Fwd: SlashDot: "Comcast Gunning for NAT Users"

David Charlap David.Charlap at marconi.com
Thu Jan 31 23:20:32 UTC 2002

"Eric A. Hall" wrote:
>   Comcast has a mail server, they could poke at the HELO banners
>   and other identifiers.

Won't work.  Mail clients (like Netscape) often announce a domain in
HELO that is derived from the From: address.  For instance, my copy at
home announces "HELO yahoo.com", because my return address is an

They do not generally announce raw IP addresses, so you're not going to
see any private address space.

>   HTTP proxies indicating that multiple browsers are in use,
>   especially if multiple platforms (Win95, WinXP, as simple test)

Also unreliable.  I regularly run two different browsers at a time on
one computer.  Sometimes three (Netscape, IE, Mozilla).  As for multiple
platforms, my home PC can boot into three different operating systems. 
Also, Mac users can run Virtual PC and run several different OS's at
once.  None of which are in violation of any ISP's TOS.

>   More than ~4 simultaneous TCP connections open at once.

I often have several dozen connections at once on a single computer. 
Like when I'm fetching RedHat updates from their FTP server.

Your rules would boot off 90% of the power users on the network, leaving
behind only the clueless idiots.  Maybe that's OK for you, but I think
that would greatly increase the tech-support costs per customer.

> None of those would be bothered by firewalls or other legitimate
> devices, and would probably all be within a legally-defensible
> purview of ~analysis.

And they would generate tons of false positives.

> The thing is that Comcast is trying to make money by selling
> ~consumer Internet access, and they have a perception problem with
> shared access (PacBell used to run great "bandwidth hog!" ads).
> They don't want people using more pipe than ~consumer access would
> normally imply.

That's what rate limiting is for.  If people are chewing up too much
bandwidth, then figure out what they are entitled to under their
contract, and rate-limit them to that amount when the network gets

The number of computers behind a single IP address has no relationship
whatsoever to the amount of bandwidth consumed at a given time.

-- David

More information about the NANOG mailing list