Blame Manuals/Tcpi-ug/Connectivity/Dialup/policy.docbook

1c6890
<sect1 id="connectivity-dialup-policy">
1c6890
d19ad2
    <title>Usage Convenctions</title>
1c6890
0a4224
    <sect2 id="connectivity-dialup-policy-os">
0a4224
    <title>GNU/Linux Distribution</title>
0a4224
    <para>
0a4224
        The operating system used by both server and client computers
0a4224
        will be &TC;; release 5.5<footnote>
0a4224
        <para>
0a4224
            I want to thank my friend Manual Chavez Manzano (Manny)
0a4224
            for finding a way to download this release of &TC;; and
0a4224
            bring it to me as a gift.
0a4224
        </para>
0a4224
        </footnote> (even higher releases might be used too). The
0a4224
        configuration described in this book doesn't use third party
0a4224
        software. All the software needed is available inside &TC;;.
0a4224
    </para>
0a4224
0a4224
    </sect2>
0a4224
1c6890
    <sect2 id="connectivity-dialup-policy-auth">
d19ad2
    <title>Authenticating PPP Users</title>
1c6890
1c6890
    <para>
d19ad2
        The client computers will need to authenticate against the
d19ad2
        server computer each time they intend to establish a PPP
0a4224
        connection. The username and password required by client
0a4224
        computers will be public and will be rarely changed.
1c6890
    </para>
1c6890
d19ad2
    <example id="connectivity-dialup-policy-auth.fig-1">
d19ad2
    <title>Credentials for PPP authentication</title>
d19ad2
    <screenshot>
d19ad2
    <screeninfo>Credentials for PPP authentication</screeninfo>
d19ad2
    <mediaobject>
d19ad2
    <textobject>
1c6890
<screen>
1c6890
 ISP Name: projects.centos.org
1c6890
ISP Phone: +53043515094
1c6890
 Username: faith
1c6890
 Password: mail4u.2k10
1c6890
</screen>
d19ad2
    </textobject>
d19ad2
    </mediaobject>
d19ad2
    </screenshot>
d19ad2
    </example>
1c6890
1c6890
    <para>
d19ad2
        The server computer provides only one telephone line available
a8154e
        (e.g., +53043515094) to receive incoming calls.  This affects
a8154e
        directly the possibilities a client computer has to establish
d19ad2
        connection with the server computer in an environment where
d19ad2
        several client computers are struggling among themselves to
d19ad2
        establish a dial-up connection with the server computer.  To
d19ad2
        prevent this kind of issues from happening, it is innevitable
d19ad2
        for the server computer to provide more telephone lines for
d19ad2
        incoming calls (at least one for each user the server computer
d19ad2
        expects to receive incoming calls from).
1c6890
    </para>
1c6890
1c6890
    </sect2>
1c6890
1c6890
    <sect2 id="connectivity-dialup-policy-network">
0a4224
    <title>One PPP Network Of Two Computers</title>
1c6890
1c6890
    <para>
1c6890
        The simpliest configuration we can achive over the telephone
a8154e
        network involves two computers only, where one computer would
1c6890
        be acting as server and another as client. In this
1c6890
        configuration, the client computer establishes connection to
1c6890
        the server to make use of internet services provided therein.
1c6890
    </para>
1c6890
1c6890
    <para>
1c6890
        When the client computer calls the server computer, the call
a8154e
        is attended by <application>mgetty</application> and then
a8154e
        passed to <application>pppd</application> for establishing a
a8154e
        PPP conversation between the two computers.  The first thing
a8154e
        in a PPP conversation is the user authentication and then
a8154e
        (after a sucessful athentication), the IPCP conversation takes
a8154e
        place to set IP addresses and start data transmission over the
a8154e
        link recently created. In this configuration, the client
a8154e
        computer can set its IP address when configuring the Modem
a8154e
        device (see 
a8154e
        linkend="connectivity-dialup-modem-config" />) or 
a8154e
        leave the server computer to assign one (assuming you are
a8154e
        calling a server computer). If you are configuring a server
a8154e
        computer, then it is necessary that you set the IP address and
a8154e
        netmask of the IP network you are planning to set, using the
a8154e
        Modem device configuration file.
