|
|
1c6890 |
<sect1 id="connectivity-dialup-policy">
|
|
|
1c6890 |
|
|
|
d19ad2 |
<title>Usage Convenctions</title>
|
|
|
1c6890 |
|
|
|
0a4224 |
<sect2 id="connectivity-dialup-policy-os">
|
|
|
0a4224 |
<title>GNU/Linux Distribution</title>
|
|
|
0a4224 |
<para>
|
|
|
0a4224 |
The operating system used by both server and client computers
|
|
|
0a4224 |
will be &TC;; release 5.5<footnote>
|
|
|
0a4224 |
<para>
|
|
|
0a4224 |
I want to thank my friend Manual Chavez Manzano (Manny)
|
|
|
0a4224 |
for finding a way to download this release of &TC;; and
|
|
|
0a4224 |
bring it to me as a gift.
|
|
|
0a4224 |
</para>
|
|
|
0a4224 |
</footnote> (even higher releases might be used too). The
|
|
|
0a4224 |
configuration described in this book doesn't use third party
|
|
|
0a4224 |
software. All the software needed is available inside &TC;;.
|
|
|
0a4224 |
</para>
|
|
|
0a4224 |
|
|
|
0a4224 |
</sect2>
|
|
|
0a4224 |
|
|
|
1c6890 |
<sect2 id="connectivity-dialup-policy-auth">
|
|
|
d19ad2 |
<title>Authenticating PPP Users</title>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
d19ad2 |
The client computers will need to authenticate against the
|
|
|
d19ad2 |
server computer each time they intend to establish a PPP
|
|
|
0a4224 |
connection. The username and password required by client
|
|
|
0a4224 |
computers will be public and will be rarely changed.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
d19ad2 |
<example id="connectivity-dialup-policy-auth.fig-1">
|
|
|
d19ad2 |
<title>Credentials for PPP authentication</title>
|
|
|
d19ad2 |
<screenshot>
|
|
|
d19ad2 |
<screeninfo>Credentials for PPP authentication</screeninfo>
|
|
|
d19ad2 |
<mediaobject>
|
|
|
d19ad2 |
<textobject>
|
|
|
1c6890 |
<screen>
|
|
|
1c6890 |
ISP Name: projects.centos.org
|
|
|
1c6890 |
ISP Phone: +53043515094
|
|
|
1c6890 |
Username: faith
|
|
|
1c6890 |
Password: mail4u.2k10
|
|
|
1c6890 |
</screen>
|
|
|
d19ad2 |
</textobject>
|
|
|
d19ad2 |
</mediaobject>
|
|
|
d19ad2 |
</screenshot>
|
|
|
d19ad2 |
</example>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
d19ad2 |
The server computer provides only one telephone line available
|
|
|
a8154e |
(e.g., +53043515094) to receive incoming calls. This affects
|
|
|
a8154e |
directly the possibilities a client computer has to establish
|
|
|
d19ad2 |
connection with the server computer in an environment where
|
|
|
d19ad2 |
several client computers are struggling among themselves to
|
|
|
d19ad2 |
establish a dial-up connection with the server computer. To
|
|
|
d19ad2 |
prevent this kind of issues from happening, it is innevitable
|
|
|
d19ad2 |
for the server computer to provide more telephone lines for
|
|
|
d19ad2 |
incoming calls (at least one for each user the server computer
|
|
|
d19ad2 |
expects to receive incoming calls from).
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
</sect2>
|
|
|
1c6890 |
|
|
|
1c6890 |
<sect2 id="connectivity-dialup-policy-network">
|
|
|
0a4224 |
<title>One PPP Network Of Two Computers</title>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
1c6890 |
The simpliest configuration we can achive over the telephone
|
|
|
a8154e |
network involves two computers only, where one computer would
|
|
|
1c6890 |
be acting as server and another as client. In this
|
|
|
1c6890 |
configuration, the client computer establishes connection to
|
|
|
1c6890 |
the server to make use of internet services provided therein.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
1c6890 |
When the client computer calls the server computer, the call
|
|
|
a8154e |
is attended by <application>mgetty</application> and then
|
|
|
a8154e |
passed to <application>pppd</application> for establishing a
|
|
|
a8154e |
PPP conversation between the two computers. The first thing
|
|
|
a8154e |
in a PPP conversation is the user authentication and then
|
|
|
a8154e |
(after a sucessful athentication), the IPCP conversation takes
|
|
|
a8154e |
place to set IP addresses and start data transmission over the
|
|
|
a8154e |
link recently created. In this configuration, the client
|
|
|
a8154e |
computer can set its IP address when configuring the Modem
|
|
|
a8154e |
device (see
|
|
|
a8154e |
linkend="connectivity-dialup-modem-config" />) or
|
|
|
a8154e |
leave the server computer to assign one (assuming you are
|
|
|
a8154e |
calling a server computer). If you are configuring a server
|
|
|
a8154e |
computer, then it is necessary that you set the IP address and
