Let's not forget that verizon FIOS' delivered Actiontec router (a beast
of a wireless NAT box w/ a 533mhz proc and somewhere north of 200megs of
ram if I recall correctly) has a firmware limitation of 1024 NAT table
entries.

Perfect for email reading, and web surfing. Once you start up any peer
to peer app (pick any app with loads of connections), the Actiontec
holds the first NAT entries for four minutes, even if you overrun the
table. Thus, once you even try to bring up your favorite web page,
you've already DoS'ed yourself. Stop everything, and in 4 minutes,
you're back in business.

(you then have a 75watt NIM in place....MoCa to Ethernet. Of course,
this also disables the VOD service, and guide data for STB's in the
house. I didn't notice that side effect immediately as I have a couple
Tivos in place which already provide a channel guide.)

I've personally verified the validity of the actions "accidentally"
after my own FIOS install and saw the exact error message "nat Error :
connection pool is full" (or something similar, it's been a while) once
the connections reach 1k entries or so.

The difference between this and most other SOHO routers (even far less
capable devices) is others typically "immediately" FIFO the NAT table
and do not hold entries for minutes at a time. A slowdown, perhaps, but
you can still check your email. The Actiontec isn't so kind.

Cheers,
andy

p.s. compared to comcast's alleged forging of packets, I'd call the
verizon solution far more clever. No network appliances or sandvine
services needed to throttle traffic that may be less desirable, or use
more network resources.  More like a flash grenade than a smoking gun.
Big flash, and you don't have a clue what hit your connection



---

If you look at http://www.mocalliance.org/en/index.asp you'll notice that it is, in effect, a strategy for giving Verizon back control of your home network just like in the “good old days” when the phone company owned your wires and was able to assure that the copper went no faster than it was supposed to.
 
Remember that 1394 failed because it was designed to be entertainment network not just a network. They are selling their RG-6 network against Ethernet. The claim that consumers will not tolerate latency sounds a lot like 1394 – even though we know that the issue is more jitter than latency as such. After all, as others have pointed out, “live” TV is on delay just in case a moral offense is committed. That’s a lot of latency people accept.
 
Moca is one more example of an extremely insidious form of NNN (not network neutrality) because it builds the policy into the very architecture of the network. Just like with PONs.

Bob Frankston

---


MoCA (Multimedia over Cable) is a communications path. Verizon uses it to enable IP comunications to and from what are otherwise normal 'cable' set top boxes.  MiCA was chosen to enable IP STB's because installing reliable Ethernet in houses was much more expensive than utilizing the cable that was already pervasive in US houses.

In FiOS, VOD and multi-room DVR (where an STB can be a video 'client' of a DVR STB) content is carried via IP over that MoCA channel as is the Internet 'service' data between the light-terminating-equipment on the side of the house and a customer data access device that Verizon calls the broadband home routers (BHR).

I would not attach such sinister or insidious motives to the use of MoCA.

   armando