Your fears confirmed: "up to" broadband speeds are bogus

I think he's a bit behind the times. There are a lot of factors that he doesn't even touch on in the article.

Well, first, lets roll back the timeclock..and go back to the dial up days. Remember when 14,400 modems came out? Remember when 28,800 modems came out? 33,600? And then 56,000 modems?

Dial up ISPs back then would advertise the max modem rates that they hosted, but most of us that paid attention to our DUN back then would notice that you didn't usually connect at the max speeds. I remember connecting at 22,000 with my 28,800 modem often, or with my 56k modem...usually I'd only get a 50,666 connection or something like that.

And then once you connected..you didn't actually hit the net at those speeds, because dial up ISPs back then would have everyone share their main gateway...often back then just a T-1.

Variables back then...brand of equipment, line condition in your home (line quality)..line condition from your home to the street...and then to the nearest box, and then to the ISP.

Then came broadband...with DSL naturally it is distant dependent, the farther away from the CO you are, the lower your max speeds are. With cable, it's a somewhat shared technology...everyone else in your neighborhood sharing the local node.

And then, they can only manage the bandwidth up to their gateway....because once you're outside of their gateway (like..using the internet)...you're on your own, you're out there using other backbones and highways out there which are beyond their control.

Based on experience (a few hundred clients on broadband)...the average broadband subscriber out there is gets quite a bit more than 50% of the advertised speed...I find it closer to at least 80% of the advertised speed. Whenever I setup a new client, I run online tests to check their speed. And for my regular clients, I frequently check those speeds when I'm onsite to ensure things are good.

What other variables out there affect speeds? Type of equipment they choose..what brand router, do they have a current generation router which is fast enough to handle todays faster broadband speeds (like at least 20 megs throughput)...or do they have a 5+ year old router that can handle only 5 or 7 megs throughput, which obviously is a bottleneck preventing them from enjoying the 16 meg cable connection (basic math here). Or did they double NAT/cascade their own router on top of the ISP supplied gateway device, instead of setting things up properly?

What malware has affected their systems TCP stack/winsock files..screwing up their RWIN and MTU values...preventing their computer from realizing better network performance.

Just a few weeks ago I setup another biz client of mine on Comcasts 50/10 package. I benchmarked it at 48/9 megs. Pretty danged good, and an amazing amount of bandwidth for the money.

Another perk...most cable ISPs have their guaranteed bandwidth..such as an 8/1 speed...but they "give you" boost speeds such as 20/2 (names like Comcasts PowerBoost). When boost packages came out...they didn't raise the price...you still pay for that 8/1 minimum bandwidth, but you get to enjoy nice boosts when surfing, retrieving e-mail, downloading normal things.

ISPs are doing great things to improve their broadband...the "sharing" issue with cable has pretty much been ironed out, and with DSL, phone companies are rolling fiber out to neighborhoods to close that "distance" gap which reduces performance the farther their customers are from the CO.

 

Though mostly true I find that most of the time the speed on FiOS is pretty close to advertised. I would like to see the misleading ads stop though. My bigger complaint is the advertised price being about double when they get done adding fees and taxes, but that is another subject. It would be nice if they were forced to advertise the actual average speed and the actual price it will cost.

 

Kids!

I remember 150 baud! Then 300. Then thinking I was cool with 1200baud! 14.4K was screaming!!!

It's all shared - whether DSL or Cable. Once the ISP puts it on the backbone, we are all on the same backbone and regardless your ISP, everyone in your town all share the same backbone (or backbones if town is big enough). That said, with cable, it is much easier for ISPs to make each "neighborhood" smaller so you are sharing with fewer in your neighborhood. There are only a few exceptions where a DSL company's offerings are faster than cable's - if both are available in your area.

But, I'm going to side track this thread a bit.

[RANT ON]
I have a big problem with ISPs and the telecommunication carriers who would much rather sell you bigger pipes (more bandwidth) than to reduce the amount of spam clogging up the existing pipes. Depending on who's doing the study, anywhere from 30% all the way up to 95% of the traffic on the Internet is spam.