1c6890
    </para>
1c6890
    
1c6890
    <para>
a8154e
        Configuring the IP address and netmask information inside
a8154e
        Modem device configuration file is very important in order to
a8154e
        prevent errors when transmitting data across the link. When
a8154e
        the the netmask information isn't set in the Modem device
a8154e
        configuration file, the 
a8154e
        class="daemon">pppd</systemitem> daemon on the server computer
a8154e
        tries to retrive such information from the client computer and
a8154e
        if the client computer didn't specify one either, the network
a8154e
        recently created would end up having a wrong information
a8154e
        (e.g., 
1c6890
        class="netmask">255.255.255.255</systemitem>) which provokes
a8154e
        the point-to-point connection to fail when someone tries to
a8154e
        transfer data through it.
1c6890
    </para>
1c6890
1c6890
    <figure id="connectivity-dialup-policy-network-basic">
d19ad2
    <title>One PPP network of two computers</title>
1c6890
    <screenshot>
d19ad2
    <screeninfo>One PPP network of two computers</screeninfo>
1c6890
    <mediaobject>
1c6890
    <textobject>
1c6890
<screen>
1c6890
Provice-A PPP Server                          Province-A PPP Client
1c6890
--------------------------\             /--------------------------
0a0e1d
192.168.1.1/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.2/24
1c6890
--------------------------/             \--------------------------
1c6890
</screen>
1c6890
    </textobject>
1c6890
    </mediaobject>
1c6890
    </screenshot>
1c6890
    </figure>
1c6890
1c6890
    <para>
1c6890
        The <xref linkend="connectivity-dialup-policy-network-basic" />
1c6890
        describes the simpliest configuration we can implement for a
1c6890
        point-to-point connection. This configuration involves two
1c6890
        computers only, one acting as server (the server computer) and
a8154e
        other acting as client (the client computer). The client
1c6890
        computer calls the server computer to establish a PPP
1c6890
        connection in order to use whatever internet service the
1c6890
        server computer provides. In the figure we can see that there
1c6890
        are two IP addresses involved (
0a0e1d
        class="ipaddress">192.168.1.1</systemitem> and 
0a0e1d
        class="ipaddress">192.168.1.2</systemitem>) inside the same
1c6890
        newtork (
1c6890
        class="netmask">255.255.255.0</systemitem>).
1c6890
    </para>
1c6890
1c6890
    <para>
1c6890
        This configuration might be convenient for people in the same
1c6890
        location, near one another. Here, the client computer
a8154e
        establishes connection by mean of a local telephone call and
a8154e
        can use whatever internet service the server computer
a8154e
        provides. Since the connection lifetime is limited (see 
1c6890
        linkend="connectivity-dialup-policy-lifetime" />) and only two
1c6890
        peers can be connected at the same time (assuming only one
a8154e
        Modem is attached to the server computer), the implementation
a8154e
        of some internet services like chat may be not a practical
a8154e
        offer for the server computer to provide.  However, internet
a8154e
        services like e-mail fit perfectly on this environment where
a8154e
        more than one client computer would be struggling among
1c6890
        themselves for establishing connection with the server
1c6890
        computer (e.g., people connect to send/receive their e-mail
1c6890
        messages to/from the server computer).
1c6890
    </para>
1c6890
1c6890
    </sect2>
1c6890
1c6890
    <sect2 id="connectivity-dialup-policy-network-extended">
0a4224
    <title>One PPP Network Of Several Computers</title>
1c6890
1c6890
    <para>
1c6890
        Based on 
1c6890
        linkend="connectivity-dialup-policy-network" />, it is
1c6890
        possible to provide an extended version including several
1c6890
        server computers that may communicate between themselves to
a8154e
        distribute data collected from client computers they serve to.
