<sect1 id="connectivity-dialup-policy">
<title>Usage Convenctions</title>
<sect2 id="connectivity-dialup-policy-auth">
<title>Authenticating PPP Users</title>
<para>
The client computers will need to authenticate against the
server computer each time they intend to establish a PPP
connection. The username and password required by the client
computers will be public and will rarely change.
</para>
<example id="connectivity-dialup-policy-auth.fig-1">
<title>Credentials for PPP authentication</title>
<screenshot>
<screeninfo>Credentials for PPP authentication</screeninfo>
<mediaobject>
<textobject>
<screen>
ISP Name: projects.centos.org
ISP Phone: +53043515094
Username: faith
Password: mail4u.2k10
</screen>
</textobject>
</mediaobject>
</screenshot>
</example>
<para>
The server computer provides only one telephone line available
(e.g., +53043515094) to receive incoming calls. This directly
affects the possibilities a client computer has to establish
connection with the server computer in an environment where
several client computers are struggling among themselves to
establish a dial-up connection with the server computer. To
prevent this kind of issues from happening, it is innevitable
for the server computer to provide more telephone lines for
incoming calls (at least one for each user the server computer
expects to receive incoming calls from).
</para>
</sect2>
<sect2 id="connectivity-dialup-policy-network">
<title>One PPP network of two computers</title>
<para>
The simpliest configuration we can achive over the telephone
network involves two computers only where one computer would
be acting as server and another as client. In this
configuration, the client computer establishes connection to
the server to make use of internet services provided therein.
</para>
<para>
When the client computer calls the server computer, the call
is attended by mgetty and then passed pppd to establish a PPP
conversation. The first thing in the conversation is
authentication and if it passes then IPCP conversation takes
place to set IP addresses and start transmitting data over the
link. IP addresses need to be set when the Modem device is
configured (see <xref
linkend="connectivity-dialup-modem-config" />) or you can
leave it to the server computer to assign them for you
(assuming you are calling a server computer to establish
connection to it). If you are configuring a server computer,
then it is necessary that you set the IP address and netmask
of the IP network you are planning to set through a Modem
device (e.g., ppp0).
</para>
<para>
Specifiying the IP information on the server computer is very
important, otherwise the network created may end up undefined
and this would provoke errors on data transmission. When the
server computer doesn't set the network mask in the Modem
device configuration file, the <systemitem
class="daemon">pppd</systemitem> daemon would try to retrive
such information from the client computer and if the client
computer didn't specify either, the network recently created
would end up having a wrong network mask (e.g., <systemitem
class="netmask">255.255.255.255</systemitem>) which provokes
the network to fail when someone tries to transfer data
through it.
</para>
<figure id="connectivity-dialup-policy-network-basic">
<title>One PPP network of two computers</title>
<screenshot>
<screeninfo>One PPP network of two computers</screeninfo>
<mediaobject>
<textobject>
<screen>
Provice-A PPP Server Province-A PPP Client
--------------------------\ /--------------------------
192.168.1.1/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.2/24
--------------------------/ \--------------------------
</screen>
</textobject>
</mediaobject>
</screenshot>
</figure>
<para>
The <xref linkend="connectivity-dialup-policy-network-basic" />
describes the simpliest configuration we can implement for a
point-to-point connection. This configuration involves two
computers only, one acting as server (the server computer) and
other action as client (the client computer). The client
computer calls the server computer to establish a PPP
connection in order to use whatever internet service the
server computer provides. In the figure we can see that there
are two IP addresses involved (<systemitem
class="ipaddress">192.168.1.1</systemitem> and <systemitem
class="ipaddress">192.168.1.2</systemitem>) inside the same
newtork (<systemitem
class="netmask">255.255.255.0</systemitem>).
</para>
<para>
This configuration might be convenient for people in the same
location, near one another. Here, the client computer
establishes connection locally and can use whatever internet
service the server computer provides. Since the connection
lifetime is limited (see <xref
linkend="connectivity-dialup-policy-lifetime" />) and only two
peers can be connected at the same time (assuming only one
modem is attached to the server computer), the implementation
of some internet services like chat aren't a practical offer
for the server computer to provide. However, internet
services like e-mail fit perfectly on an environment where
more than one client computer will be struggling among
themselves for establishing connection with the server
computer (e.g., people connect to send/receive their e-mail
messages to/from the server computer).
