cancel
Showing results for 
Search instead for 
Did you mean: 

Hub 3 / Compal CH7465-LG (TG2492LG) and CGNV4 Latency Cause

Datalink
Up to speed

Good Day Ladies and Gentlemen,

Greetings from the other side of the pond, so to speak.  Over the last few weeks I've been perusing various user forums across North America and Europe for issues related to Intel Puma 6 modem latency.  Of those forums, your Hub 3 stands out as yet another Puma 6 based modem where users see continuous latency no matter what site is used or what online game is played. Considering all of the problems that are on the go, the following information should be of interest to all Hub 3, Compal CH7465-LG and Hitron CGNV4 modem users.  There is much more to post regarding this, so this is a start, to alert VM users as to the real cause of the latency and hopefully engage the VM engineering staff, via the forum staff, with Arris.  I am surprised to see that there has been no mention on this board of users from other ISPs who are suffering the exact same issues with their modems, so, this may come as a surprise to some, and possibly old news to others.

So, the short story ........

The Hub 3 / Compal CH7465-LG (TG2492LG) & Hiton CGNV4 modems are Intel Puma 6 / 6 Media Gateway (MG) based modems.  These modems exhibit high latency to the modem and high latency thru the modem.  The latency affects all IPV4 and IPV6 protocols, so it will be seen on every internet application and game.  The basic cause is the processing of the data packets thru a CPU software based process instead of thru the hardware processor / accelerator.  It appears that a higher priority task runs periodically, causing the packet processing to halt, and then resume.  This is observed as latency in applications and in ping tests to the modem and beyond.  For the last several weeks, Hitron, along with Intel and Rogers Communications in Canada have been addressing the latency issue within the Hitron CGNxxx series modems.  To date, only the IPV4 ICMP latency has been resolved.  Although this is only one protocol, it does show that a Puma 6MG modem is capable of using the hardware processor / accelerator with good results.  Currently Rogers is waiting for further firmware updates from Hitron which should include an expanded list of resolved protocol latency issues.  For Arris modems, "Netdog" an Arris engineer indicated last week that Arris was onboard to address the issue for the Arris SB6190 modem.  That should be considered as good news for any Arris modem (read Hub 3) user as Arris should be able to port those changes over to other Puma 6/6MG modems fairly quickly.  This is not a trivial exercise and will probably take several weeks to accomplish.  Note that there is no guarantee at this point that it is possible to shift all packet processing to the hardware processor / accelerator without suffering from any packet loss side effects.  Time will tell if all of the technical issues can be resolved with the current hardware included in the Puma 6/6MG chipset.  Last night, Netdog loaded beta firmware on selected test modems on the Comcast Communications network.  As this was only done last night, it's too soon to tell what this version resolves and if it was successful or not.  Netdog has contacts with staff at Comcast, Rogers, Charter and Cox Communications to fan out beta versions and modifications for testing.  I'd say its time to add Virgin Media and/or Liberty Global to that group as well.

Recent activity:

Approx three weeks ago a DSLReports user, xymox1 started a thread where he reported high latency to an Arris SB6190 and illustrated that with numerous MultiPing plots.  This is the same latency that I and other users with Rogers communications have been dealing with for months so it came as no surprise.  As well as reporting via that thread, xymox1 took it upon himself to email several staff members at Arris, Intel, Cablelabs and others.  The result of that campaign was Netdog's announcement, last week, that Arris was fully engaged at resolving the issue.  That has led to last nights release of beta firmware, although as I indicated its too early to determine what the beta firmware resolves, if anything.


The original thread that xymox1 started is here:

https://www.dslreports.com/forum/r31079834-ALL-SB6190-is-a-terrible-modem-Intel-Puma-6-MaxLinear-mis...


Yesterday, DSLReports issued a news story covering the thread:

https://www.dslreports.com/shownews/The-Arris-SB6190-Modem-Puma-6-Chipset-Have-Some-Major-Issues-138...


