Interesting People mailing list archives
IP: CableLabs trying stop NAT and "unpaid" multiple IP addresses
From: David Farber <dave () farber net>
Date: Tue, 27 Nov 2001 19:32:57 -0500
Sender: rberger () imap ultradevices com Date: Tue, 27 Nov 2001 15:11:54 -0800 From: "Robert J. Berger" <rberger () ultradevices com> The CAT and the NAT The woes of wireless hubs By Leslie Ellis, Technology Analyst http://www.cedmagazine.com/ced/2001/1101/11d.htmThe good news is, the dishonest people who know how to do it are already doing it, butthey?re a slender fraction of today?s installed cable modem base. The bad news is, there?s nothing you can do about it. At least, not anytime soon. Such is the case with some wireless home networking hubs, which use a form of over-the-counter routing known as ?network address translation,? or NAT. Just as, to some, ?take one? always means ?take three,? and ?contribution appreciated? always means ?free,? so can the bandwidth of a legal cable modem subscription become wirelessly shared among neighbors. It can be shared omnidirectionally, as it turns out, for about 300 feet-the range of wireless hubs based on the 802.11b home networking specification. This probably doesn?t come as a big surprise to CED?s readers. The NAT conundrum is reminiscent of the early days of pay television-when descrambler boxes presumed for use on additional TVs within a subscribing household mysteriously found their way into someone else?s house- someone who wasn?t paying for HBO or Showtime or a similar premium service. What?s different between the two types of thievery, technologists say, is that descrambler boxes of yore, and particularly those sold for additional outlets, could be (and were, once the debauchery was discovered) provided at an additional, and undiscounted, rental fee. But NAT, because it is invisible to the cable modem, can theoretically continue its stealth stride into cable networks, undetected. The only remedy-at least until CableLabs? ?CableHome? effort releases its antidote, known as Cable Address Translator, or CAT-is to trust in humanity?s application of right and wrong: ??Tis a sin, to steal a pin, as we, all of us, used to be informed in the nursery,? as the 1875 proverb goes. Or, in this case, ?tis a sin, to steal bandwidth, as we, all of us, learned in the workplace. What?s the value of the stolen goods? Revenues associated with additional IP addresses, for one. Let?s say one in 10 of the 5 million U.S. cable modem subscribers are usurping IP addresses without paying the $4.95 per month fee that?s typically charged (beyond a pre-specified limit, which varies MSO to MSO.) Right off that bat, that?s just shy of $30 million lost, annually. Under NAT?s hat Network address translation started out innocently enough. Back in 1993, the World Wide Web consisted of just a handful of graphically-oriented destinations-what we now call ?Web sites?-and a group of data-minded, engineering members of the Internet Engineering Task Force got worried. There was no question that the Internet, and its TCP/IP-based underpinnings, would get big, the engineers mused. And when it did, how on earth would the distribution of zillions of Internet Protocol (IP) addresses be managed, let alone scaled? At its inception, NAT was viewed as a way to ward off a looming shortage of IP addresses. The only answer, the engineers decided, was some form of hierarchical distribution, handled transparently at drop-off points. Something that could partition IP addresses for multiple, simultaneous use by devices ?lower? in the hierarchy. The drop-off point, though, was imagined more as a standard LAN than a home network. NAT was also meant to simplify matters. Specifically, it was intended to simplify small business networks, so that the technologically-challenged small business owner could install and run IP address-sharing on a run-of-the-mill local area network, without having to go to night school to acquire a data communications doctorate. Who knew? At the time, eight or so years ago, no one had fully imagined that regular, everyday consumers would someday own multiple PCs, and would want a way to hook them together. Nor had anyone fully imagined that a cable or DSL modem could be hooked into a residential network, and its IP address resource shared. (The Internet, mostly a bulletin board at the time, topped out at 9600 baud back then.) And certainly, no one had fully imagined that the resources shared by a single, wirelessly-networked residence would also be shared among other devices, at other residences, within 300 feet. What happened is the inverse of the old Ivory soap story: Upon going to lunch one day, somebody forgot to turn off the mixer. An ordinary accident. The result was soap that floated: A good, marketable, accidental discovery. NAT turns out to accidentally be a bad, unmarketable discovery. Its intentions were good; but one portion of its reality is clearly not so good. Reality, right now, is walking into a computer store and buying a $100-ish