My freind is about to get cable modem. They told him that he must pay $10 extra per month for extra IP addresses. They also said that it is against thier rules to use a proxy server. Would it be possible for them to detect a person installing a proxy server on his home PC and using it to share the connection w/o paying for IP addresses?
Proxy servers have nothing to do with it. Its commonly called “IP Masquerading” and there are plenty of programs to do this, you can even do it for free with Linux. There are lots of people who set up one machine as their local IP gateway and serve several machines off one cable connection, and the cable company absolutely cannot detect anything but one machine. Or for example, you might use a hardware solution like the Apple AirPort, which is designed to easily hook up to a cable modem and serve a whole group of machines (PC and Mac) through wireless connections.
That being said, I myself have 2 machines on my cable modem, and I do pay the extra $5/month for a second IP for my Linux machine. I could have set up IP masquerading from that box, but I didn’t. There are plenty of reasons you might want to do it this way. I always say there are two solutions to every problem, the labor intensive way, and the money intensive way. You can solve a problem with a clever design and some setup work (IP Masq) or by spending money on a solution (paying the extra $5).
Chas E.I believe it’s more commonly called Network Address Translation (NAT). And a proxy server is another way to connect several computers to one iinternet connection, but it’s not used much in home installations becasue NAT is usually easier. NAT can have problems with applications such as games that use lots of UDP ports, but many NAT programs handle games pretty well.
I wouldn’t say it’s impossible for the ISP to detect NAT, but it is unlikely. M-to-1 NAT works by replacing the return IP address in each packet header with the one assigned to the Internet connection, and replacing the return port number in each packet header with one chosen from a pool. The latter is necessary so the NAT program can route the incoming reply packets to the correct computer and port.
It’s likely that traffic analysis could detect this. The port numbers used by the NAT program are not the standard HTTP/FTP/whatever ports.
However, I wouldn’t worry about it much.
I use DSL to connect 3 computers to the net using NAT. The DSL company doesn’t support this but doesn’t disallow it either. The device that provides the NAT is a linksys hub and it works great, allowing the computers in the lan to communicate at 100 mbs (one still runs at 10) and access the net on the outside. according to the manufacturer the hub is the only reconizable device from outside the lan so it works as a firewall as well. I would think a firewall would be slightly more of a concern w/ cable.
The hub gets its IP add. from the DSL company and that is the only one they see. The hub then assigns an IP address to each computer in the lan. then all the hub has to do is convert the ip address from internal to external and visa-versa.
I looked into the option of having a internet server computer but this seemed like the was to go, at least for me 
Just to pick a nit k2dave, but unless I’m very mistaken that device is technically not a “hub”, and it’s not a firewall either. A hub simply amplifies the signals that it gets so that they can be sent to more machines. This things sounds like it’s actually got some smarts.
Not enough to be a firewall though. A firewall is something that filters out certain types of access to the machines behind it. Typically nonstandard ports and such, which I highly doubt that this device does.
Why should the Cable or DSL company care if you use some sort of access multiplexing scheme? It’s not like you get more bandwidth that way. I can see them caring about having to assign you an IP address, because it depletes their finite supply, but a customer who uses any of the techniques described above in no way affects the service provider. Go figure.
[ Just to pick a nit k2dave, but unless I’m very mistaken that device is technically not a “hub”, and it’s not a firewall either. A hub simply amplifies the signals that it gets so that they can be sent to more machines. This things sounds like it’s actually got some smarts. ]
correct TheNerd, the thingie is actually a router, has ram and flash/updatable rom
[Not enough to be a firewall though. A firewall is something that filters out certain types of access to the machines behind it. Typically nonstandard ports and such, which I highly doubt that this device does. ]
It claims that it does exactly that, and it allows me to open ports for special reasons (i.e. setting up a V.P.N.)
I not saying there is no way to hack it, I don’t believe any firewall is unhackable and simply don’t know enough about it other to state what the manufacturer says. I also checked out a web site devoted to CATV/DSL which highly recomends such a device, which I will post if i re-find it
Because access multiplexing is likely to use more bandwidth, and they have a limited amount of bandwidth that they allocate and price according to their own schemes. There’s often a one-or-two-connections price point and a more-than-two-connections price point. For example, Flashcom prices “HomeSurfer” ADSL 384K/192K at $39.95/month, “HomeSurfer” ADSL 768K/384K at $79.95/month, and “BizSurfer” SDSL 256K/256K at $99.95/month. The Terms and Conditions for “Home Surfer” include:
“HomeSurfer™ Customers agree not to run any servers in conjunction with the Services, including but not limited to, electronic mail, NAT, DHCP and DNS servers. In the event any HomeSurfer™ Customer attempts to utilize a server on the network, Flashcom may, at its sole discretion, increase the fees associated with the Services, or terminate the Services.”
