Slashdot Mirror
Comcast Gunning for NAT Users
phillymjs writes: "A co-worker of mine resigned today. His new job at Comcast: Hunting down 'abusers' of the service. More specifically, anyone using NAT to connect more than one computer to their cable modem to get Internet access- whether or not you're running servers or violating any other Acceptable Use Policies. Comcast has an entire department dedicated to eradicating NAT users from their network. We knew this was coming since this Slashdot article from two months ago, but did anyone think they'd already be harassing people that are using nothing more than the bandwidth for which they are paying? It makes me very happy that my DSL kit arrived yesterday, and I'll be cancelling my Comcast cable modem early next week." Earthlink and Comcast have both been advertising lately their single-household, multi-computer services (and additional fees) -- probably amusing to many thousands of broadband-router owners, at least until the cable companies really crack down.
Adelphia has it as part of their service agreement that you can have multiple devices on the network and the cable modem install techs will actually configure your linksys router for you when you sign up for the service.
If you choose not to decide, you still have made a choice. RUSH
"We regret to inform you, Mr. Anderson, that you have three different people in your household using this computer to access the internet. Your bill will be adjusted accordingly."
This
This is not a story, let's not treat it as one. It'll be a story when somebody has copies of a letter explaining that their service was cut off, due to the use of NAT. In the meantime, I can tell you that the firewall on my comcast connection has received no new exploratory packets originating at comcast servers.
If you don't like it, don't sign up. If you try to cheat on the policy with your l33tness and get caught, don't complain.
Look, I have my Road Runner connected to a firewall that routes my internal machine to it. Therefore I have more than one machine (technically) hooked up to Road Runner.
The firewall uses NAT for my internal box. My firewall is a custom Linux box I setup myself, but I imagine any firewall would behave similarly.
If they're basically saying you have to have just the one machine directly connected to their service...they're saying YOU ARE NOT ALLOWED TO RUN A FIREWALL.
How can they possibly suggest that I'm NOT ALLOWED to run a firewall? Especially seeing as how the freaking cable networks some of the worst offenders on portscans etc...
Freaking morons.
What about setting up a linux machine and connect X-terminals to it, thus providing multiple users with internet access, but they are on the same machine. Or a windows terminal server. Or ssh in and run applications that are forwarded over X. Or port forwarding.
And, windows 98/ME does this automatically if you have a windows LAN with one computer connected to the internet, doesnt it?
Huh?
Any thoughts on how packets coming from VMware sessions might be treated?
I'm curious how the packets might look form say 4 virtual machines running on the same host hardware.
my
As everybody else is wondering: how do they plan to ferret out NAT users? Go to everyone's home and count the number of computers? ComCast used to be such a nice service, it's a shame what they're doing to it. Lets count the ways they've made the service worse recently:
Still, even with all of these indiscresions, I'm inclined not to believe this story as is. There doesn't appear to be much actual evidence (has anyone been flagged for having a NAT yet?) to support the claims. Also, did the co-worker quit because the job is nigh-impossible? My hoax sense is tingling...
I read the internet for the articles.
I don't know. But let me take a crack at guessing the methods which an ISP would use to detect NAT.
i've probably dropped a few details here, so feel free to flame me with corrections. that aside, i can see a new open source project brewing: Stealth NAT. A NAT implementation that will rewrite TCP sequence numbers and randomize anything else that would give the impression that multiple machines were in use.
they'll probably start by O/S fingerprinting the NAT enabled hardware gateways you can get at buy.com for $150.
One of french cable ISP using this method :
on their webpage that can only be accessed when you'r on their network ( a this webpage providing usefull information like your month quota ), there's a client script that send back your browser IP. That's it : if your ip is typical from a home subnet, you'r using NAT.
It could be that the purpose of your life is only to serve as a warning to others.
You'll find more about my experience with Comcast broadband services on my company's web site, if you are interested.
-- Dave Aiello
You know, that might actually work...if the MAC address were stored in the IP packet.
Sheesh, I've seen MAC filtering mentioned 5 times already on this article. Maybe everyone should take a look at The anatomy of an IP packet.
I read the internet for the articles.
Consider this - a submission of the FoaF kind, no real evidence, but very much bound to bring an uproar among the /. regulars... The result - a pretty good list of things that can and cannot be done to accomplish the alledged NAT detection.