|
|
|
a8154e |
netmask of the IP network you are planning to set, using the
|
|
|
a8154e |
Modem device configuration file.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
a8154e |
Configuring the IP address and netmask information inside
|
|
|
a8154e |
Modem device configuration file is very important in order to
|
|
|
a8154e |
prevent errors when transmitting data across the link. When
|
|
|
a8154e |
the the netmask information isn't set in the Modem device
|
|
|
a8154e |
configuration file, the
|
|
|
a8154e |
class="daemon">pppd</systemitem> daemon on the server computer
|
|
|
a8154e |
tries to retrive such information from the client computer and
|
|
|
a8154e |
if the client computer didn't specify one either, the network
|
|
|
a8154e |
recently created would end up having a wrong information
|
|
|
a8154e |
(e.g.,
|
|
|
1c6890 |
class="netmask">255.255.255.255</systemitem>) which provokes
|
|
|
a8154e |
the point-to-point connection to fail when someone tries to
|
|
|
a8154e |
transfer data through it.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
<figure id="connectivity-dialup-policy-network-basic">
|
|
|
d19ad2 |
<title>One PPP network of two computers</title>
|
|
|
1c6890 |
<screenshot>
|
|
|
d19ad2 |
<screeninfo>One PPP network of two computers</screeninfo>
|
|
|
1c6890 |
<mediaobject>
|
|
|
1c6890 |
<textobject>
|
|
|
1c6890 |
<screen>
|
|
|
1c6890 |
Provice-A PPP Server Province-A PPP Client
|
|
|
1c6890 |
--------------------------\ /--------------------------
|
|
|
0a0e1d |
192.168.1.1/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.2/24
|
|
|
1c6890 |
--------------------------/ \--------------------------
|
|
|
1c6890 |
</screen>
|
|
|
1c6890 |
</textobject>
|
|
|
1c6890 |
</mediaobject>
|
|
|
1c6890 |
</screenshot>
|
|
|
1c6890 |
</figure>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
1c6890 |
The <xref linkend="connectivity-dialup-policy-network-basic" />
|
|
|
1c6890 |
describes the simpliest configuration we can implement for a
|
|
|
1c6890 |
point-to-point connection. This configuration involves two
|
|
|
1c6890 |
computers only, one acting as server (the server computer) and
|
|
|
a8154e |
other acting as client (the client computer). The client
|
|
|
1c6890 |
computer calls the server computer to establish a PPP
|
|
|
1c6890 |
connection in order to use whatever internet service the
|
|
|
1c6890 |
server computer provides. In the figure we can see that there
|
|
|
1c6890 |
are two IP addresses involved (
|
|
|
0a0e1d |
class="ipaddress">192.168.1.1</systemitem> and
|
|
|
0a0e1d |
class="ipaddress">192.168.1.2</systemitem>) inside the same
|
|
|
1c6890 |
newtork (
|
|
|
1c6890 |
class="netmask">255.255.255.0</systemitem>).
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
1c6890 |
This configuration might be convenient for people in the same
|
|
|
1c6890 |
location, near one another. Here, the client computer
|
|
|
a8154e |
establishes connection by mean of a local telephone call and
|
|
|
a8154e |
can use whatever internet service the server computer
|
|
|
a8154e |
provides. Since the connection lifetime is limited (see
|
|
|
1c6890 |
linkend="connectivity-dialup-policy-lifetime" />) and only two
|
|
|
1c6890 |
peers can be connected at the same time (assuming only one
|
|
|
a8154e |
Modem is attached to the server computer), the implementation
|
|
|
a8154e |
of some internet services like chat may be not a practical
|
|
|
a8154e |
offer for the server computer to provide. However, internet
|
|
|
a8154e |
services like e-mail fit perfectly on this environment where
|
|
|
a8154e |
more than one client computer would be struggling among
|
|
|
1c6890 |
themselves for establishing connection with the server
|
|
|
1c6890 |
computer (e.g., people connect to send/receive their e-mail
|
|
|
1c6890 |
messages to/from the server computer).
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
</sect2>
|
|
|
1c6890 |
|
|
|
1c6890 |
<sect2 id="connectivity-dialup-policy-network-extended">
|
|
|
0a4224 |
<title>One PPP Network Of Several Computers</title>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
1c6890 |
Based on
|
|
|
1c6890 |
linkend="connectivity-dialup-policy-network" />, it is
|
|
|
1c6890 |
possible to provide an extended version including several
|
|
|
1c6890 |
server computers that may communicate between themselves to
|
|
|
a8154e |
distribute data collected from client computers they serve to.
