Cox Cable / Static IP / New Router
Michael Butash
michael at butash.net
Fri Aug 31 16:42:18 MST 2012
It's mostly that ARIN requires justification for ipv4 addresses now more
than ever. When cox, or anyone, asks for more ipv4 addresses, they want
literal records of utilization, unique ownership per customer (usually
something obfuscated, no pii), and must meet at least 90% utilization.
Probably worse now that there are literally no more to give.
When customers use more than one, there had better be a good reason.
Usually people need more than one because they never heard of a
router/firewall, and have hosts connected direct (insta-infection!).
I've run very large offices with interface nat/pat out a single ip, it's
not a problem usually, so long as your total session count is less than
64512 (65536-1024) at a time. Limit your torrent sessions locally if
you must use bt.
Customers will ask for a /24 just to say they have one, and as long as
providers got paid in the past, they would swip/rent them. That is no
longer the case, as sales of ipv4 addresses in large blocks fetch 10's
of millions of dollars now. IPv4 has run it's course, and is now a rare
commodity. There will be a point eventually cox will insist you take
and use ipv6, or pay for ipv4.
They won't dump you for it, they just won't allow you to by the cable
modem config push with cpe_host=1 allowing only a single mac. Much like
port security features in enterprise switching to limit mitm/arp attacks.
Old first-gen lan city cable modems circa 1998 prior to docsis were
great for sniffing your neighbors' traffic with arp injection, mac
spoofing, and probing their file shares, because they had no protection.
Docsis changed that, and these are features the networks use to
prevent abuse, including address waste.
-mb
On 08/31/2012 01:51 PM, Derek Trotter wrote:
> On 8/31/2012 12:21, Matt Graham wrote:
>> From: Derek Trotter <expat.arizonan at gmail.com>
>>> Since they [the ISP] already know what cable modem you're using,
>>> why do they also require a NIC [behind the cable modem] to be
>>> registered before it can be used?
>> IIRC, the original reason was money. The ISP would allow the
>> cablemodem to
>> transmit to 1 NIC with 1 MAC addr, and if you wanted additional
>> devices to be
>> able to talk to the cablemodem, you had to pay the ISP more. ISPs
>> didn't make
>> nearly as much money doing this as they thought they would, because
>> NAT/IP-Masqing are relatively easy to do.
>>
>> They may retain some language in their contracts/TOS/whatever that say
>> "You're
>> allowed to connect ONE DEVICE to this network". If they've got that
>> language,
>> they have a way to dump any customer they don't like who's ever used
>> more than
>> 1 network device at a time through their service.
> Thanks for clearing it up for me. I'm guessing if an isp had that one
> device rule in their contracts and used it to get rid of a customer,
> they'd be asking for a lawsuit. The customer could argue they're being
> unfairly singled out since most everyone has multiple devices behind a
> router.
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
More information about the PLUG-discuss
mailing list