DSL Security Threat Companies that use DSL services running over SBC Communications' network may face security and other problems if the Bell company proceeds with a controversial provisioning scheme, competing ISPs and experts maintain. Internet Week has the story.
|
| PPPoE isn't as evil as these guys make out Wow, what a one-sided article. I'm amazed that they failed to point out that any "security" mechanism which relies, in full or even in part, on a fixed IP address is (IMHO) no security at all.
Static IPs are useful for a number of things but I would not include VPN/firewall security among them. A firewall should authenticate and encrypt using some other trustworthy means than a particular IP address. Sounds to me like someone is relying on rev-1.0 circa 1995 firewall code somewhere. Ugh.
Besides, VPN technologies are most useful for road warriors, who can't be expected to connect from the same location every time--for efficiency's sake, they should use a different IP from their work desktop, the LA Ramada Inn, the Charles de Gaulle airport lounge, or their home cable connection.
The main reason for resistance to PPPoE that I've seen is that the device drivers (in PCs and routers) fail to deliver an always-on connection. That's not the telco's fault but rather the software driver's fault.
The criticisms in this article about IP address hijacking and so forth can be applied doubly-so to DHCP-based implementations which a lot of ADSL and DOCSIS-cable vendors use. DHCP is much more horrible from a scalability standpoint than PPPoE.
PPPoE was designed to make Internet scale upward to the next order-of magnitude count of users (going from 10 million to 100 million, roughly). Obviously it will take newer/better protocols to scale up from that. But I keep seeing PPPoE getting knocked unfairly: without it, or some improved replacement, the Internet could not sustain the growth in users.
Circa 1994, everyone had a static IP. That simply doesn't scale. There had to be some method of assigning IP addresses at connect time. DHCP, plain PPP, and PPPoE are the only three methods widely deployed so far. Got a better approach?
[text was edited by author 2001-08-04 13:51:52] | |
|  |  Hayward K A R - 1 2 0 CPremium
join:2000-07-13
Key West, FL
kudos:1
| Re: PPPoE isn't as evil as these guys make out But the point SBC makes is they DON"T want you always connected....that is their goal to conserve IP's (Well their ATM circuits really)
That is the thier prime reason for the change, so it is in their interest to NOT have PPPoE to work well and stay connected or there is no point to it.
As to scaleability that is the point of IP6 when that comes there will be no shortage of IP's.
--
-Hayward
»haywardm.com (Hayward's Key West)
[text was edited by author 2001-08-04 16:53:30] | |
| | | |  61999674Gotta Do What Ya Gotta DoPremium
join:2000-09-02
Here
kudos:1
| ummm where have these guys been for the last year(or longer) ???
This goes to show the research these guys did for their article >>> most users of SBC (a-tech,bell) companies already have dynamic addressing (PPPoE)>> only those that buy the office service get a static line(5 addresses).For those users with a home(dynamic) connection, dynamic addressing is actually more secure due to the fact the address changes on each disconnect(usually), only those running a server/vpn on line have need of a static address.
Special software needed ??? another point that shows they did very little or no research >> they should have come to DSLR >> networking/a-tech forums, and we would have shown them how this is done without any extra software, and in the process increased security.
Or maybe I didn't read enough of the article and I am blowing hot air, in that case as Ms. Latella says "never mind"
--
God doesn't shoot Dice.
[text was edited by author 2001-08-04 17:15:43]
[text was edited by author 2001-08-04 17:21:50] | |
| |  KrKHeavy Artillery For The Little GuyPremium
join:2000-01-17
Tulsa, OK
 ·AT&T DSL Service
| The point really isn't about "conserving IP's" as much as it is about "future services". The RBOC's have their eyes on future "services" they can sell at a premium over your DSL line. With your PPPoE Log-in DSL, SBC can control more then just your internet logged in connection. They can actually run multiple services on the same line, and split up bandwidth functions. One of the more frequently talked about services are VoIP, or, "digital phone lines", but I've seen proposals ranging from special content, alarm/security service, pay-per-view events, video service, teleconferencing, etc.... the idea being you keep your internet service, probably at a 768/128 rate, and other spectrums on the line are used for other services. SBC is hoping to make Project Pronto pay off with premium services, not just basic DSL service.
One of the things ISP's are upset about is that the SBC contract will mean they *cannot* provide these services, only SBC. In effect SBC is saying "We're going to get all the cake, and you can have the crumbs we leave behind."
It's already LUDICROUS how much ISP's have to pay SBC just for the line. Most ISP's are making $10 or less a month, the rest all goes to SBC. | |
| | | | | Re: PPPoE is evil quote:
It's already LUDICROUS how much ISP's have to pay SBC just for the line. Most ISP's are making $10 or less a month, the rest all goes to SBC.
