|
Posted by Bill M. on February 21, 2008, 7:36 pm
If you were Registered and logged in, you could reply and use other advanced thread options
wrote:
>Hello All,
>
>I have a few questions regarding subscriber authentication and
>identification in cable Internet systems (or ISPs in general) that I'd
>appreciate some input on:
I'll take a stab, partly because I hope someone will correct me where
I'm wrong.
>1) It is my understanding that a cable modem is basically a layer-2
>bridge, so all the user traffic goes directly through to the CMTS. In
>this case, how does the cable service provider implement the 1 IP
>address per subscriber limitation? In other words, how is the
>subscriber prevented from simply connecting a switch to the cable
>modem and obtaining multiple IP addresses for his equipment via DHCP?
>Only the first IP address can be obtained in this manner - no more.
The cable modem knows how many IP's it's allowed to request on your
behalf via it's config file, and it learns the MAC address of the
first device that it talks to after powering up. If you're allowed X,
and you request X+1, the last request is ignored.
>2) How does the service provider prevent a user from manually entering
>a static IP address in the network configuration, potentially causing
>conflicts with another user who has the same IP? In other words, how
>does the provider ensure that the IP address given to a subscriber via
>DHCP is the only IP address that the subscriber can use?
My information is dated here, but as recently as 2001 I knew of a
teenager (who would later become my step-son) who would manually
assign public IP addresses to 3-4 of his friends when they'd bring
their PC's over for a LAN party. He was in a single-PC household with
the PC directly connected to the CM (via a hub), so he would look at
his own IP and just make up as many additional IP's as he needed by
incrementing the last octet. If anyone had trouble connecting to the
'net, he would try another number until he found one that worked. My
assumption is that 'trouble connecting' meant an IP collision with a
legitimate user of that IP. When I discovered what they were doing, I
added a router to the mix. Who knows how many people they
inconvenienced by making up their own 24.x.x.x IP's.
>DSL service providers often use PPPoE, which takes care of both (1)
>and (2) above, but cable providers do not, so they must have some
>other way of doing it.
>
>3) Given that a user's IP address can change (assuming dynamic
>addressing via DHCP), and that his MAC address can also change (for
>example, if he plugs another PC into the cable modem), how does the
>service provider identify individual users for billing, bandwidth
>usage reporting, etc.?
The cable modem's MAC never changes and is provisioned to a specific
user account, so my guess is that the CM MAC plays a role here. At the
same time, the ISP knows who had a specific IP address at a specific
time, so one way or another it should be pretty simple to identify
individual users for billing, etc.
>4) Is bandwidth limiting (i.e., ensuring that a user only gets the
>bandwidth package that he paid for) typically implemented at the
>network's edge by the cable modem, or centrally within the service
>provider's network (via a bandwidth management appliance?)
I believe the CM's config file contains the bandwidth parameter, so
the CM is the traffic cop.
--
Bill
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map