</para>
</sect2>
<sect2 id="connectivity-dialup-policy-network-extended">
<title>One PPP network of several computers</title>
<para>
Based on <xref
linkend="connectivity-dialup-policy-network" />, it is
possible to provide an extended version including several
server computers that may communicate between themselves to
distribute data collected by the client computers they serve
to. For example, consider the telephone network of a country
which is organized in provinces and each province is divided
in several municipalities. In such organization, it would be
possible to set one or more server computers for each province
and let near people to dial-up on them to use whatever
internet service they provide. Later, it could be possible
for each server computer to establish a dial-up connections
with other near server computers in order to share information
from one province to another. This configuration is
illustrated in <xref
linkend="connectivity-dialup-policy-network-extended.fig-1" />.
</para>
<para>
In this configuration, if someone in Province-A needs to send
a message to someone in Province-C (which is far away from
Province-A and making a telephone call there would imply a
considerable amount of money), there is no need (even it is
possible) for that person to realize a direct telephone call
from Province-A to Province-C. Instead, that person in
Province-A can send its messages to server A (the nearest
server on its location) making a local telephone call and
then, the server A would take care of delivering the
information using other servers following the same concept of
nearest delivery.
</para>
<figure id="connectivity-dialup-policy-network-extended.fig-1">
<title>One PPP network of several computers</title>
<screenshot>
<screeninfo>One PPP network of several computers</screeninfo>
<mediaobject>
<textobject>
<screen>
Provice-A PPP Server Province-A PPP Client
--------------------------\ /--------------------------
192.168.1.1/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.2/24
--------------------------/ | \--------------------------
|
Provice-B PPP Server | Province-B PPP Client
--------------------------\ | /--------------------------
192.168.1.3/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.4/24
--------------------------/ | \--------------------------
|
Provice-C PPP Server | Province-C PPP Client
--------------------------\ | /--------------------------
192.168.1.5/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.6/24
--------------------------/ \--------------------------
</screen>
</textobject>
</mediaobject>
</screenshot>
</figure>
<para>
The more distant a telephone call is, the more expensive it
is. This way, to move information from one province to
another, server computers must be configured to send
information to the nearest province until reaching its
destination. For example, if you are in Province-A and want to
send an e-mail message to Province-D, the server computer
configuered in Province-A must sed the e-mail message to
Province-B, then server in Province-B must be configuered to
send such message to Province-C, and then C to D. This is
required because making a direct call from Province-A to
Province-D would be too much expensive.
</para>
<para>
Since telephone calls are required to establish connections
between computers and each call costs money based on the
location and the destination, it is required to set a
convenction in this area, specially if you plan to realize
interprovincial telephone calls to interchange data with computer
servers on different provinces.
</para>
<itemizedlist>
<listitem>
<para>
Do you make direct telephone calls to make direct data delivery?
— This configuration could be very expensive to maintain
(considering the telephone call distances), but data will be
delivered very fast to their destinations.
</para>
</listitem>
<listitem>
<para>
Do you call the nearest server computer and let it to deliver
your data to its destination? — This configuration could
be less expensive to maintain (considering the telephone call
distances), but data delivery will take much more time to
reach their destinations (and there is no way to be sure it
will do).
</para>
</listitem>
</itemizedlist>
<para>
Whatever calling schema be choosed, the server computers will
always talk through UUCP to transfer data from one place to
another. The server computers will operate with two IP
addresses each, unless you plan to connect one of the server
computers to a different network (Internet, maybe?). One IP
address would identify the server computer itself and the
other would identify the client computer establishing
connection to the server computer. In this configuration it
is very importat that each server and client computer does
have one unique IP address. This way it would be possible to
move the information from one computer to another. Notice that
the number of PPP clients is directly related to the number of
telephone lines a server computer has configured to receive
incomming calls on. If there is only one telephone line
attached to the server computer then, only one client computer
will be able to establish connection to that server computer.