The line isn't free to run... do you think the CO's run on solar energy? Do you think the outside techs that provision the copper and fiber are volunteers? Do you think that the lines are donated material to SBC?
How much do you think a DSLAM costs for instance? Would you want to buy a network element of any kind at retail or even wholesale? These things aren't free, and they aren't cheap... Underground cables are monitored 24/7, when some moron digs in his front or backyard and cuts a cable, it isn't a volunteer that goes and splices it back together again, that costs money... Seeing that companies are out for profit, it's gonna cost money to get the line provisioned to you...
boogie74 | |
| | | | KrKHeavy Artillery For The Little GuyPremium
join:2000-01-17
Tulsa, OK Reviews:
·AT&T DSL Service
| Re: PPPoE is evil Who said anything about free? We're talking $480 a year just for the "Line"... and let's not forget the costs of the line are already subsidized by the telephone service the Telco offers on the line... and the costs of the infrastructure and people are the main ways the costs of telephone service gets set by regulators.
So, now you have DSL on the same line. In essence, a service now available on an existing infrastructure for new sources of revenue. Cool. To be profitable, it will of course have to cover the cost of DSL related maintenance, upgrades, and installs. Upgrades at the CO or RT's are installed, at quite a cost, to be sure... but then the money starts rolling in, and soon the upgrade cost has been paid for. $40 a month per customer? That's steep. It's the ISP that has to provide the bandwidth and the services, and they get less then a quarter of that.
I have no idea how much installing a DSLAM in a CO costs, but for the sake of argument let's say it costs $1,000,000 for a DSLAM with 2500 ports and let's assume that everyone who gets DSL gets their own port. When 2500 customers are reached, a 2nd $1,000,000 DSLAM is added and so on. (Anyone actually have any real idea how much a DSLAM is and how many ports you get?)
Ok, let's figure this out. 2500 people, paying $40 a month for the DSL line = $100,000 a month. In 10 months all the costs related to the DSLAM install are paid, but that DSLAM is going to go on running for years, making a big return on the investment, so it's not like the Telco is going broke. The ISP's have to provide the 2500 customers bandwidth, services and support, and they get $5-$10 (or less) a month, and they *are* going broke.
I don't think DSL lines should be free, hell no. But I think a figure closer to $20 a month per line for the RBOC would be more fair. | |
| | | | | | | Re: PPPoE is evil I notice you haven't mentioned what it costs to run the switch, monitor the lines, run maintainence on the lines, etc.
boogie74 | |
|
| |  ATTekGot Sand?Premium
join:2000-12-13
Bloomington, CA | said by KrK:
One of the things ISP's are upset about is that the SBC contract will mean they *cannot* provide these services, only SBC. In effect SBC is saying "We're going to get all the cake, and you can have the crumbs we leave behind."
It's already LUDICROUS how much ISP's have to pay SBC just for the line. Most ISP's are making $10 or less a month, the rest all goes to SBC.
So....what you're saying is: SBC is supposed to invest millions upon millions to install this equipment and then let then let the ISPs hijack the system. (Demand special card space in a limited footprint and use all the bandwidth they desire)? Ya, I agree it sucks for them that they don't have control over this equipment but get a clue....they're not paying for any of it. They make their $10.00/mo for what is in most cases just paperwork and a little questionable tech support. It's exactly this type of thinking that is causing SBC to consider freezing Pronto is some states because those state's PUC's are threatening to provide access to the remote terminals by the CLEC's. I have enough bugs and problems in the RT's now without some CLEC techs digging around in there.
--
What does THIS button do..... | |
| | | |  sporkmedrop the crantini and move it, sisterPremium,MVM
join:2000-07-01
Morristown, NJ
 ·Optimum Online
| Re: PPPoE is evil said by PacBellTek:
So....what you're saying is: SBC is supposed to invest millions upon millions to install this equipment and then let then let the ISPs hijack the system. (Demand special card space in a limited footprint and use all the bandwidth they desire)? Ya, I agree it sucks for them that they don't have control over this equipment but get a clue....they're not paying for any of it. They make their $10.00/mo for what is in most cases just paperwork and a little questionable tech support.
Questionable tech support? Please. The main thing that drives people away from ILEC DSL is the lack of support and the half hour wait to talk to a half-trained monkey reading a script.
So I guess you think IP transport, marketing, provisioning and Customer Support (the user CAN'T call the ILEC even when it's a line issue) are all free? Your argument shows quite a bit of ignorance about the cost of providing customers with timely and helpful support.
I also tend to believe that a DSLAM port will pay for itself in less than 2 years. We all know that in this economic climate it's difficult to justify expansion when it's not paid back in 3 months, but if anyone has the capital and vision to see that the equipment should eventually turn a profit, it should be the ILECs; they've been at that game for a long time now.
Not even a T1 line pays for the cost of the supporting equipment in one year...