In other words, we are doing Comcast's R&D for them...
That would be a distinctly stupid thing to do. So, anyone who has a laptop computer and an 802.11b access point that NATs is automatically some kind of AUP-violating scofflaw? I guess those millions of Apple AirPorts already deployed don't matter to them?
Last I looked, Windows comes with "Internet Connection Sharing" and a control panel to turn it on with one button click. Linux requires daunting knowledge of IP networking and the iptables tools.
This whoel subject is completely stupid. What if I have roommates who all use one computer via serial terminals? NCD terminals? That isn't NAT because I only have one host, but dozens of people can use those services via getty or X11. So WTF is the difference?
I have a lot of sympathy for the ISP (hell, I am one, about to go under...). The problem is that the industry still hasn't figured out how to charge its users in a fair way AND make a buck. Is it REALLY fair to charge a flat fee, which means divide total cost usage by total users and then charge that to each user (plus a markup -don't forget that this is NOT a charity, but a business-)? If so, then what happens is that those that hardly use it are heavily subsidizing the big users.
If there are no limits, what stops you from getting yourself a cable/DSL access and then wiring up your whole neighbourhood through you? Hand them out instructions on how to create a hotmail-type email, and off you go. For those that say "sure, but then you are lowering the experience of each one", they should actually look at average usage, and you would see that up to around 50 users or so, you are unlikely to step on each others toes except under exceptional circumstances (not more than 4 or 5 are likely to be on at the same time, and of them, they are statistically going to have more unused b/w during their usage than used).
Unfortunately, during the dot-com boom pricing and billing of ISP service went nuts (along with the rest of the industry), and we still have to recover from this idea that b/w should be somehow GIVEN by the ISP at no charge to EVERYONE. Sure, I love universal service as everyone else, but the big question that we should all be asking ourselves: "for internet service, WHO should pay?" Please note, that links, routers, equipment, staff, electricity, etc... are NOT free.
If an ISP has unlimited access which it is calculating on the basis of an average SINGLE user with a SINGLE machine, and it states it clearly in its contract that you are paying for a single-user/single-machine, then anyone putting more than that on their link is in breach of their contract. They have calculated their prices based on their assumption. Of course you may think -and might even be right- that their prices are too high, but does that morally allow you to be in breach of contract? In the same way, we all feel that MS-whatever licenses are way too high, but are we morally allowed therefore to install each program on 10 machines (certainly not legally).
John.
My service was bought by Comcast so I am now one of their subscirbers. First the sent a letter with a broken CD that said run the CD by the end of the year of lose internet access. I got this in the mail as I was leaving for Christmas vacation and wasn't going to be back until January. No explaination of what was on the CD or the settings that need to be changed for email and whatever else. I also recieved a new email address that I will never remember. And when I got back, I got a letter informing me that due to all the new services (I'm not sure what those are) my rates are going up!
And now this? If they call me about my router (unless the kittens are surfing while I'm at work, I'm the only one that uses the access), I need to find another provider. Anybody have any recommendatiosn for a provider in the Detroit area?
(ring ring ring)
a)Hello?
b)We're with Comcast. We found that you are using multiple computer over your connection via NAT. Comcast is fining you for TOS violation and your new rate is now $150/mo
c) But i'm not
d) We have blah blah blah proof that you are
e) No, I just run virtual machines on my one system. It the same computer, just running different operating systems at the same time. I was running my completely-approved MacOS with Virtual-PC open to Win98 which was running VMWare with Linux as a kind of side project to see how running a virtual machine in an emulator affects performance.
f) oh
(click)
They can't differentiate if you have multiple machines or one machine with multiple OS's unless you NAT a LOT of machines....
just my thoughts, any feedback welcome
- Sig
The fool part about things like this is that no one ever tries to think logically about it. Every user that gets slapped by this is going to be one less client (if DSL is available) for them. The fewer clients they have, the less money they make to make up for badwidth costs. The less money they have, the more draconian they become. They should really think about tacking on an extra five dollars a month and start advertising that they ALLOW people to set up servers. As long as they have honest pricing and limit bandwidth accordingly, they won't eventually go under.
"Your superior intellect is no match for our puny weapons!"