Today, Arris responded:

https://www.dslreports.com/shownews/Arris-Tells-us-Its-Working-With-Intel-on-SB6190-Puma6-Problems-1...


That response was also picked by Multichannel.com

http://www.multichannel.com/news/distribution/intel-arris-working-firmware-fix-sb6190-modem/409379

This is more news likely to appear in the next few days as additional tech and news staff pick up on this issue.


Hub 3 observations:

Like many others using a Puma 6/6MG modem, Hub 3 users are experiencing latency when they ping the modem, or ping a target outside of the home, game online or use low latency applications.  The common misconception is that this is Buffer Bloat. It's not. Its most likely a case of the packet processing stopping while the CPU processes a higher priority task.  The packet processing is done via the CPU no matter what mode the modem is operating in, modem mode or router mode and no matter what IPV4 or IPV6 protocol is used.  Normally, the latency is just that, latency.  The exception are UDP packets. In this case there is latency and packet loss.  The result of that is delayed and failed DNS lookups, and poor game performance for games that use UDP for player/server comms or player/player comms.


Can this be fixed?

So far, it appears that the answer is yes.  Rogers Communications issued beta firmware to a small group of test modems in October.  This version shifted the IPV4 ICMP processing from the CPU to the hardware processor / accelerator, resulting in greatly improved performance in ping latency.  At the present time we are waiting for the next version firmware which should shift other protocols over to the hardware processor / accelerator.  That can be seen in the following post:

http://communityforums.rogers.com/t5/forums/forumtopicpage/board-id/Getting_connected/message-id/369...

The details and results of last nights beta release to the Comcast group have yet to be seen.

At this point there is enough reading to keep most staff and users busy.  My intention is to post some of the history leading up to this point and instructions on how to detect the latency and packet loss.  This is not thru the use of a BQM.  I had hoped to post this all at once but events are moving much faster than I had thought they would.  For now this should suffice to get the ball rolling.

Below is a link to a post with a couple of HrPing plots from my 32 channel modem to the connected CMTS.  This shows the latency that is observed and reflects what others have posted in this forum using Pingplotter and HrPing.

https://www.dslreports.com/forum/r31106550-

HrPing is one of the freebie applications that can be used to monitor the latency to and thru the modem. 

Pingplots with Pingplotter which show the latency from my modem to the CMTS can be found in the first two to three rows of my online image library at Rogers Communications, located below.  They are essentially what the BQM would look like if you were able to zoom into the plot to the point where you could see the individual ping spikes.  Those ping spikes are common to Puma 6 and Puma 6MG modems.

http://communityforums.rogers.com/t5/media/gallerypage/user-id/829158

 

 

 [MOD EDIT: Subject heading changed to assist community]

4,478 REPLIES 4,478

nallar
Dialled in

CVE-2017-15078 has been allocated: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15078

The Intel Puma 5, 6, and 7 chips, as used on Virgin Media branded Arris TG2492 devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports, a related issue to CVE-2017-15064. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Virgin Media.

fat4l
On our wavelength

Lol I called them to activate my SH2AC, which they did. I had it from previous owner but they needed him to confirm that I will be having his SH2AC. He confirmed, they said ok we will activate it for you. I gave them MAC address. done.
They said I have to downgrade to 200Mb first because the SH2AC doesnt work with 300.

 

The issue I am having now is, they dont want to downgrade my broadband to 200Mb(im on 300Mb currently).
I have the package from them, standard TV, standard calls + 300Mb broadband, and I have "new customer deal".
They say to downgrade to 200Mb, I will be payling like 10£ a month more because I will no longer be eligible for the "new customer deal" i have now on my package(above). This is ridiculous lol.
They told me a BROADBAND SPECIALIST will call me on Friday. and help me to sort it out.
Does anyone know what he will say? What he can do ? I dont really want to be paying like 10£ more for slower broadband.... Doesnt make sense.
I want either TV + Phone + 200Mb or just 200Mb on its own as I dont usethe TV nor phone.

