reasonable compromise for most parties involved.
Re:Wrong way to meter usage (Score:3, Interesting)
10 GB/month of Napster/whatever: OK
1 MB/month of web server: not OK
Multiple MAC addresses in IP packet? (Score:1, Interesting)
even with NAT, the MAC address of the original computer is in the packet
Say what? Where is there room in an IP v4 packet for any MAC address, much less the MAC addresses of both the public interface of the NAT router (bridge) and the private interface of a host behind the NAT router? Please clarify.
Re:Two computers makes me a thief? (Score:2, Interesting)
This is really very simple. Most cable companies are allowed by law to be monopolies, but in exchange their rates are limited or controlled by the authority that licensed them. Their most profitable (Cable TV) market is already saturated, so in order to make more money, with less effort, they need to do things that are within their monopoly agreement but easy.
They did the same thing in the 70's and 80's with charging per television, until the FCC had a moment of clarity. Rather than adopt the reasonable practices of the existing bandwidth industry, they will try their old favorites first.
As for the claim of cost of theft, they've been pushing that lie for decades. It's the same lie the BSA uses: they assume that the revenue they might have gotten, absent piracy, would have (a) all been profit, and (b) all been realized. There would be expenses incurred in collecting that profit (those expenses would be blamed on the pirates, of course), and some pirates, forced to choose between paying up and disconnecting, will disconnect. (Or in the case of software, uninstall.)
If my cable company was willing to be honest with me about the load on my local cable network, and my upload and download caps, and could make their e-mail server work as advertised, (OK, skip the mail server, just stop blocking port 80 at the router) I would be honest with them about how many machines I have, and why I want a static IP address.
And by the way, Adelphia, if you're reading this, grow up. The 'no porn' clause in the ToS is a joke. (Think I'm kidding? Read for yourself [adelphia.net].))
Re:ISPs should be ISPs! (Score:5, Interesting)
In Chicago, we got so sick of sucky internet providers that we banded together and created a Coop, where you pay for only the pipe, and you get what you pay for.
www.ISPFH [ispfh.org].org
The drawbacks?
It ain't cheap.
They're talking authentication [think Passport] (Score:1, Interesting)
Fact: those who are bootlegging will never be found, unless a physical inspection is made.
This CAT protocol sounds like it will involve some sort of authentication against a directory, such as Microsoft Active Directory [Passport], or Novell Directory Services. If they know what they're doing, then only authenticated packets will be allowed on the network. The cracker/hacker community will then have to figure out a way to break Microsoft [Kerberos] or Novell [RSA] authentication and write a CAT router [bridge] for Linux/*BSD with the broken authentication scheme. Presumably, legitimate CAT vendors, like Cisco/Nortel/Lucent/Linksys/Microsoft/Novell will release proprietary solutions that refuse to forward packets from a host behind the firewall if that host can't be authenticated to the directory.
The only hope is that packet-by-packet authentication will require so much in the way of hardware resources that the broadband ISPs won't want to take the plunge [i.e. VERY expensive authentication/encryption hardware modules on Cisco routers coupled with an upgrade of all the end user cable modems].
Re:More Slashdot Sensationalism at Work (Score:3, Interesting)
Most importantly, does this portend a future in which NAT or ip chains are deemed a violation of our user agreements? If so, I would have never signed up (well, maybe I would have, but given the criminal penalties provisioned in the DMCA and that NAT could be deemed a circumvention device if the cable company only approves this proposed CAT nonsense...). So the real question is, would you like to occupy the cell next to Dmitry simply for having a firewall and a class C network?
Re:Wrong way to meter usage (Score:2, Interesting)
It would be awesome if they could just do what the cable TV companies (at least here in Seattle) has done forever. I'm allowed to have an unlimited number of TVs connected, so long as they are in the same household (and I have enough outlets, which I could install myself if I didn't live in an apartment). So it seems like the only reason this is a problem is because of the 802.11 situation -- why should I be punished? The poster raised another good point -- what happens when I get my internet-enabled toaster, refrigerator, answering machine, jukebox, etc... this would absolutely kill the "internet appliance" industry, because I sure as hell am not going to pay $5/mo for each device, and I'm sure as hell not going to run them all off of dialup -- I'd rather just not buy the device.
Another problem: my apartment is not wired for a home network, since it has no CAT/5 wiring and only one phone outlet. My roommate has a powerbook with an Airport card. What if I want to set up a little wireless network so that she can have access without dragging a CAT/5 cable across the floor? All of a sudden, even though my intentions are honest, I become part of the problem that this NAT -> CAT suggestion is designed to solve.
Bottom line is that there are too many situations where this hurts honest people. The cable internet industry is already in trouble -- if I were them, I'd be worried about profits lost from illegal sharing too. But I'd be more worried about pissing off the honest people on the network, which probably vastly outnumber the dishonest ones. I, for one, would be seriously pissed off if this transition from NAT to CAT were to be enforced.
Some fact an attitude problems (Score:2, Interesting)
2. NAT has other purposes than just sharing bandwidth. My cable company offers multiple IPs. I use NAT instead. Am I stealing bandwidth? No, there's only one of me on the net at a time. I don't *want* multiple IPs. I want a firewall, and NAT makes a very good firewall. The last thing I want is to have to make all of my machines internet-safe. Forcing customers to do so would create a huge security problem. Never mind your machines, what about your printer? You want that on the internet too?