a8154e
        For example, consider the telephone network of a country which
a8154e
        is organized in provinces and each province is divided in
a8154e
        several municipalities. In such organization, it would be
1c6890
        possible to set one or more server computers for each province
1c6890
        and let near people to dial-up on them to use whatever
1c6890
        internet service they provide.  Later, it could be possible
1c6890
        for each server computer to establish a dial-up connections
1c6890
        with other near server computers in order to share information
a8154e
        from one province to another, as it is illustrated in 
a8154e
        linkend="connectivity-dialup-policy-network-extended.fig-1"
a8154e
        />.
a8154e
    </para>
a8154e
a8154e
    <para>
a8154e
        When setting the IP information, it is important that each
a8154e
        server computer sets both IP address and IP network mask
a8154e
        information in the Modem device configuration file so
a8154e
        different IP address can be use between different server
a8154e
        computers. It is also important that they all be configured to
a8154e
        use authentication between themselves before transmitting any
a8154e
        data across a PPP established connection so the information
a8154e
        being transmitted can be protected.
1c6890
    </para>
1c6890
1c6890
    <para>
a8154e
        When making telephone calls, if someone in Province-A needs to
a8154e
        send a message to someone in Province-C (which is far away
a8154e
        from Province-A and making a telephone call there would imply
a8154e
        a considerable amount of money), there is no need (even it is
a8154e
        possible and sometimes prefered) for that person to realize a
a8154e
        direct telephone call from Province-A to Province-C. Instead,
a8154e
        that person in Province-A can send its messages to the server
a8154e
        computer on its province (the nearest server on its location)
a8154e
        making a local telephone call and then, such server computer
a8154e
        would take care of delivering the information using other
a8154e
        server computers, following the same concept of nearest
a8154e
        delivery.
1c6890
    </para>
1c6890
1c6890
    <figure id="connectivity-dialup-policy-network-extended.fig-1">
d19ad2
    <title>One PPP network of several computers</title>
1c6890
    <screenshot>
d19ad2
    <screeninfo>One PPP network of several computers</screeninfo>
1c6890
    <mediaobject>
1c6890
    <textobject>
1c6890
<screen>
1c6890
Provice-A PPP Server                          Province-A PPP Client
1c6890
--------------------------\             /--------------------------
0a0e1d
192.168.1.1/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.2/24
1c6890
--------------------------/      |      \--------------------------
1c6890
                                 |
1c6890
Provice-B PPP Server             |            Province-B PPP Client
1c6890
--------------------------\      |      /--------------------------
0a0e1d
192.168.1.3/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.4/24
1c6890
--------------------------/      |      \--------------------------
1c6890
                                 |
1c6890
Provice-C PPP Server             |            Province-C PPP Client
1c6890
--------------------------\      |      /--------------------------
0a0e1d
192.168.1.5/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.6/24
1c6890
--------------------------/             \--------------------------
1c6890
</screen>
1c6890
    </textobject>
1c6890
    </mediaobject>
1c6890
    </screenshot>
1c6890
    </figure>
1c6890
1c6890
    <para>
1c6890
        The more distant a telephone call is, the more expensive it
1c6890
        is. This way, to move information from one province to
a8154e
        another, each server computers must be configured to send
1c6890
        information to the nearest province until reaching its
1c6890
        destination. For example, if you are in Province-A and want to
1c6890
        send an e-mail message to Province-D, the server computer
a8154e
        configured in Province-A must sed the e-mail message to
a8154e
        Province-B, then server in Province-B must be configured to
a8154e
        send such message to Province-C, and finally C to D. This is
1c6890
        required because making a direct call from Province-A to
a8154e
        Province-D would be otherwise too much expensive to pay.
1c6890
    </para>
1c6890
1c6890
    <para>
1c6890
        Since telephone calls are required to establish connections
1c6890
        between computers and each call costs money based on the
1c6890
        location and the destination, it is required to set a
a8154e
        convenction in how telephone calls are realized from one
a8154e
        server computer to another, specially if you plan to establish
a8154e
        connection between server computer placed on different
a8154e
        provices in order to exchange data between them.