|
|
|
a8154e |
For example, consider the telephone network of a country which
|
|
|
a8154e |
is organized in provinces and each province is divided in
|
|
|
a8154e |
several municipalities. In such organization, it would be
|
|
|
1c6890 |
possible to set one or more server computers for each province
|
|
|
1c6890 |
and let near people to dial-up on them to use whatever
|
|
|
1c6890 |
internet service they provide. Later, it could be possible
|
|
|
1c6890 |
for each server computer to establish a dial-up connections
|
|
|
1c6890 |
with other near server computers in order to share information
|
|
|
a8154e |
from one province to another, as it is illustrated in
|
|
|
a8154e |
linkend="connectivity-dialup-policy-network-extended.fig-1"
|
|
|
a8154e |
/>.
|
|
|
a8154e |
</para>
|
|
|
a8154e |
|
|
|
a8154e |
<para>
|
|
|
a8154e |
When setting the IP information, it is important that each
|
|
|
a8154e |
server computer sets both IP address and IP network mask
|
|
|
a8154e |
information in the Modem device configuration file so
|
|
|
a8154e |
different IP address can be use between different server
|
|
|
a8154e |
computers. It is also important that they all be configured to
|
|
|
a8154e |
use authentication between themselves before transmitting any
|
|
|
a8154e |
data across a PPP established connection so the information
|
|
|
a8154e |
being transmitted can be protected.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
a8154e |
When making telephone calls, if someone in Province-A needs to
|
|
|
a8154e |
send a message to someone in Province-C (which is far away
|
|
|
a8154e |
from Province-A and making a telephone call there would imply
|
|
|
a8154e |
a considerable amount of money), there is no need (even it is
|
|
|
a8154e |
possible and sometimes prefered) for that person to realize a
|
|
|
a8154e |
direct telephone call from Province-A to Province-C. Instead,
|
|
|
a8154e |
that person in Province-A can send its messages to the server
|
|
|
a8154e |
computer on its province (the nearest server on its location)
|
|
|
a8154e |
making a local telephone call and then, such server computer
|
|
|
a8154e |
would take care of delivering the information using other
|
|
|
a8154e |
server computers, following the same concept of nearest
|
|
|
a8154e |
delivery.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
<figure id="connectivity-dialup-policy-network-extended.fig-1">
|
|
|
d19ad2 |
<title>One PPP network of several computers</title>
|
|
|
1c6890 |
<screenshot>
|
|
|
d19ad2 |
<screeninfo>One PPP network of several computers</screeninfo>
|
|
|
1c6890 |
<mediaobject>
|
|
|
1c6890 |
<textobject>
|
|
|
1c6890 |
<screen>
|
|
|
1c6890 |
Provice-A PPP Server Province-A PPP Client
|
|
|
1c6890 |
--------------------------\ /--------------------------
|
|
|
0a0e1d |
192.168.1.1/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.2/24
|
|
|
1c6890 |
--------------------------/ | \--------------------------
|
|
|
1c6890 |
|
|
|
|
1c6890 |
Provice-B PPP Server | Province-B PPP Client
|
|
|
1c6890 |
--------------------------\ | /--------------------------
|
|
|
0a0e1d |
192.168.1.3/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.4/24
|
|
|
1c6890 |
--------------------------/ | \--------------------------
|
|
|
1c6890 |
|
|
|
|
1c6890 |
Provice-C PPP Server | Province-C PPP Client
|
|
|
1c6890 |
--------------------------\ | /--------------------------
|
|
|
0a0e1d |
192.168.1.5/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.6/24
|
|
|
1c6890 |
--------------------------/ \--------------------------
|
|
|
1c6890 |
</screen>
|
|
|
1c6890 |
</textobject>
|
|
|
1c6890 |
</mediaobject>
|
|
|
1c6890 |
</screenshot>
|
|
|
1c6890 |
</figure>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
1c6890 |
The more distant a telephone call is, the more expensive it
|
|
|
1c6890 |
is. This way, to move information from one province to
|
|
|
a8154e |
another, each server computers must be configured to send
|
|
|
1c6890 |
information to the nearest province until reaching its
|
|
|
1c6890 |
destination. For example, if you are in Province-A and want to
|
|
|
1c6890 |
send an e-mail message to Province-D, the server computer
|
|
|
a8154e |
configured in Province-A must sed the e-mail message to
|
|
|
a8154e |
Province-B, then server in Province-B must be configured to
|
|
|
a8154e |
send such message to Province-C, and finally C to D. This is
|
|
|
1c6890 |
required because making a direct call from Province-A to
|
|
|
a8154e |
Province-D would be otherwise too much expensive to pay.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
1c6890 |
Since telephone calls are required to establish connections
|
|
|
1c6890 |
between computers and each call costs money based on the
|
|
|
1c6890 |
location and the destination, it is required to set a
|
|
|
a8154e |
convenction in how telephone calls are realized from one
|
|
|
a8154e |
server computer to another, specially if you plan to establish
|
|
|
a8154e |
connection between server computer placed on different
|
|
|
a8154e |
provices in order to exchange data between them.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
<itemizedlist>
|
|
|
1c6890 |
<listitem>
|
|
|
1c6890 |
<para>
|
|
|
1c6890 |
Do you make direct telephone calls to make direct data delivery?
