<sect1 id="connectivity-dialup-policy">

    <title>Usage Convenctions</title>

    <sect2 id="connectivity-dialup-policy-auth">

    <title>Authenticating PPP Users</title>

    <para>

        The client computers will need to authenticate against the

        server computer each time they intend to establish a PPP

        connection. The username and password required by the client

        computers will be public and will rarely change.

    </para>

    <example id="connectivity-dialup-policy-auth.fig-1">

    <title>Credentials for PPP authentication</title>

    <screenshot>

    <screeninfo>Credentials for PPP authentication</screeninfo>

    <mediaobject>

    <textobject>

<screen>

 ISP Name: projects.centos.org

ISP Phone: +53043515094

 Username: faith

 Password: mail4u.2k10

</screen>

    </textobject>

    </mediaobject>

    </screenshot>

    </example>

    <para>

        The server computer provides only one telephone line available

        (e.g., +53043515094) to receive incoming calls.  This directly

        affects the possibilities a client computer has to establish

        connection with the server computer in an environment where

        several client computers are struggling among themselves to

        establish a dial-up connection with the server computer.  To

        prevent this kind of issues from happening, it is innevitable

        for the server computer to provide more telephone lines for

        incoming calls (at least one for each user the server computer

        expects to receive incoming calls from).

    </para>

    </sect2>

    <sect2 id="connectivity-dialup-policy-network">

    <title>One PPP network of two computers</title>

    <para>

        The simpliest configuration we can achive over the telephone

        network involves two computers only where one computer would

        be acting as server and another as client. In this

        configuration, the client computer establishes connection to

        the server to make use of internet services provided therein.

    </para>

    <para>

        When the client computer calls the server computer, the call

        is attended by mgetty and then passed pppd to establish a PPP

        conversation.  The first thing in the conversation is

        authentication and if it passes then IPCP conversation takes

        place to set IP addresses and start transmitting data over the

        link. IP addresses need to be set when the Modem device is

        configured (see 

        linkend="connectivity-dialup-modem-config" />) or you can

        leave it to the server computer to assign them for you

        (assuming you are calling a server computer to establish

        connection to it). If you are configuring a server computer,

        then it is necessary that you set the IP address and netmask

        of the IP network you are planning to set through a Modem

        device (e.g., ppp0).

    </para>

    <para>

        Specifiying the IP information on the server computer is very

        important, otherwise the network created may end up undefined

        and this would provoke errors on data transmission.  When the

        server computer doesn't set the network mask in the Modem

        device configuration file, the 

        class="daemon">pppd</systemitem> daemon would try to retrive

        such information from the client computer and if the client

        computer didn't specify either, the network recently created

        would end up having a wrong network mask (e.g., 

        class="netmask">255.255.255.255</systemitem>) which provokes

        the network to fail when someone tries to transfer data

        through it.

    </para>

    <figure id="connectivity-dialup-policy-network-basic">

    <title>One PPP network of two computers</title>

    <screenshot>

    <screeninfo>One PPP network of two computers</screeninfo>

    <mediaobject>

    <textobject>

<screen>

Provice-A PPP Server                          Province-A PPP Client

--------------------------\             /--------------------------

192.168.1.1/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.2/24

--------------------------/             \--------------------------

</screen>

    </textobject>

    </mediaobject>

    </screenshot>

    </figure>

    <para>

        The <xref linkend="connectivity-dialup-policy-network-basic" />

        describes the simpliest configuration we can implement for a

        point-to-point connection. This configuration involves two

        computers only, one acting as server (the server computer) and

        other action as client (the client computer). The client

        computer calls the server computer to establish a PPP

        connection in order to use whatever internet service the

        server computer provides. In the figure we can see that there

        are two IP addresses involved (

        class="ipaddress">192.168.1.1</systemitem> and 

        class="ipaddress">192.168.1.2</systemitem>) inside the same

        newtork (

        class="netmask">255.255.255.0</systemitem>).

    </para>

    <para>

        This configuration might be convenient for people in the same

        location, near one another. Here, the client computer

        establishes connection locally and can use whatever internet

        service the server computer provides. Since the connection

        lifetime is limited (see 

        linkend="connectivity-dialup-policy-lifetime" />) and only two

        peers can be connected at the same time (assuming only one

        modem is attached to the server computer), the implementation

        of some internet services like chat aren't a practical offer

        for the server computer to provide.  However, internet

        services like e-mail fit perfectly on an environment where

        more than one client computer will be struggling among

        themselves for establishing connection with the server

        computer (e.g., people connect to send/receive their e-mail

        messages to/from the server computer).