the site is
http://cable-dsl.home.att.net/
It has help me set up this network and answer many questions about what I can expect from the DSL connection - I hope it has correct info- well it on a web site, it must be true
I use a solution that is likely the same as k2dave’s. I use the Linksys Cable/DSL Etherfast Router. It works in place of the hub, and handles the routing of the data between PCs and also betweent PCs and the Internet. It also acts like a firewall.
I went to a site that probes your computer looking for ways to access your computer and it said I was locked up tight. The router is the only device that is seen on the Internet. (Note this also frees up the dedicated machine that you have to have using a software Proxy solution.)
You are right on the bandwidth issue, however, my cable company tells on their web page how to use software proxy solutions, so I guess the hardware solution is okay with them.
But I am fairly sure that they cannot detect that you are using multiple computers, they are just trying to make more money.
Jeffery
JonF wrote:
The only problem with this argument is that DSL service has a more easily controlled bandwidth than a cable modem. The DSL provider can reprovision your line for any number of speeds.
With Cable modems, the provider is more concerned about bandwidth hogs, because the bandwidth is usually congested in heavy neighborhoods.
I don’t think DSL providers could possibly complain about users “using” all of their allotted bandwidth.
greyseal
(First post!)
I’m looking at my brand, spankin’-new Linksys, and it indeed does provide a hardware firewall, as well as all of the aformentioned features. Seems like a very full-featured box. Just found out that the firmware has been upgraded to support IPsec (wish I knew what that was), so I’ll flash it tonight after I get set up.
Can’t wait to get home and install it for my DSL…
I stand corrected about the router acting as a firewall.
But I’m sticking with my argument about multiplexing. Sure it may be more likely to use up more bandwidth, but so what? I paid for every bit of it. Cable companies complaining about that strikes me similar to how the dialup ISP of yore would charge their “unlimited” customers more if they used more than X hours a month.
The main reason they don’t let you do it is so they can charge you more. You paid for what is in the service contract.
That said I have a computer setup to as my router/firewall and it is great. The wife can surf and I can surf and nobody has to get off the computer. I don’t think the cable company can really tell at all if you have more than one computer behind the router.
The cable companies will have to get over having more than one computer on the modem the same way you can have more than one tv on the cable and not pay more for it. When cable first came out I remember you had to pay extra for each TV. People that are going to spen $45 a month on cable modem will likely have more than one computer.
They certainly shouldn’t; the terms and conditions contain nothing about not using all that bandwidth, day in and day out. However, it is a fact that you just aren’t going to do that. They know this, and don’t buy their connection to the internet based on allowing all customers to use all bandwidfth all the time. They use statistics to predict how much bandwidth they will need to have a high probability of supplying the bandwidth that their customers are actually going to try to use. Just like a dial-up provider doesn’t buy a modem and phone line for every customer.
If their predictions of how much bandwidth their customers are going to try to use are too low, then they will buy too liitle bandwidth from their provider and they will have unhappy customers. They may have to buy more bandwidth, and that’ll cut into profits unless they charge their customers more.
So, they want to know if you are likely to use a lot of bandwidth and charge accordingly. There’s obviously a big required-bandwidth gulf between a 100 person company sharing one connection and a three person family sharing one connection, both in total bandwidth used and the distribution of bandwidth usage during the day. But, if they set up pricing plans for each possible type of usage, customers would be confused and many customers would still just buy the cheapest and cheat.
So, they set up relatively few plans. My guess is that they know a lot of customers who buy the low-end plans will cheat, and they probably build that into their statistics. But they want to discourage cheating, so they forbid it in the T&C.
[So, they set up relatively few plans. My guess is that they know a lot of customers who buy the low-end plans will cheat, and they probably build that into their statistics. But they want to discourage cheating, so they forbid it in the T&C.]
this seems like how they do it JonF. Here they offer 3 levels service, the basic, really ment for one computer/ home use, but also works good for a small lan 640 kbs. then there is the ‘I need a little more’ for maybe a lan with heaver usage 1.5 kbs. then there is the ‘open the pipe, we got some serious work to do’ package which is ment for a larger lan of up to 7.5 mbs