|
|
|
1c6890 |
— This configuration could be very expensive to maintain
|
|
|
1c6890 |
(considering the telephone call distances), but data will be
|
|
|
1c6890 |
delivered very fast to their destinations.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
</listitem>
|
|
|
1c6890 |
<listitem>
|
|
|
1c6890 |
<para>
|
|
|
1c6890 |
Do you call the nearest server computer and let it to deliver
|
|
|
1c6890 |
your data to its destination? — This configuration could
|
|
|
1c6890 |
be less expensive to maintain (considering the telephone call
|
|
|
1c6890 |
distances), but data delivery will take much more time to
|
|
|
a8154e |
reach their destinations and there is no way to be sure it
|
|
|
a8154e |
will do.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
</listitem>
|
|
|
1c6890 |
</itemizedlist>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
a8154e |
Whatever calling schema be chosen, the server computers will
|
|
|
1c6890 |
always talk through UUCP to transfer data from one place to
|
|
|
1c6890 |
another. The server computers will operate with two IP
|
|
|
1c6890 |
addresses each, unless you plan to connect one of the server
|
|
|
1c6890 |
computers to a different network (Internet, maybe?). One IP
|
|
|
1c6890 |
address would identify the server computer itself and the
|
|
|
a8154e |
other would identify the client computer establishing PPP
|
|
|
1c6890 |
connection to the server computer. In this configuration it
|
|
|
1c6890 |
is very importat that each server and client computer does
|
|
|
1c6890 |
have one unique IP address. This way it would be possible to
|
|
|
1c6890 |
move the information from one computer to another. Notice that
|
|
|
1c6890 |
the number of PPP clients is directly related to the number of
|
|
|
1c6890 |
telephone lines a server computer has configured to receive
|
|
|
d19ad2 |
incomming calls on. If there is only one telephone line
|
|
|
d19ad2 |
attached to the server computer then, only one client computer
|
|
|
d19ad2 |
will be able to establish connection to that server computer.
|
|
|
d19ad2 |
Other PPP clients will need to wait until the telephone line
|
|
|
d19ad2 |
gets free in order to establish connection with that server
|
|
|
1c6890 |
computer. On the other hand, if the server computer has two
|
|
|
1c6890 |
(or more) attached telephone lines, it would be possible to
|
|
|
1c6890 |
attend incoming calls from two (or more) PPP client at the
|
|
|
1c6890 |
same time. As resume, we can say that: the more telephone
|
|
|
1c6890 |
lines the server computer has attached in, the more
|
|
|
1c6890 |
simultaneous connections that computer will be able to
|
|
|
1c6890 |
attend/realize from/to other computers.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
</sect2>
|
|
|
1c6890 |
|
|
|
1c6890 |
<sect2 id="connectivity-dialup-policy-network-eth">
|
|
|
0a4224 |
<title>One PPP+Ethernet Network Of Several Computers</title>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
a8154e |
Assuming all server computers with a Modem device have also
|
|
|
a8154e |
one (or more) Ethernet interface attached (which is very
|
|
|
a8154e |
common nowadays), it would be possible to extend the
|
|
|
a8154e |
configuration described in
|
|
|
1c6890 |
linkend="connectivity-dialup-policy-network-extended.fig-1" />
|
|
|
a8154e |
creating one Ethernet network for each server computer in the
|
|
|
a8154e |
configuration. For this configuration to be implemented it is
|
|
|
a8154e |
required one or more switch devices (based on the amount of
|
|
|
a8154e |
computers such network needs to have) for each ethernet
|
|
|
a8154e |
network interface a server computer has, as described in
|
|
|
1c6890 |
linkend="connectivity-dialup-policy-network-extended.fig-2"
|
|
|
1c6890 |
/>.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
<figure id="connectivity-dialup-policy-network-extended.fig-2">
|
|
|
d19ad2 |
<title>One PPP+Ethernet network of several computers</title>
