Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Cable Modem [really responsible engineering]

  • From: Fletcher E Kittredge
  • Date: Tue Jun 26 11:25:38 2001

This discussion has moved to NANOG ( ).  Please
remember to trim your headers not to cross post to dhcp-server.

In fact, given the quality of your comments, why don't you just
respond to me privately and not waste people's time?

> > I think we are in violent agreement.  I don't like the
> > IP->MAC->Customer mapping, it is forgeable, but it is the only one I
> > know we have available.  I agree with you that it is not the only
> > possible mapping.  If you can point me to a better existing mechanism,
> > I would be greatful.
> Saying something is "forgeable" is assuming that it was supposed to be
> authentic in the first place.  MAC addresses and IP addresses weren't
> designed for that.

I never said they were.  However, given the design parameters, they
provide useful information which should not be discarded.

> > If a database was kept of client MACs, and this information was
> > required before access to service was made available, you then have a
> > network of known devices and have made a long step towards towards
> > assigning responsibility.
> And every user would have to know the mac address of every piece of
> equipment and divulge this to the ISP before they could have service?  And
> when they wanted to add a new computer, hook up a friend's laptop?  Buy a
> new NIC card?  Come on.  If my ISP did that to me, they'd be gone faster
> than lemonaid on a hot day.

Exactly.  You need to supply the MAC address to bring a computer on
line.  Why is the more onerous that supplying a username/password?

Other ISPs restrict the number of systems you can connect, the uses of
those systems (no servers, etc.), block certain ports, etc.  That
displeases me as it reduces the value of the network and breaks

> > > are not tied to hardware type or specific device:  IP address is much more
> > > useful for that, in my opinion, especially if additional information about
> > > physical connections (such as port and switch numbers) is available.
> I tend to agree because:
> The mac addresses of the computers in my house may change quite a bit, but
> my external IP addresses will remain the same (and have to, since only
> those IPs are being routed to me).

Do you have any actual experience with designing or operating such a
public access network?  If so, please explain how to get the "port and
switch number" for a user's PC on a cable network as I was unaware of
this functionality.

> > Please remember we are talking about large IP over Ethernet *public*
> > networks (cable, Etherloop DSL, wireless) which are used by a
> > completely heterogeneous population.  The operator must support the
> > connection of arbitrary devices.  Many of the customers have very
> > little knowledge of their configuration or networking.  The network
> > operator must support arbitrary devices and clueless customers.
> And such clueless users may have no idea what their MAC address is.  They
> also might have equipment that doesn't list it's MAC address readily.

...and the moon might be made of green cheese.

We haven't had a problem explaining  to users how to get their MAC

> > 3) ARIN has sent the strong message that they expect IP over E public
> >    network providers to use dynamic IP allocation in order to conserve
> >    IPv4 addresses.
> And the intelligent public has sent an equally strong message that dynamic
> IPs are not acceptible.  Most people I know with DSL or similar service
> make sure to use static IPs that are usable for server purposes.  Wether
> static or dynamic IPs are used, the same _number_ of IPs is required, we
> aren't talking about dial-up here where most of the users will be offline
> most of the time.

I disagree with all of the above.  Since it nothing more than your
opinion and anecdotal evidence, mere contradiction suffices.

> >    accurately tracked, or that customers be accurately charged for  
> >    their bandwidth usage.  In gathering these statistics, a MAC
> I am a bit confused here.  Most providers don't charge for bandwidth
> usage, they charge for bandwidth availability.  My ISP doesn't need to
> track the traffic from my MAC address to charge me $Xx.XX for xx mbps.

One needs this information in aggregate in order to model to
accurately set prices.  Otherwise, your company will go out of
business when you charge less for the service than the service cost
to provision, or you charge too much to compete with more accurate

Say, what happened to all those DSL providers that were here just a
minute ago?

[ we have been in business for over seven years, and are profitable...]

> > > Finally, I would not want to declare under oath that a MAC address
> > > absolutely and uniquely identified a client host:  it's just too easy to
> > > spoof.
> Again, why even say "spoof", that makes it sound like it's _supposed_ to
> be "authentic" or something.  I don't thin I am "spoofing" by changing my
> MAC address.  It wasn't supposed to identify me, and nobody ever said it
> was.  In fact I have changed the MAC addresses of all of my sparcstations
> (which are easily programmable in software!) to be sequential.

That was pretty stupid, wasn't it?  Ethernet MACs must be unique to be
to work.  Have you ever thought about what would happen if more than
one person on the same network as you chose the same Ethernet MACs?

Further, if you reprogram your MACs, and then you would not get
access until you registered them.  So your traffic still could be

> > Total and absolute agreement.  There is no question that it is easy
> > for a technical sophisticated customer to spoof a MAC address.  This
> > fact should always be kept in mind when analysing any information.
> Your forgot:
> 3.) An existing MAC address that isn't currently in use is "spoofed".  One
> only has to watch the network for a while and get a list of MACs visible
> on their net.  (this is especially easy typical on cablemodem
> networks).  Wait until one disappears for a while (computer turned
> off?).  Assume that MAC address.  You could even discover a pattern that a
> certain MAC address is only used from X:XX to X:XX on typical days.  (some
> users only turn on their PCs during certain times).

yawn.  I didn't forget; you can't read.  See the first part of my
statement.  Here it is again:

"Total and absolute agreement.  There is no question that it is easy
 for a technical sophisticated customer to spoof a MAC address.  This
 fact should always be kept in mind when analysing any information."

> -- noah silva

Noah, go away and don't come back until you have some real experience
and something interesting to say.  At least correspond with me

. o O (Now, where did I put that kill file?)

Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.