Other PPP clients will need to wait until the telephone line
gets free in order to establish connection with that server
computer. On the other hand, if the server computer has two
(or more) attached telephone lines, it would be possible to
attend incoming calls from two (or more) PPP client at the
same time. As resume, we can say that: the more telephone
lines the server computer has attached in, the more
simultaneous connections that computer will be able to
attend/realize from/to other computers.
</para>
</sect2>
<sect2 id="connectivity-dialup-policy-network-eth">
<title>One PPP+Ethernet network of several computers</title>
<para>
Assuming all the server computers with a Modem interface
attached have also one (or more) Ethernet interface attached
(which is very common nowadays), it would be possible to
extend the configuration described in <xref
linkend="connectivity-dialup-policy-network-extended.fig-1" />
creating one Ethernet network for each server and client
computer in the configuration. For this configuration to be
implemented it is also required one switch device for each
computer with having both the Ethernet and Modem interface, as
described in <xref
linkend="connectivity-dialup-policy-network-extended.fig-2"
/>.
</para>
<figure id="connectivity-dialup-policy-network-extended.fig-2">
<title>One PPP+Ethernet network of several computers</title>
<screenshot>
<screeninfo>One PPP+Ethernet network of several computers</screeninfo>
<mediaobject>
<textobject>
<screen>
Province-A PPP/ETH Server Province-A PPP Client
--------------------------\ /--------------------------
192.168.1.1/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.2/24
--------------------------/ | \--------------------------
192.168.0.1/24 | Ethernet |
---------------------|---- |
| |
+--------+ |
| Switch | |
+--------+ |
| |
---------------------|-- |
LAN1: 192.168.0.2-254/24 |
------------------------ |
Province-A ETH Clients |
|
Province-B PPP/ETH Server | Province-B PPP Client
--------------------------\ | /--------------------------
192.168.1.3/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.4/24
--------------------------/ | \--------------------------
192.168.2.1/24 | Ethernet |
---------------------|---- |
| |
+--------+ |
| Switch | |
+--------+ |
| |
---------------------|-- |
LAN2: 192.168.2.2-254/24 |
------------------------ |
Province-B ETH Clients |
|
Province-C PPP/ETH Server | Province-C PPP Client
--------------------------\ | /--------------------------
192.168.1.5/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.6/24
--------------------------/ \--------------------------
192.168.3.1/24 | Ethernet
---------------------|----
|
+--------+
| Switch |
+--------+
|
---------------------|--
LAN3: 192.168.3.2-254/24
------------------------
Province-C ETH Clients
</screen>
</textobject>
</mediaobject>
</screenshot>
</figure>
<para>
In this configuration, computers connected to the switch will
also be considered as client computers. It is necessary that a
coordination be implemented at time of setting IP addresses to
new server computers so no IP address be duplicated. The
illustration above, describes one main network (192.168.0/24)
which connects all the server computers using the telephone
lines as medium for data transmission. Using the Modem
interface it is possible to connect just one client computer
at a time (assuming only one modem is availalble in the server
computer).
</para>
<para>
The telephone line is used by client computers to establish
PPP connections with the server computer and by server
computers to interchange data with other server computers, as
well. On the other hand, the ethernet interface attached to
each server computer let the administrator of that server
computer to connect up to 252 computers simultaneously.