|
|
|
1c6890 |
<screenshot>
|
|
|
d19ad2 |
<screeninfo>One PPP+Ethernet network of several computers</screeninfo>
|
|
|
1c6890 |
<mediaobject>
|
|
|
1c6890 |
<textobject>
|
|
|
1c6890 |
<screen>
|
|
|
1c6890 |
Province-A PPP/ETH Server Province-A PPP Client
|
|
|
1c6890 |
--------------------------\ /--------------------------
|
|
|
0a0e1d |
192.168.1.1/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.2/24
|
|
|
1c6890 |
--------------------------/ | \--------------------------
|
|
|
0a0e1d |
192.168.0.1/24 | Ethernet |
|
|
|
1c6890 |
---------------------|---- |
|
|
|
1c6890 |
| |
|
|
|
1c6890 |
+--------+ |
|
|
|
1c6890 |
| Switch | |
|
|
|
1c6890 |
+--------+ |
|
|
|
1c6890 |
| |
|
|
|
1c6890 |
---------------------|-- |
|
|
|
0a0e1d |
LAN1: 192.168.0.2-254/24 |
|
|
|
1c6890 |
------------------------ |
|
|
|
1c6890 |
Province-A ETH Clients |
|
|
|
1c6890 |
|
|
|
|
1c6890 |
Province-B PPP/ETH Server | Province-B PPP Client
|
|
|
1c6890 |
--------------------------\ | /--------------------------
|
|
|
0a0e1d |
192.168.1.3/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.4/24
|
|
|
1c6890 |
--------------------------/ | \--------------------------
|
|
|
1c6890 |
192.168.2.1/24 | Ethernet |
|
|
|
1c6890 |
---------------------|---- |
|
|
|
1c6890 |
| |
|
|
|
1c6890 |
+--------+ |
|
|
|
1c6890 |
| Switch | |
|
|
|
1c6890 |
+--------+ |
|
|
|
1c6890 |
| |
|
|
|
1c6890 |
---------------------|-- |
|
|
|
1c6890 |
LAN2: 192.168.2.2-254/24 |
|
|
|
1c6890 |
------------------------ |
|
|
|
1c6890 |
Province-B ETH Clients |
|
|
|
1c6890 |
|
|
|
|
1c6890 |
Province-C PPP/ETH Server | Province-C PPP Client
|
|
|
1c6890 |
--------------------------\ | /--------------------------
|
|
|
0a0e1d |
192.168.1.5/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.6/24
|
|
|
1c6890 |
--------------------------/ \--------------------------
|
|
|
1c6890 |
192.168.3.1/24 | Ethernet
|
|
|
1c6890 |
---------------------|----
|
|
|
1c6890 |
|
|
|
|
1c6890 |
+--------+
|
|
|
1c6890 |
| Switch |
|
|
|
1c6890 |
+--------+
|
|
|
1c6890 |
|
|
|
|
1c6890 |
---------------------|--
|
|
|
1c6890 |
LAN3: 192.168.3.2-254/24
|
|
|
1c6890 |
------------------------
|
|
|
1c6890 |
Province-C ETH Clients
|
|
|
1c6890 |
</screen>
|
|
|
1c6890 |
</textobject>
|
|
|
1c6890 |
</mediaobject>
|
|
|
1c6890 |
</screenshot>
|
|
|
1c6890 |
</figure>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
1c6890 |
In this configuration, computers connected to the switch will
|
|
|
1c6890 |
also be considered as client computers. It is necessary that a
|
|
|
1c6890 |
coordination be implemented at time of setting IP addresses to
|
|
|
a8154e |
new server computers so no IP address be duplicated on the
|
|
|
a8154e |
computer network. The illustration above describes one main
|
|
|
a8154e |
network (
|
|
|
a8154e |
class="ipaddress">192.168.1/24</systemitem>) which connects
|
|
|
a8154e |
all the server computers using the telephone lines as medium
|
|
|
a8154e |
for data transmission. The Modem interface connects just one
|
|
|
a8154e |
computer at a time either client or server (assuming only one
|
|
|
a8154e |
Modem device is installed and configured in
|
|
|
a8154e |
the computer acting as server). The telephone line is used by
|
|
|
a8154e |
client computers to establish PPP connections with the server
|
|
|
a8154e |
computer and by server computers to exchange data with other
|
|
|
a8154e |
server computers, as well. On the other hand, the ethernet
|
|
|
a8154e |
interface attached to each server computer let the
|
|
|
a8154e |
administrator of each server computer to connect up to 252
|
|
|
a8154e |
computers simultaneously, assuming a class C network as shown
|
|
|
a8154e |
above be used.<footnote>
|
|
|
a8154e |
<para>
|
|
|
a8154e |
There are also class A and class B network types which can be
|
|
|
a8154e |
used to connect much more computers than a class C network
|
|
|
a8154e |
allows to.
