Hi all,

Watching the excellent panel discussion (great moderating, Mai!) at BYOI yesterday < https://m.youtube.com/watch?v=VaFFFw0hndQ > I was struck by the connection to a conversation with my colleagues at Tech Underground about setting up Internet/Intranet for small nonprofit organizations. We learned that AT&T's fibre 25/25Mb plan has an issue where you can only use the Arris BGW router they provide, and that this router will reboot itself whenever the NAT table sees more than 800 TCP sessions. 800 is pretty much normal for a group of about six people. So even though AT&T promotes this setup for organizations up to 25 users, it is not. The router reboots itself when 800 is exceeded, so everyone loses connectivity. The limit may vary depending on unknown factors, but also exists for Comcast small business customers, e.g. the limit is 2000 on the device provided by Comcast, but that the device itself eats up 700 or 800 sessions, before any traffic from the network has even been hooked up to it, leaving maybe 1200 for users. With a dozen staff, plus people's cell phones and VoIP phones, it hits the limit and crashes the router once or twice a day.

Online research turned up a couple of people attempting hacks:

Super-linux-geek hack: http://blog.0xpebbles.org/Bypassing-At-t-U-verse-hardware-NAT-table-limits (basically, the hack is to take the DRM traffic to the AT&T router, and everything else to the router of your choice.)
http://www.dslreports.com/forum/r29898675-U-Verse-Business-NVG585-NAT-limit

We think AT&T is trying to reduce the number of customers who will try to share accounts, and live with the reduced bandwidth. TCP session limits are a big hammer solution to this problem, but it's one of the fall-outs of having "net neutrality" rules. If they can't rate-differentiate sources, ISPs will manufacture artificially handicapped hardware.

thanks

Hilary

---
Hilary Naylor, Ph.D.
www.a2zed.us
Oakland CA