</para>
</sect2>
<sect2 id="connectivity-dialup-policy-bridgedcall">
<title>Bridging Calls To Transfer Data</title>
<para>
When the server computers call other server computers to
bridge data delivery, the server computer in Province-A
(srv-1.a.domain.tld) will never know that there is a server
computer on Province-C (srv-1.c.domain.tld) or Province-D
(srv-1.d.domain.tld), but in Province-B (srv-1.b.domain.tld)
only, its nearest location. So, when a message is sent from
srv-1.d.domain.tld to the server computer in
srv-1.d.domain.tld, the server computer in srv-1.a.domain.tld
contacts its nearest server computer (i.e.,
srv-1.b.domain.tld) and delivers to it all messages sent to
srv-1.d.domain.tld. Later, since srv-1.b.domain.tld doesn't
know about srv-1.d.domain.tld server either, it delivers all
messages directed to srv-1.d.domain.tld to its nearest server
computer (i.e., srv-1.c.domain.tld). Later, the server
computer in srv-1.c.domain.tld, which knows about
srv-1.d.domain.tld, delivers to it all the messages it has for
it. Notice that, in order for this configuration to work, it
is required that all the server computer administrators do
work syncronized to garantee a well defined route for messages
to follow. Otherwise, if one of the server computers in the
path creates a route for a server computer that doesn't exist
(or doesn't define a route at all), the information will never
reach its destination when such computer is acting as a bridge
between the source and the target server computer.
</para>
<screen>
+------------------------+ +------------------------+ +------------------------+ +---------------------+
| To: bob@d.domain.tld | | To: bob@d.domain.tld | | To: bob@d.domain.tld | | Bob's mailbox |
| From: mat@a.domain.tld | | From: ana@b.domain.tld | | From: jef@c.domain.tld | | (Final destination) |
| Body: 500KB | | Body: 500KB | | Body: 500KB | | |
+---|--------------------+ +---|--------------------+ +---|--------------------+ +------------------^--+
| | | |
----v--------------|<~~~~~~~~~>|---v----------------|<~~~~~~~~~>|---v----------------|<~~~~~~~~~>|------------------|---
srv-1.a.domain.tld | 75Km Call | srv-1.b.domain.tld | 75Km Call | srv-1.c.domain.tld | 75Km Call | srv-1.d.domain.tld
-------------------|<~~~~~~~~~>|--------------------|<~~~~~~~~~>|--------------------|<~~~~~~~~~>|----------------------
relay to: | 5 min | relay to: | 10 min | relay to: | 15 min |
srv-1.b.domain.tld | 500KB | srv-1.c.domain.tld | 1.0MB | srv-1.d.domain.tld | 1.5MB |
</screen>
</sect2>
<sect2 id="connectivity-dialup-policy-directcalls">
<title>Directing Calls To Transfer Data</title>
<para>
When the server computers make direct telephone calls (no bridge
in-between is used to transfer data), the server computer in
Province-A (srv-1.a.domain.tld) contacts the server computer
in Province-D (srv-1.d.domain.tld) making a direct telephone call
to it. In this configuration, the telephone call might cost more
than a bridged configuration where several smaller telephone calls
are dialed between the data origin and the data destination;
or less, considering that when server computers in a bridged
configuration interchange data they may move data accumulated
from other server computers, while a direct telephone call would
transmit data from one server computer to another without
intermediate steps. There is no need to overload the server
computers with foreign data when each server computer could
call themselves to transfer data directly.
</para>
<screen>
+------------------------+ +---------------------+
| To: bob@d.domain.tld | | Bob's mailbox |
| From: mat@a.domain.tld | | (Final destination) |
| Body: 500KB | | |
+--|---------------------+ +------------------^--+
| |
---v---------------------|<~~~~~~~~~~>|-------------------|---
srv-1.a.domain.tld | 225Km Call | srv-1.d.domain.tld
-------------------------|<~~~~~~~~~~>|-----------------------
relay to: | 5 min |
srv-1.d.domain.tld | 500KB |
</screen>
<para>
The elapsed time in a server-to-server conversation is
directly related to the amount of data that need to be moved
from one server to another and the baud rate of the connection
established between the two Modem devices. In a direct
telephone call configuration, telephone calls could result to
be less expensive than those in bridged configurations where
server computers may accumulate traffic from other server
computers in the path. The accumulation of traffic between
server computers increases the amount of time the last server
computer in the path before the final destination needs, in
order to transmit everything to the final destination. In a
bridged telephone call configuration, server computers acting
as bridges do act as servers as well and produce their own
traffic which is sumed to that one already accumulated in
them. This may provoke a heugh traffic in a server-to-server
conversation (remarkably on the last destination before the
final destination), that could be potentially increased with
each new server computer added to the string of server
computers acting as bridges one another.