Comcast Guy #1 We need to get computers off the network that are stealing our bandwidth!
Comcast Guy #2 Gee, guy 1, How are we gonna go about doing that?
Comcast Guy #3 Hmm. Ok, I have an idea Lets make up a story and post it to Slashdot, we'll tell them we are going to find them out,they are all evil bandwidth stealers, they will wonder how we are going to go about doing this, and in the process they will tell us EXACTLY what to do to find them out. Good thing for them or we'd have no clue whatsoever. Now we can spend more time making useless content that we can charge them money for
Don't Tread on Me
What if I only have one computer online at a time? I go to work every day, but my wife works from home. Sometimes she's online on her Mac, other times on her PC. When I come home, she's watching TV while I'm on my linux box. How is that a problem?
this is getting old and so are you
blog
Wonder what they'll say when they see Linux and Windows traffic coming from my ip at different times. Technically I'm only ever using one at a time, they can suck a bag of if they think I'm paying for two ip's when only one machine can be running at a time. And if they are going to start enforcing this, they can give me back my damn static ip. Guess I'll be switching to DSL soon too.
I'm the big fish in the big pond bitch.
One way around this is use a SOCKS & http proxies and have socks clients on all the computers. Granted it's a pain to set up and use but it's harder to detect:
..
1) The TCP sequence number thingy is not a problem because your connection terminates at your proxy and then the proxy makes a connection out. All seuquence numbers are that of the proxy.
2) TTL is not an issue; the TTL will be that of the proxy.
3) OS fingerprinting will not be a problem because the fingerprint will be that of the proxy.
The only issue that I see is is port #s -- there's somthing a little fishy about the number of high port numbers used and of course content-relted stuff -- if a Javascript reports your IP.
So thus your "stealth NAT" is just a SOCKS proxy. It's just a pain to set up. .
At what point do these ISPs stop being 'Internet Providers', and start becoming 'Web Page Providers'? As early as a year ago, an 'Internet Connection' meant that my computer could talk to any other computer that is also on an 'Internet Connection.' Nowadays, though, ISP's are playing games with blocking off what you can do with this connection. It seems like companies like ATTBI really only want to provide you the ability to do what Internet Explorer allows you to do. Anything beyond that and they try to nix it.
They don't want me doing P2P, they don't want me to play games, they don't want me to have more than one computer hooked up, and they don't want me going wireless. How much more can they block off before its no longer really an Internet Connection?
It seems to me that if they are going to behave this way, then they shouldn't be considered Internet Service Providers anymore. They're not! You can't call it an ISP if they're telling you you can't do the things that makes the Internet the Internet. I have two computers on the net at home. One I use just as an email terminal (very low bandwidth), and the other is where I go cruising the web and do IM etc. Until they tell me that I can only use so much bandwidth, they have no business telling me I can't use more than one computer. They advertise "unlimited bandwidth, 24-7", and then they play these silly games with me. It really makes me want to sue for false advertising.
"Derp de derp."
That's the new XP feature, didn't you know that's why they put those fake user accounts in? Obviously if you and another person can share Word, you have two coppies and must pay subscriptions accordingly.
These greedy cable folks are going to be surprised when all of their customers drop their service. I know a faster browsing experience of an ever more comercial suck web is not worth $50/month to me.
Cox is forcing DHCP. I've had a fixed IP from at home for three years. For a short time I had DSL, but that died when I moved. Last week I got a cardboard toolbox with a letter and a CD in it. It warned me that I had to apply the software soon, using the authorization code printed in the letter, or lose service. The CD, needless to say, contained M$ and Mac binaries. Their web site had instructions that said, esentially DHCP, with forced swapping every 4 hours. It also says that they are going to discontinue the old equipment soon and a friend tells me the date is feb 15th.
WTF? They advertise "always on" IP. That means that they must have a 1:1 IP to cable box ratio, right? The only reason they are going this way is to twart people who want to actually use their connection for more than web mail, viewing the great corporate advert, and have their boxes broken by haxors.