What are the ISPs doing to block spam at the source? Nothing - they would rather sell you more bandwidth.

What are AT&T, BT, Vodaphone, Cisco, and the other big carriers and backbone equipment makers doing to stop spam at the source? Nothing - they would rather sell ISPs and big corporations bigger routers and bigger pipes so they can pass those costs on to consumers - you and me.

What are Symantec, McAfee, TrendMicro, CA, Panda, etc. doing to stop malware (most often distributed by spam)? Nothing!!!! They have absolutely zero incentive to rid the world of malware for that will put them out of business.​

I have Cox Communications cable and I have no complaints about my bandwidth (See http://www.speedtest.net/result/919310862.png). And yes, they have powerboost and periodically up my bandwidth.

But make no mistake, they raise the costs to you and me. It may be in 6 months so they can claim it is not because they raised your speeds, but you will pay more for it eventually. Over and over again.

Imagine what our speeds would be if suddenly there was a 30 - 95% drop in traffic if suddenly ISPs blocked spam at the source? If the UN member countries enforced the existing laws they all agreed to so corrupt ISPs and local officials could not dump spam on the backbones? If our elected leaders would fund our law enforcement agencies to crack down on these badguys?
[RANT OFF]

 

Yes ultimately it's all shared once you get that far out, but with DSL you have a dedicated pipe from your NID to the CO. The multiple OC3's or OC12's feeding your ISP as their backbone are usually never near the point of being saturated. The kids in your neighborhood that are pounding thousands of torrent seeds downloading warez 'n music will not affect you. With cable you basically share the local node router T-3 that feeds it with your neighbors. The kids in your neighborhood can/will affect you.

ISPs are and have been very involved in the battle against spam. I have frequent conversations with an old buddy of mine from high school, he is in charge of the main Verizon backbone of the eastern side of the US.

ISPs have been increasing their battle against it for quite some time now. They are doing what they can to stop the obvious spam at their level...but they can only do so much. Once of the first things they did was put ACLs on their outgoing SMTP servers, and quite a few require outgoing authentication against their outgoing SMTP servers. These steps were done to prevent users outside of their own network from utilizing their SMTP servers, which was a big hole for them prior to that.

They also block services from dynamic home accounts...anti spam is one of the reasons they don't allow port 25 to be open on home accounts, and if you show up as too large of a blip on their radar with outgoing SMTP traffic they'll shut you off for that reason.

What else are they doing at the source? RevDNS/PTR is a method of authenticating mail servers via IP addresses, and that is controlled by the ISPs, it's not a DNS thing we do via Godaddy or whatever registrar. ISPs came up with this a few year ago to help against the battle of SPAM, and when we setup our anti-spam methods on our mail servers and enable tar-pitting, we can thank this method for dropping over 50% of the spam before it even enters the network. (tar pitting drops the connection as soon as the sending mail server fails the revdns test, it's not even allowed in)

On average, SMTP traffic is hardly a major slice of the bandwidth pie for home users. E-mail is actually very tiny in size, even when you add up truckloads of bulk of it..it's still quite small. Compared to web traffic these days with all the ad banners (I love my adblock plus), and online video and music streaming (youtube and pandora)...those are a major portion. For business networks, smtp can constitute a larger portion of the piece of pie...depending on the company. And most outsource their e-mail hosting to spam/virus removing hosts like Postini, appriver, mxlogic...or smaller ones like myself which provide these services.

SPAM costs the ISP money....their clusters of mail servers must be maintained, and that's lots of resources and hardware dedicated to them....they don't welcome spam. However, they cannot implement full spam filtering as I mentioned up atop this post, think of the support nightmare...having someone look for false positives and kick them out of quarantine. Any/all spam filters will have false positives, managing a quarantine can be a pain and time consuming, thus why they can only do certain steps against spam...but they are doing it.

