Date: Mon, 30 Jul 2001 19:33:50 -0500 (CDT) From: kesu <kesu@kesuki.dyndns.org> To: Ted Mittelstaedt <tedm@toybox.placo.com> Cc: <freebsd-questions@FreeBSD.ORG> Subject: RE: Need help limiting bandwith ARP uses over cable modem. Message-ID: <20010730183920.S14350-100000@kesuki.dyndns.org> In-Reply-To: <00de01c118d7$c7afb160$1401a8c0@tedm.placo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 30 Jul 2001, Ted Mittelstaedt wrote:
> >-----Original Message-----
> >From: owner-freebsd-questions@FreeBSD.ORG
> >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of kesu
> >Sent: Sunday, July 29, 2001 8:05 PM
> >To: Ted Mittelstaedt
> >Cc: freebsd-questions@FreeBSD.ORG
> >Subject: RE: Need help limiting bandwith ARP uses over cable modem.
> >
> >My incoming bandwith is 560 killobits/second my outgoing bandwith is 128
> >killobits/second now surely you can see how receieving a saturating queue
> >of packets on the inbound is going to generate _more_ outbound packets
> >than my bandwith limitation.
>
> No, actually I cannot. If your RECIEVING a larger volume of data than your
> sending then while you may be generating a lot of packets, those are SMALL
> packets.
I have anylized the situation, and in fact the ARP packets are causing the
problem. I can use the output of tcpdump to accuratle measure the
bandwith used by ARP packets and it easily exceeds my tiny 16-KilloBytes
second upstream cap.
arp who-has 24.116.21.206 tell ppp-b1.jop.cableone.net
0001 0800 0604 0001 0030 944b ac54 1874
1501 0000 0000 0000 1874 15ce 4500 001c
ea72 0000 0101 3ae2 1874 2975 cf1a
consider a typical ARP packet. it has a header and then 46 bytes of data I
am fairly sure the total size is around 128 bytes 8 arp request is 1K of
data given that. since I get 16K that means I can handle 134 ARP packets
per second. ARP is the same size both in and out. If my ISP limits each
subnet on the network to 254 users, that means that it would take me 2
seconds to arp reply to each of them. But windos boxes aren't very cable
modem friendly. They send out up to 5 ARP requests A SECOND until a Reply
they are happy with is recieved. That means for up to 90 seconds I can be
_bombarded_ with arp floods COMPLETELY ruining anything else. So now
instead of waiting 1 minute for the modem to reset, I have to wait 3
minutes to DO ANYTHING. Web browsers will even choke in this packet
flood, but IRC which is latency sensitive will almost always have
problems.
> The packet count isn't what's important here - it's the size of the data
> payload that matters. An ordinary transmission such as an FTP session results
> in very large, perhaps 1500 byte packets, coming down to you whereas your
> sending acknowledgement packets back that are a tenth of the size.
>
> > I am on average loosing 5% of all packets.
>
> Well, what do you expect!!! Why do you think your getting ARP requests to
> start with? ARP isn't used on point-to-point links it's only used on shared
> media links like Ethernet and in your case Cable. And shared media has a
> thing called contention - this means that your cable modem and your neighbors
> cable modem may transmit at exactly the same time, resulting in garbage on the
> cable network as both packets are scrambled. Packet loss here is normal.
The packet loss becomes user noticable when the modem resets. (as in
programs hang waiting on replys they never get because the sent packet was
lost) Xchat is especially affected, since various development versions
lack an internal time out, after an inital connection is made, but prior
to the final connection.
> >I have anylized the tcp stream intensively and the vast majority of arp
> >requests are duplicates in the first place, likely built up in my isps
> >queue dutrring the minuter it takes for a reconnect.
> >
> >There is a genuine need to restrict the ARP packets when my isp refuses
> >to.
>
> Your ISP cannot do anything here because Cable is a shared medium.