wireless home networking hub, with built-in NAT. These days, NAT is a feature differentiator for home networking hub vendors. Suppliers describe the benefits of NAT in terms of modifying IP and transport headers to provide transparent routing to end hosts, which are trying to communicate from disparate address realms. That means the NAT-based home networking hubs can create secret domains, behind and invisible to the cable or DSL modem. The IP address intended for the cable modem is partitioned into re-usable addresses, transparently, through software routing mechanisms. The result is a sort of private, sub-network running datagrams to and from invisible end devices (the PCs in neighboring homes). How it works A home-networking hub is a fairly unglamorous, rectangular box with lights on the front that correspond to what?s connected. On the back there are eight or so receptacles for telephone wires, or thicker ?category-5? wires, for the items being linked-laptops, PCs, printers, the cable or DSL modem. Ditto for wireless hubs, except they use an antenna to send and receive datagrams from other antennas; those antennas are attached to the things to be connected. Put simply, NAT works by securing an IP address via the cable modem and the IP-address server (the ?DHCP,? or Dynamic Host Control Protocol server). NAT software resident inside the wireless hub handles the parsing of the IP address, as well as back-and-forth conversations with all connected devices. Notably, not all home networking hubs include NAT; in general, less-expensive $50-ish hubs don?t have it. Tactically, it works like this: Anyone with a networkable computer, an 802.11b antenna and receiver, and approval from the master PC connected to a wireless hub, can sit, invisibly, ?behind? the NAT, and share the throughput of the cable modem attached ?ahead of? the NAT. For example: Neighbor Bob buys cable modem service and a wireless home network. Neighbors Carol, Ted and Alice don?t buy cable modem service, but they go out and buy antennas compatible with Neighbor Bob?s wireless network. Everybody agrees to share Neighbor Bob?s connection. So what if it?s not quite as zippy? It?s free. Neighbor Bob?s cable modem, and Neighbor Bob?s broadband service provider, never know its throughput is being shared. They, sadly, can?t see a thing past the NAT. NAT also raises issues for forthcoming cable-delivered home-networking services. A crucial part of the success or failure of broadband home networks will be the set-up and ongoing care processes used to link PCs and consumer-electronics gear. With NAT-based hubs, cable providers won?t be able to see into all connected devices-making remote troubleshooting difficult-because, again, the NAT is speaking for all connected devices. It?s the data communications equivalent of, ?You wanna talk to her, you go through me?-except you don?t even know she?s there to talk. Cable?s CAT in the Hat MSO technologists involved with home networking are already sorely aware of NAT?s blemishes. In addition to what?s already been noted, technologists grumble that NAT hubs vary in operation from one supplier to the next, making uniform maintenance a nightmare. Gladly, there?s a remedy in the works. It?s coming from CableHome, the CableLabs project specifically focused on specifications for cable home networks. Mercifully, MSO and CableLabs technologists involved in the project are hard at work on a cable-friendly form of IP-address distribution to connected devices. They?re unofficially calling it ?CAT,? for ?Cable Address Translator.? In future CableHome-based networks, CAT software could go one step further, essentially saying, ?Pardon, NAT, but what?s that behind you?? Or, CAT could replace NAT altogether, at least in equipment hand-picked by MSOs for home-network service packages. At the very least, cable MSOs involved in CableHome want a counting mechanism, with parameters set by them, that specifies a maximum number of connected devices. Until then, all indicators point to DOCSIS 1.1, which includes methods to monitor bandwidth consumption (how much is used per customer) and speed (who?s bursting at what rates). Unquestionably, the ability to ?see? connected devices makes troubleshooting and customer care somewhat easier. It will also put some enforceability into what, today, is an unintentional honor system, in terms of IP address and resultant bandwidth sharing. Perhaps Theodore Geisel, Dr. Seuss? inventor, had the best advice, albeit not from The Cat in the Hat: ?You have brains in your head. You have feet in your shoes. You can steer yourself any direction you choose.? E-mail: Ellis299 () aol com -- Robert J. Berger - UltraDevices, Inc. 257 Castro Street, Suite 223 Mt. View CA. 94041 Voice: 650-237-0334 VoiceMail: 408-882-4755 Fax: 408-490-2868 Email: rberger () ultradevices com http://www.ultradevices.com
For archives see: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- IP: CableLabs trying stop NAT and "unpaid" multiple IP addresses David Farber (Nov 27)