*last minute edit..I can't believe I forgot peer to peer traffic. One of the biggest hits to ISPs..especially cable ISPs. Why? Not so much because it sucks up huge portions of their bandwidth...while it does eat up a lot of bandwidth, the biggest "hurt" it puts on cable ISPs is the amount of concurrent connections p2p/torrent junk creates on routers and floods their state tables (sessions). p2p/torrent traffic will bring the mightiest routers to its knees. Now ISPs have some pretty potent routers..the ones in your neighborhoods cost around the same as many cars, and the ones in their data centers..esp their main gateway, cost more than many peoples homes..they're honking huge units. But even those, with many kids running p2p traffic, will get bogged down. Suck up the bandwidth? Well, somewhat...but "slow things down"...yes...yes it can.

 

In the last month, I started using TWC's "Wideband" internet service, instead of just their roadrunner with speedboost. I'm paying for 30down/5up. Being a techie, I check it often, and I check my ping test, packet loss and jitter.

So, far, most nights I'm averaging between 18-25mbps. yeah, it dips down into the low teens during busy hours, and that annoys me considerably. If I am paying for 30, I should get more than my neighbor who pays for 15.

What is kind of odd to me is this:
When I was paying for 10mbps down, I averaged around 5-6.
When I bumped it up to 15mbps, I averaged around 8-10.
Now at 30mbps, I average around 20.

So, why is I had to pay for the higher package just to get the lower packages speeds. If I can get 10, why would I not get it when I was paying for 10.
That would be like me saying I had to buy a high end sports car that can drive 200mph, just to be able to go the speed limit.

But doing ping tests, my jitter is usually only a 2 or 3 ms, and my ping is around 20ms.

So, going with the theme of this thread, yes, I wish ISPs would actually hit their advertised speeds.

 

I don't want to debate which is faster cable or DSL - there is plenty of evidence out there to show that cable is faster in most areas, but not all. As noted, if your cable neighborhood becomes congested, the cable provider can simply reduce the size of the neighborhood, splitting it up into 2 or more. That cannot be done with DSL. And while the demography of neighborhoods is dynamic, you don't normally, suddenly, have a huge influx of filesharing music and video thieves moving in - unless they suddenly build a huge apartment complex across the street, and you can only hope the ISPs will prepare for that - or you change ISPs. And while I agree bandwidth gets tight when P2P activity increases, that is true across your entire timezone, not just your neighborhood. Thus even fiber customers can see (or at least measure) bandwidth drop.

They are not doing NEAR enough to stop spam or malware at the source. Sure, they provide spam blockers but they block delivery to your inbox (often with many false positives). They (as a global industry) do little to stop spam and other malware at the source. This is not hard to verify. The Spamhous Project clearly shows of the top 90 global spammers, most are in [embarrassingly] the United States.

US Still Main Source of spam

ISPs don't want to be spam cops

Sure they can watch to see if suddenly 100,000 emails come from a specific IP, but that is not enough! Malicious code is not just delivered by spam and spammers don't use just one node to deliver it. They have armies of zombies, compromised computers, and instead of sending 100,000 emails from 1 computer, they send 10 [infected emails] from 100,000 computers for 1,000,000 infected emails. ISPs must look not only for spam, but malicious code, and they don't. Now granted, part of that is out of fear they will be sued for privacy concerns but, oh well! If you are concerned about privacy, don't use the Internet!

The ISPs are spending HUGE amounts of money "marketing" their security efforts and yes, they have made some headway. But most of that we hear is simply marketing "fluff".

Let's not forget the big carriers - the conglomerates who own the national and international pipes between countries, continents, and ISPs. If I were to send an email with an infected attachment to you, it is very likely you will receive it unscathed and it will be up to your computer's anti-malware solution to detect it. How many missed opportunities were there between here and there for that malicious code to be detected? For example, from my house to www.speedguide.net a tracert shows 17 hops. How many opportunities were missed? A bunch!

 

My server says that my download speed should be 10 MBps, the upload speed is not quoted.

This is my UK location check at the date and time stated on the panel :-



I cannot grumble at that. Sometimes the speed is greater than 10 MBps, it depends on the time of check. Server is genuine in meeting their speed promise and these checks have been consistent for months.