</para>
</sect2>
<sect2 id="connectivity-dialup-policy-lifetime">
<title>Restricting PPP Connection Lifetimes</title>
<para>
The server computer restricts the lifetime of established
Modem connections to 15 minutes from the establishment moment
on. Once the connection has been established, if the link is
idle for 1 minute, the server computer will also close the
established connection to free the telephone line. This
control can be implemented through the
<option>maxconnect</option> and <option>idle</option> options
inside the <application>pppd</application>'s configuration
file.
</para>
<para>
The server computer will attend incoming calls from client
computers every night from 10:00PM to 12:00AM. Outside this
range of time, the telephone could be answered by somebody,
not the computer. This control can be implemented through a
cron job and the <filename>/etc/nologin.ttyxx</filename> file;
where ttyxx represents the device name of your modem (e.g.,
<filename>/etc/nologin.ttyACM0</filename> would prevent the
Modem device installed in <filename>/dev/ttyACM0</filename>
from answering calls).
</para>
</sect2>
<sect2 id="connectivity-dialup-services">
<title>Providing Internet Services</title>
<para>
The implementation of internet services that required
persistent connections (e.g.,
<application>chats</application>) should not be considered as
a practical offer inside the server computer. Instead, only
asynchronous services (e.g.,
<application>e-mail</application>) should be supported. This
restriction is required to reduce the connection time demanded
by services. For example, consider an environment where you
connect to the server computer for sending/receiving e-mails
messages and then quickly disconnect from it to free the
telephone line for others to use. In this environment, there
is no need for you and other person to be both connected at
the same time to send/receive e-mail messages to/from each
other. The e-mails sent from other person to you will be
available in your mailbox the next time you get connected to
the server computer and use your e-mail client to send/receive
e-mail messages. Likewise, you don't need to be connected to
the server computer in order to write your e-mail messages.
You can write down your messages off-line and then establish
connection once you've finished writing, just to send them out
and receive new messages that could have been probably sent to
you.
</para>
<para>
Another issue related to e-mail exchange is the protocol used
to receive messages. Presently, there are two popular ways to
do this, one is through IMAP and another through POP3. When
you use IMAP protocol, e-mail messages are retained in the
server computer and aren't downloaded to client computer.
Otherwise, when you use POP3 protocol, e-mail messages are
downloaded to the client computer and removed from server
computer. Based on the resources we have and the kind of link
used by the client computer to connect the server computer,
using POP3 is rather prefered than IMAP. However both are made
available.
</para>
<para>
Assuming you use IMAP protocol to read your mailbox, be aware
that you need to be connected to the server computer. Once
the connection is lost you won't be able to read your messages
(unless your e-mail client possesses a feature that let you
reading messages off-line). Moreover, you run the risk of
getting your mailbox out of space. If your mailbox gets out of
space, new messages sent to you will not be deliver to your
mailbox. Instead, they will be deferred for a period of time
(e.g., about 5 days when using
<application>Postfix</application> defaults) hoping you to
free the space in your mailbox to deliver them. If you don't
free space on your mailbox within this period of time, the
deferred e-mails will be bounced back to their senders and you
will never see them. On the other hand, assuming you are
using POP3 protocol to read your mailbox, you always keep your
mailbox free to receive new e-mails messages and keep them for
you until the next time you establish connection with the
server computer and download them to your client computer
using your e-mail client.
</para>
<para>
The information generated inside the server computer is
isolated from Internet. This way, any information generated
inside the server computer will be available only to people
connected to the same network the server computer is connected
to. For example, don't ever expect to send/receive e-mails
to/from Internet e-mail accounts like Gmail or Yahoo, nor
visiting web sites like <ulink
url="http://www.google.com/">Google</ulink> or <ulink
url="http://www.wikipedia.org/">Wikipedia</ulink> either. For
this to happen, it is required an established connection
between the server computer you are establishing connection
through and the Internet network those services are available
in. Without that link, it is not possible to direct your
requests to those sites.
</para>
</sect2>
</sect1>