DSLAMs are a sound investment, whether you sell directly or offload the more "intangible" costs to an ISP. Especially when you've got volume, which SBC/PacBell do.
And if the ILECs don't want to sell this crap through ISPs, why have we had no less than 6 visits in the past two years from our Verizon ISP liason practically begging us to sign up with their DSL program?
said by PacBellTek:
It's exactly this type of thinking that is causing SBC to consider freezing Pronto is some states because those state's PUC's are threatening to provide access to the remote terminals by the CLEC's. I have enough bugs and problems in the RT's now without some CLEC techs digging around in there.
Both your organization and the CLECs have some bad techs. I've had to send many a Verizon T1 install monkey home before he broke something. I'm sure you can find plenty of people in your own organization who have no business touching equipment they are paid to touch. | |
| | | | | |
| | | | said by KrK:
The point really isn't about "conserving IP's" as much as it is about "future services". The RBOC's have their eyes on future "services" they can sell at a premium over your DSL line.......One of the things ISP's are upset about is that the SBC contract will mean they *cannot* provide these services, only SBC.
Thank you for re-inforcing the point that this is about money, not security. SBC owns the network and management has the final say about PPPOE.ISP's are attempting via the courts and media to keep SBC from selling other products on the same lines. DSL allows internet and phone service through the same line, so two vendors sharing the line is not unusual. In a sense, SBC owns the road, and ISP's pay a toll, which limits their property rights. It defies reason to insist ISP's receive a percentage for pay TV, for instance. If internet revenue isn't enough to survive,they need to re-work the business plan.
--
Pupowski
"There are none so blind as those who will not see" | |
| | | | KrKHeavy Artillery For The Little GuyPremium
join:2000-01-17
Tulsa, OK Reviews:
·AT&T DSL Service
| Re: PPPoE is evil said by pupowski:
Thank you for re-inforcing the point that this is about money, not security. SBC owns the network and management has the final say about PPPOE.ISP's are attempting via the courts and media to keep SBC from selling other products on the same lines. DSL allows internet and phone service through the same line, so two vendors sharing the line is not unusual. In a sense, SBC owns the road, and ISP's pay a toll, which limits their property rights. It defies reason to insist ISP's receive a percentage for pay TV, for instance. If internet revenue isn't enough to survive,they need to re-work the business plan.
Talk about Bass-Ackwards. SBC is attempting to prevent the ISP's from selling value added services on the DSL lines, using they lawyers and the courts!
Let's use your "Road" analogy. Ok, you have a Road, and for a Toll, ISP's can use it. So, some ISP's decide they are going to pay their "toll" and drive Semi Trucks on the Road to haul Freight for the customers. SBC then says "No, only WE can drive Semi trucks on our roads. You guys are resigned to using bicycles over on the curb... and if you don't like it, we'll just cut you off from using the road altogether."
That's what's happening... and they're gonna win too. | |
| | | | | | | Re: PPPoE is evil said by KrK:
Talk about Bass-Ackwards. SBC is attempting to prevent the ISP's from selling value added services on the DSL lines, using they lawyers and the courts!
ISP's just want to survive, but this isn't the solution.SBC is accused of intending to violate antitrust laws by direct selling products to ISP clients. SBC doesn't even sell those products,nor do the ISP's,and the technology to deliver them is still uncertain. The broadband industry is in a depression because poor oversight and reckless business practices can overwhelm good technology. I want more competition too, but it won't come from the courts. RBOC's are experts in regulatory law and politics,and cases can take 10 years or more for final resolution, far too long to help foster competition.
--
Pupowski
"There are none so blind as those who will not see" | |
| | | | |
| duplicate >
[text was edited by author 2001-08-06 04:51:28] | |
|
|  belawrenceThey'll never let you in
join:2000-08-06
Santee, CA
 ·Vonage
| I wholeheartedly agree that dynamic IP is far more secure than a static IP, as I get way more firewall alerts since I got my static IP-sometimes up to 300 attempts in just a day versus maybe once every couple of weeks when I had a dynamic IP. My particular provider still uses a PPPoE environment(you log in and just get the same exact IP address). As for their(RBOC)server being able to drop your connection after a certain amount of time, that's not that big of a deal if you have something like a Linksys router, which will automatically log you back on as soon as the connection drops. I personally have only had a session drop maybe once every two months(my PC stays on)and it hasn't dropped once since getting a static IP about three months ago. | |
| | | | |  Re: PPPoE isn't as evil as these guys make out
| |
| | | |  guhunaR.I.P MikePremium
join:2001-03-31
Truckee, CA |  Re: PPPoE isn't as evil as these guys make out
| |
| | | | | ATTekGot Sand?Premium
join:2000-12-13
Bloomington, CA |  Re: PPPoE isn't as evil as these guys make out
said by guhuna:
Well you don't have to have a firewall unless your stupid, I mean are you stupid enough to open a trojan? some people are some people are not!!
