One of the things about running intrustion detection on your home system is that you often see stuff that your service provider doesn't want to (or can't) deal with.
My service provider is a very large (read that as national) high speed cable provider. Currently it's in the middle of a severe ARP storm. It's gotten so bad that connecting to this site from across town is slow.
I logged the packets and had them ready to mail off. Turns out the helpdesk doesn't know what the heck I'm talking about. I ended up entering a clueless level ticket in which I complained about "the Internet being slow". It was about the best I could do via that poor kid. He started getting confused when I talked about DHCP, arp requests, and MAC addresses.
Oh well... I'm off to the doctor to see if I can get this key cap removed from my forehead.