3. Security. CAT will let your cable company peek behind your firewall--and who else?
One thing to be concerned about. Implementing CAT doesn't prevent people from using NAT. Therefore implementing CAT is not going to be sufficient, they'll have to force you to use CAT. And the only way they can do that is to put software on your machine (after all, you could always put NAT behind CAT). And we all know what platform that software will (and won't) run on.
Fortunately it's probably too late for this solution. They should just do bandwidth monitoring and leave it at that.
Sounds familiar, Part Deux (Score:2, Interesting)
If they are really so worried about profits, they shouldn't be giving executives big bonuses, and CEO's great big golden parachutes while laying off thousands of workers and screwing their customers. I'm really big on capitalism, but some CEO/executives make way more money than is justified, IMHO, for their ROI.
Re:Here's the part I don't get (Score:2, Interesting)
Actually, it is whatever level of service is stated in the contract/service agreement with the customer. Regardless of the economic or technical realities the company faces, they are bound by the commitement that they make when they sell the service. If, as in their commercials, they sell 1.5Mbps and do not qualify that by explicitly outlining what duration to expect that level of service for, then the customer has every right to expect 1.5Mbps, 24/7. If the providers can't privide that level of service, they shouldn't sell it. If they can't sell a lesser level of service for what they want to charge, tough.
Re:CAT? NAT? Who cares are long as we have routers (Score:0, Interesting)
But the cable co's will simply drop your packets unless you install their special software.
Why I use NAT (Score:3, Interesting)
Personally I like the low latency.
But, the damn cable modem gets addicted to one machine's MAC. My house is wired and if I wanted to use my notebook in the living room, it is about a 45 minute process to get the cable modem to understand that the machine behind it changed.
So, by using NAT, it is always just one machine to the cable modem...and behind the router, it is usually just only one machine on at a time anyway. I guess that makes me a thief.
Oh yeah...there is the other reason that I use NAT. Half the time if I don't keep the connection constantly going, when I go to get on, the DHCP server doesn't have any IP addresses left - so this way I don't have to worry about that. And THEY want to provide me more IP's?
Critical VMWare (and the like) issue here. (Score:2, Interesting)
Oh wait, if they set up a piece of physical hardware that prevents NAT, then that means I can no longer connect to the network via my VMWare sessions?
What the hell?!?
Model Exists (Score:2, Interesting)
You have a "max pipe size" you pay for. You also have a $/unit of measure charge. Flat, tiered or what-not you are going to be using metered bandwidth.
This is fine for device connectivity (believe it - they WANT you to use bandwidth), but here's the real knot in the panties for this model: On the web - you start paying for all the freakshow ads, intros, spam and other fluff spinning around there. Don't like it?
Start migrating towards smarter and more extensible programs to purge nonsense. And thus we have arrived at the mouse vs. trap circle we are in now, but YOU have a wallet that is concerned.
The sick part is that these providers WANT to shove fluff through the pipe to you in a metered bandwidth model. Hell, you're paying for it. It becomes just another level of service comparison. "How much shite will you email me...in MB?"
Think about this combined with the Gatesian World of
And WHAMMO we have arrived. Portal, bandwidth deal, and protocol support all bundled. Amazon, Yahoo, MSN, ATT, Dell, IBM, Your Mom's Poker Club all selling services. We have this today, but its not TIME that they rob from you ("hey 1/3 of my time is downloading NetZero ads") - its true $ ("hey 1/3 of my GB meter is crap Earthlink email").
mug
+/-
I've had just about enough from you, Mr Man.
Re:a bigger problem than you realize (Score:2, Interesting)
The broadband ISPs built their business models around the 30-50:1 statmuxing model. Unfortunately the ways they have often chosen to implement their networks just don't make that a reality. This flawed implementation rather than any nefarious doings by users is much more to blame for their bandwidth consumption.
A few examples:
1. DNS - Does you provider operate a sensible DNS structure? IE - seperate internal DNS servers (for customer resolvers) and external (for queries from outside the network) DNS servers? Are all the DNS servers for a city network pointed at 2-3 in-city "core" DNS servers to build up a large local cache? Are they using insanely long host names for each IP in their network?
"dslblah-blah-blah-blah.f01.blah.someprovider.n
2. Cache - Does your provider run some honking huge cache servers? Yes, they will require tuning to make sure they don't break some things. I recall running some numbers that showed (with all the specific variables plugged in) that a cache farm produced 100% ROI in 30 days of operation.
3. News Servers - yeah, here's a great idea! Let's have each of our 10K users read the same ~500 newsgroups and each one can pull them all down individually! Yeah, that's a great idea. Seriously, supernews/giganews/etc just doesn't make much sense for a citywide broadband network of any real size.
The general idea is to only take content across your external infrastructure bandwidth once. If you can keep it on the local links you save big bucks.
A city-wide cable modem network isn't governed by the same statistical metrics as a big modem pool. It's governed by the statistical metrics as large LANs.
How many of the broadband ISPs take a 24 hour sampling period each month and record SoureIP.Port/DestIP.Port on their external infrastructure bandwidth and do some data mining magic to see where it is being consumed?
I've worked the telco (CLEC and LD) side and the Internet side. We did traffic studies on the telco side at least once a month to see where calls were going. Based on that we knew where to augment trunk groups based on growth patterns, identified ILEC end-offices that needed dedicated trunk groups, and generally had a very good idea of how our calls were flowing. I just never saw it happen effectively on the ISP side. I did it a couple times, but it seems to fall on deaf ears at a corporate level.
It's time for broadband ISPs to wake up and realize that most all this math has been done already. Read up on telco traffic engineering, mix well with data from your network monitoring, and we might all just get a network that works well and can be profitable!!!!