1c6890
    </para>
1c6890
    
1c6890
    <itemizedlist>
1c6890
    <listitem>
1c6890
    <para>
1c6890
        Do you make direct telephone calls to make direct data delivery?
1c6890
        — This configuration could be very expensive to maintain
1c6890
        (considering the telephone call distances), but data will be
1c6890
        delivered very fast to their destinations.
1c6890
    </para>
1c6890
    </listitem>
1c6890
    <listitem>
1c6890
    <para>
1c6890
        Do you call the nearest server computer and let it to deliver
1c6890
        your data to its destination? — This configuration could
1c6890
        be less expensive to maintain (considering the telephone call
1c6890
        distances), but data delivery will take much more time to
a8154e
        reach their destinations and there is no way to be sure it
a8154e
        will do.
1c6890
    </para>
1c6890
1c6890
    </listitem>
1c6890
    </itemizedlist>
1c6890
1c6890
    <para>
a8154e
        Whatever calling schema be chosen, the server computers will
1c6890
        always talk through UUCP to transfer data from one place to
1c6890
        another. The server computers will operate with two IP
1c6890
        addresses each, unless you plan to connect one of the server
1c6890
        computers to a different network (Internet, maybe?). One IP
1c6890
        address would identify the server computer itself and the
a8154e
        other would identify the client computer establishing PPP
1c6890
        connection to the server computer.  In this configuration it
1c6890
        is very importat that each server and client computer does
1c6890
        have one unique IP address. This way it would be possible to
1c6890
        move the information from one computer to another. Notice that
1c6890
        the number of PPP clients is directly related to the number of
1c6890
        telephone lines a server computer has configured to receive
d19ad2
        incomming calls on. If there is only one telephone line
d19ad2
        attached to the server computer then, only one client computer
d19ad2
        will be able to establish connection to that server computer.
d19ad2
        Other PPP clients will need to wait until the telephone line
d19ad2
        gets free in order to establish connection with that server
1c6890
        computer.  On the other hand, if the server computer has two
1c6890
        (or more) attached telephone lines, it would be possible to
1c6890
        attend incoming calls from two (or more) PPP client at the
1c6890
        same time. As resume, we can say that: the more telephone
1c6890
        lines the server computer has attached in, the more
1c6890
        simultaneous connections that computer will be able to
1c6890
        attend/realize from/to other computers.
1c6890
    </para>
1c6890
1c6890
    </sect2>
1c6890
1c6890
    <sect2 id="connectivity-dialup-policy-network-eth">
0a4224
    <title>One PPP+Ethernet Network Of Several Computers</title>
1c6890
1c6890
    <para>
a8154e
        Assuming all server computers with a Modem device have also
a8154e
        one (or more) Ethernet interface attached (which is very
a8154e
        common nowadays), it would be possible to extend the
a8154e
        configuration described in 
1c6890
        linkend="connectivity-dialup-policy-network-extended.fig-1" />
a8154e
        creating one Ethernet network for each server computer in the
a8154e
        configuration. For this configuration to be implemented it is
a8154e
        required one or more switch devices (based on the amount of
a8154e
        computers such network needs to have) for each ethernet
a8154e
        network interface a server computer has, as described in 
1c6890
        linkend="connectivity-dialup-policy-network-extended.fig-2"
1c6890
        />.