    </para>

    </sect2>

    <sect2 id="connectivity-dialup-policy-network-extended">

    <title>One PPP network of several computers</title>

    <para>

        Based on 

        linkend="connectivity-dialup-policy-network" />, it is

        possible to provide an extended version including several

        server computers that may communicate between themselves to

        distribute data collected by the client computers they serve

        to. For example, consider the telephone network of a country

        which is organized in provinces and each province is divided

        in several municipalities. In such organization, it would be

        possible to set one or more server computers for each province

        and let near people to dial-up on them to use whatever

        internet service they provide.  Later, it could be possible

        for each server computer to establish a dial-up connections

        with other near server computers in order to share information

        from one province to another. This configuration is

        illustrated in 

        linkend="connectivity-dialup-policy-network-extended.fig-1" />.

    </para>

    <para>

        In this configuration, if someone in Province-A needs to send

        a message to someone in Province-C (which is far away from

        Province-A and making a telephone call there would imply a

        considerable amount of money), there is no need (even it is

        possible) for that person to realize a direct telephone call

        from Province-A to Province-C. Instead, that person in

        Province-A can send its messages to server A (the nearest

        server on its location) making a local telephone call and

        then, the server A would take care of delivering the

        information using other servers following the same concept of

        nearest delivery. 

    </para>

    <figure id="connectivity-dialup-policy-network-extended.fig-1">

    <title>One PPP network of several computers</title>

    <screenshot>

    <screeninfo>One PPP network of several computers</screeninfo>

    <mediaobject>

    <textobject>

<screen>

Provice-A PPP Server                          Province-A PPP Client

--------------------------\             /--------------------------

192.168.1.1/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.2/24

--------------------------/      |      \--------------------------

                                 |

Provice-B PPP Server             |            Province-B PPP Client

--------------------------\      |      /--------------------------

192.168.1.3/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.4/24

--------------------------/      |      \--------------------------

                                 |

Provice-C PPP Server             |            Province-C PPP Client

--------------------------\      |      /--------------------------

192.168.1.5/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.6/24

--------------------------/             \--------------------------

</screen>

    </textobject>

    </mediaobject>

    </screenshot>

    </figure>

    <para>

        The more distant a telephone call is, the more expensive it

        is. This way, to move information from one province to

        another, server computers must be configured to send

        information to the nearest province until reaching its

        destination. For example, if you are in Province-A and want to

        send an e-mail message to Province-D, the server computer

        configuered in Province-A must sed the e-mail message to

        Province-B, then server in Province-B must be configuered to

        send such message to Province-C, and then C to D. This is

        required because making a direct call from Province-A to

        Province-D would be too much expensive.

    </para>

    <para>

        Since telephone calls are required to establish connections

        between computers and each call costs money based on the

        location and the destination, it is required to set a

        convenction in this area, specially if you plan to realize

        interprovincial telephone calls to interchange data with computer

        servers on different provinces.

    </para>

    <itemizedlist>

    <listitem>

    <para>

        Do you make direct telephone calls to make direct data delivery?

        — This configuration could be very expensive to maintain

        (considering the telephone call distances), but data will be

        delivered very fast to their destinations.

    </para>

    </listitem>

    <listitem>

    <para>

        Do you call the nearest server computer and let it to deliver

        your data to its destination? — This configuration could

        be less expensive to maintain (considering the telephone call

        distances), but data delivery will take much more time to

        reach their destinations (and there is no way to be sure it

        will do).

    </para>

    </listitem>

    </itemizedlist>

    <para>

        Whatever calling schema be choosed, the server computers will

        always talk through UUCP to transfer data from one place to

        another. The server computers will operate with two IP

        addresses each, unless you plan to connect one of the server

        computers to a different network (Internet, maybe?). One IP

        address would identify the server computer itself and the

        other would identify the client computer establishing

        connection to the server computer.  In this configuration it

        is very importat that each server and client computer does

        have one unique IP address. This way it would be possible to

        move the information from one computer to another. Notice that

        the number of PPP clients is directly related to the number of

        telephone lines a server computer has configured to receive

        incomming calls on. If there is only one telephone line

        attached to the server computer then, only one client computer

        will be able to establish connection to that server computer.