There are ALOT more things to worry about besides trojans when considering a firewall. I think a better statement would be; "what do most of us have on our machines that anyone may want access to?" Probably not much. I have a firewall(in my router) but I doubt I need it all that much.
--
What does THIS button do..... | |
|
| | | Does this mean that my local DSL ISP (partner of PacBell) will force me to use dynamic IP Addressing? | |
| |  dru
join:2000-09-14
Corona, CA | While PPPoE isn't evil, most of the implementations by telco and other ISPs are evil, in my humble opinion! The public, for the most part, has accepted PPPoE for some of the reasons you state, but it still doesn't excuse them for selling "always on connections" when in fact it is NOT.
PPPoE doesn't offer the end user any advantages, but opens the door to abuse and non-delivery of what is promised to consumers. It adds a layer of overhead and opportunity for additional failure for dubious security advantages. Besides being an auto-provisioning system, it allows ISPs to not only pool IP addresses, but also pool bandwidth and router resources. If all DSL lines were truly an "always on" connection then there would be no economy or savings of IP addresses. However, knowing that at any time, a healthy percentage of customers are not home or not using the connection at any one time, they use PPPoE to oversell connections to their circuits and equipment similar to dialup POPS which have user to modem ratios. If your PPPoE connection is idle or exceeds a certain time length, you are disconnected. Of course, when all is working well, it takes just milliseconds to re-establish a new session and link. But the sudden change in IP address breaks a number of TCP connections and applications like FTP and Napster, dropping downloads in mid-stream. Worse yet, if the radius server or other back-end system is congested or down, or there are too many active sessions in the router, then you have a "DSL outage" that might last a few seconds to a few hours. Many of the "it goes down at blah blah" complaints you read here on DSLR are often due to this.
While hardware/software issues on customer computers can be solved by using a router or device that puts the PPPoE stack in hardware, I have been waiting for someone to file a complaint with the FTC on some of these large ISP claims of providing "an always on connection" when in fact, it really isn't. It provides that perception only because the on-demand connection is usually and hopefully set up in microseconds, rather than the 30-45 seconds of screeching with a modem.
And this is my objection, as an ISP, to PPPoE and Pac Bell's BCG. It isn't that technical issues like OS compatibility can't be worked out, it is that we're forced to sell and support something we don't believe is any benefit to the customer, makes us party to the deception that they have an "always on connection" and we will also have to take the heat for disconnections when Pac Bell or Verizon controls the PPPoE sessions and disconnect the tunnels to the ISP to display some cheesy banner ad or third party application. The contract clearly gives them the right to market to ISP customers at-will!
While much of the public seems to accept getting screwed and abused by their telco ISP, as well as large ISPs like AOL and others, it doesn't make it right! | |
| | | | | Re: PPPoE isn't evil, those who sell it often are Always on connections... As a consumer I would consider that to mean that I don't have go through the following:
I turn on my computer, listen to my computer dial-up to my ISP, get a busy signal, listen to it try again, get another busy signal, then finally after 4 or 5 tries it gets through...
After being online for 4 hours I get kicked off with a message from my ISP stating that I was idle for too long and to free up resources they disconnected me. I do the dial-up trial and error connection exercise again, then I finally get connected (after once again listening to a good mix of beeps, chirps and hums coming from my modem). As I am downloading the next version of MS Explorer with all the Plug In options, my kids decide to pick up the phone to make a phone call, effectively disconnecting me once again.
I spend more time "online" being offline than online.
Always on connections to most people (IMHO) would mean that I am instantly connected to the internet without having busy signals, constant disconnects, interference from other phone users (or things like call waiting beeps)- AND if I am using a router to connect to the PPPoE, I don't even know WHEN it is that I am disconnected IF EVER.
Most people aren't looking to define "always on connections" as NEVER EVER EVER EVER EVER and this means NEVER EVER getting disconnected from the network. If that were the case, then simply rebooting your computer would invalidate the claim of an "always on connection". There are options available to people looking for more secure network access- and those that are looking for better, more secure access AREN'T toying around with 768 Kbps ADSL access.
boogie74 | |
| | | | sporkmedrop the crantini and move it, sisterPremium,MVM
join:2000-07-01
Morristown, NJ Reviews:
·Optimum Online
| Re: PPPoE isn't evil, those who sell it often are said by boogie74:
Always on connections to most people (IMHO) would mean that I am instantly connected to the internet without having busy signals, constant disconnects, interference from other phone users (or things like call waiting beeps)
...or having to "log in".
