LinuxPlanet - Print - .comment: Going Broadband With a Cable Modem

.comment: Going Broadband With a Cable Modem

By: Dennis E. Powell
Wednesday, September 27, 2000 06:00:00 AM EST
URL: http://www.linuxplanet.com/linuxplanet/reports/2374/1/

Bye-bye Telco

When my wife and I moved to our little Connecticut horse farm, we arranged Internet access ahead of time. Oh, yes, the phone company representatives said, you'll have high-speed Internet through snet.net.

Yeah, right.

When we got here, we discovered that the lines were duplexed, meaning not only that we wouldn't regularly connect at more than 26,400 bps, but indeed that a higher connect speed wasn't even possible.

DSL? Sorry, we were too far out in the sticks.

The telephone company kept saying that new copper was being strung, just wait a little longer.

A little longer came to its end last week. While I've always thought of cable modems as a ragingly insecure and laughably nonserious way of getting online, it had become clear that if we wanted to see websites while we still remembered why we'd gone to them, a cable modem was the only choice for us.

So, my friends, begins the saga of the arrival of Charter Pipeline in our home, the problems encountered, and the solutions we chose. I shall not go into great detail about the mistakes made along the way, in part because it's embarrassing (and in some cases really embarrassing), and in part because I hope that this will be useful to others contemplating the same kind of setup.

The Security Issue

Anyone exploring the switch to a cable modem will find a multitude of stories having to do with the lack of security. I do not know if these stories are true, though I was asked to sign a document stating that I expected no security from Charter Pipeline at all, so I suppose there might be something to it.

Now. It is possible to set up a software firewall in Linux, to turn off the multitude of services that distributions maniacally start by default, and to install software designed to prevent cracking and to report it if it has taken place. I have some of that installed (though not a firewall), but as they say in the military, my confidence level was not high--good enough, maybe, for a dialup, but not for a permanent connection.

As it happened, I was going to need to add some hardware anyway: A network card, and a hub, because I wanted to feed a couple of machines, maybe more. My printer has a network connection available. I keep a couple of notebook machines around, and there is always a machine in progress here.

And it happens that you really can't just plug in the cable modem line--a RJ45 connection--to a hub and send it out to everyone.

Fortunately, practically everyone in the network hardware business has now come out with a little box that performs a multitude of functions: firewall, NAT, and so on. These typically allow many machines to be served by the same cable (or DSL) connection. It's plugged in between the cable modem and the hub (or the computer, if only one machine is involved).

I decided to try to get all three--the network card, hub, and firewall box--from the same company, on the simple justification that if I had to phone tech support, it would be more difficult to lay the blame on one of the other suppliers. My choice was D-Link, because their products are inexpensive, because they promise Linux support, and because I was satisfied with their technical support, which I phoned and talked with before I bought anything. Their answers were satisfying. (And no, I am not compensated by them in any way, nor did I receive anything for free.)

After a little additional research, I decided upon their DFE-530TX+ network cards, which seem solid and which one can get for under $20 a pop.

Their website talked of a thing called the DI-704, which combines one of the little firewall-NAT devices with a four-hole hub. Sounded pretty attractive. Problem was, it wasn't yet available. And contemplation led me to realize it would have been pretty minimal anyway: my machine, the printer, my wife's machine--that left only one connection. So I got their DI-701, which is a one-in, one-out device that I'm counting upon to protect my home and office network from the bad guys. It feeds into a separate device, an eight-hole hub, which is then connected to the computers, the printer (which had a JetDirect card in it when I bought it), and so on.

Installation: The Cable Modem

I had thought, and was wrong in thinking, that installing the cable modem itself would involve nothing more than putting a splitter on the cable that already came into my office. It turned out that there was too much loss from the splits that go off into the rest of the house, so new coax would have to be strung. The cable enters one end of the house; my office is at the other end. I figured it would be a headache, and was wrong about that, too.

The cable guy was a real pro. He phoned the morning of my appointment (it had been scheduled to be installed between 3 and 5 p.m.) and asked if I'd mind his showing up early. He got here at 9:30 a.m. and was gone, coaxial cable installed and cable modem apparently delivering a signal, a little more than an hour later.

I say apparently delivering a signal because Charter Pipeline will not touch a Linux machine, no way, no how. My initial thought was that this probably had something to do with the fact that Paul Allen, the manly one of the two original Microsoft founders and the second richest man in the world, owns a big piece of the cable company. So when the cable guy departed, he had demonstrated the existence of the signal by attaching a gadget apparently designed for the purpose to the modem and saying the readings illustrated a good, strong signal.

Getting the thing to work with my machine was little short of an ordeal, made so by the fact that distributions have forked badly in their handling of things like network cards and hubs. Everybody has some method of configuring these things and nobody bothers to explain what configuration files are involved or the syntax employed. Sadly, it seems as if the files have been placed for the convenience of the tool. The effect is that you might know how to do networking in Debian, but that won't help you with Red Hat, and knowledge of Red Hat won't help you with Caldera. (I realize that this has become a continuing gripe of mine, but I'll use this example to say it again: Unless the distributions can come to an agreement on these things, Linux will fragment into insignificance.)

Beating It Into Submission

A few years ago, after having used Linux for about a month, I published on a Linux mailing list what I called "The Linux Nine-Hour Rule." It specified that getting anything to work for the first time in Linux took nine hours. After that, it worked reliably and quickly, but setting it up was a nine-hour project, no matter what it was.

This changed with the release of Caldera Open Linux 2.2, which was the first distribution that had a number of features, that actually worked, designed to make life easier for the user. My nine-hour rule was repealed, replaced by the "I Dunno; I Just Did Some Stuff and Then It Worked Rule."