        Other PPP clients will need to wait until the telephone line

        gets free in order to establish connection with that server

        computer.  On the other hand, if the server computer has two

        (or more) attached telephone lines, it would be possible to

        attend incoming calls from two (or more) PPP client at the

        same time. As resume, we can say that: the more telephone

        lines the server computer has attached in, the more

        simultaneous connections that computer will be able to

        attend/realize from/to other computers.

    </para>

    </sect2>

    <sect2 id="connectivity-dialup-policy-network-eth">

    <title>One PPP+Ethernet network of several computers</title>

    <para>

        Assuming all the server computers with a Modem interface

        attached have also one (or more) Ethernet interface attached

        (which is very common nowadays), it would be possible to

        extend the configuration described in 

        linkend="connectivity-dialup-policy-network-extended.fig-1" />

        creating one Ethernet network for each server and client

        computer in the configuration. For this configuration to be

        implemented it is also required one switch device for each

        computer with having both the Ethernet and Modem interface, as

        described in 

        linkend="connectivity-dialup-policy-network-extended.fig-2"

        />.

    </para>

    <figure id="connectivity-dialup-policy-network-extended.fig-2">

    <title>One PPP+Ethernet network of several computers</title>

    <screenshot>

    <screeninfo>One PPP+Ethernet network of several computers</screeninfo>

    <mediaobject>

    <textobject>

<screen>

Province-A PPP/ETH Server                     Province-A PPP Client

--------------------------\             /--------------------------

192.168.1.1/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.2/24

--------------------------/      |      \--------------------------

192.168.0.1/24 | Ethernet        |

---------------------|----       |

                     |           |

              +--------+         |

              | Switch |         |

              +--------+         |

                     |           |

---------------------|--         |

LAN1: 192.168.0.2-254/24         |

------------------------         |

Province-A ETH Clients           |

                                 |

Province-B PPP/ETH Server        |            Province-B PPP Client

--------------------------\      |      /--------------------------

192.168.1.3/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.4/24

--------------------------/      |      \--------------------------

192.168.2.1/24 | Ethernet        |

---------------------|----       |

                     |           |

              +--------+         |

              | Switch |         |

              +--------+         |

                     |           |

---------------------|--         |

LAN2: 192.168.2.2-254/24         |

------------------------         |

Province-B ETH Clients           |

                                 |

Province-C PPP/ETH Server        |            Province-C PPP Client

--------------------------\      |      /--------------------------

192.168.1.5/24 | Modem ~~~ TelephoneLine ~~~ Modem | 192.168.1.6/24

--------------------------/             \--------------------------

192.168.3.1/24 | Ethernet

---------------------|----

                     |

              +--------+

              | Switch |

              +--------+

                     |  

---------------------|--

LAN3: 192.168.3.2-254/24

------------------------

Province-C ETH Clients

</screen>

    </textobject>

    </mediaobject>

    </screenshot>

    </figure>

    <para>

        In this configuration, computers connected to the switch will

        also be considered as client computers. It is necessary that a

        coordination be implemented at time of setting IP addresses to

        new server computers so no IP address be duplicated. The

        illustration above, describes one main network (192.168.0/24)

        which connects all the server computers using the telephone

        lines as medium for data transmission. Using the Modem

        interface it is possible to connect just one client computer

        at a time (assuming only one modem is availalble in the server

        computer).

    </para>

    <para>

        The telephone line is used by client computers to establish

        PPP connections with the server computer and by server

        computers to interchange data with other server computers, as

        well. On the other hand, the ethernet interface attached to

        each server computer let the administrator of that server

        computer to connect up to 252 computers simultaneously.

    </para>

    </sect2>

    <sect2 id="connectivity-dialup-policy-bridgedcall">

    <title>Bridging Calls To Transfer Data</title>

    <para>

        When the server computers call other server computers to

        bridge data delivery, the server computer in Province-A

        (srv-1.a.domain.tld) will never know that there is a server

        computer on Province-C (srv-1.c.domain.tld) or Province-D

        (srv-1.d.domain.tld), but in Province-B (srv-1.b.domain.tld)