It seems from the traffic on these forums that people have many of the same problems with oversubscribed PPPoE servers. You have the equivalent of a busy signal (no sessions available on the box), disconnects (oops, you were on too long, and when you logon no more IPs/sessions available), and interference from other users in the form of bandwidth contention (with a modem this would probably be more equivalent to a busy signal - if the lines are full, you're not getting through).
I could see people getting quite upset when the problems above happen, because it closely mirrors the dialup world they were promised to be carried away from.
Some of those problems can be solved by picking another ISP. Not all, but some... until everyone is forced through SBC's aggregation box. | |
| | | | | | | Re: PPPoE isn't evil, those who sell it often are It isn't all ISP's, only those that are affiliated with ASI. Those that are also CLEC's or that use a CLEC for loop and DSLAM provisioning aren't subject to SBC's contract.
SBC isn't running competitors out of business. Competitors are trying to grow too quickly. Also, look at what happens when a CLEC threatens Chapter 11... all its customers leave. Now lets find a way that we can explain how an ILEC caused another company's customers to switch providers when they are only changing companies due to an announcement of a possible Chapter 11...
It reminds me of how long distance companies tell people that they have to call their local company to stop the long distance carrier from sending a separate bill... blame a company that has NOTHING to do with the issue and you are doing bad business... next?? Bankruptcy... of course!
boogie74 | |
|
| |  JYoungG L 2814
join:2000-06-13
Sherman Oaks, CA | I went to this link a while back to read up on PPPoE:
»www.vicomsoft.com/knowledge/refe···PoE.html
Now how come no one mentions metering?
The thing that I find interesting about metering is that it allows the Provider to track the amount of time spent online. With this knowledge, the Provider has the capability to bill based on the amount of time spent online, reminiscent of the old days when the Source, Compuserve, and AOL billed by the hour on their dial ups.
A provider could introduce a tiered billing plan such as $29.95 for 100 hours, $39.95 for 250 hours, $49.95 for 500 hours, and $69.95 for unlimited hours. Of course, this doesn't go along with the concept of "always on" 
Note: I have no knowledge that SBC will do any of the above. It is sheer speculation on my part.
--
If you're wondering how he eats and breathes and other science facts, then repeat to yourself "it's just a show, I should really just relax" | |
| | | | dru
join:2000-09-14
Corona, CA | Re: PPPoE isn't evil, those who sell it often are I believe Qwest was one of the first who introduced PPPoE, and introduced a metered $19.95 DSL offering in their territories where they limited sessions and would disconnect clients after so many hours online.
Funny thing, it seems that other ILEC affiliated and large ISPs adopted this technology and model, but stopped disclosing the temporary nature of their supposed "always on" user log-in. | |
|
| dru
join:2000-09-14
Corona, CA | This article, and the arguments I read here are a good example of the old "it depends on the application" response. There is no clearly superior single answer to this question.
It should be pointed out that PPPoE is an encapsulation protocol. Despite overwhelming public assumption to the contrary, PPPoE also support static IP assignments. The fact that most PPPoE implementations rotate pooled IPs is by design on the part of the ISP, but not a part of the PPPoE spec.
Static IPs are appropriate for those who need them, and obviously can be more secure in conjunction with a VPN or firewall.
For those who don't need static or would never run a server, Dynamic is easier to configure and allows the ISP to upgrade their network (change IP blocks, add DNS servers, etc) transparently to the customers.
However, with regards to security, the benefits of Dynamic are often overstated. Many DHCP implementations repeatedly lease the same IP address, sometimes for months, and will only change if the ISP makes a network change or you change mac addresses with a new NIC, a router, or new computer. (The ip's are bound to specific mac addresses)
No, I don't have a better approach, but I have a problem with PPPoE being sold as an "always on connection" when in reality it is not. And this is the dilemma. You may be correct that PPPoE is needed to deal with the massive demand for broadband connections while we're still stuck with IPv4 shortages of IP addresses. But that is actually a myth in itself, we're not out of usable addresses, it is a management and jurisdiction issue. There simply are too many large corporations and large ISPs who are squatting and squandering full Class A and Class B assignments made years ago when it was believed that the supply was inexhaustible. Until this is corrected and solved, ISPs providing on-demand or part-time connections should not be advertising them as full-time connections. If the average consumer with a PPPoE really knew what he was getting, he'd probably be upset. | |
| | | | | Re: Static vs Dynamic vs PPPoE? Most of the class A assignments were traded in years ago. Corporate waste is likely greatest in the 128.x/16 through 170.x/16 address space, since few companies have been asked to give up their class B assignments.
That means perhaps 20% of the allocated space is sparsely used. I think about 40-50% of total space is as-yet unallocated.
Various kludges like NAT and dynamic IP assignments have stretched IPv4 well into the future.
There is as yet not much reason for a telco to cite address conservation as a reason for denying always-on service for those who want it.
All that said: it's prudent to avoid tying up big chunks of routable addresses for those who have signed up but are not currently using an IP address.
