Motorola Introduces Home Cable Modem/Router

Anonymous Coward writes: "Check this out! Motorola has a cable modem that also supports Ethernet, USB AND HomePNA! The modem doubles as a NAT, firewall and dhcp server -- Awesome!" Cable modems aren't new, but it seems that both service providers and manufacturers are finally catching the idea that TOS agreements are not about to head off the wave of home networking. Products like this will make the idea of households paying per-connection fees even more laughable.

Sweeet

[WickedDyno]

I want one! One important question would be whether the modem requires Moto's own service or whether other cable service providers will allow use of this modem in their service. It would suck to only be able to get this kinda thing in certain areas.

Re:Sweeet

[Christopher+Cashell]

It generally works with any Cable modem or DSL service that connects to a PC via Ethernet. LinkSys also makes one of these, and you can find information here. It includes a 4 port switch, NAT, firewall, etc.

I do installations for a local Cable Modem company here, and we've been playing with the LinkSys model for the past few days. They run around $200US and work pretty well.

Basically, it has one 10BaseT port to connect to the Internet Service (Cable Modem or DSL) and 4 ports to connect to the computers on the Local network. Setup is almost nil, and performance is impressive.

I have a feeling we'll see more companies making these very soon.

Re:TOS

[vectro]

Terms of Service. Many cable providers make you agree not to use NAT on their system.

"safe configuration defaults"

[rdl]

Hopefully motorola will ship these with
no system-wide default (or easily guessable)
passwords, and with spoofing protection outbound.

The trend toward faster and faster network
connections sold as "appliances" puts a lot more
responsibility on the manufacturer to make sure
default configurations are suitable for users,
and won't contribute to DDoS, etc.

Cablemodems

[joedumb]

I think cable modem service TOS should be less restrictive....no servers? what about playing network quake or halflife? With this new device, what about running your own http/ftp/ssh/telnet servers? Service in Lewisville, TX by @Home really sucks, probaly because of the service techs or the service itself.

Re:Cablemodems

[TheSimon]

The reason for the TOS is a good reason and even though I don't like it, I agree with it.
I subscribe to cable service and I share the bandwidth with my close neighbors and surrounding neighborhoods. If someone was running http/ftp/smtp servers and hosting shell accounts which generate enough traffic to slow service for everyone else, the rest of us don't get what we pay for. Although our contract entitles us to unlimited bandwidth, it does say we cannot use so much as to degrade performance for other users. Small home networks of 4-6 computers don't generate this kind of traffic unless everyone in the house is downloading or hosting huge games.
If you want to host your own website, ftp and mail, they do provide a service called Cable @Work. This is for small businesses expecting higher than average traffic.
A short while back, a few people who ignored these rules ruined it for the rest of us. They were running http and ftp and now our upstream bandwidth is no longer unlimited, but capped at 128kbps.
I hope this helps you see it from the point of view of "the other users".
Thanks,

Re:Cablemodems

[Bob-K]

Well, every Internet connection is a shared connection; the fact that cable modems share a local loop as well as an upstream connection is pretty irrelevant. The cable company can build a bottleneck in the local loop, or they can build it in their routers. It's just a case of where they decide to spend their money.

I used MediaOne when I lived in Massachusetts, and was pretty impressed the way they handled it. They used DHCP, which allowed them to limit the number of modems sharing a loop. But even during the fast growth, you only got renumbered two or three times a year. You could choose your own host name, you could run servers with 384K upstream bandwidth. People would get somebody to host DNS, and they'd run web servers, mail servers, ftp, private NNTP servers, just about everything, and with MediaOne's full blessing.

And when you think about it, why is upstream bandwidth any different than downstream? Everything that goes out of a server has to go into a computer somewhere else. Connections have two ends, the bandwidth is no more precious on one end than the other.

Integrated solution == Less freedom

[OA]

If service vender provide NAT/Firewall box with service as an integrated portion of DSL/Cable connection box, they can block connection to some port claiming to protect consumer by preconfiguring these box.

Result will be no server function accesible from outside. No more personal web server, ssh into your home machine, etc.

I would rather my Linux do those functions in my way.

-----------

so?

[emufreak]

My FlowPoint 144 DSL router does NAT and firewall already. And to that person who's having trouble with identd: enable access on port 113 and use fakeident (search for it on freshmeat).

Re:so?

[emufreak]

Someone sounds bitter. ;)

cool, but how to make useful?

[eries]

This seems like a sweet development, but I've got SNET ADSL service hooked up to a SpeedStream 5660 ADSL "modem"/router that claims to have DHCP, NAT, etc etc hooked up.

However, I have not been able to access its features to get it set up for home newtorking. I think this is related to the special trip the phone company people took to my house in order to "configure" the box before I could touch it.