1c6890
    </para>
1c6890
1c6890
    <figure id="connectivity-dialup-policy-network-extended.fig-2">
d19ad2
    <title>One PPP+Ethernet network of several computers</title>
1c6890
    <screenshot>
d19ad2
    <screeninfo>One PPP+Ethernet network of several computers</screeninfo>
1c6890
    <mediaobject>
1c6890
    <textobject>
1c6890
<screen>
1c6890
Province-A PPP/ETH Server                     Province-A PPP Client
1c6890
--------------------------\             /--------------------------
0a0e1d
192.168.1.1/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.2/24
1c6890
--------------------------/      |      \--------------------------
0a0e1d
192.168.0.1/24 | Ethernet        |
1c6890
---------------------|----       |
1c6890
                     |           |
1c6890
              +--------+         |
1c6890
              | Switch |         |
1c6890
              +--------+         |
1c6890
                     |           |
1c6890
---------------------|--         |
0a0e1d
LAN1: 192.168.0.2-254/24         |
1c6890
------------------------         |
1c6890
Province-A ETH Clients           |
1c6890
                                 |
1c6890
Province-B PPP/ETH Server        |            Province-B PPP Client
1c6890
--------------------------\      |      /--------------------------
0a0e1d
192.168.1.3/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.4/24
1c6890
--------------------------/      |      \--------------------------
1c6890
192.168.2.1/24 | Ethernet        |
1c6890
---------------------|----       |
1c6890
                     |           |
1c6890
              +--------+         |
1c6890
              | Switch |         |
1c6890
              +--------+         |
1c6890
                     |           |
1c6890
---------------------|--         |
1c6890
LAN2: 192.168.2.2-254/24         |
1c6890
------------------------         |
1c6890
Province-B ETH Clients           |
1c6890
                                 |
1c6890
Province-C PPP/ETH Server        |            Province-C PPP Client
1c6890
--------------------------\      |      /--------------------------
0a0e1d
192.168.1.5/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.6/24
1c6890
--------------------------/             \--------------------------
1c6890
192.168.3.1/24 | Ethernet
1c6890
---------------------|----
1c6890
                     |
1c6890
              +--------+
1c6890
              | Switch |
1c6890
              +--------+
1c6890
                     |  
1c6890
---------------------|--
1c6890
LAN3: 192.168.3.2-254/24
1c6890
------------------------
1c6890
Province-C ETH Clients
1c6890
</screen>
1c6890
    </textobject>
1c6890
    </mediaobject>
1c6890
    </screenshot>
1c6890
    </figure>
1c6890
1c6890
    <para>
1c6890
        In this configuration, computers connected to the switch will
1c6890
        also be considered as client computers. It is necessary that a
1c6890
        coordination be implemented at time of setting IP addresses to
a8154e
        new server computers so no IP address be duplicated on the
a8154e
        computer network. The illustration above describes one main
a8154e
        network (
a8154e
        class="ipaddress">192.168.1/24</systemitem>) which connects
a8154e
        all the server computers using the telephone lines as medium
a8154e
        for data transmission. The Modem interface connects just one
a8154e
        computer at a time either client or server (assuming only one
a8154e
        Modem device is installed and configured in
a8154e
        the computer acting as server).  The telephone line is used by
a8154e
        client computers to establish PPP connections with the server
a8154e
        computer and by server computers to exchange data with other
a8154e
        server computers, as well. On the other hand, the ethernet
a8154e
        interface attached to each server computer let the
a8154e
        administrator of each server computer to connect up to 252
a8154e
        computers simultaneously, assuming a class C network as shown
a8154e
        above be used.<footnote>
a8154e
        <para>
a8154e
        There are also class A and class B network types which can be
a8154e
        used to connect much more computers than a class C network
a8154e
        allows to.