So what do you think I'm going to do? That's right, I'm bailing. At home was just the first of these companies to go under. "Normal" people are neither going to trade their TVs for their computers nor pay $100/month for "entertainment". The rest of us expect more for $50/month than giant casino adds. No, I don't have cable TV, just the box. When it's over, Cox will be paying to maintian a line to my house that gives them zero revenue. If all I can do with the cable is surf, I'll reduce my monthly blead by $30/month and find a nice little dialup to do the same thing. Like normal people then, my wife will quit visiting sites that push huge adverts, and those places will lose out too. Poof, goodbye greedheads, I hope you all lose your shirts.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
OpenBSD can actually already do this: it's called the modulate state directive to the pf packet filter. From what I can tell, it works under NAT and bridged filtering as well as straight routing-type filtering.
Basically, what modulate state does is rewrite TCP initial sequence numbers using the same cryptographically strong randomness OpenBSD uses for its own sequence numbers. For more information, check out the "STATE MODULATION" section in the pf.conf manpage.
I got pretty fired up when I read the introduction to this story. Before I got to the end, I had decided that I would switch to DSL if Comcast came-a-knocking, even though DSL is more expensive in my area.
However, I read the linked article and my Comcast agreement.
I doubt most people here have done either.
The effort is clearly aimed at people who are sharing their connections outside their homes. The article even has a diagram showing multiple homes. Take a look at this excerpt:
For example: Neighbor Bob buys cable modem service and a wireless home network. Neighbors Carol, Ted and Alice don't buy cable modem service, but they go out and buy antennas compatible with Neighbor Bob's wireless network. Everybody agrees to share Neighbor Bob's connection.
If you have a problem with trying to stop this type of activity, then you also probably think it would be OK to run phone line from your house to your neighbor's house, since you "pay for the bandwidth and can do whatever you wish with it." You would probably think it's OK to run Cat 5 or fiber all over your neighborhood too.
If Comcast tries to make me pay extra for having three networked computers, I'll be as angry as the next geek. But sheez, let's tone down the hype until that actually happens.
Evil is the money of root.
Note that this also lets your own computer impersonate an amiga :-)
MAC addresses don't stay the same across IP routing. When a gateway forwards a packet, the source MAC address is the address of the gateway's interface, and the destination address, if the destination host is not directly on that network, is the next gateway's MAC address.
...when you're writing a game...tweak the difficulty of "Easy" to something [your mother] can cope with. -- onion2k
You could do the same abuse with less elegant solutions than NAT. Simply running a simple Proxy server for your neighbors would provide them access. Only 1 machine is on the Internet, the rest aren't. Hell, if you are running MS's busted proxy, the rest don't even need TCP/IP, they could run IPX/SPX. (Lousy program, NEAT configuration options, I never want to go near it again...)...
Myself, I have a $90/month DSL connection. Why? If I need to get a VNC connection through the VPN to a work machine, I want the 384K uplink.
We have a NAT box with wireless, and technically, 4 computers there. I live with my fiancee. She web browses from her iBook, and I work from home on the weekends. We barely use the bandwidth.
However, I pay the premium so it is there when I need it.
Ban NAT and I lose Wireless. If that is the case, I drop DSL. I can't run Wires all over my apartment, so I use Wireless to send the signals around.
Find the abusers, by all means. However, leave those of us that don't abuse it alone.
Alex
I was going to submit this as an ask slashdot, but I said forget it.
When do I own a packet?
After I request it?
When the media it travels down is owned by me?
When it hits my computer and the TCP/IP stack does something with it?
When I sign my service agreement?
I guess comcast thinks they always own the packet.
For about the last year i've been sharing my network with my neighbors, we all own our houses, and have given each other "right of way" to run cat5 stapled to the fence into each others houses. What started out as a simple 1 wire connection has grown to over 24 pairs of copper (i.e. 6 lines)
Each neighbor prepays 6 months in advanced, 10 dollars a month. With this money i've managed to get the bandwidth up to 1.5down and 512up. Their kids can download on napster all day long and it still wont lag my gaming connection. Not only do I share an internet connection with them, but my fileserver as well. We have a central repository for music, a phpnuke based site for updates on the network status.
Our equipment is pretty nice too, everyone has intel pro100 management cards. Our main nat server used to be a linkcyst router, but it has evolved into a k62-300 running bbiagent. (nifty little firewall on disk, bbiagent.net)
So the question of when do I own the packet comes up again.
