DSL vs. Cable Modem: A Real-World Comparison

Summary

I compared Verizon DSL and Comcast Cable High-Speed Internet in a real-world situation, using the companies' self-install kits, to find out which would work better in a mixed Linux/Windows environment. The network consisted of a small number of PCs with statically assigned IP addresses. Here is the network setup:

Internet<-->Cable/DSL modem<-->Netgear FR114P Firewall<-->D-Link DGS-1016D Gigabit Switch<-->Patch panel<-->Local Network

The two companies (Verizon and Comcast) have radically different philosophies. The phone company, while very polite on the phone, clearly believes that the customer is a boob who is incapable of plugging a telephone into a wall jack. On the other hand, the cable company acts as though it believes that if the customer is given enough cable, he will hang himself ... and good riddance to him. Below are my experiences at my location in suburban Maryland. Your mileage may differ. At my location, cable was considerably faster and more reliable than DSL, but was more expensive. By its very nature, cable is more susceptible to eavesdropping and other security problems than DSL, but also provides greater capability. It was found that a firewall is absolutely essential for Comcast cable, but was not needed for Verizon DSL. This might not be true for other companies or in different locations.

Verizon DSL

Westell 6100 DSL Modem
Circuit board from Westell 6100 DSL Modem

I tried Verizon DSL first, ordering their self-install kit, which is the method Verizon prefers. Verizon can only give an 8-hour window if a technician needs to enter your premises, and for some inscrutable reason their technicians are not allowed to have telephones in their truck, so they can't call you in advance. So self-installation is the desired way.

DSL comes through your phone line (known informally as POTS or plain old telephone service). It doesn't interfere with using the phone, so you can make calls and use the Internet at the same time, provided you install special low-pass filters on each of your telephones, computer modems, etc. to filter out the DSL signal.

At first, Verizon seemed to get a little confused about what I wanted. Instead of activating the DSL, they turned off my phone service, which left me unable to order pizzas for a couple of days. After finally getting through to Verizon's customer service (not easy without a phone), the phone glitch was straightened out, and about a week later (four days after the service start date) the DSL line was finally activated. There's only one way to know whether it's been activated: by plugging in your DSL modem and seeing if the LEDs light up.

The installation kit came with a CD that required Windows. It gave detailed instructions (using Java animation and the computer's sound card) on how to plug in the DSL filters and so forth. However, no technical information about the DSL connection or the modem was provided. The software connects to the Verizon server, verifies your account, and allows you to set your username and password. Once you're signed up, the Windows stuff is no longer needed, and the DSL line can be plugged in with no problems to a router, firewall, or anything else that can act as a DHCP client.

The DSL modem, a Westell 6100, has four LEDs. When it's plugged in, the DSL connection LED flashes slowly, then rapidly when it finds a DSL signal, and becomes solid when it becomes synchronized (see photo). If there is a server at the central office, the 4th LED lights up. If you forget to put a DSL filter on your regular telephone, the modem will never synchronize.

Unfortunately, at my location the modem would drop the connection at random times throughout the day, leaving no Internet connection for periods of 10-30 minutes. This might have been due to a larger than usual distance of my house from the phone company's central office. If you call tech support, you have to talk to their computer (who was very nice) for several minutes, but eventually you get a real person. Of course, the first tier support can't do much other than to make you double- and triple-check that you have installed your filters correctly. If they escalate your trouble ticket, the only way of knowing whether anything was ever done is whether, two or three days later, it starts working.

The connection speed can be found by connecting to the modem with a browser (at 192.168.1.1). The download connection speed varied from 160 kbps to 1500 kbps, with 720 kbps being typical. This was much less than the 3000 kbps that was advertised, but 1500 kbps is still equivalent to a T1, which is darn good. Upload speeds were, of course, much slower.