        only, its nearest location.  So, when a message is sent from

        srv-1.d.domain.tld to the server computer in

        srv-1.d.domain.tld, the server computer in srv-1.a.domain.tld

        contacts its nearest server computer (i.e.,

        srv-1.b.domain.tld) and delivers to it all messages sent to

        srv-1.d.domain.tld. Later, since srv-1.b.domain.tld doesn't

        know about srv-1.d.domain.tld server either, it delivers all

        messages directed to srv-1.d.domain.tld to its nearest server

        computer (i.e., srv-1.c.domain.tld).  Later, the server

        computer in srv-1.c.domain.tld, which knows about

        srv-1.d.domain.tld, delivers to it all the messages it has for

        it. Notice that, in order for this configuration to work, it

        is required that all the server computer administrators do

        work syncronized to garantee a well defined route for messages

        to follow.  Otherwise, if one of the server computers in the

        path creates a route for a server computer that doesn't exist

        (or doesn't define a route at all), the information will never

        reach its destination when such computer is acting as a bridge

        between the source and the target server computer.

    </para>

<screen>

+------------------------+     +------------------------+       +------------------------+       +---------------------+

| To: bob@d.domain.tld   |     | To: bob@d.domain.tld   |       | To: bob@d.domain.tld   |       |    Bob's mailbox    |

| From: mat@a.domain.tld |     | From: ana@b.domain.tld |       | From: jef@c.domain.tld |       | (Final destination) |

| Body: 500KB            |     | Body: 500KB            |       | Body: 500KB            |       |                     |

+---|--------------------+     +---|--------------------+       +---|--------------------+       +------------------^--+

    |                              |                                |                                               |

----v--------------|<~~~~~~~~~>|---v----------------|<~~~~~~~~~>|---v----------------|<~~~~~~~~~>|------------------|---

srv-1.a.domain.tld | 75Km Call | srv-1.b.domain.tld | 75Km Call | srv-1.c.domain.tld | 75Km Call | srv-1.d.domain.tld

-------------------|<~~~~~~~~~>|--------------------|<~~~~~~~~~>|--------------------|<~~~~~~~~~>|----------------------

relay to:          |   5 min   | relay to:          |   10 min  | relay to:          |  15 min   |

srv-1.b.domain.tld |   500KB   | srv-1.c.domain.tld |   1.0MB   | srv-1.d.domain.tld |  1.5MB    |

</screen>

    </sect2>

    <sect2 id="connectivity-dialup-policy-directcalls">

    <title>Directing Calls To Transfer Data</title>

    <para>

        When the server computers make direct telephone calls (no bridge

        in-between is used to transfer data), the server computer in

        Province-A (srv-1.a.domain.tld) contacts the server computer

        in Province-D (srv-1.d.domain.tld) making a direct telephone call

        to it. In this configuration, the telephone call might cost more

        than a bridged configuration where several smaller telephone calls

        are dialed between the data origin and the data destination;

        or less, considering that when server computers in a bridged

        configuration interchange data they may move data accumulated

        from other server computers, while a direct telephone call would

        transmit data from one server computer to another without

        intermediate steps. There is no need to overload the server

        computers with foreign data when each server computer could

        call themselves to transfer data directly.

    </para>

<screen>

+------------------------+             +---------------------+

| To: bob@d.domain.tld   |             |    Bob's mailbox    |

| From: mat@a.domain.tld |             | (Final destination) |

| Body: 500KB            |             |                     |

+--|---------------------+             +------------------^--+

   |                                                      | 

---v---------------------|<~~~~~~~~~~>|-------------------|---

srv-1.a.domain.tld       | 225Km Call | srv-1.d.domain.tld

-------------------------|<~~~~~~~~~~>|-----------------------

relay to:                |   5 min    |

srv-1.d.domain.tld       |   500KB    |

</screen>

    <para>

        The elapsed time in a server-to-server conversation is

        directly related to the amount of data that need to be moved

        from one server to another and the baud rate of the connection

        established between the two Modem devices. In a direct

        telephone call configuration, telephone calls could result to

        be less expensive than those in bridged configurations where

        server computers may accumulate traffic from other server

        computers in the path.  The accumulation of traffic between

        server computers increases the amount of time the last server

        computer in the path before the final destination needs, in

        order to transmit everything to the final destination. In a

        bridged telephone call configuration, server computers acting

        as bridges do act as servers as well and produce their own

        traffic which is sumed to that one already accumulated in

        them. This may provoke a heugh traffic in a server-to-server

        conversation (remarkably on the last destination before the

        final destination), that could be potentially increased with

        each new server computer added to the string of server

        computers acting as bridges one another.