John B

 

Please don't feel bad in US, out here I get Fraudband, 512kbps, yes thats right kbps, the only positive point being its unlimited but since its not mbps, its painfully slow.

 

Don't give up on copper yet. It still has lots of potential. And note that 26.8Mb/s speed in my Speedtest link in post #4 above are over copper - and that's to a server 1000 miles away. Sure, there is no doubt fiber is somewhere in between, but the drop to my house is copper.

 

I never stated one was faster than the other, only a pure non-shared shot. I'm firm on my stance...for lowest latency and great online gaming, bridged DSL with a quality ISP is best. For highest download speeds, cable (although fiber fast replacing). Everyone associates DSL with the crappy service the local phone company offers...the local phone company sucked at dial up, what makes people measure DSL by them? Not all ISPs are created equally. But I could carry on about this subject for a few days....going into tons of variations of broadband outside of what most people only know..the local telco, and the local cable provider. This is so much more!

Unless you've worked on and supported e-mail servers...it's hard to explain why it would be quite literally impossible for major ISPs and backbone providers to provide more spam filtering than they already do. Trying to manage quarantines for umpteen million different domains of e-mail crossing their pipes....ugh. And say I send you an e-mail...how many different ISPs and bandwidth providers will my e-mail cross? Say it doesn't make it to you...how many ISPs do I have to call to find out who may have bagged it by mistake with their spam filtering?

Rule of thumb..you should not provide a mail filtering service to people without providing the basic tools like access to a quarantine.

Once you molest data from sources outside of your network...where do you draw the line of "hands off, not my problem"...if your services affect that data?

If it's outright spam, or if it's outright viruses...I have no problem stopping it. But even the best of products will bag innocent data (false positives)..when you look at the sheer volume of all the e-mail flowing across say..Verizons network at any given 5 second window of time...even just 0.03% of that ends up being an immense amount of e-mail that you're trying to backpeddle out of some quarantine as the phones ring off your hook. And how to you deal with sending out quarantine digests to that amount of people..wow!

Molesting data from other networks....opens up a huge "net neutrality" debate also.

Netbot armies...yeah I'm deep in the trenches with them, and doing what I can to keep as many biz networks in New England from being parts of that army.

www.speedguide.net....great site! (I'm staff there)

 

You can not get any more than what? Do you know what DSL1 and DSL2 is rated for? You can pull quite a bit out of copper.

 

I understand the issues with having ISPs and the big carriers taking some of the responsibility, and I understand the "hands off, not my problem" issue too. But the problem is, that policy is not working! Spam continues to increase every day and with every increase in bandwidth. And if spam just contained unwanted advertisements, that would be one thing, but spam is a, if not the leading delivery/distribution method for malicious code - code that is not just annoying, but threatens our very safety and wellbeing ourselves, and that of our families and friends - including our elderly and children.

There is NO technical reason ISPs and the big carriers cannot scan the traffic (email and otherwise) coming into their networks for malicious code. As noted in the link in my sig, I worked for Northrop Grumman IT for nearly 10 years, and supported secure DoD communications in the Air Force for 24 before that. It can be done - easily. As I said above, just getting the UN member countries to enforce the existing laws would a great thing, and would likely increase the bandwidth for everybody. Then the only ones unhappy would be the badguys, and those wanting to sell us more bandwidth or more resource hogging security programs.

I note while spam blockers frequently mis-tag legitimate mail as spam, most of the better anti-malware programs have a pretty good record and tagging malicious code, and only malicious code. There are still some FPs, but not that many.

***

Very true. When Cox implemented their spam blocker, they stupidly decided to automatically move "suspected" spam to a special spam folder that could only be accessed via WebMail. I fought hard (and very loudly) about that. They somehow forgot that millions of users don't use web based email accounts and instead use a client based email program, such as the hardly heard of Outlook Express or Outlook. And since each Cox account can have up to 7 (9 now) email addresses, if we wanted to see if any emails were falsely tagged (and many were, including their own newsletters) we had to log into each of the 7 individually. There was no way to disable the spam blocker either. They have since changed the options so you can opt out, but they sure had a lot of angry customers very upset for awhile.