|
|
|
a8154e |
</para>
|
|
|
a8154e |
</footnote>
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
</sect2>
|
|
|
1c6890 |
|
|
|
d19ad2 |
<sect2 id="connectivity-dialup-policy-bridgedcall">
|
|
|
d19ad2 |
<title>Bridging Calls To Transfer Data</title>
|
|
|
d19ad2 |
|
|
|
1c6890 |
<para>
|
|
|
1c6890 |
When the server computers call other server computers to
|
|
|
a8154e |
bridge data delivery, the server computer in, let's say,
|
|
|
a8154e |
Province-A (srv-1.a.domain.tld) will never know that there is
|
|
|
a8154e |
a server computer on Province-C (srv-1.c.domain.tld) or
|
|
|
a8154e |
Province-D (srv-1.d.domain.tld), but in Province-B
|
|
|
a8154e |
(srv-1.b.domain.tld)
|
|
|
1c6890 |
only, its nearest location. So, when a message is sent from
|
|
|
a8154e |
srv-1.a.domain.tld to the server computer in
|
|
|
1c6890 |
srv-1.d.domain.tld, the server computer in srv-1.a.domain.tld
|
|
|
1c6890 |
contacts its nearest server computer (i.e.,
|
|
|
1c6890 |
srv-1.b.domain.tld) and delivers to it all messages sent to
|
|
|
1c6890 |
srv-1.d.domain.tld. Later, since srv-1.b.domain.tld doesn't
|
|
|
1c6890 |
know about srv-1.d.domain.tld server either, it delivers all
|
|
|
1c6890 |
messages directed to srv-1.d.domain.tld to its nearest server
|
|
|
1c6890 |
computer (i.e., srv-1.c.domain.tld). Later, the server
|
|
|
1c6890 |
computer in srv-1.c.domain.tld, which knows about
|
|
|
1c6890 |
srv-1.d.domain.tld, delivers to it all the messages it has for
|
|
|
a8154e |
it. Notice that, in order for this configuration to work,
|
|
|
a8154e |
system administrators attending the server computers must work
|
|
|
a8154e |
syncronized to garantee a well defined route for messages to
|
|
|
a8154e |
follow. Otherwise, if one of the server computers in the path
|
|
|
a8154e |
creates a route for a server computer that doesn't exist
|
|
|
1c6890 |
(or doesn't define a route at all), the information will never
|
|
|
1c6890 |
reach its destination when such computer is acting as a bridge
|
|
|
a8154e |
between other two server computers.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
<screen>
|
|
|
d19ad2 |
+------------------------+ +------------------------+ +------------------------+ +---------------------+
|
|
|
d19ad2 |
| To: bob@d.domain.tld | | To: bob@d.domain.tld | | To: bob@d.domain.tld | | Bob's mailbox |
|
|
|
d19ad2 |
| From: mat@a.domain.tld | | From: ana@b.domain.tld | | From: jef@c.domain.tld | | (Final destination) |
|
|
|
d19ad2 |
| Body: 500KB | | Body: 500KB | | Body: 500KB | | |
|
|
|
d19ad2 |
+---|--------------------+ +---|--------------------+ +---|--------------------+ +------------------^--+
|
|
|
d19ad2 |
| | | |
|
|
|
d19ad2 |
----v--------------|<~~~~~~~~~>|---v----------------|<~~~~~~~~~>|---v----------------|<~~~~~~~~~>|------------------|---
|
|
|
d19ad2 |
srv-1.a.domain.tld | 75Km Call | srv-1.b.domain.tld | 75Km Call | srv-1.c.domain.tld | 75Km Call | srv-1.d.domain.tld
|
|
|
d19ad2 |
-------------------|<~~~~~~~~~>|--------------------|<~~~~~~~~~>|--------------------|<~~~~~~~~~>|----------------------
|
|
|
d19ad2 |
relay to: | 5 min | relay to: | 10 min | relay to: | 15 min |
|
|
|
d19ad2 |
srv-1.b.domain.tld | 500KB | srv-1.c.domain.tld | 1.0MB | srv-1.d.domain.tld | 1.5MB |
|
|
|
1c6890 |
</screen>
|
|
|
d19ad2 |
</sect2>
|
|
|
d19ad2 |
|
|
|
d19ad2 |
<sect2 id="connectivity-dialup-policy-directcalls">
|
|
|
d19ad2 |
<title>Directing Calls To Transfer Data</title>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
a8154e |
When the server computers make direct telephone calls (no
|
|
|
a8154e |
bridge in-between is used to transfer data), the server
|
|
|
a8154e |
computer in Province-A (srv-1.a.domain.tld) contacts the
|
|
|
a8154e |
server computer in Province-D (srv-1.d.domain.tld) making a
|
|
|
a8154e |
direct telephone call up to it. In this configuration, the
|
|
|
a8154e |
telephone call might cost more than those in a bridged
|
|
|
a8154e |
configuration where several smaller telephone calls are dialed
|
|
|
a8154e |
in-between the final server computer; or less, considering
|
|
|
a8154e |
that when server computers in a bridged configuration exchange
|
|
|
a8154e |
