Remotely Counting Machines Behind A NAT Box 618
Overtone writes "Steve Bellovin of AT&T Labs Research has published a paper showing how to remotely count the number of machines hiding behind a NAT box (in IMW 2002, the
Second Internet Measurement Workshop). Your friendly DSL or cable broadband provider could implement this technique to enforce their single-machine license clause. Bellovin explains how to change the NAT software to defeat the measurement scheme, but the fix is complicated and unlikely to appear in commercial home gateways anytime soon."
Silver Lining? (Score:5, Insightful)
Yeah, that pretty much sucks. There may be a silver lining, though. The more crap these ISP's pull to push their saavier customers away, the more demand there'll be for an uber geek-friendly ISP to come along. Maybe I'm too optimistic, but tell me it wouldn't be cool for a business to start up in order to cater to those of us that really like to play with networking. "Sure, go ahead and set up a wireless lan in your complex. We'll even let you pay to increase your bandwidth to accomodate all those users! Tell them that for $5 a month, they can each get a mail account or some other fairly interesting service."
hrmph. (Score:2, Insightful)
All those single-computer use clauses are evil anyway. A DSL line gives you X bandwidth, so X bandwidth is what you use, regardless of how many machines you multiplex it to. Arbitrary fees for extra machines behind the connection are just more ways to rape^H^H^H^Hmilk the customer.
Is my NAT router a single computer? Because... (Score:2, Insightful)
trying to crack down on reselling (Score:4, Insightful)
Contrast that with a high speed connection that can been shared with a bazillion users.
I'm guessing they are not as concerned with people who are running more than one machine at home - the precedent has been set already with telephone extensions, cable TV and satellite TV.
I know of at least one person that is sharing his connection with 5 houses on his block via 802.11, which is a fair chunk of high speed connections that could be sold, and more than likely these are the people they are trying to find.
My prediction - they will either give up once netgear, linksys et al. release rom patches to prevent this, or they will try start charging on a "by data" basis.
This is of course doomed to failure, because the only purpose for a high speed connection is for sharing [censored by the RIAA and MPAA] across the net, and any attempts to change their pricing to this model will be met by massive consumer outcry.
Re:what if they are chained? (Score:1, Insightful)
Re:Is this really a big deal? (Score:1, Insightful)
In the end, it's the end user who signs the contract. If they don't like it, they dont need to sign it. Don't you see any problems signing a contract with the INTENT of breaking it to save money? I don't see anything but a poor rationalization in your arguement suggesting that it's not *YOUR* fault that you NEED to break your contract -- it's the community -- or the draconian requirements (which you never needed to sign, by the way).
-jhon
Re:Silver Lining? (Score:3, Insightful)
I'm not sure about that, we also use less of their expensive tech support. And even if excessive bandwidth use is a problem, it's far more reasonable (and effective) to simply limit bandwidth than to dictate that home networks aren't allowed.
Re:Multiple Systems != Multiple Boxen (Score:2, Insightful)
Have you read your ISP's AUP (Acceptable Usage Policy)? Is there anything in there about them needing evidence?
I bet it's more to the effect of 'at our discretion', like the fudgy way they define how you use 'too much bandwidth' on your 'unlimited' connection.
Re:trying to crack down on reselling (Score:4, Insightful)
The always-on, low-latency nature isn't a selling point to you?
Rapid website access isn't a selling point?
I had the dubious pleasure of being re-acquainted with 56k access on a trip to my parents house, out in the sticks where they're just too far to get any broadband. I rapidly realized that I'm accustomed to -always- being online when my computer is on, and that websurfing is excruciatingly slow in comparison to broadband. No thanks!
Does not scale (Score:1, Insightful)
I fail to see how this can scale. Will a cable ISP with 10,000 customers really want to spend a year to check for compliance?
The article also states that Intranet traffic can also screw up the results. A simple background process that pings other machines on the network at random intervals should be enough to screw up the sampling mechanism.
Re:Maybe not home gateways... (Score:4, Insightful)
> turns out to be the behaviour required for
> correct functioning of NAT boxes - is
> described in Section IV.
As I understand it, if the NAT box does NOT rewrite the IPid, then there is a risk of IPid collision if two sources behind the NAT are sending to the same destination, and the packets fragment.
This means it is possible to demonstrate a bug in most home gateways - perhaps that way they may get a fix long before most major ISPs can implement this.
Meanwhile, they hint at another way to confuse the scanner. Since your ISP does not see intranet packets, have each machine generate lots of itty bitty packets (pings?) and just send them to the gateway. Have a background task do this - all those IPid increments will break up the patterns in IPid on the outside of the gateway. Since most home LANs have higher inside bandwidth than outside bandwidth, this shouldn't affect available bandwidth too much.