The alternative is premature exhaustion of the IPv4 address space. Little has been done toward deployment of IPv6 thus far, and the technical problems with IP addressing lie mainly in route table size rather than raw address space. IPv6 has thus far failed to address route table complexity, which will increase dramatically with the growth of mobile users.
Dynamic IP assignment is vital to the success of mobile IP. | |
|
| | | Quote of a bad businessman... (or businesswoman):
"I buy the widgets at $50 per widget and then sell them for $49.95. Of course I make up the difference in the volume of widgets I sell"
Lets use math here... tiny if not non-existant profits DON'T add up in volume. It still spells "playing even with the house" if not "at a total loss"
Lets start to realize the flaw in the "logic" of "sell lots of stuff at little or no profit and make it up in volume"
We can then stop making comments like:
quote:
DSLAMs are a sound investment, whether you sell directly or offload the more "intangible" costs to an ISP. Especially when you've got volume, which SBC/PacBell do.
boogie74 | |
| | | sporkmedrop the crantini and move it, sisterPremium,MVM
join:2000-07-01
Morristown, NJ Reviews:
·Optimum Online
| Re: All about money... said by boogie74:
Quote of a bad businessman... (or businesswoman):
"I buy the widgets at $50 per widget and then sell them for $49.95. Of course I make up the difference in the volume of widgets I sell"
Lets use math here... tiny if not non-existant profits DON'T add up in volume. It still spells "playing even with the house" if not "at a total loss"
Lets start to realize the flaw in the "logic" of "sell lots of stuff at little or no profit and make it up in volume"
We can then stop making comments like:
quote:
DSLAMs are a sound investment, whether you sell directly or offload the more "intangible" costs to an ISP. Especially when you've got volume, which SBC/PacBell do.
boogie74
Thank you for taking that quote out of context.
Basic business sense should tell you which one of these stands a better chance of turning a profit:
-CO #1 DSLAM installed, DS3 backhaul, Harris line testing stuff, remote monitoring, splitters. You have 100 customers.
-CO #2 Same as above, perhaps an OC3 backhaul, and 10,000 customers.
Now please tell me volume does not make a difference. This is so basic... Most all of this equipment becomes more economical when you put more people on it. Same with backhauls. Trying to squeeze every bit out of a T1 backhaul is tough, trying to squeeze every bit of capacity out of an OC3 is much easier, as is the trending. Averages are your friend. When you hit X% utilization, order the second. If you've got good VOLUME going, you'll soon be filling that second OC3 and getting your money's worth out of it.
Volume is very very important in this business, and there is a profit to be made. Even (*gasp*) Covad has a number of CO's that are profitable. I'll let you guess why...
And if you still insist ADSL is not profitable, even 2,3,5 years down the road, can I ask you why your company is selling it? To compete with Cable? CLEC's? And why have most of the RBOCs lately been touting their DSL profits in annual reports?
What I'm getting at, is what is your point? You seem to dance around this whole issue of the ISP wholesale business by quoting made up numbers about how much of a loss-leader DSL is for the RBOCs. So, why sell it? | |
| | | | | | Re: All about money... The loss isn't because of ISP's competing. The possible loss is when states like Illinois pass laws that state that ILEC's must give total and complete access to ANY part of the network that a CLEC wants at a price of less than what it costs to provision it to begin with.
All the CLEC need do is outprice the ILEC for the same service by $5 or $10 and now the ILEC is investing in business opportunities for the CLEC.
So what you have here is CLEC's buying "widgets" at $30 from ILEC's while the ILEC pays $35 for the "widget" to begin with. Sure the ILEC would sell the "widget" to the public for $40, but the CLEC can now sell it for $32 and still make money, while the ILEC can't.
But there are those that say that the ILEC can do it, because they make up for the difference in volume... How exactly that happens is beyond me... someone explain this one??
boogie74 | |
|
| | Catchy title From what I know SBC gives outside ISPs ATM circuits and room in COs only. ISPs should have their own gateway routers with own blocks of IPs.
--
Of all the things I've lost, I miss my mind the most. | |
| |
See 6 replies to this post | |
| | DirectvDSL USers Would be HOSED DirectvDSL users would get it in the rear if this goes through. They all have fixed IP's and it is the #1 selling point for the ISP. If they are forced to go to PPOE, the company will slowly die off.
I am getting the service, but I can tell you right now that if they can no longer offer always-on fixed IP's with no PPOE, I will not keep them as my ISP. Might as well go with the phone company then, you know? That is probably exactly what SBC/PacBell is thinking with this.