 

So...multiple that frustration by a very large magnitude. When someone does not receive an e-mail...where do they start? Who do they call first? Who do they call second? Who do they call third? Where did the e-mail end up? Which ISPs spam system bagged my e-mail? Where did it go? How does one follow the accountability chart? Dealing with ISPs right now is often a painful and hair ripping experience. I can't begin to fathom how bad it would be trying to call a bunch of them trying to nail down where an e-mail got FP'd.

You worked in Grummans network...but you were really only responsible for traffic within that network..the buck stopped at you/your team. Once traffic left your gateway...you had your bandwidth provider to deal with. Once it left their gateway...say you had to send e-mail to General Dynamics or Sonalysts or some sub contractors, you never really had to worry about it because it never got molested by the ISPs as it wandered around the cloud as it followed the directions of the recipients MX record.

Even the best of products will have false positives. A fraction of 1% of tens of billions of e-mail per day is still a large number to be accountable for.

I can appreciate the nice thought of ISPs and backbones being groomed by huge layer 7 UTM appliances....but once ISPs and backbone providers start molesting traffic, they become so much more responsible for it. They have to start providing quarantines, and they have to start supporting that, and they have to start providing the infrastructure to queue/store it for XXX amount of days, and accountability for it to every single user out there on the 'net. All they owe right now on it is bandwidth. Relatively easy on the scale to support.

 

Just as they do now - they call the sender.

"Molesting"? To molest, by definition, is to abuse and demonstrates you are looking at this through an emotional and political eye, seeking out exceptions and the extreme cases to prove a point - that there is no perfect solution, therefore, shoot it down and leave the status quo! The status quo is not working!

What's your alternative then? Because CLEARLY the current solution of forcing every individual on Earth to fend for themselves is NOT working! The current solution to block spam at the destination is NOT working! The current solution of forcing consumers to scan for malicious code is NOT working. Educating consumers is not working. Spam continues to grow. Malicious code continues to infect, and infect more insidiously. Identity theft is thriving. And badguys continue to profit and proliferate.

By not offering an alternative, you propose leaving everything as it is. That is not good enough. We MUST stop malware from entering the cloud at the source. ALL data must be looked at for malicious code, not just email.

The point I am trying to make is the current process is not working. If you have a better solution to reduce the amount of spam, I'm listening. But to do nothing is letting the badguys win and certainly, nothing is what they want us to do.

So shoot them all down, right? Because you feel a mere fraction of 1% is totally unacceptable, shoot it down and let poor ol' Grandma fend for herself. Okay, I know you don't personally feel that way but it illustrates my point. You are looking out for the "paid" email admin, I'm looking out for the consumer who is forced to pay - often dearly.

Let's look at those figures again. If you believe recent reports that 90% of all email is spam, then dealing with a fraction of 1% of billions of emails will be a lot easier than 10s of billions, no? And look at all the saved bandwidth and congestion free networks.

Again, the facts are the current method of dealing with spam and malware is not working. The situation is getting worse, not better. Therefore, the current method of dealing with spam and malware only at the destination must change. If you don't want it done at the source, what's the alternative?

BTW, like Norton, McAfee, CA, TrendMicro, Cisco, Nortel, AT&T, Sprint, BT, France Telecom, I have no financial incentive to rid the world of malware. Why? Because as an electronics technician, much of my business comes from cleaning "new" client's computers of malware. But as an electronics technician for secure communications equipment for nearly 40 years, I know that security trumps all - even over the convenience of the network and email administrators. Note I said "new" clients. That's because my clients don't leave my shop without knowing how to "practice safe computing". So if they come back, it is for a hardware issue.

 

My "molest traffic"...I mean a specific backbone provider, or ISP, does anything...anything at all...to interfere/alter/change/drop/lower priority of any of the bits of information that pass through it....aside from standard TCP/IP handling tags necessary and related to MAC, where it came from, and where it's going.