Both rules were invoked before the cable modem was working on my machine.

Some--much--of this is my fault. You could fit what I know about networking Linux into a matchbox with room left over for the matches. I was and am running a development kernel, 2.4.0-test8. I'm running a beta version of KDE. I'm running a beta video driver module (which is, by the way, pretty crappy--back to work, Matrox!) and all sorts of other developmental stuff. Then again, if you look at version numbers you'll discover that a lot of what you're running hasn't reached 1.0 yet, either.

I have a Linux guru, the eternally patient Bob Bernstein who, it happens, has a working cable modem. We spent hours on the phone in an attempt for me to learn enough to make it all work, and when that failed an attempt for me to accurately type things into a console window. We tried a world of things--Bob knows Debian, and he knows Red Hat, but he hasn't networked Caldera machines, and I'm running Caldera eDesktop 2.4 because I like the fact that it manages tremendous stability without a Luddite prejudice against new things. And for the reason cited above, this created a problem, because distributions vary so widely. But in due course--after about nine hours--the connection was working. How? I dunno; we just did some stuff and then it worked.

Well, sort of. I could get to the hub, and to the gateway/firewall thing, but not to the modem, whose LED on the DI-701 I now noticed was not lit. D-Link is in California, so I was able to get a call in to technical support in the minutes before their 6 p.m. Pacific closing time. It took the tech support guy less than 30 seconds to diagnose the problem: Some cable modems do not need a crossover cable to connect to the gateway/firewall, and I apparently had one of those, which I'd connected with the crossover cable provided by D-Link. Fortunately, because I already have way, way too much wire tangled up under my desk, I'd gone to one of those wonderful little hole-in-the-wall computer shops (how awful it will be when those all disappear!) and had a couple of foot-long straight Cat 5 cables and a couple of crossovers of the same length made up. I replaced the crossover cable with a straight one, and the Internet LED glowed.

But still, I couldn't ping beyond the firewall. I phoned Bob again to whine some more. While we were on the phone, I happened to click on Netscape and punched up one of my bookmarks and--WHAM!--it was there, so quickly that I thought something had happened to the warning box telling me that it was loading the page from cache. But no, it was the real thing. (Charter tech support, once I'd gotten to someone who showed evidence of having actually seen at least one computer, at least once, possibly while it was turned on, said later that one can neither ping nor be pinged on their system, which I kind of doubt, but maybe he was right.)

Triumph! (Well, Except for Those SpontaneousReboots)

Next day, I phoned Earthlink (their web page having failed miserably to provide the service, even though it claimed to have succeeded) to set up email accounts and the like; Earthlink provides the Internet part of Charter's cablemodem service. Then I started visiting every graphics-intensive web page I knew of, marveling at the sheer speed of this new connection. It was breathtakingly fast.

And then the computer rebooted. A page was loading, then black screen, then power-on self test.

Anyone who has used Linux for any length of time knows how serious this is. It just doesn't happen. Fscking a 20-gig IDE drive takes awhile, especially when everything in the Netscape cache is now unowned and needs to be cleared by running e2fsck manually.

Once it was all done, I looked in /var/log/messages and was unsurprised to find no evidence of any causative factor. So I fired up Netscape again, and within a half hour it had happened again. This kind of thing is a limiting feature.

Thus began four days of seat-of-the-pants diagnostics. I spent time in the ill-documented Award bios (typical help file entry--"Options: Enabled, Disabled") and found that the network card's IRQ, 12, was assigned by the bios to a PS/2 mouse that I don't have but for which there's a port on the motherboard. I exercised my option ("Disabled") and booted, fired up Netscape, and was rebooted against my will within 15 minutes. And again I had to do the manual e2fsck thing on my /home partition.

I tried a different network card (I'd gotten three identical ones). No joy. I set the bios to force IRQ 12 to the slot occupied by the NIC. No joy. I replaced every piece of Cat 5 cable in the whole chain. No joy. At the end of four days, I'd rebooted more times than I had in the previous year--and I burn a lot of kernels.

Then, late one night, I got email from Bob. He'd found a site with a new version of the 8139too.o kernel module used by the D-Link network card. I downloaded, compiled, and installed it.

As I write this, it's 30 hours later. I've spent lots of time online (doing stuff; a cable modem is always online) and so far I haven't had anything unexpected (I've grown to expect the loss of horizontal sync with my vid card, and I hardly notice anymore the headaches it causes).

Of course, most users won't encounter the kind of trouble I did. Most users have a largely unaltered distribution, with tools that make setting up things like network cards and nameservers simple. In those circumstances, a cable modem is probably going to go in pretty painlessly. I think that a hub is a good idea--why make a one-node network?--and because of that, a gateway/firewall that does NAT becomes absolutely necessary. (I think it's absolutely necessary for security reasons, anyway. The D-Link model lets you telnet in to configure the thing, which is easy. Almost every company that makes networking equipment offers a similar device, at prices hovering around $100, though I do not know how Linux-friendly they are.)

And even if you encounter the bumps I did, you'll still find a cable modem worth the trouble, especially if you live someplace that doesn't have DSL service. The thing is really, really fast. Big downloads are no longer a matter of late-night scheduling. Waiting for a page to load is mostly gone (though there are sites that have slow servers, and there are times when the Internet is really busy, and no trick connection will help you with those).

I figure that I've already amortized the time spent on installation, just by the difference in page load and ftp times. This thing is cool.

For the first time in years, I've unplugged and stored my beloved USR Courier. I'll keep it, and I'll miss it. But I doubt I'll use it again.