We don't have a classC subnet, we're all using nat on the 192.168.x.x range. I thought that range was set aside as a non routable "private" network. Private as in mine, err I should say our co-op. It doesn't belong nor resemble our providers network in any way shape or form. We maintain it, upgrade it, support it, ect.
It's really a pity that all these ISP exec's get paid so much money. That 10million a year spent for 1 CEO could buy a cheaper CEO for about 250k, and enough techs to upgrade the existing infrastructure.
Take for example, the DSL I use now. It runs on POTS telephone service, which has not seen any signifigant change since Alexander Bell said "hello" 100 years ago. Basically whenever you make a phone call, the line between you and the person on the other end is a complete circuit. The best analogy I can make is this would be like taking a trip from LA to Chicago, with all the freeways empty except for your car during the duration of your trip. It's a complete waste of resources.
Now imagine if this infrastructure was upgraded to packet switched networks. Bandwidth would become cheaper because circuits could be multiplexed, allowing many cars on the road at the same time.
With comcast, I would guess that %90 of their bandwidth on the wire is being sucked away by their old infrastructure (analogue video) You can see what a waste this is because you can only fit maybe 40 or so channels on the analogue wave, on the other hand, they have this newfangled digital cable, which uses just 1 or 2 channels of the original analogue, but because it is a packet based network, its better utilization of the bandwidth and they can fit 100-200 channels where they used to only be able to fit one.
On top of that, there is IPV6
This is really turning into a long rant.
I just don't see comcasts justification for eradicating NAT from their network.. If they want to control what kind of network I have at home, they can run the cable, and buy my hardware. Hunting down people that just want to share an internet connection is bullshit (pardon my french) and is just another way of deflecting from the REAL problem which is people are starting to wake up to the fact that what they have percieved for years as good internet service is not the truth. I think it's about time people stopped accepting what the providers try and shleff off as good service and start demanding that they upgrade their networks to handle the load, instead of taking it out on the customers that underwrite thier service.
I'm guessing that our friends at LinkSys, sensing the threat to their revenue from the sale of devices that allow people to screw ISPs, are going to simply add some features to their routers that prevent detection, and we have another round of escalation in the network arms race.
However, I think that eventually, flat-rate ISP pricing is going to go away, no matter how much people protest. We're addicted like crack-whores now.
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
I've had a cable modem since 1998 back when I don't think anyone had heard of "NAT" and wireless ethernet for the home didn't even exist. My roommates and I were one of the early customers of MediaOne, back before they merged with Road Runner and before they were bought by AT&T. We paid 40 bucks a month for our connection and, like most other cable services, our bandwidth was decent but it was shared with those who live in the same neighborhood as you. Now, between myself and my 2 roommates we had 10 computers between us.
There weren't any NAT boxes available, so we did it the old fashioned way - we used a 486 put together from spare parts running Linux with IP Masquerading installed. ("IP Masquerading" is what NAT was called back then.) All of our computers were hooked up to this box - and MediaOne only saw one computer on their network. Our setup worked well and we didn't feel like we were stealing - in fact we believed were helping relieve the growing shortage of IP addresses.
If cable and DSL providers want to restrict the number of computers connected to a single modem, they need to be more clear about what they are selling. Are they selling IP addresses? If so, I only want one IP address, thank you. Are they selling bandwidth? Well, if they are, give me a monthly bandwidth cap because despite the fact we have nearly a dozen computers we didn't use anywhere near as much bandwidth as the kid next door with one computer who downloaded pr0n 24-hours a day.
And finally, if they are charging for just having the connection itself then don't complain about how many computers are connected. Does the phone company care how many phones are connected to a single line? You may argue that a single phone line will only let you have one call going at one time. Well, the same is true of cable and DSL services. Anyway you look at it, there is only one packet being transmitted through the DSL or cable modem at any given time. This is very different from stealing cable television where you can watch multiple channels at the same time on different TVs.
Given all of this, the only thing that the cable and DSL providers can do is limit the bandwidth on a connection. If they did that then "Bob" wouldn't be as willing to share his bandwidth with his neighbors because it would either mean additional fees or slower access for himself. He should have the right to "timeshare" his connection anyway he wants. Just like if I were let my neighbors watch my cable TV while I'm not home or if I deleted my copy of Quake and lent the CD to a friend.