Anyone had any luck setting up real home networking in this kind of environment? Will these same problems plague the new cool stuff coming out of Motorola?

Want to work at Transmeta? Hedgefund.net? Priceline?

Re:technicality

[be-fan]

USB has a throughput of 12mbps. The modem, however, can theoretically DL at 40 mbps. For most people, however, it is clipped to something along the lines of 5 mbps or so, thus USB is not the bottleneck.

Cable Modem/Router = DDoS increase?

[JDax]

I currently have a Motorola CYBERSUFR cable modem with a Linux box attached doing masquerading and firewalling for my home LAN, and have had nothing but praise for it (and had heard about something like this coming out). &nbsp But my concern deals with putting a router in a box like this... &nbsp who will be expected to maintain it? &nbsp The ISP? &nbsp I can't picture Joe Q. User trying to configure a router box if it loses it's little mind. &nbsp And imagine the average user base of a cable modem provider (thousands) and the number of staff to try to support them and some new router box (very few).

I also have concern regarding the amount of DDoS that could occur when you put something like that out there... &nbsp Imagine what a cracker could do to this thing....

Re:Cable Modem/Router = DDoS increase?

[gharikumar]

I'm the engineer who wrote the HPNA
driver for this box. The way it work is... the
user is not expected to do anything to configure
it. Configuration is done by the cable operator
through SNMP.

This is quite a cool product, if I do say so myself.
The NAT and DHCP can be turned off, if necessary, so that the cable company can sell
stuff as an add-on if they so choose.

The advantage of this hub is that it does away
with the necessity to string a coax cable from
the cable modem (which usually sits near the TV
in the living room) to the computer (which usually
sits in the bedroom, upstairs etc.) Now, the cable
guy can merely plug the cable modem into the
nearest phone jack in the living room, plug
the computers' HPNA card into the nearest
phone jack and bingo! instant home network.

A lot of vendors have PCI HPNA cards. I believe
linux drivers are being worked on as well.

Also, HPNA uses a different frequency range
from G.Lite, so you could potentially have
ADSL and HPNA signals on the same phone
network.

BTW, we have also a USB version of this
hub, and a wireless version is on the way!
We are also planning to build many more
cool features into this box that I cannot
talk about right now.

Hari. (gopal.harikumar@motorola.com)

Cheap routers targeting Cable Modem/DSL folks..

[golemite]

are out there.. Linksys has the EtherFast DSL/Cable Router which has a built in 10/100 switch, does NAT, DHCP, port forwarding and can login to PPPoE for about $150

http://www.linksys.com/scripts/features.asp?part =befsr41

Netgear has a similar product, the RT311
http://www.netgear.com/products/routers.shtml#rt 311

TOD Agreements

[DerMarlboro]

They also make you say you won't hook up a second TV without paying for it in those terms-of-service agreements. That's insane. They're providing a signal. I say what you do with that signal is your business as long as you don't sell or share it with a household that isn't paying for it. Would they have me pay extra if a friend of mine comes over to watch TV? He's not paying for it, but he's watching it.

There's some more money to be made! Don't worry about pissing off your customers. Just shake 'em down for some more dough.

Same thing with internet access. You're paying for a pipeline through which you can move data. You only get so much bandwidth. Whose business is it what you do with that bandwidth; whether one machine uses it, or if its split between two, or three, or fifty machines.

If the cable companies had any kind of sense at all, they would be trying to cater to our needs as much as possible. High-bandwidth access is going to be a very, very, very big business, and they should try to garner a loyal following, rather than annoying and extorting customers.

My home network is too important to trust to MOT

[kerskine]

While Motorola's efforts are commendable, I just can't trust my home network to a "burned-in-the-rom" solution. There's too much going on with the script kiddies and their "splotz" - I need a solution I can adapt over time.

Personally my money is on Coyote Linux. It runs on a cheap 486 and is easy to configure!

I hope HomePNA is easily disabled.

[Ungrounded+Lightning]

The last thing I want is a behind-the-firewall 10 Mbps network link on my phone line going outside the house.

Who needs a Tempest box to tap you when your whole net is on your phone line?

Router/firewall combos for SOHO

[Jonathan+Blocksom]

Motorola's device is neat because it combines the whole kit & caboodle. If you're not into that there are a few other possibilities:

• A thing from Linksys that is a combo firewall/router/4-port hub. Costs around $200 retail.
  
• A software solution based on Red Hat. It was going for $30 at CompUSA today, stick it on an old P100 with a few network cards and you're good to go.

It's cool to see that the solutions go from only hardware to mostly software.

Re: Easy to fix those problems (on linux)

[spaceorb]

I don't know about the *BSD's, but on linux I used oidentd to handle ident requests behind a masqueraded connection.