data they may move data accumulated from other server
|
|
|
a8154e |
computers, while a direct telephone call would transmit data
|
|
|
a8154e |
from one server computer to another without any accumulated
|
|
|
a8154e |
data from other server computers. There is no need to
|
|
|
a8154e |
overload the server computers with foreign data when each
|
|
|
a8154e |
server computer could call themselves to transfer data
|
|
|
a8154e |
directly.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
d19ad2 |
<screen>
|
|
|
d19ad2 |
+------------------------+ +---------------------+
|
|
|
d19ad2 |
| To: bob@d.domain.tld | | Bob's mailbox |
|
|
|
d19ad2 |
| From: mat@a.domain.tld | | (Final destination) |
|
|
|
d19ad2 |
| Body: 500KB | | |
|
|
|
d19ad2 |
+--|---------------------+ +------------------^--+
|
|
|
d19ad2 |
| |
|
|
|
d19ad2 |
---v---------------------|<~~~~~~~~~~>|-------------------|---
|
|
|
d19ad2 |
srv-1.a.domain.tld | 225Km Call | srv-1.d.domain.tld
|
|
|
d19ad2 |
-------------------------|<~~~~~~~~~~>|-----------------------
|
|
|
d19ad2 |
relay to: | 5 min |
|
|
|
d19ad2 |
srv-1.d.domain.tld | 500KB |
|
|
|
d19ad2 |
</screen>
|
|
|
d19ad2 |
|
|
|
1c6890 |
<para>
|
|
|
1c6890 |
The elapsed time in a server-to-server conversation is
|
|
|
1c6890 |
directly related to the amount of data that need to be moved
|
|
|
d19ad2 |
from one server to another and the baud rate of the connection
|
|
|
d19ad2 |
established between the two Modem devices. In a direct
|
|
|
d19ad2 |
telephone call configuration, telephone calls could result to
|
|
|
d19ad2 |
be less expensive than those in bridged configurations where
|
|
|
d19ad2 |
server computers may accumulate traffic from other server
|
|
|
d19ad2 |
computers in the path. The accumulation of traffic between
|
|
|
d19ad2 |
server computers increases the amount of time the last server
|
|
|
1c6890 |
computer in the path before the final destination needs, in
|
|
|
1c6890 |
order to transmit everything to the final destination. In a
|
|
|
1c6890 |
bridged telephone call configuration, server computers acting
|
|
|
1c6890 |
as bridges do act as servers as well and produce their own
|
|
|
a8154e |
traffic which is added to that one already accumulated in
|
|
|
a8154e |
them from other server computers. This may provoke a heugh
|
|
|
a8154e |
traffic in a server-to-server conversation (remarkably on the
|
|
|
a8154e |
last destination before the final destination), that could be
|
|
|
a8154e |
potentially increased with each new server computer added to
|
|
|
a8154e |
the string of server computers acting as bridges one another.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
</sect2>
|
|
|
1c6890 |
|
|
|
1c6890 |
<sect2 id="connectivity-dialup-policy-lifetime">
|
|
|
d19ad2 |
<title>Restricting PPP Connection Lifetimes</title>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
1c6890 |
The server computer restricts the lifetime of established
|
|
|
1c6890 |
Modem connections to 15 minutes from the establishment moment
|
|
|
1c6890 |
on. Once the connection has been established, if the link is
|
|
|
1c6890 |
idle for 1 minute, the server computer will also close the
|
|
|
1c6890 |
established connection to free the telephone line. This
|
|
|
1c6890 |
control can be implemented through the
|
|
|
1c6890 |
<option>maxconnect</option> and <option>idle</option> options
|
|
|
1c6890 |
inside the <application>pppd</application>'s configuration
|
|
|
0a4224 |
file as described in
|
|
|
0a4224 |
linkend="connectivity-dialup-server-pppd-options" />.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
0a4224 |
The server computer restricts the incoming calls from client
|
|
|
1c6890 |
computers every night from 10:00PM to 12:00AM. Outside this
|
|
|
0a4224 |
range of time, the telephone could be answered by a person,
|
|
|
0a4224 |
not a computer. This control can be implemented through a cron
|
|
|
0a4224 |
job and the <filename>/etc/nologin.ttyxx</filename> file;
|
|
|
a8154e |
where ttyxx represents the device name of your Modem (e.g.,
|
|
|
1c6890 |
<filename>/etc/nologin.ttyACM0</filename> would prevent the
|
|
|
1c6890 |
Modem device installed in <filename>/dev/ttyACM0</filename>
|
|
|
1c6890 |
from answering calls).