    </para>

    </sect2>

    <sect2 id="connectivity-dialup-policy-lifetime">

    <title>Restricting PPP Connection Lifetimes</title>

    <para>

        The server computer restricts the lifetime of established

        Modem connections to 15 minutes from the establishment moment

        on.  Once the connection has been established, if the link is

        idle for 1 minute, the server computer will also close the

        established connection to free the telephone line.  This

        control can be implemented through the

        <option>maxconnect</option> and <option>idle</option> options

        inside the <application>pppd</application>'s configuration

        file.

    </para>

    <para>

        The server computer will attend incoming calls from client

        computers every night from 10:00PM to 12:00AM. Outside this

        range of time, the telephone could be answered by somebody,

        not the computer. This control can be implemented through a

        cron job and the <filename>/etc/nologin.ttyxx</filename> file;

        where ttyxx represents the device name of your modem (e.g.,

        <filename>/etc/nologin.ttyACM0</filename> would prevent the

        Modem device installed in <filename>/dev/ttyACM0</filename>

        from answering calls).

    </para>

    </sect2>

    <sect2 id="connectivity-dialup-services">

    <title>Providing Internet Services</title>

    <para>

        The implementation of internet services that required

        persistent connections (e.g.,

        <application>chats</application>) should not be considered as

        a practical offer inside the server computer.  Instead, only

        asynchronous services (e.g.,

        <application>e-mail</application>) should be supported. This

        restriction is required to reduce the connection time demanded

        by services. For example, consider an environment where you

        connect to the server computer for sending/receiving e-mails

        messages and then quickly disconnect from it to free the

        telephone line for others to use.  In this environment, there

        is no need for you and other person to be both connected at

        the same time to send/receive e-mail messages to/from each

        other.  The e-mails sent from other person to you will be

        available in your mailbox the next time you get connected to

        the server computer and use your e-mail client to send/receive

        e-mail messages.  Likewise, you don't need to be connected to

        the server computer in order to write your e-mail messages.

        You can write down your messages off-line and then establish

        connection once you've finished writing, just to send them out

        and receive new messages that could have been probably sent to

        you.

    </para>

    <para>

        Another issue related to e-mail exchange is the protocol used

        to receive messages. Presently, there are two popular ways to

        do this, one is through IMAP and another through POP3.  When

        you use IMAP protocol, e-mail messages are retained in the

        server computer and aren't downloaded to client computer.

        Otherwise, when you use POP3 protocol, e-mail messages are

        downloaded to the client computer and removed from server

        computer. Based on the resources we have and the kind of link

        used by the client computer to connect the server computer,

        using POP3 is rather prefered than IMAP. However both are made

        available.

    </para>

    <para>

        Assuming you use IMAP protocol to read your mailbox, be aware

        that you need to be connected to the server computer.  Once

        the connection is lost you won't be able to read your messages

        (unless your e-mail client possesses a feature that let you

        reading messages off-line). Moreover, you run the risk of

        getting your mailbox out of space. If your mailbox gets out of

        space, new messages sent to you will not be deliver to your

        mailbox.  Instead, they will be deferred for a period of time

        (e.g., about 5 days when using

        <application>Postfix</application> defaults) hoping you to

        free the space in your mailbox to deliver them.  If you don't

        free space on your mailbox within this period of time, the

        deferred e-mails will be bounced back to their senders and you

        will never see them.  On the other hand, assuming you are

        using POP3 protocol to read your mailbox, you always keep your

        mailbox free to receive new e-mails messages and keep them for

        you until the next time you establish connection with the

        server computer and download them to your client computer

        using your e-mail client.

    </para>

    <para>

        The information generated inside the server computer is

        isolated from Internet. This way, any information generated

        inside the server computer will be available only to people

        connected to the same network the server computer is connected

        to. For example, don't ever expect to send/receive e-mails

        to/from Internet e-mail accounts like Gmail or Yahoo, nor

        visiting web sites like 

        url="http://www.google.com/">Google</ulink> or 

        url="http://www.wikipedia.org/">Wikipedia</ulink> either. For

        this to happen, it is required an established connection

        between the server computer you are establishing connection

        through and the Internet network those services are available

        in. Without that link, it is not possible to direct your

        requests to those sites.

    </para>

    </sect2>

</sect1>