Besides, even if something like CAT is implemented, clever Linux users will still be able to customize their own little firewall/router to bypass this and this "problem" will still exist.
Ok, I'll bite. How does the number of computers "screw" the ISP. They don't need any additional IP resources/addresses (assuming your home LAN is set up as a private network) and I can just as easily use the maximum bandwidth with one computer as I can with 10.
I can see charging per MB or GB transferred, but I can't agree that those running a home network behind a Linksys (or similar) cable modem hub/router are somehow screwing the ISP.
-S
--- What parts of "shall make no law", "shall not be infringed", and "shall not be violated" don't you understand?
I don't see anyone else saying this: I think we shuold all say a big THANK YOU and WELL DONE to the friend who resigned his job over this - especially in today's economic climate. This sort of courage, to put one's own neck on the line over a principle, is sadly lacking amongst most of us. Well done, and best of luck finding another job with an more ethical employer.
"None are more hopelessly enslaved than those who falsely believe they are free." -- Goethe
but they will never catch a single family dwelling doing it. the ONLY way to detect it is to watch bandwidth and look for 60-70 connections coming out of that cablemodem
Sorry, but this is 100% wrong. My brother-in-law was running NAT on a Linux firewall at home with a few PC's behind it and MediaGeneral shut him down. How? They snooped the User-Agent in the HTTP headers. It gives away quite a lot of information. They basically called him up one day and said, "Hi, we see you're running 2 Linux boxes and a Windows box behind a NAT. This is against our TOS so either a) pay us more money, b) shut them down or c) we will disconnect your service.
There are only a few ways around this and they all involve running a proxy server that can generate fake headers (like squid).
Since there are also other ways of detecting NAT with multiple sources (many enumerated above), I suggest you also take other precautions. Harden your firewall. Drop ALL inbound traffic (UDP and TCP) unless it can be correllated (stateful firewalling). Learn more about your IP stack.
And when they come for you, either lie with a real convincing story or pony up the $6.95/mo.
I have a friend who uses a router with comcast. This concerned him enough to call them (in hopes of making a rightous big-stink!). They said there is NO problem with someone using a router (and using multiple computers). The only (no so) negative thing the tech said was "we offer multiple IP's; if you don't want to buy a router". This went down in SE PA.
The cable companies are trying to achieve the same benefits that OS software companies enjoy. Just like you can't install one copy of Windows on multiple computers (legally anyways), the cable companies don't want you using more than one computer on the network at the same time. Does it increase the amount of bandwidth? Unlikely. Websurfing and gaming uses such a miniscule amount of bandwidth that even additional computers don't significantly add to the load, and any warez junkie will far outweigh the load that a multi-user network adds.
The point is, they want to be able to charge extra for multiple computers. Of COURSE there are technical ways to get around this, but those don't provide the cable company with extra revenue.
You say it doesn't cost the cable company any extra for you to host multiple computers on a single connection. This is true. Its also true that installing one copy of Windows onto more than one computer doesn't cost Microsoft more. But it deprives them of revenue they would have if you were legal. The cable company sees this the same way.
If its in the user agreement, and you signed on knowing this, you have nobody to blame but yourself. And cable companies are in a better position than Microsoft in this regard. Chances are, you probably signed an actual contract, not some EULA that you blindly clicked through without reading. You don't have to use them. Use a competitor. Vote with your wallet.
And now, you're going to tell me there ARE no other options. They're the only broadband provider in your area. Well, guess what. There are places that don't even have ONE broadband option. You at least HAVE a choice. Accept it, start an alternative service on your own, move somewhere there are more (or better) options, or keep cheating and hope you don't get away with it.
Personally, I don't get into this argument. The service I have allows me 16 static ip's and allows me to resell the bandwidth if I want. But I also pay for it, probably a lot more than you're paying. I could probably get away with far less, but I actually prefer the idea of having a service that I know is unrestricted. If you buy a service that comes with restrictions, you better make sure you can live with those restictions before you sign your name and start paying for it.
-Restil
Play with my webcams and lights here
While I don't work on the phones (my job is to keep the client machines that tech support personnel use for logging calls running) I do end up listening to quite a few calls in that account. In fact I was listening to call today, where a gentleman was trying to get his Linksys four-port NAT-enabled router working with Comcast's service. Not only did the tech not mention anything about not supporting NAT, but the tech support agent helped him set up the router, made it work with one machine, waited while this gentleman went to his other machine, and helped him ensure that his tcp/ip settings were correct. He was using the 192.168 network locally.