>
> >I am not concerned about the bandwith loss coming inbound it is
> >really the outbound traffic that is causing packet loss. Restricting ARP
> >has an emense benfit for cable modems,
>
> Not if they are being operated in accordance with how the cable network was
> designed. Cable Internet service was designed to get large volumes of data
> FROM the Internet TO your desktop, it was not designed to work the other way
> around.
But the ARP packets are pointless, as it isn't a lan, and version 1.1
causes the ARP to be selective, only sharing between local computers when
a connection attempt is actually made between the two. DOCSIS 1.1
compliant modems are going to make cable modems a much more user friendly
experience, since the reduction in ARP traffic will benefit everyone.
> The only thing that I'll say about ARP restriction that's good is that it's
> quite obvious that all your cable modem neighbors DON'T need to hear your ARP
> broadcasts, and it's obvious that you don't need to hear theirs, because most
> likely you and they are NOT exchanging data with each other. But, this isn't
> going to represent a significant bandwidth savings which is why the cable
> Internet providers haven't bothered with doing it. Cable Internet is a big
> hack anyway and stories like this merely serve to illustrate that point.
>
> > especially since they castrate the
> >upstream levels, and there Is no isp choice. Especially since the low
> >grade copper to my house prohibits DSL.
>
> The only possible way that restricting outbound ARP traffic would help you is
> if your using your cable modem to host a server that is saturating the
> outbound traffic with data transmission. And I should remind you that @Home
> explicitly bans cable users running servers I'll be happy to provide the URL
> of the AUP if you don't believe me.
I do not use @home, I am using the local cable company which has it's own
AUP. The reason why it would help has nothing to do with a server, I
am connected to IRC networks (more than one) and this generates requires a
number of outbound packets When I Reconnect, something that is coung to
happen immediately _AFTER_ the cable modem has reset on me, since it takes
nearly a minute to do so. This is when the vast majority of ARP packets
are recieved also, causing X-chat to 'hang' in the middle of a connect
because the connection is closed by the server, but lost in the flood
of packets and since my upstream IS being saturated for the minute or two
after the modem reconnects.
In fact I am also paying for 2 additonal IPs, so I have every right to run
a gateway/firewall to provide access. The modem is saturated even
worse when 3 computers have 'real' ips and all have to arp every computer on
the network, so I am reducing everyones overhead by running a router so my
sister and my laptop can have net access.
Oh and BTW, my local ISP only restricts commercial servers, which I do not
run, but from a user experience the ARP packets hanging my IRC connection
ise _extremely_ annoying. Since the modem has a tendancy to reset
around once a week, this is very annoying to me.
> >I wouldn't have sent this e-mail if repeated letters of complaint to my
> >isp hadn't failed to alleviate the problem for more than a week at a time.
> >i need a _real_ solution, and controlling the bandwith ARP can use is the
> >perfect solution.
>
> The _real_ solution if your hosting a server is to quit violating your AUP and
> get a real circuit in there like a Frame Relay circuit. But if you don't want
> to do that then I'd recommend you wait until 2002 (if your on the AT&T network
> that is) when the cable net will be opened up to competitive ISP's and you can
> get an ISP in there that's responsive - unlike @Home. Then they can set your
> upstream bandwidth to some pie-in-the-sky amount and you and your server can
> stomp all over everyone else on the broadband.
If I were hosting a server then I would buy a high speed connection, but
since all I am doing is trying to run X-chat and have an OS that doesn't
crash on me every day (windows.) Furthermore, why did you assume I use
@home? They only reprezent 20% of the cable modem internet and in fact if
you bothered to look at my e-mail address you would notice that the DNS
for it is in fact a very small marketshare cable company operating in only
a handful of markets in 3 states. Any 'opening' of @homes markets won't
affect me, in fact my cable company will probably never be forced to do
so, because they _are_ a microscopic player and the last thing federal
regulaters want to do is put a small company out of buisiness so that
AOL-time-warner can snap it up.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010730183920.S14350-100000>