I recently had to switch service providers and Telus was the only one offering a fast upload link as well as good download speeds through their fibre optic network. They installed an Actiontec T3200M modem to facilitate the bridge between the fibre optic endpoint and my network. Since this is fibre, they used an SFP based ONT module that plugged in to the SFP slot in the T3200M. This is pretty advanced stuff for residential networking so I was quite excited to see how well it would perform.

I did some speed tests and the results were good - consistently above 300Mbps down and 300Mbps up and fast ping times (sub 10ms). Now my network is fronted with a firewall and that firewall controls everything. Specifically, I turned off the WiFi in the T3200M and use my own WiFi equipment, all routing through the firewall connected to the T3200M. I placed the T3200M in bridge mode to disable its routing and NAT as that would just interfere with my network. Doing this is allowed by Telus, but not technically supported. What I understood from that is when you run into any technical issues doing this, their tech support will not come out and help you resolve issues on the other side of the T3200M. I completely understand this policy as one cannot expect Telus to support custom configurations for residential customers.

So when I received my first full months's bill I was horrified to see an overage charge of $45. They claimed I consumed 1.5TB of data in my July billing cycle.

Ignore June for now - it was a partial month. My historic usage before I went to Telus showed that I never exceeded 800GiB in any month:

Specifically, my statistics show that I only used 707.95GiB for the July billing cycle, a full 800GiB less than what Telus was claiming. That is a pretty huge discrepancy. So naturally I called their support centre.

I spoke with three people, one of which was a manager. I started by explaining that I placed my T3200M in bridge mode, that I am using a custom firewall and that my counters do not match theirs. He immediately responded that they do not support bridged mode. To which I replied that I understand they do not technically support it but it should not cause double billing issues, only technical connectivity issues if done incorrectly. He said their counters are accurate and that mine were incorrect. I then told him that everything flows through the firewall, the T3200M's WiFi is turned off and my stats had never been wrong, that my historic usage with other service providers had me never exceed 800GiB in a month.

So I asked to see the daily values for the new billing cycle. He gave them to me. It showed that each day I consumed roughly 15 - 20GiB in download, BUT also 16 - 21GiB in upload. Suddenly all was clear. My average outbound traffic is 20 times less than inbound according to my firewall - something I explained to him is just clearly wrong.

Telus Counters:

Firewall Counters:

I tried to explain that I mostly stream video content, download files and the only real outbound traffic I do is emails, some small file uploads and that is it. I said that it is impossible to consume more outbound data than inbound when you mostly stream content. He agreed that if you stream mostly, the inbound figures should be much larger than outbound, but immediately rebutted that Telus cannot violate my privacy and inspect the actual traffic I consume and that they have lots of customers with different usage patterns, many who consume more than a TB of data. I said that I do not want him to inspect my data, I want him to explain how their counters can show an almost 1:1 correlation between inbound : outbound traffic for my usage patterns. We went full circle - him saying that I need to inspect my equipment or need to disable bridge mode.

He did offer an unlimited data plan if I lock myself in for 2 years, or at an extra $15 per month I can get unlimited data. That was not the point - I do not want to pay $15 per month for unlimited data if I never exceed the 1TB cap I have. So I ended the conversation there, knowing Telus will NOT investigate their systems.

I actually monitored the previous day - checked Telus' current usage figure against my firewall, then streamed about 18GB of data watching Crave / Netflix, and the next day I checked the counters again. My firewall stated that I consumed about 18GB inbound and about 1GB outbound for the day, Telus showed a jump from 58GB to 139GB in the same time period. That is 80GB in one day! Impossible, so I knew I had to do something to fix this problem as I would get penalized every month.

Next step was to prove at least to myself that I was correct and Telus was wrong (really not necessary as I knew I was right, but proving something is always fun). To prove that I was right, I had to figure out why their stats were incorrect, and if I could not do that, at the very least confirm my counters at the very last point in the network leg - at the ONT. My suspicion was that the T3200M, when in bridge mode, is not truly in bridge mode but has two public IPs (I confirmed that - the modem had an IP and the firewall had an IP, both public) and that their system is counting inbound traffic mostly correctly, but outbound they are counting incorrectly by counting the wrong interface's counter.

Since I could not prove anything beyond the counters in my firewall, I had to go a step further. I decided to remove the ONT SPF from the Telus T3200M, and place it in my old Cisco SG300-10 switch's mini-GBIC (SFP) port. This seemed like a reasonable thing to do since:

1. Telus scanned the ONT's serial number and that is what is registered on my account, and is what is used to decrypt the data targeted for my ONT.
2. By moving the ONT into the (managed) switch, I eliminated the T3200M. I cannot eliminate anything further without messing with the ONT and that would compromise my service. Furthermore, I could inspect the raw counters on the switch, knowing that there will be no weird bridging going on except layer 2 switching.

Once configured, the network was up and working flawlessly without the T3200M. I waited for Telus to perform a fresh counter update (they state the date and time of the last refresh) and compared that to my firewall as well as the raw port counter on the Cisco switch (both the FW port and the SFP port). After two days of usage here are the figures:

Which means, after taking out the T3200M from the equation and consuming 28GiB of inbound and 1.34GiB of outbound data for a total of 29.35GiB over two days, the discrepancy between my firewall and my switch at the ONT port is only 0.27GiB which can easily be attributed to the fact that these readings were taken 15 minutes apart. Those figures now ALSO match Telus closely (within 0.43GiB) which can also be attributed to the 20 minute lag between the tests.

I am thus very confident that the T3200M in bridge mode will give incorrect outbound traffic figures, potentially doubling your consumed data counters. The solution is to either not use bridge mode, or to dump the T3200M and use something else. Or.... Get Telus to fix their crap. Good luck with that.