I'm having a problem running a TiVo for my mother-in-law. To save some money
she changed her ISP to AT&T. The issue is that AT&T is running some sort of
transparent web cache proxy at the base of their network and the TiVo will not
load it's daily guide data through the cache. AT&T also charges for this kind
of Tech support so getting the caching issue fixed is not an option.

I'm running my firewall on OpenBSD and my in-laws have a similar firewall
setup. I have already setup an IPSEC VPN between their house and mine. The
setup looks like this:


    Tivo ----> [ In laws fw ] ---> ( Internet ) <--- [ my fw ] --- my net

The firewall setup is for partially for my convenience. I want to seamlessly
get to my servers when I'm over there for a bit of time. Their default gateway
sends them to the internet through their AT&T connection but can also get to
things on my network. If the tunnel goes down the internet works fine but they
cannot see things in my house.

What I would like to do is arrange for their TiVo to pass all of it's traffic
through the tunnel and out through my firewall since my ISP is a bit easier to
deal with.

-- Chris

----------------------------------------------------------------------------
                                      "There will be an answer, Let it be."
                                           e: chris -at- vindaloo -dot- com

[ message continues ]

Here's a nickel kid - Get a better ISP.

Fuck people, if you don't vote with your feet when they do this shit
eventually you'll be able to do nothing.



[ message continues ]

Bob is right.

That said, this isn't actually hard to do, and the syntax is well
documented in ipsec.conf(5); just make sure the TiVo has a fixed IP
address (dhcpd.conf(5) may be useful) and the networks are on
non-overlapping netblocks.

		Joachim 

[ message continues ]

Agreed Bob but as a practical matter I won't be able to explain this problem
to my 80 year old father-in-law. Unfortunately that's a requirement if I want
to convince him to pay $10.00 more per month for the local CableTV internet
service provider. Sadly the person most affected here is my mother-in-law who
just wants her TiVo to work.

Furthermore he won't even take the money from me. His thinking is that if the
phone company can give him Internet Service for $35.00 / month then the Cable
company should meet that price. <rant>Nevermind that for $35.00 the phone
company is giving you a 3Mbps Down / 768kbps Up connection where they force an
IP address change at least every 24 hours. For $45.00 the cable company is
providing a a 15Mbps Down / 1.5Mbps Up connection with effectively static ip.
(Your IP address will change if they break or change their DHCP server or you
change your external nic, their fault once every 8 years for me.)</rant>

I see this as a subtle Net Neutrality Issue. And it makes my blood boil that
to fix something beyond a basic web surfing or email issue you have to pay
extra.

The crux of the problem is that the we don't see the internet the same way as
normal people. I write this from my brother-in-laws house where there are no
less than 12 2.4 GHz 802.11b/g routers within an 1/4 block radius. The
interference from all of these routers in the same band destroys 95% of the
usable bandwidth. It's so bad I just ran out to the Big Box Electronics store
and bought a new dual band 2.4/5GHz bridge/router and bridged via the wire to
his connection. Why not just replace his router with the unit that I just
bought? Because his email and web work fine. Sigh.

In the end Joachim has the right solution. For my father-in-law: use IPSec to
move the TiVo's outbound pipe to my house. For my brother-in-law be happy that
I fly back home on Saturday.

-- Chris

--

     __o                                                 Chris Hilton
   _`\<,_                           ...
[ message continues ]