I'm coming from the logistical side of things because I've work inside of ISPs, and still very often work with ISPs. As an SMB consultant, I have to eyeball and manage everything from the top, to the bottom, inside and outside of business networks. I also have to manage the business side of things, and am deeply involved in the support aspect of things.

There's one thing I may have or many not have touched on up above...."accountability". Or approach the concept using another word if you must..."auditing". If any ISPs or backbone carriers have to do anything to SMTP/POP....they must be accountable for it, there must be an audit trail. Especially painful for the backbone providers to deal with, as...try to guess how many different ISPs have traffic flow across them? Just imagine the sheer task of building a support staff for this? And lets not even tough on the costs....and the resultant rise in our monthly ISP bills.

The big scenario!!!
If I send you an e-mail..and it doesn't get there...but we know that e-mail probably traveled across at least several ISPs and backbone carriers...any of which "may have" quarantined that e-mail, how do we begin to find out where it got bagged? And manage whitelists with which provider? Whose quarantine do we look in?

The ISPs are taking, and have been taking, measure to block the obvious SPAM at the source. Again, this is where dynamic home grade accounts aren't typically allowed to shoot out heavy traffic on certain ports without showing up on the ISPs radar. And this is where business grade accounts will have to have RevDNS/PTR setup properly for their outbound e-mail servers to function correctly. And this is where the ISPs will put ACLs in place to block traffic utilized by malware.

But they can only do so much before they cross the line of net neutrality, and that's a hairy line for them to cross. Just look at the flack they get for lowering the priority of P2P/torrent traffic. Which, BTW, I'm actually "for" helping to block...as THAT traffic puts a huge load on ISPs. So I'm not one to wave the "Net Neutrality" flag...I'm just illustrating that it's a big obstacle for ISPs.

We do our share here to lower spam traffic across New England, as we handle "mail washing" for many many business clients. Again, I'm not against battling SPAM, but I just realize how pretty much impossible it is to do on a global united scale. But we get paid for this service, this service is requested.

 

Okay, I grant you some (too few, however) ISPs are taking action. But worldwide, most, I suspect with confidence, are not. And this is where I am saying we (as voters) need to prod our elected officials to get our representatives in the UN to actually do something - talking is not working. But to that, badguys are cleaver and working hard to make spam not obvious to scanners. But also ISPs are not looking for malware, they look for abnormally heavy traffic patterns. Like the power companies look for indoor pot farms by abnormal electricity use from a house. So they look for someone sending 10,000 emails per day from a single IP address. But serious badguys are on to that. The badguys seek out and sadly, easily find careless users (often illegal Windows users) with unprotected systems to compromise and use them, by the millions!, to send out 100 infected emails per day - below the ISP's radar, but still 100s of millions of emails per day. That's a problem your methods are not resolving.

And tracking is not hard. Okay, finding a single lost email may be difficult, if not impossible, but every packet has embedded routing information. And every legitimate email is embedded with legitimate routing information.

And I say again, if the shear massive quantities of spam were reduced, tracking what is left would be much more manageable from your side. And the available bandwidth to all will greatly increase - so I don't accept that it will result in higher costs. I do accept that ISPs and the big carriers will claim the costs will go up, but I don't buy it. They make money by selling bandwidth and we (consumers) are forced to buy more bandwidth because of spam. If we (especially other businesses) don't have to buy as much, the big carriers lose business and they will attempt to recoup that by charging us more - but that's their problem, not mine.

I do agree 100% with your comments about P2P/torrent traffic, and I think it is sad more is not done about it. The problem with spam is, like telemarketers and junk mail, much is just annoying, not illegal. But P2P/torrent file sharing is, by a very large percentage, used for illegal filesharing of copyrighted materials. That should be reason enough to stop it, but efforts have failed. And sadly, badguys, knowing that most P2P/torrent users are careless, and often illegal Windows users, target these users. They use these channels to very effectively distribute their malware. Not good.
***

Side note: "SPAM" (in all upper case letters) is a registered trademark for a specific type of canned meat, a delicacy in some cultures, including Hawaii. Unwanted email (spam) does not deserve to be in all upper case letters.