It sucks. If the ISP is paying the $ for leasing the lines, they ought to be able to offer any dang thing they want to with them including true always on non-ppoe fixed IP connections. | |
| |  rchandraStargate Universe fanPremium
join:2000-11-09
14225-2105 | Re: DirectvDSL USers Would be HOSED Everybody, please don't forget that PPPoE is founded upon PPP, part of which is IPCP. I believe many if not most access concentrators (used for both PPPoE and plain modem dialup) use RADIUS or a similar protocol for access control. As long as this is true, AND the RADIUS servers remain in administrative control of the individual ISPs, AND the ACs honor the RADIUS response w/r/t IP address, there's no reason you can't have static IP addressing over PPPoE. Lamentably, the article and discussion, however, seem to indicate that SBC will have administrative control over this. (It doesn't seem to make much sense from a consumer standpoint though, as it only adds another middleman to any adds, updates, and deletes; from SBC's perspective, it's wonderful because it gives them that much more control).
You should have no worries w/r/t PPPoE and DirecTVDSL. Their paradigm is to send you what amounts to an integrated DSL modem and router. That router is what would be responsible for carrying on PPPoX (it could be PPPoA too). If either SBC has administrative control over the authentication/access control, or SBC's ACs ignore any IP address assignment for that connection request, DirecTVDSL could then just form a tunnel (PPTP, IPsec, IPIP) back to their own servers and serve out their service that way, pretty much transparently to your own computers. That way, they can maintain their static IP address selling point, at the price of a kilobit (or few) per second of additional overhead. (I guess, unless SBC then either contractually or administratively blocks this sort of scheme.)
--
Benjamin Franklin: Those who sacrifice freedom for a sense of security deserve neither.
English is a hard enough language to interpret correctly when its rules are followed, let alone when a writer doesn't follow those rules. | |
| | | mdurkin
join:1999-08-11
San Bruno, CA | Re: DirectvDSL USers Would be HOSED said by rchandra:
Everybody, please don't forget that PPPoE is founded upon PPP, part of which is IPCP. I believe many if not most access concentrators (used for both PPPoE and plain modem dialup) use RADIUS or a similar protocol for access control. As long as this is true, AND the RADIUS servers remain in administrative control of the individual ISPs, AND the ACs honor the RADIUS response w/r/t IP address, there's no reason you can't have static IP addressing over PPPoE. Lamentably, the article and discussion, however, seem to indicate that SBC will have administrative control over this. (It doesn't seem to make much sense from a consumer standpoint though, as it only adds another middleman to any adds, updates, and deletes; from SBC's perspective, it's wonderful because it gives them that much more control).
Actually they won't have that control, the RADIUS will be run by the ISP after the session is switched to the ISP based on the domain in the login. It's quite true that a static IP or subnet can be used on the PPPoE session. We've been calling that 'sticky IP' to distinguish it from an always-on PVC with a static IP. I should say at least this is how it starts. I frankly don't trust SBC/ASI, and I wouldn't surprise me if they try more games down the road to increase their revenues, including taking back some of that control so they can charge more to the ISPs that want to use sticky IP, or even charging by the minute for DSL connections which having the BCG in the middle instantly enables them to be technically capable of.
Unfortunately this article made a big deal out of point that I consider extremely minor in this issue. Static IP as an additional security point for a VPN login is really pretty minor. The bigger issue with PPPoE is that it reduces the flexibility of what the ISPs can do, and increases the complexity of the connection. Particularly with the BCG box in the middle switching on this higher layer protocol and having to be up and functioning properly for you to have a connection, the connection is going to be less reliable.
said by rchandra:
You should have no worries w/r/t PPPoE and DirecTVDSL. Their paradigm is to send you what amounts to an integrated DSL modem and router. That router is what would be responsible for carrying on PPPoX (it could be PPPoA too). If either SBC has administrative control over the authentication/access control, or SBC's ACs ignore any IP address assignment for that connection request, DirecTVDSL could then just form a tunnel (PPTP, IPsec, IPIP) back to their own servers and serve out their service that way, pretty much transparently to your own computers. That way, they can maintain their static IP address selling point, at the price of a kilobit (or few) per second of additional overhead. (I guess, unless SBC then either contractually or administratively blocks this sort of scheme.)
The best you can do is to run the PPPoE client in a dedicated router device or inside the modem. That removes the complexity from the end station and has the best chance for reliability. ASI is not offering to offset any of the costs to do that, nor the tech support nightmare to install of that or PPPoE on end stations, for all the lines independent ISPs already have in service even though they are insisting they be converted. But even if you have a nice reliable PPPoE client in a router, you still have to have ASI's BCG device up and functioning to have your connection, and we've seen how SBCIS sometimes has trouble keeping their Redbacks running, with daylong outages, and the BCG devices are just as complex. | |
|
| | Oh, fine... I'm a bit unique because I buy "line only" DSL transport from SBC, and then separately contract for my ISP service from another company who provides me a dynamic IP via DHCP (I could have a static IP for a few dollars more, if I felt that I needed it). One of the advantages of this arrangement is that I am not reliant on one of the LEAST reliable elements of the SBC DSL infrastructure, their Redback routers (which also do the PPPoE authentication for SBIS customers). I'm actually less concerned about using PPPoE itself than I am about having to experience the frequent outages and other problems associated with SBC's routers. They keep this crap up, and I'm gonna end up on RoadRunner sooner or later.