Hmmm maybe we're just slow to get the news?
Lousy facepalm.
They say you can use multiple computers *if* you pay them money for extra IP addresses.
Gosh, this is somewhat offtopic, but your post reminded me of a fortune 500 client I once dealt with. The MIS director (who had a remarkable resemblence to Dilbert's PHB) was bragging about how his company had purchased an ENTIRE CLASS A address block for only $15,000 from a consultant.
Not a bad deal at all, until I saw the network numbers... 10.0.0.0
The $15K was probably a fair consulting price for "introduction to RFC-1918".
*scoove*
All the fees for my telephone service and /27 routed to me with proper DNS,
my DSL connection cost me somewhere in the ballpark
of $2400.00 per year. For that amount, I get
two phone lines, a fairly decent voicemail package
plus all the add-on services that Qwest sells
(caller-id and so forth), a 1.5/1.5 Mbit ADSL
connection, a
a Cisco 678, webspace, mail addresses, nntp access,
yadda yadda, from a clueful ISP that provides
connectivity and not bullshit.
People keep going on and on and on about how MSN
this and AOL/TW that and now Comcast the other thing.
In my WAY NOT humble opinion, when you go for the
cheap option, you're going to get treated like a
commodity consumer, NOT like a customer. If you
are unfortunate enough to live in an area which is
not well-served by competing broadband providers, well,
you have my sympathies. There are downsides to the
area where I live as well. But if you do have a choice,
and you've gone with the lowest priced option when
better though more expensive alternatives are available,
you should stop complaining, and take responsibility
for the consequences of your decisions.
-fb Everything not expressly forbidden is now mandatory.
Ok, new list with some other points:
I've been a Comcast customer for some time and have had relatively no problems with them to date. I am a little concened that since my IP changed on the 22nd (our area's cutover) I'm unable to ping it from work. Something to do tonight I guess.
I'm against picketing, but I don't know how to show it.
They must have done some kind of analysis where they estimate the cost of customers walking away vs. the enhanced revenue from additional fees. Given the robust sales of NAT devices, I think their analysis is way off. Then again, maybe this whole thing is a "troll for data" operation where you broadcast your intentions to see how much resistance there really is.
I remember the old days when @Home assigned one static IP per household, with no provision whatsoever for additional addresses. The tech. staff would say "There is a way to connect multiple computers, but we don't support it.", meaning "Set up Linux IP Masquerade -- we don't care, just don't ask us to fix it."
Of course the real problem with NAT is the 802.11b Wifi dilemma. In an apartement scenario, a single broadband subscriber can share with many neighbors, especially if they are light users (the kind the ISPs covet the most). I guess Comcast has figured this out and views it as a doomsday scenario.
The proper way to kill the anti-NAT practices is to see which ISP takes the lead and then boycott them into bankruptcy. After all, the service is not very useful without NAT, so walking away is not just the morally correct thing to do, it's almost a necessity anyway.
I repeat: this is RUMOUR. Why is it on Slashdot? This is not responsible journalism.
But, since everyone else seems to be hopping on the bandwagon taking this as fact I'll chime in anyways.
The solution is to play it smart and don't ever ever tell tech support you're using more then one computer. If they accuse you of using more then one, deny it. They're going to have fun proving that one.
Adelphia Powerlink flipped their freaking lid when the guy was trying to troubleshoot my connection by pinging it and I told him I'd gotten his ping.
"How do you know that? It's coming up as host unreachable here."
"Yeah I know I'm running a firewall on my machine."
"What?! You're not allowed to use a firewall on our network!"
"Uhm, why not? Oh maybe I should turn it off so all these people trying to DoS me can mess up your network a little more?"
So remember, when calling tech support:
1) You are using 1 computer.
2) You are using Windows.
3) Never mention the words: firewall, router, linux, server. They are verboten.
Always "follow" their absurd troubleshooting suggestions no matter how stupid they sound. Hey.. sometimes they do work, but otherwise just take what they tell you and translate the steps into your OS of choice. Or if you already tried it give them the answer they're looking for.