a8154e
        </para>
a8154e
        </footnote>
1c6890
    </para>
1c6890
1c6890
    </sect2>
1c6890
d19ad2
    <sect2 id="connectivity-dialup-policy-bridgedcall">
d19ad2
    <title>Bridging Calls To Transfer Data</title>
d19ad2
 
1c6890
    <para>
1c6890
        When the server computers call other server computers to
a8154e
        bridge data delivery, the server computer in, let's say,
a8154e
        Province-A (srv-1.a.domain.tld) will never know that there is
a8154e
        a server computer on Province-C (srv-1.c.domain.tld) or
a8154e
        Province-D (srv-1.d.domain.tld), but in Province-B
a8154e
        (srv-1.b.domain.tld)
1c6890
        only, its nearest location.  So, when a message is sent from
a8154e
        srv-1.a.domain.tld to the server computer in
1c6890
        srv-1.d.domain.tld, the server computer in srv-1.a.domain.tld
1c6890
        contacts its nearest server computer (i.e.,
1c6890
        srv-1.b.domain.tld) and delivers to it all messages sent to
1c6890
        srv-1.d.domain.tld. Later, since srv-1.b.domain.tld doesn't
1c6890
        know about srv-1.d.domain.tld server either, it delivers all
1c6890
        messages directed to srv-1.d.domain.tld to its nearest server
1c6890
        computer (i.e., srv-1.c.domain.tld).  Later, the server
1c6890
        computer in srv-1.c.domain.tld, which knows about
1c6890
        srv-1.d.domain.tld, delivers to it all the messages it has for
a8154e
        it. Notice that, in order for this configuration to work,
a8154e
        system administrators attending the server computers must work
a8154e
        syncronized to garantee a well defined route for messages to
a8154e
        follow.  Otherwise, if one of the server computers in the path
a8154e
        creates a route for a server computer that doesn't exist
1c6890
        (or doesn't define a route at all), the information will never
1c6890
        reach its destination when such computer is acting as a bridge
a8154e
        between other two server computers.
1c6890
    </para>
1c6890
1c6890
<screen>
d19ad2
+------------------------+     +------------------------+       +------------------------+       +---------------------+
d19ad2
| To: bob@d.domain.tld   |     | To: bob@d.domain.tld   |       | To: bob@d.domain.tld   |       |    Bob's mailbox    |
d19ad2
| From: mat@a.domain.tld |     | From: ana@b.domain.tld |       | From: jef@c.domain.tld |       | (Final destination) |
d19ad2
| Body: 500KB            |     | Body: 500KB            |       | Body: 500KB            |       |                     |
d19ad2
+---|--------------------+     +---|--------------------+       +---|--------------------+       +------------------^--+
d19ad2
    |                              |                                |                                               |
d19ad2
----v--------------|<~~~~~~~~~>|---v----------------|<~~~~~~~~~>|---v----------------|<~~~~~~~~~>|------------------|---
d19ad2
srv-1.a.domain.tld | 75Km Call | srv-1.b.domain.tld | 75Km Call | srv-1.c.domain.tld | 75Km Call | srv-1.d.domain.tld
d19ad2
-------------------|<~~~~~~~~~>|--------------------|<~~~~~~~~~>|--------------------|<~~~~~~~~~>|----------------------
d19ad2
relay to:          |   5 min   | relay to:          |   10 min  | relay to:          |  15 min   |
d19ad2
srv-1.b.domain.tld |   500KB   | srv-1.c.domain.tld |   1.0MB   | srv-1.d.domain.tld |  1.5MB    |
1c6890
</screen>
d19ad2
    </sect2>
d19ad2
d19ad2
    <sect2 id="connectivity-dialup-policy-directcalls">
d19ad2
    <title>Directing Calls To Transfer Data</title>
1c6890
1c6890
    <para>
a8154e
        When the server computers make direct telephone calls (no
a8154e
        bridge in-between is used to transfer data), the server
a8154e
        computer in Province-A (srv-1.a.domain.tld) contacts the
a8154e
        server computer in Province-D (srv-1.d.domain.tld) making a
a8154e
        direct telephone call up to it. In this configuration, the
a8154e
        telephone call might cost more than those in a bridged
a8154e
        configuration where several smaller telephone calls are dialed
a8154e
        in-between the final server computer; or less, considering
a8154e
        that when server computers in a bridged configuration exchange
a8154e
        data they may move data accumulated from other server
a8154e
        computers, while a direct telephone call would transmit data
a8154e
        from one server computer to another without any accumulated
a8154e
        data from other server computers.  There is no need to
a8154e
        overload the server computers with foreign data when each
a8154e
        server computer could call themselves to transfer data
a8154e
        directly.