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
0a4224 |
<screen>
|
|
|
0a4224 |
# Activate Modem to attend incoming calls.
|
|
|
0a4224 |
59 21 * * * [ -f /etc/nologin.ttyACM0 ] && /bin/rm /etc/nologin.ttyACM0
|
|
|
0a4224 |
# Deactivate Modem to prevent incoming calls from being attended.
|
|
|
0a4224 |
59 23 * * * [ ! -f /etc/nologin.ttyACM0 ] && /bin/touch /etc/nologin.ttyACM0
|
|
|
0a4224 |
</screen>
|
|
|
0a4224 |
|
|
|
1c6890 |
</sect2>
|
|
|
1c6890 |
|
|
|
1c6890 |
<sect2 id="connectivity-dialup-services">
|
|
|
d19ad2 |
<title>Providing Internet Services</title>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
a8154e |
The implementation of internet services which require
|
|
|
d19ad2 |
persistent connections (e.g.,
|
|
|
d19ad2 |
<application>chats</application>) should not be considered as
|
|
|
a8154e |
a practical offer for PPP client computers. Instead, only
|
|
|
d19ad2 |
asynchronous services (e.g.,
|
|
|
a8154e |
<application>e-mail</application>) should be supported for
|
|
|
a8154e |
them. This restriction is required to reduce the connection
|
|
|
a8154e |
times demanded such services. For example, consider an
|
|
|
a8154e |
environment where you establish connection with a server
|
|
|
a8154e |
computer to send/receive e-mails messages and then quickly
|
|
|
a8154e |
disconnect from it to free the telephone line so others be
|
|
|
a8154e |
able of using it. In this environment, there is no need for
|
|
|
a8154e |
you and others to be both connected at the same time to
|
|
|
a8154e |
send/receive e-mail messages to/from each other. The e-mails
|
|
|
a8154e |
sent from other person to you will be available in your
|
|
|
a8154e |
mailbox the next time you get connected to the server computer
|
|
|
a8154e |
and use your e-mail client to send/receive e-mail messages.
|
|
|
a8154e |
Likewise, you don't need to be connected to the server
|
|
|
a8154e |
computer in order to write your e-mail messages. You can
|
|
|
a8154e |
write down your messages off-line and then establish
|
|
|
1c6890 |
connection once you've finished writing, just to send them out
|
|
|
1c6890 |
and receive new messages that could have been probably sent to
|
|
|
1c6890 |
you.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
1c6890 |
Another issue related to e-mail exchange is the protocol used
|
|
|
1c6890 |
to receive messages. Presently, there are two popular ways to
|
|
|
1c6890 |
do this, one is through IMAP and another through POP3. When
|
|
|
1c6890 |
you use IMAP protocol, e-mail messages are retained in the
|
|
|
1c6890 |
server computer and aren't downloaded to client computer.
|
|
|
1c6890 |
Otherwise, when you use POP3 protocol, e-mail messages are
|
|
|
1c6890 |
downloaded to the client computer and removed from server
|
|
|
1c6890 |
computer. Based on the resources we have and the kind of link
|
|
|
1c6890 |
used by the client computer to connect the server computer,
|
|
|
1c6890 |
using POP3 is rather prefered than IMAP. However both are made
|
|
|
1c6890 |
available.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
1c6890 |
Assuming you use IMAP protocol to read your mailbox, be aware
|
|
|
1c6890 |
that you need to be connected to the server computer. Once
|
|
|
1c6890 |
the connection is lost you won't be able to read your messages
|
|
|
1c6890 |
(unless your e-mail client possesses a feature that let you
|
|
|
1c6890 |
reading messages off-line). Moreover, you run the risk of
|
|
|
1c6890 |
getting your mailbox out of space. If your mailbox gets out of
|
|
|
1c6890 |
space, new messages sent to you will not be deliver to your
|
|
|
1c6890 |
mailbox. Instead, they will be deferred for a period of time
|
|
|
1c6890 |
(e.g., about 5 days when using
|
|
|
1c6890 |
<application>Postfix</application> defaults) hoping you to
|
|
|
1c6890 |
free the space in your mailbox to deliver them. If you don't
|
|
|
1c6890 |
free space on your mailbox within this period of time, the
|
|
|
1c6890 |
deferred e-mails will be bounced back to their senders and you
|
|
|
1c6890 |
will never see them. On the other hand, assuming you are
|
|
|
1c6890 |
using POP3 protocol to read your mailbox, you always keep your
|
|
|
1c6890 |
mailbox free to receive new e-mails messages and keep them for
|
|
|
1c6890 |
you until the next time you establish connection with the
|
|
|
1c6890 |
server computer and download them to your client computer
|
|
|
1c6890 |
using your e-mail client.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
<para>
|
|
|
1c6890 |
The information generated inside the server computer is
|
|
|
1c6890 |
isolated from Internet. This way, any information generated
|
|
|
1c6890 |
inside the server computer will be available only to people
|
|
|
1c6890 |
connected to the same network the server computer is connected
|
|
|
1c6890 |
to. For example, don't ever expect to send/receive e-mails
|
|
|
1c6890 |
to/from Internet e-mail accounts like Gmail or Yahoo, nor
|
|
|
1c6890 |
visiting web sites like
|
|
|
1c6890 |
url="http://www.google.com/">Google</ulink> or
|
|
|
1c6890 |
url="http://www.wikipedia.org/">Wikipedia</ulink> either. For
|
|
|
1c6890 |
this to happen, it is required an established connection
|
|
|
1c6890 |
between the server computer you are establishing connection
|
|
|
1c6890 |
through and the Internet network those services are available
|
|
|
1c6890 |
in. Without that link, it is not possible to direct your
|
|
|
1c6890 |
requests to those sites.
|
|
|
1c6890 |
</para>
|
|
|
1c6890 |
|
|
|
1c6890 |
</sect2>
|
|
|
1c6890 |
|
|
|
1c6890 |
</sect1>
|