Oh, and as far as setting up a server on one of the boxes behind my masq box, I just use ipmasqadm. It suports port forwarding and the like. For instance, I run a q3 and ftp server on my main linux machine behind my masq box. Hope this helps.

Nice Product, now what?

[Cyan+I.C.]

While this appears to be a nice product on the surface a number of issues remain both with the modem/router and with cable i-net access. As already mentioned if the nat's ports are non user configurable then what good is the nat to an advanced user? Particularly if it blocks functionality that some of us would prefer to have. The other major issue is cable access itself. A standard cable modem runs to a node which usually consists of a t1. In theory that node serves 10 customers who all have good bandwidth. A number of issues crop up here. A t1 costs approx 600-1000 a month, less for the isp, each cable user pays around 40-50 a month, which means that cable access on the surface means they are operating at a loss on a month to month basis. This means that to break a profit they need to overload their nodes which really hurts the user's access. Since the nodes run on an atm cloud style system, if one node gets overloaded and traffic spreads to other nodes, you can overload a whole network of these things. A buddy of mine was pinging 3000 minimum outside his node as a result of a total clusterfsck of his area. As if @home gives a damn, they just kept pullin in more customers. Back to topic, a nice modem cant fix the isps load issues, cable is still insecure and the bandwidth aint guaranteed, a fancy nat and router cant fix that.

Re:Nice Product, now what?

[MikeBabcock]

Am I the only person who starts thinking about how network topologies actually work when he reads stuff like this?

I'm sorry ... but for the last several months I've read just one too many "cable modems are shared bandwidth" pieces of ... ;-)

If you have 1000 modems dialing into a very expensive piece of equipment that turns them all into one digital fibre signal connected to the routers (scenario A), you have shared bandwidth.

If you have a few dozen cable modems interconnected and then connected to a group router (scenario B), you have shared bandwidth.

If you have a few dozen ADSL connections directly into a large switching router (scenario C), you still have shared bandwidth.

What's the difference? Well, its possible in A and C to not have other machines physically connected to each other, not that this has a lot to do with security, seeing as the other solutions often aren't properly configured (and encryption is the "right way" to secure your data).

All the scenarios have one (or more) major pipes to the rest of the Internet and several smaller pipes to the clients. If an ADSL supplier has 100 clients at 1 megabit each and only bought 10 megabits of bandwidth (ISPs never buy full bandwidth if they want to stay in business), the bandwidth is, at peak hours, limited to that 10 megabits over all the customers who are using their connections simultaneously.

If the cable modem company puts a limited number of cable modems on any given area router and purchases enough bandwidth, they're set to be just as fast as can be, no matter how many people are online.

The issue is network topology and configuration, not inherent design issues with ADSL, ISDN, Cable, or whatever.

A Neat Linux-Based Net Appliance

[OmniGeek]

I'm beta-testing a Linux-based (the ColdFire uC port) NAT firewall/router/DHCP server in a box the size of a network hub (no disk, no fan; high MTBF maketh glad.) It's called a NETtel and it's made by a small company in Australia called Moreton Bay (http://www.moretonbay.com). I am quite impressed with this device (one of these appeared on Slashdot a few months ago; one of their engineers tacked a DAC onto it and turned it into an MP3 player -- a neat hack.)

The NETtel is small, VERY user-configurable via built-in HTTP interface (no hidden Big Brother shit here), resists my attempts to hack into it from the 'Net, and works really well in general. 'Tis worth checking out.

(And NO, I do NOT get anything out of saying this; I genuinely LIKE the gadget, and I hope they do well with it.)

Roll-your-own Linux firewall

[phoneboy]

Does anyone know of any external DSL or Cable modems that hook in via a serial connection or internal ones that are compatible with Linux? If they exist, then you can build your own firewall box.

At home, I use an ISDN line hooked into a 3Com ImpactIQ going into an old PC running Linux. I've got a custom kernel on it, ipmasq, ipchains, and the like. Beats the hell out of the ISDN router I got from my employer. It's infinitely more flexible and I can actually understand how to configure it (anyone ever try and configure a Pipeline 75? Ewwwww!)

I think most of you are being too hard on Mot and company. Yeah, these devices are somewhat more simplistic than what we can do ourselves, but most people don't have our level of knowledge. And let's face it, no security solution is going to be perfect. By rolling our own, we cetainly have the best chance at protecting ourselves.

Here's an idea for a consumer-grade device: how about a device that can be updated with new security fixes automatically? Obviously, the companies would sell a subscription to this service. Look, ma, a new revenue stream!