1c6890
    </para>
1c6890
d19ad2
<screen>
d19ad2
+------------------------+             +---------------------+
d19ad2
| To: bob@d.domain.tld   |             |    Bob's mailbox    |
d19ad2
| From: mat@a.domain.tld |             | (Final destination) |
d19ad2
| Body: 500KB            |             |                     |
d19ad2
+--|---------------------+             +------------------^--+
d19ad2
   |                                                      | 
d19ad2
---v---------------------|<~~~~~~~~~~>|-------------------|---
d19ad2
srv-1.a.domain.tld       | 225Km Call | srv-1.d.domain.tld
d19ad2
-------------------------|<~~~~~~~~~~>|-----------------------
d19ad2
relay to:                |   5 min    |
d19ad2
srv-1.d.domain.tld       |   500KB    |
d19ad2
</screen>
d19ad2
1c6890
    <para>
1c6890
        The elapsed time in a server-to-server conversation is
1c6890
        directly related to the amount of data that need to be moved
d19ad2
        from one server to another and the baud rate of the connection
d19ad2
        established between the two Modem devices. In a direct
d19ad2
        telephone call configuration, telephone calls could result to
d19ad2
        be less expensive than those in bridged configurations where
d19ad2
        server computers may accumulate traffic from other server
d19ad2
        computers in the path.  The accumulation of traffic between
d19ad2
        server computers increases the amount of time the last server
1c6890
        computer in the path before the final destination needs, in
1c6890
        order to transmit everything to the final destination. In a
1c6890
        bridged telephone call configuration, server computers acting
1c6890
        as bridges do act as servers as well and produce their own
a8154e
        traffic which is added to that one already accumulated in
a8154e
        them from other server computers. This may provoke a heugh
a8154e
        traffic in a server-to-server conversation (remarkably on the
a8154e
        last destination before the final destination), that could be
a8154e
        potentially increased with each new server computer added to
a8154e
        the string of server computers acting as bridges one another.
1c6890
    </para>
1c6890
1c6890
    </sect2>
1c6890
1c6890
    <sect2 id="connectivity-dialup-policy-lifetime">
d19ad2
    <title>Restricting PPP Connection Lifetimes</title>
1c6890
1c6890
    <para>
1c6890
        The server computer restricts the lifetime of established
1c6890
        Modem connections to 15 minutes from the establishment moment
1c6890
        on.  Once the connection has been established, if the link is
1c6890
        idle for 1 minute, the server computer will also close the
1c6890
        established connection to free the telephone line.  This
1c6890
        control can be implemented through the
1c6890
        <option>maxconnect</option> and <option>idle</option> options
1c6890
        inside the <application>pppd</application>'s configuration
0a4224
        file as described in 
0a4224
        linkend="connectivity-dialup-server-pppd-options" />.
1c6890
    </para>
1c6890
1c6890
    <para>
0a4224
        The server computer restricts the incoming calls from client
1c6890
        computers every night from 10:00PM to 12:00AM. Outside this
0a4224
        range of time, the telephone could be answered by a person,
0a4224
        not a computer. This control can be implemented through a cron
0a4224
        job and the <filename>/etc/nologin.ttyxx</filename> file;
a8154e
        where ttyxx represents the device name of your Modem (e.g.,
1c6890
        <filename>/etc/nologin.ttyACM0</filename> would prevent the
1c6890
        Modem device installed in <filename>/dev/ttyACM0</filename>
1c6890
        from answering calls).
