Visitor
•
6 Messages
Home Firewall / Router data usage records less data than Xfinity... (Unifi, Sophos, PFSense, DDWRT)
I have a Unifi Router / Firewall. All network internet traffic goes through that firewall. It also records all internet usage per device, down to the hour. My firewall consistently reports 1/3 to 1/2 less data usage than Xfinity reports on their online data usage meter. I've seen other posts on this Xfinity Forum where customers report the same issue with SOPHOS, and PFSense firewalls. Why is the Xfinity data monitor reporting more data usage than our on premises firewalls?
We can't all be wrong.
flatlander3
Problem Solver
•
1.5K Messages
2 years ago
Coax connected cable TV box involved? Does your modem/gateway have an MoCA feature? Lack of a Point of Entry filter problem and stray devices connecting -- neighbors devices, intentionally or unintentionally. There is NO security on Xfinity's MoCA implementation.
pfsense pulls info from ifconfig and utilities like vnstat do that too. I've never had an issue. You're down in the driver viewing data. I actually have the opposite problem. When Xfinity data reporting does work, it's short of data use I know I've used by quite a bit by the end of the month. For the past 6 months, it hasn't worked at all. They web page is reporting monthly usage of around 50GB total, which is completely silly.
Also on pfsense, you will see rounding/data-rate-averaging going on if you are viewing data with an add-on like bandwidthD, and ntopng works as a packet sniffer, and it does miss quite a bit. Interface stats are accurate on the dashboard (ifconfig again), but if you hard reset the driver, or reboot your firewall, that counter will zero out. Some configuration changes will reload networking too and zero out the counters.
For a Gateway/Modem, If I put my netgear in "gateway mode" (I only use bridge mode), I have no idea what the traffic meter counts. It's not data. Move a very large file of known size a few times with no other connected devices to verify your own gear. Try that first just as a sanity check. Perhaps your data counters are not accurate either or averaging on your gear.
I'm not saying Xfinity data reporting is accurate. On my account, clearly it is not.
0
0
wprivera
Visitor
•
6 Messages
2 years ago
I do not use MoCa on my home network. I own a new DOCCIS 3.1 cable modem. It connects to a Unifi Getway / Router / Firewall. All devices on my network are accounted for, by MAC address. There are no "stray" devices. Unifi reports all network traffic by device, down to the hour. I have additional software that identifies and logs every website each network device connects to. My network is secure. I trust the data totals that the Unifi software reports. I did not experience increased internet data use, until after data caps were instated.
0
0
flatlander3
Problem Solver
•
1.5K Messages
2 years ago
Yeah, but devil is in the details. It's HOW Unifi is recording details. Consider a utility like MRTG/rrdtool:
Is this latency graph accurate? No, not really. It's a one minute average using a tcp ping from two points. What can it tell me? Well, it tells me when routes change (I'll see a long duration increase/decrease in latency), and some network conditions, and also when I am down.
What does Unifi use? Dunno. Is it an interface stat like ifconfig? Is it more of an rrdtool like above? It's why I suggest moving a file as a sanity check. Methodically. One device. Move a known file. Wait some time -- randomly, 10-30 minutes. Move a file again. Do it a few times, then look at the data transfer reported. The goal is proving it for a bill dispute. It's also very helpful if you can provide detailed logs.
How does Xfinity's 3rd party company report it? Dunno. They won't say, other than they're "super accurate". I found that to be quite a bit less than true. I'd guess they're using quite a bit of data-rate averaging.
0