-- PhoneBoy

Freedom of Use

[Carlos+Laviola]

I guess the discussion is coming to a point whether we are no longer discussing Motorola's product, as stated in the article itself, but to the option the user does to the service being provided to him. You see, it's pretty much like somebody else told in the main thread: we are paying for the signal. What scares me is when we have money talking louder than quality of service. When we talk about high-speed connections, we want freedom too. I mean, what if I just connect a DSL machine to another machine thru another ethernet card and don't let it get nothing from the Internet, but still be able to get files I got from the Internet with that machine? Will that bypass the ToS? I guess so. It's time to stop with stupid commercial contracts obligating you to not do what you want to with things you've already paid for. I have heard true rumors that the new Brazilian DSL company named Speedy is limiting the number of TCP connections you can make at the same time! What is that? The same thing about a Cable Modem ISP, called Virtua, which is charging for bandwidth (you get 1GB/MONTH with the standard access plan). Come on, give us a break.
--
Carlos Laviola

cool, but some people need more

[sesquiped]

I have a cable modem and a local network, with three user nodes. This new modem would be great for a simple shared connection, but what if I want more? I want an IMAP mail server so that I can get saved mail from any of the three computers. I want an http server to use netscape roaming access, so I can get my bookmarks and preferences anywhere. I want a samba server to keep documents centralized and make backups easy. I want port forwarding to make servers on internal nodes visible.

All those features make home network much easier for the users (just ask my parents :) ), but you can't do any of that with this simple modem. You need a server. Load linux on it, enable ip masquerading, named, and then configure to taste. I admit that most people wouldn't be able to set up all these features. My setup is not for everyone. I just don't want people to think this is the ultimate tool for a home network. Also, I'm predicting that people are going to want far more bandwidth than HomePNA can ever provide. I mean 100BaseT, for decent quality video between two points. If you do it yourself, with NICs, cat5, and a switch (yes, a switch. they're amazingly cheap these days, so buy one.), you'll have much more room for expansion in the future.

In case you're wondering, my server is a $100 compaq from onsale.com. It's running RH6.1. No keyboard, mouse, or monitor. I get mail for all four family members with fetchmail, and serve it with imapd. It's a nice combination, and very easy to set up. All three clients run netscape mail under various windows versions. Roaming access for netscape is possible with some creative tweaks to apache. It's a _very_ nice feature. Use it. Other services: sendmail (for fetchmail and mailman mailing lists), apache, ssh, samba, ftp. If you're smart, you'll run a dhcp server too.

Re:What about these damn upload caps?

[toh]

You're correct that a lot of upload caps are lower than they need to be, but it's not so much that the company wants to limit you from serving files. Cable modem data networks are simply asymmetrical by design. AFAIK (and that's not much :) a large part of the problem is that all of those other passively-connected nodes in your neighbourhood spread out to form a tree that effectively concentrates noise in the upstream direction. Data coming downstream only picks up the noise on the way to your house, not everyone else's. The result is that 1Mb/s is about the maximum upstream speed even on a sparsely-populated loop where the downstream could be four or five times as high.

The cable company hereabouts actually does allow "servers", both in the TOS and in that they don't filter the ports for well-known services, but the upload cap is still there, because it's apparently fundamental to cable topologies. Companies that enforce much lower caps are probably doing so mostly much out of paranoia, because they don't know and haven't tested how much data can actually go upstream, and they don't want to find out by seeing service disrupted one fine day. You may be able to raise the cap from your end, but I would have thought you'd have to configure the cable head for that; your end is usually a slave component of the bridge. Even if you do, it may not raise the effective throughput as much as you'd think, kind of like what happens when you force a 56k modem to stay connected faster than it wants to (with commensurately higher error rates).

ADSL is similarly asymmetrical for other technical (cost-reducing) reasons as much as administrative ones (check the price against traditional [S]DSL technologies from your telco).

Now who's on crack?

[Pope]

ADSL is pretty much useless in on the free market
Uh, why is it useless?
I have Bell/Stinkpatico's ADSL with the NORTEL 1 Meg Modem, and the only thing I had to do on my end was plug the thing into the wall and my Mac and install the PPPoE software!
As for Cable Modems, think about availability: Rogers has no clear time as to when they're getting around to providing access in my neighbourhood, whereas Bell ADSL was available throughout *most* of Toronto in December 1998.

Pope

Re:technicality

[be-fan]

I never said it did. However, the main problem is the USB has much lower overhead than ethernet. USB is just a connecter on the PCI bus. It has no real protocol to speak of. Ethernet, however, has to go through (usually) TCP/IP (great for flexibility, crappy for speed) then all the other stuff in the OSI model. Thus ethernet is impractical for a machine with a 16MHz proc. Also, USB probably hits a higher average than 10mbps ethernet

Re:Just don't plug it in

[Ungrounded+Lightning]

Not plugging it in doesn't help if it's integrated with the modem and there's only one plug.

NetBSD/i386 Firewall project

[DreamerFi]

Another one is at www.dubbele.com

-John