It turned out to be necessary to locate the DSL modem in the basement next to the demarcation point in order to get a reasonable signal. Luckily, I already had a network jack nearby in the basement. I wired up a separate phone jack to the demarc box. Unfortunately, at this point the modem fell onto the floor and smashed the DSL connection LED. Upon repairing it, I found a manufacturing defect on the circuit board and repaired that as well. This improved the performance somewhat, but the modem would still frequently drop its connection. (The modem is normally in a black plastic box, not a bare circuit board as shown in the photo. I didn't bother to put the circuit board back in its box after replacing the LED.)

Verizon forces you to sign a one-year contract to get their service. After the first month, you pay a $90 fee if you cancel. However, the monthly fees are a lot cheaper than Comcast's.

With Verizon DSL, you get a non-routable IP address (in the 192.168 range). This means it's impossible to connect to your home computer from out in the Internet. This has some security benefits, the most important one being that it's impossible for hackers to reach your computer. Unfortunately, it's also impossible for you to reach your computer when you're away from home. See linuxsetup86.html for a way to get around this.

Update: I have been informed that it is possible to get a routable public IP with a Westell 6100 if you put your modem in bridge mode. I have not tested this. See http://www.dslreports.com/faq/13600 for details.

Comcast High-Speed Internet

Scientific Atlanta DPC2100 4008135 Cable Modem
Scientific Atlanta DPC2100 4008135 Cable Modem

Self-install is also the preferred way to get Comcast High-Speed Internet. Before I discovered the self-install option on their website, I called Comcast on the phone to schedule an installation. Comcast gives you a three-hour window. The installers failed to show up twice, requiring two reschedulings (each of which means another ten days of waiting). If you order the self-install kit, it's faster. You have to swear on a stack of rewritable CDs that you really know how to install software and hardware before they will let you buy the self-install kit. You also have to agree that you will have to pay through the nose if you're unable to install it yourself.

The Comcast High-Speed Internet Self-Install Kit comes with a splitter, a cable modem, and two coaxial cables with F-connectors already attached. There were essentially no instructions and no technical information, but installing it was trivially easy. However, in order to get a connection, it was necessary to connect the splitter at the point where the cable entered the house. You must use a 1:2 splitter, since the modem (a Scientific Atlanta DPC2100 4008135 Cable Modem) is very sensitive to the signal level. The 1:2 splitter reduces the signal by a little over 3 dB. If I used a 1:3 or 1:4 splitter, the modem was unable to make a connection. A terminator seems not to be necessary, so if you don't have a TV you can just leave the unused end unconnected. (Terminating it is still a good idea, as it reduces the amount of cable signal egress, which causes radio interference.) Of course, you have to remove any distribution amplifiers upstream of the modem.

Whatever you do, don't remove that loop of cable that the cable company makes where the cable enters your house. It's there for lightning protection.

They also provide a USB cable, in case the user doesn't have a network card. Using the USB option would require locating your computer within 15 feet of wherever the cable enters your house. (Verizon's modem also has a similar USB cable.)

Make sure you hang onto your cable bill. Unlike Verizon, which identifies you by your phone number, Comcast needs your account number. Without it, you can't even sign up.

The software required Windows. Unlike Verizon's software, which assumes that the computer is already configured to pick up a dynamic IP, Comcast's software automatically changes your network configuration. However, the software was very buggy. During installation, it froze numerous times, requiring karate chops by the Windows Task Manager to finish it off. Restarting the software didn't work; I had to uninstall (which requires a reboot) before the software would get past the "Connection Successful" screen. The software also timed out a few times before finally contacting Comcast's server. After it finished installing, oddly enough the setup program continued to run in the background, using 10% of the CPU, with the hard disk light blinking on and off. Was it sending information about my hard drive to Comcast? Or was this just another software bug? It is hard to say. Killing the process with the Task Mangler stopped whatever it was doing.

