This firewall thing.
Apologies that this is work related but it needs to be somewhere google can find it.
Every so often I see someone complaining on one forum or another *cough* boards.ie *cough* complaining that we do not let customers configure the firewall on their modems. There is a reason for this.
The reason we don’t let customer configure their modems firewall is that it doesn’t do anything. Our modems are not acting as NAT routers / PPPoE Clients. They are basicly switches. This means no layer 3 handling, no need to map ports. So any config a user might apply would be ignored. Also should a user put the modem into routed mode a TV stream or two and it will melt. DSL modems are not exactly high powered. The other reason we do not let users fiddle with the modem is because we have QOS settings to protect both the TV and Voice traffic.
So how does it work: You plug in your PC and it requests an IP address via DHCP. The DLSAM and the provisioning system have a quick conversation and then assign your PC an IP address. A unique Public IP address which supports any application. The only filtering we do on a customers port is some basic stuff to prevent common viruses and spam bots.
If you then plug in another PC, your friends laptop when they are visiting, that new xbox you got for your birthday they will just be assigned an IP address of their own. Magnet’s FTTH and LLU networks have been certified as suitable for use with xbox live. 95% of the tests didn’t apply to our networks because we don’t do things like NAT.
The reason we do not let users configure the firewall is that it has no function.
Anyway here ends the Rant.