Well Of Course (Score:1, Insightful)
Yes, they hate giving us what we pay for.
1.5 down 128 up. I'm paying for it. I'm using it.
Tough titties if they promised something they can't deliver.
Like the RIAA... (Score:4, Insightful)
I say - let the games begin!
"the telephone model" (Score:5, Insightful)
Why would the telco suddenly be able to impose a different standard on data communications? Just because an AT&T engineer has proposed some (time consuming) method to do something doesn't mean it will be done. A similar attitude about POTS is what got mighty Ma Bell busted lo these many years ago...
Taking this one stumble father, I note that there is only one "computer" attached physically to the Bellsouth DSL line: a little cheap Linksys router, which having a processor & some flash ROM, qualifies as a "computer." Other computers do not connect directly to the DSL line, they connect to that router.
Any telco/ISP that "cracks down" on home networking this way is just plain stupid & needs to go back to the mandatory customer service training workshops! In fact, that's where our dear AT&T enginner needs to be this very afternoon. It's the corporate equivalent of Chinese water torture!
Re:Is this really a big deal? (Score:3, Insightful)
Actually, even by your example, his argument stands.
When you get your license you are entering a contract with the state, saying "I am aware that if I exceed the posted speed limit I could get fined or even have my license taken away." When you speed, you're aware of the penalties and do it anyways. When you use multiple computers and your ToS says you can only use one, if you get caught, tough shit.
Paying for the service and then misusing it is only telling them that it *is* in their best interests to leave things as they are, and that they can continue to stick it to you all they want. On the other hand, if they start losing business, perhaps they'll cut their restrictions to draw customers. It works for SpeakEasy -- they have a ton of loyal customers because of their very easy-going ToS.
Yes, monopolies are bad, but breaking the contract you agreed to doesn't make them alright, it just makes you both bad.
If the cable company calls... (Score:2, Insightful)
Re:Not where I'm from (Score:5, Insightful)
We don't conceal this fact, and customers who are not happy with this clause are, almost uniformly, the customers who would cost us money instead of being a source of income.
We are a small mom-and-pop ISP, and we get charged by the telco per kilobyte of traffic. If we charged everyone more to compensate for the bandwidth hogs, it would certainly be unfair to the low or moderate users, so we instead assign static IP's and charge per IP/computer. In other words, every computer attached to the Internet via our services must have a unique IP. We do make exceptions, but we still charge for one-IP but five-PC's connected/downloading from the Internet at the same rate as one-IP/one-PC.
The telcos keep our costs so high that we can't afford to do otherwise.
The customer's cost for five IPs versus one IP is a difference of $12.50, which is quite reasonable.
We let you run servers on your static IP connection, and will host your DNS for free. We aren't money grubbers, in other words. But we are a business which intends to stay solvent.
We do kick people off periodically, usually because they lied when they signed up, indicating that they would have one machine connected and actually had three or four, using IP masquerading. It isn't THAT hard to determine who the dishonest are, using the simple question: you are using twice (or three times) the bandwidth that an average customer would use connected with one PC 24/7. Do you have more than one system connected? If they say yes, we give them opportunity to pay at the increased rate. If they decline, we kick them off. If they answer no, we start investigating where our system might be reporting eroneous data. We don't assume that they are being deceitful. More people than not are telling the truth.
This is also largely why we disallow P2P file sharing applications. After an audit, we discovered that fewer than 5% of our customers were consuming the majority of our bandwidth. It was either raise prices for everyone, or disallow P2P file-sharing. We _do_ allow P2P file-sharing for customers who are sharing their own files; their own songs, etc., as those customers actually consume very little, if any, extra bandwidth.
Whoops. I appear to have gone off-topic. I think it was relevant, as it helps explain the realities why an ISP would need to enforce a single-machine license clause.
4th amendment violation? (Score:5, Insightful)
We should be allowed to have NAT for the same reason we are allowed to have phones, and if the provider has a problem with that, they need to take a hike. Sniffing for this is unquestionably in bad taste, and it is also a violation of my civil rights.
Re:4th amendment violation? (Score:3, Insightful)
Re:Not where I'm from (Score:5, Insightful)
Re:Not where I'm from (Score:5, Insightful)
I also operate an ISP, and we have a flat-rate T1. We don't care how many computers a customer has connected--we only care how much data is transferred, and we bill accordingly.
I would not use an ISP that placed restrictions on how many computers I could connect, mom-and-pop ISP or not. Life's too short. I live in a house with four computers, and they all get used a good portion of the evening. Why should I have to put up four antennas just so I can hook up four computers?
