[ NNSquad ] Curious, as comcast takes a beating, Verizon gets away easy?

[Andrew C Burnette <acb@acb.net>]

Lauren, et al,

In regards to the subject of Comcast's method of "network management"
and the highly charged discussions that have followed, does Verizon get
a 'free pass' on claims of no network traffic management in their FIOS
network?  (while technically accurate, functionally they don't pass the 
sniff test)

What Verizon has done is eliminate the issue in the hardware router
device that you are given to use on their network. (it's 99% required,
as it functions to convert MoCa to wireless and Ethernet; just try and 
buy one separately. Barring that, beg tech support to give you cat5 
instead of MoCa).  They limit the NAT table to 1024 entries (e.g. the 
DLINK gaming router has a default of 8000; others inbetween), with a 
four minute hold down time.

Why is the hold down time important?  well, in the vast majority of 
consumer NAT boxen, the NAT table works as a FIFO, and when overrun, 
simply dumps the oldest entry. Verizon hangs on to that oldest entry for 
approximately 4 minutes from my measurements.

Strikes me as a bit odd as users of the FIOS service should be able to
note rather easily, that the error "NAT Error : Connection pool is full
- a message notifying that a connection has not been created because the
connection pool is full." filling the Actiontec logs if you load up any
significant program that generates numerous connections.

This is with a relatively low global connection limit within utorrent of
about 250. I've seen problems around 125 too.  Same with other clients
of various types. That's with the bandwidth limits set to <10% of the
capacity of the link (in my case, a 20/5Mbps service).  I've replicated
the error with spawned 'wget' onto my own servers.  I've also 
overwhelmed it with several MMORG's which initiate requests numerous 
server lists upon startup. (just testing, I get clobbered in those :-))

When you have many simultaneous connections, like seeding and
downloading multiple torrents, regular web browsing is nearly
impossible. I am sure their timeouts are too long, their NAT table is
too small (1024 entries; with a hold down timer of 4 minutes), but
exiting utorrent (and the subsequent close of connections) is enough to
fix the problem.

There's quite a bit of discussion that's been around for a very long 
time in the forums at http://www.dslreports.com/forum/vzfiber

Cheers,
andy burnette

p.s. on a 20/5Mbps service, I can easily get 22/4.8Mbps ( the latter 
being lower due to my own router's QoS directive for VoIP reserve) when 
I utilize multiple tcp streams at once. A simple speed test of a single 
TCP stream is inherently inaccurate, as variables such as host 
implementation (is it reno, westwood, vegas?) and client capabilities. A 
 tuned aggressive parallel run will pop the top off the limits on the 
VZ network. There isn't any congestion to speak of until it gets to 
various peering points with other networks, at least in my neck of the 
woods.