Thanks


@nallar wrote:

CVE-2017-15078 has been allocated: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15078

The Intel Puma 5, 6, and 7 chips, as used on Virgin Media branded Arris TG2492 devices, allow remote attackers to cause a denial of service (performance degradation) by sending a moderate volume of small packets to many TCP or UDP ports, a related issue to CVE-2017-15064. NOTE: Intel has advised that they are only a hardware manufacturer in this instance; they do NOT own the mitigation distribution channel for these chips. Any details about mitigations would need to come from Virgin Media.


Passing the buck as per usual, this CVE won't actually help much, although it DOES confirm that the P7 is affected which means VM wouldn't have a hope in hell of releasing a P7 based hub4, although this does sadly mean even more delays as they will now have to test other devices that aren't puma based, although its odd they would pass the buck to VM when they know full well that VM doesn't make the devices, if its passed anywhere it would be to arris, VM doesn't actually do anything in regards to actual firmware code

187 pages, nice....

I see you guys are up to speed on the CVEs. I was just checking in across the pond to be sure your on top of this.

The CVE can be used in complaints as a technical verified reference to the issue.

Intel and VM must be pretty unhappy about MITRE going right over them and issuing CVEs.

Its ALL cable modem makers world wide, not just VM.. http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=intel+puma

Big thanks for briging all this to the fore @Xymox. Appreciate the work you have put into this.

wotusaw
Superfast

Grumpy1@

"Big thanks for briging all this to the fore @Xymox. Appreciate the work you have put into this."

Ditto. He's my hero.Smiley Happy

Without his persistance they may well have got away with it.....Yes, I know others are involved and thankyou to them as well.

 

Looks like CVE-2017-15078 has been reversed.

"This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue associated with the originally named downstream provider. Notes: none."

I can only assume that Virgin Media were unhappy being named on the CVE as they are not the modem manufacturer.

Some interesting chat on the DSL Reports regarding it.. http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=intel+puma


@Drewley wrote:

Looks like CVE-2017-15078 has been reversed.

"This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue associated with the originally named downstream provider. Notes: none."

I can only assume that Virgin Media were unhappy being named on the CVE as they are not the modem manufacturer.

Some interesting chat on the DSL Reports regarding it.. http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=intel+puma


As i said, it was odd that VM was named in the CVE given that it would be arris who would be responsible for the fixes as the OEM, it was incorrectly worded aswell as it held VM responsible for the P7 issues when they only use P5 and P6 devices afaik, makes it seem like someone wrote the CVE and forgot arris existed 😛

I have a SH3 and still have my old SH2 kicking around. Problem is that the SH2 for some reason didn't play well with my Echo. If I return the SH2 to service can I keep the SH3 for Wi-Fi only while my PS4 connects to SH2 wired?? I was about to go to infinity to improve my Wi-Fi performance and ping but Virgin called up today to offer me a good deal on V200 Gamer to stay and some Wi-Fi extenders to improve the Wi-Fi.....should I stay?


@shanematthews wrote:

@Drewley wrote:

Looks like CVE-2017-15078 has been reversed.

"This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue associated with the originally named downstream provider. Notes: none."

I can only assume that Virgin Media were unhappy being named on the CVE as they are not the modem manufacturer.

Some interesting chat on the DSL Reports regarding it.. http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=intel+puma


As i said, it was odd that VM was named in the CVE given that it would be arris who would be responsible for the fixes as the OEM, it was incorrectly worded aswell as it held VM responsible for the P7 issues when they only use P5 and P6 devices afaik, makes it seem like someone wrote the CVE and forgot arris existed 😛


Tbh it mentioned that it wasn't Intel to sort as they didn't own the distribution channels. You could read it as they have something, but it's not them to distribute it (which is fair enough), but I think I'm just being optimistic. 

--------------------------------------------------------
Look behind you, a three-headed monkey