Better Idea (Score:4, Insightful)
Wouldn't use such a dinky ISP then (Score:4, Insightful)
And I don't like your phrase 'bandwith hogs' anyway. Either commit to a level of BW or an amount of data to transfer, or don't bitch about a subset of users using more than 'their share'. To me, it sounds like a fitness club owner complaining about some of the members who actually come in and use the equipment! The nerve! And they stay for hours too!
If you are charged per KB, then charge your users per KB. McDonalds doesn't charge customers on their cholesterol level, they charge customers on the food that they order. I just don't see how multiple computers are the root cause of your problems.
Re:Not where I'm from (Score:5, Insightful)
One machine could suck as much bandwidth as 10 machines doing next to nothing.
Also, the idea behind NAT is that it only uses one IP address.
Here at home, I have an army of computers (most junk). My cable modem hooks to a NAT/firewall (Linux). Behind that is my desktop. I also have a wireless access point so when I'm sitting outside in the hammock I can get on from there, or the wired bedroom or living room, or my wireless iPaq.
And regardless of how many machines I have, I am still capped at 512k for all of them. While it is true I could use all of them to saturate that 512k, I could easily do it with just one machine as well.
Sounds like you need to get some equipment that can do rate limiting and just sell bandwidth instead of hasseling customers.
Re: I'll use how ever much bandwidth I want. (Score:3, Insightful)
Your argument is that having multiple machines correlates strongly with high bandwidth usage. I am not going to debate this.
My problem starts when you try to say users shouldn't be using that much bandwidth. When you say that P2P burns bandwidth like popcorn, and you can't support those users.
Here's the thing: I pay for *unlimited* bandwidth. I should be able to saturate my 768/128 pipe 24/7 and no one should be able to complain. That's what my ISP advertised.
Now, if the ISP can't afford to provide unlimited (and they advertised that they would), then they should fix the advertising. Don't cap my bandwidth usage, I pay for unlimited.
I understand that you guys can't afford to allow unlimited access: stop advertising it, then.
Re:damn. (Score:2, Insightful)
I can buy someone having their downloads maxed out for short bursts of time; that's what broadband is for, after all. I can also understand having both ways maxed out during bursts of time for something like gaming, but a lot of people leave those p2p programs downloading constantly and uploading to whoever wants their files. -That- is what the ISPs should be cracking down on, not someone sharing their connection between two or three computers so the kids in the family don't have to fight over the internet connection.
isps will not go to metering.... (Score:2, Insightful)
It seems to me the trend for most telecom services is away from metered service to flat rate service (or practically flat rate - i.e. where the metered rate is so ridiculously low that maximum monthly metered usage is reasonable for those who truly use it). Interesting thing about internet connections - they are starting off as flat rate - and everyone predicts they'll go to metered service. The additional benefit of flat rate pricing is it's very easy and less costly to implement for the service provider and provides simplicity to the end user.
One may use the argument that voice connections monopolize the connection and thus it's not easily sharable - but I just argue that voice connections use longer and larger packets...the behavior is the same of any other data network - only one person can talk at any time....computers just do this faster to appear like there is simultaneous use.
So Why would there be any difference in the pricing models or their future trends? Even cell phones are rapidly approaching the point where "flat rate" usage is becoming the norm (how many people actually exceed the 1200 minutes (not including promotionall off peak) in most of the big companies $80 plans? and that price point is dropping monthly). As a matter of fact, most of the companies make money banking on the fact that the avg user uses far less than the allotted amount and thus their actual meter charge is very high. At critical masses, they gain the benefits of flat pricing (reduced cost in terms of monitoring and billing complexity) as well as taking advantage of user's tendancies to use less than they actualy _think_ they need (thus inflating the price and margin per minute). Ensure you baseline costs are covered, and everything else is gravy. Find a way to squeeze down idle capacity and voila - profitable business (hmmm....sounds like that's what supply chain mgmt is about, no?)
Anyways, I'll go against the grain and posit the following:
1) Flat rate pricing will continue to be the norm.
2) ISPs will eventually be talked out of the restrictions on the number of "computers" (esp as smart appliances come online - since consumers won't be likely to use those portions of the service if there's a charge per device).
3) They will find another way to make money - value added services for instance (the equivalents of caller id - but in the internet, security monitoring, unwanted spam blocking, etc).
Anyways - just some rambling thoughts from someone who can't figure out why isp's aren't making money hand over fist right now;)
AMEN (Score:3, Insightful)
I understand the need to make money-- you are a business after all. But don't charge based on how people use the bits after they get there (whether they all go to the same PC or get split up by a router)-- charge them based on how many bits they use. If they want extra IPs for $12, that's cool too. But don't enforce it on everyone. That's a massive waste of IP space.