1c6890
    </para>
1c6890
0a4224
<screen>
0a4224
# Activate Modem to attend incoming calls.
0a4224
59 21 * * * [ -f /etc/nologin.ttyACM0 ] && /bin/rm /etc/nologin.ttyACM0
0a4224
# Deactivate Modem to prevent incoming calls from being attended. 
0a4224
59 23 * * * [ ! -f /etc/nologin.ttyACM0 ] && /bin/touch /etc/nologin.ttyACM0
0a4224
</screen>
0a4224
1c6890
    </sect2>
1c6890
1c6890
    <sect2 id="connectivity-dialup-services">
d19ad2
    <title>Providing Internet Services</title>
1c6890
1c6890
    <para>
a8154e
        The implementation of internet services which require
d19ad2
        persistent connections (e.g.,
d19ad2
        <application>chats</application>) should not be considered as
a8154e
        a practical offer for PPP client computers.  Instead, only
d19ad2
        asynchronous services (e.g.,
a8154e
        <application>e-mail</application>) should be supported for
a8154e
        them. This restriction is required to reduce the connection
a8154e
        times demanded such services. For example, consider an
a8154e
        environment where you establish connection with a server
a8154e
        computer to send/receive e-mails messages and then quickly
a8154e
        disconnect from it to free the telephone line so others be
a8154e
        able of using it.  In this environment, there is no need for
a8154e
        you and others to be both connected at the same time to
a8154e
        send/receive e-mail messages to/from each other.  The e-mails
a8154e
        sent from other person to you will be available in your
a8154e
        mailbox the next time you get connected to the server computer
a8154e
        and use your e-mail client to send/receive e-mail messages.
a8154e
        Likewise, you don't need to be connected to the server
a8154e
        computer in order to write your e-mail messages.  You can
a8154e
        write down your messages off-line and then establish
1c6890
        connection once you've finished writing, just to send them out
1c6890
        and receive new messages that could have been probably sent to
1c6890
        you.
1c6890
    </para>
1c6890
1c6890
    <para>
1c6890
        Another issue related to e-mail exchange is the protocol used
1c6890
        to receive messages. Presently, there are two popular ways to
1c6890
        do this, one is through IMAP and another through POP3.  When
1c6890
        you use IMAP protocol, e-mail messages are retained in the
1c6890
        server computer and aren't downloaded to client computer.
1c6890
        Otherwise, when you use POP3 protocol, e-mail messages are
1c6890
        downloaded to the client computer and removed from server
1c6890
        computer. Based on the resources we have and the kind of link
1c6890
        used by the client computer to connect the server computer,
1c6890
        using POP3 is rather prefered than IMAP. However both are made
1c6890
        available.
1c6890
    </para>
1c6890
1c6890
    <para>
1c6890
        Assuming you use IMAP protocol to read your mailbox, be aware
1c6890
        that you need to be connected to the server computer.  Once
1c6890
        the connection is lost you won't be able to read your messages
1c6890
        (unless your e-mail client possesses a feature that let you
1c6890
        reading messages off-line). Moreover, you run the risk of
1c6890
        getting your mailbox out of space. If your mailbox gets out of
1c6890
        space, new messages sent to you will not be deliver to your
1c6890
        mailbox.  Instead, they will be deferred for a period of time
1c6890
        (e.g., about 5 days when using
1c6890
        <application>Postfix</application> defaults) hoping you to
1c6890
        free the space in your mailbox to deliver them.  If you don't
1c6890
        free space on your mailbox within this period of time, the
1c6890
        deferred e-mails will be bounced back to their senders and you
1c6890
        will never see them.  On the other hand, assuming you are
1c6890
        using POP3 protocol to read your mailbox, you always keep your
1c6890
        mailbox free to receive new e-mails messages and keep them for
1c6890
        you until the next time you establish connection with the
1c6890
        server computer and download them to your client computer
1c6890
        using your e-mail client.
1c6890
    </para>
1c6890
1c6890
    <para>
1c6890
        The information generated inside the server computer is
1c6890
        isolated from Internet. This way, any information generated
1c6890
        inside the server computer will be available only to people
1c6890
        connected to the same network the server computer is connected
1c6890
        to. For example, don't ever expect to send/receive e-mails
1c6890
        to/from Internet e-mail accounts like Gmail or Yahoo, nor
1c6890
        visiting web sites like 
1c6890
        url="http://www.google.com/">Google</ulink> or 
1c6890
        url="http://www.wikipedia.org/">Wikipedia</ulink> either. For
1c6890
        this to happen, it is required an established connection
1c6890
        between the server computer you are establishing connection
1c6890
        through and the Internet network those services are available
1c6890
        in. Without that link, it is not possible to direct your
1c6890
        requests to those sites.
1c6890
    </para>
1c6890
1c6890
    </sect2>
1c6890
1c6890
</sect1>