Once your account is set up, the Windows computer is no longer needed and the modem can be connected to any device that takes a dynamic IP. However, for some reason the modem apparently remembers the MAC address of whatever it was last connected to. This means you must power cycle the modem before attaching it to another computer, or it will appear not to work. (Some cable modems have a battery backup, in which case it's also necessary to press the "Reset" button). The connection is not PPoE and did not require sending a password to make a connection.

Another difference from DSL was that Comcast provides a routable IP address (although they will not provide a static IP). This means that you can usually connect to your home computer remotely, and you can run X Window applications remotely over your cable modem line (if your firewall doesn't block it). This is not possible with Verizon DSL, which only gives you a 192.168.x.x address. However, a routable IP comes at a price. A firewall is absolutely essential with Comcast's arrangement. I opened up a single port (port 22) on my firewall and within 30 minutes, I was getting script kiddies trying to hack into my Linux machine. I dread to think what would happen to a poor little lamb like a Windows computer connected to a raw cable modem without a firewall. Although you can easily build your own firewall by putting a second NIC into a Linux box, I highly recommend the Netgear FR114P for its convenience.

Finally, unlike DSL, which is strictly point-to-point, a cable modem connection is like an old-fashioned telephone party line. Your traffic can be easily intercepted and monitored by possibly hundreds of other folks. Indeed, the cable modem LEDs blink continuously from other people's traffic whether you're using the Internet yourself or not. One symptom of this was that ping times varied considerably depending on the time of day and number of other users. Ping times for the server at my workplace routinely varied from 25 msec to over 300 msec during the evening "prime time" hours--twelve times slower. It also means absolutely no ftp and no telnet. This privacy risk, along with the higher price, is the main drawback of cable Internet. The main advantage of cable Internet is its higher speed (currently 8 Mbps download speed at present compared with 3 Mbps for DSL) and the lower rate of service interruptions (at least so far). Over the first year, uptime has been in the range of 97-98%.
Wire closet
Here is a photo of the network that was used in the tests. There is nothing out of the ordinary here. The Cat 5e cable from the modem comes up from the basement and plugs directly into the hardware firewall. Make sure the cable is riser- or plenum-rated if it travels between floors, or it may invalidate your fire insurance. Shielded cable and shielded patch cables are highly recommended to prevent generating radio frequency interference. The small black boxes at the left are optical isolators, which can be handy to prevent spikes from frying your network card.

Linux configuration

In a small network, the easiest way to connect a cable or DSL modem is to use statically-assigned IP addresses. The procedure is very simple:
  1. Turn off DHCP server on the firewall.
  2. Assign the LAN address of the firewall to some IP on your local network (such as 192.168.100.10).
  3. Add a route from the linux box to the firewall by typing:
     route add default gw 192.168.100.10  
  4. The new routing table should look something like this:
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    192.168.100.0   *               255.255.255.0   U     0      0        0 eth0
    169.254.0.0     *               255.255.0.0     U     0      0        0 eth0
    loopback        *               255.0.0.0       U     0      0        0 lo
    default         netgear.my_doma 0.0.0.0         UG    0      0        0 eth0

The Netgear firewall can forward inbound connections to any machine on the network.

Updates

Update (Mar 11, 2010) The Netgear FR114P now has trouble obtaining an IP address from Comcast using their RCA cable modem. So far the only solution is to restore it to factory defaults whenever it loses power. Once this is done, it picks up an IP address immediately. It's recommended to keep this router on a big UPS.

Update (Jan 21, 2011) Another problem with Comcast cable: DNS name resolution is getting slower. You can see this yourself in Firefox when you type a URL: at the bottom, it notifies you when it's looking up an address. Usually these are URLs of advertisement sites such as doubleclick. One solution is to create a dummy hosts file routing all such addresses to 127.0.0.1. If you're running Linux, you can also set up your own caching name server.

Update (Apr 01, 2014) Watch out for Comcast: they're sneaky. Comcast's outside wire broke during a snow storm, and they tacked $49.50 on to my bill to fix it. Be nice if they said that before sending a guy out. Next time it breaks I'll splice the wire back together myself.


Back