Dan | |
| |
See 7 replies to this post | |
 DennisPremium,Mod
join:2001-01-26
Algonquin, IL
kudos:5
Chicago
Users find Hot Deals
Users find Hot Dea..
Requests for Hot D..
Home Improvement
| Some points for thought
Also addressing hung sessions, this occurs no more frequently then RADIUS shadow file corruption which produces the same results. I agree the additional software is unpleasent but there are multiple hardware solutions from Netgear, Linkys, Zytel that remove the need for Enternet and allow sharing for your other computer in the house. I have been working in the DSL field for 3 years now, and honestly don't feel PPPoE is such a negative thing.
With regards,
(name removed)
--
Never mistake lack of talent for genius. | |
|  JestocostThe Poodle Bites.
join:2000-10-19
Saint Louis, MO | So this wasn't news . . . . . . when I submitted it last week? | |
| | | These guys are clueless
As I stated in my title, these guys are clueless. First of all firewalls can be adjusted to change as your IP address changes, also PPPoE does not have to be terminated at the ILEC or CLEC. The PPPoE session can be terminated at the ISP, the Bell entity will just serve as a PVC pass through point. In addition the security becomes the domain of the ISP, as it should be. Does PPPoE suck? my answer is yes, but not for the reasons these guys are talking about. In fact if you use reconnecting or keepalive software it is possible to maintain your PPPoE assigned address due to the nature of how the addresses are leased out by PPPoE. Static IPs are nice to have, but until IPv6 comes along to the mainstream, there are not enough IPs around for people to utilize properly.
Get rid of WinPoet and get RASPPPoE. | |
| | | I chose a reseller instead of SBC for static IPs This router solution is making me nervous. Okay, yeah, I got a Linksys router (a single port router!) which means I'd have to go buy a 4-port since I have 2 static IPs for my setup.
I chose my lovely alternative ISP over SBC ISP because they offered static IPs without having to buy the "Enhanced package" which in my area was $150 for 5 static IPs, vs. the $69.95 in some other areas. I've gotten beautiful response times and attention from their tech support as well. When I have to communicate with with one of SBC's arms, I get hosed with their attempts to close out the service ticket at all costs.
Now I have to pray that this router I'm going to have to buy will give me "sticky" IPs that really stick so my DNS, web, and mail servers don't die out on me when I'm not watching them? High anxiety!
Why do I feel like I've been cheated with no one to blame but the rotten contract that has 9 months until expiration? I never saw this coming.
- A very small site webmaster, running my own DNS servers for caching and a learning experiencing... | |
| | | Will anyone be left that doesn't require PPPoE??? Will the entire world become one where PPPoE is required? I work on setting up 'work at home' staff to use cable or DSL connections to my VPN network. Having a dynamic IP address doesn't bother me but requiring PPPoE does. Now if PPPoE software was intergrated into all operating systems maybe it wouldn't be as bad but having to add client software into our corporate builds just doesn't cut it. All I want is IP transport, I don't need video on demand, heck I don't even need their e-mail, just give me transport. Also, don't make me go purchase a external cable/DSL router that has PPPoE in it, they don't work that well and it's just another piece of something to go wrong.
Someone said you can get DSL business class service that doesn't require PPPoE, well I wish someone would tell me what that is since when I call the telco's that use PPPoE they always tell me that it's necessary. | |
| | dubsac
join:2000-06-26
Miami, FL | Re: Will anyone be left that doesn't require PPPoE??? There are plenty of varieties of DSL that dont require PPPoE, just don't ask your TelCo for them.. A good business class provider is MegaPath Networks, though I would suggest using the ISP power search here on DSLreports.. you can specify Static IP service only in your search if you want.. good luck | |
|
| | PPPoE Not as you get it, But how you make it!!!
As is always said PPPoE sucks, now let's talk about getting around that fact. The way PPPoE works is that you are issued a lease on an IP address. This lease can be up to 30days in some cases. The point is to be able to log off just as your lease expires and log back on in time to recapture the address. This can be done if you use certain programs, NTP allows you to "sync" up with your PPPoE or DHCP server so as to log-off and on at the proper time to renew your lease. There is a lot of documentation out there on the net, on how to do this. PPPoE need not be the pain it is. A little planning and work, can make sure the IP address you are given remains yours for some time.
Look at the Linux NTP Howto pages for hints on how to use this tool. Happy PPPoE'ing.
| |
|
| |
|
|
·
