There are a variety of mechanisms to provide satellite capacity for a national Internet
gateway. Leland has employed the following three designs depending on what was appropriate
and host-country government wishes:
1. Single Channel Per Carrier ("SCPC"): 128KB point-to-point satellite access.
Recommend using 3.8 meter dish; or
2. Time Division Multiple Access ("TDMA"): 128KB shared satellite network
access. Recommend using 2.4 or 3.8 meter dish; or
3. Utilize an existing national teleport: This requires USAID to provide a multiplexor to
split off an excess 128KB (minimum) of voice capacity for Internet traffic.
If no communications link exists between the USAID-provided earth terminal and the Network
Operating Center ("NOC"), then Leland will provide a line-of-sight wireless
solution.
Two Ethernet Ports one for connection to internal network one for connection to Domain
Name Server and/or backup router
Multiple Serial Ports one port to connect to satellite earth terminal via V.35 at least 6
additional ports to connect remote Internet Service Providers Recommend using access-list
approach to manage access as needed.
Recommended computer configuration 450 MHz, 128 Meg RAM, 10.0 Gig Hard-drive 3-PCI, 3-ISA
3COM Etherlink card, 512KB ECC cache, DVD Drive, 3.5-floppy disk drive SVGA 15-inch
monitor, UNIX operating system
Functions Provides DNS and reverse look-up (in-addr.arpa) Recommend highly restricted
access for security: for example, disallow all SMPT, TELNET, FTP, HTTP, etc.
Connection to carrier exchange facility via point-to-point synchronous or asynchronous digital data service (DDS) circuits DSU/CSU modems will be used if carrier infrastructure is based on AT&T 62310 interface standards Baseband modems will be used as Network Termination Units for other infrastructure solutions; for example, a pair of Patton 1090 KiloStream modems or RAD ASM-20, connected together via RJ45 interfaces on a long distance 2-wire/4-wire point-to-point DDS copper circuit, with V.35 DTE/DCE interfaces to the ISP router and the carrier exchange facility. All devices should be capable of local analog and remote digital loopback testing
Two Ethernet Ports one to connect International Router one to connect internal local
area Ethernet
Two Serial Ports one for back access to V.35 satellite earth terminal one for remote
management if locally implemented Primary function of this router is to manage and control
access to the Internal Network. Careful use of 'access-control-lists' implements basic
firewall capability, supplemented by firewall software downloaded via Internet.
Recommended computer configuration 450 MHz, 128 Meg RAM, 10.0 Gig Hard-drive 3-PCI, 3-ISA
3COM Etherlink card, 512KB ECC cache, DVD Drive, 3.5-floppy disk drive SVGA 15-inch
monitor, UNIX operating system
Functions Shell for internal user accounts Can also provide Email, World Wide Web, File
Transfer, etc. as desired Restricted via router access-list
Recommended computer configuration 400 MHz, 64 Meg RAM, 8.0 Gig Hard-drive
3-PCI, 3-ISA 3COM Etherlink card, 256KB ECC cache, DVD Drive, 3.5-floppy disk drive, and SVGA
15-inch monitor
Functions
User accounting and billing Maintains control access lists on routers
Configuration Network Terminal Server (e.g., USRobotics, Livingston, Cisco, etc.)
Functions User account management Recommend RADIUS (freeware) for authentication and
accounting
Recommend 16 modems, each 33.6 KB V.34bis Rack mount where possible
Tape Backup system Ethernet hubs: 16-port, 8-port and 4-port Ethernet cables and connectors Tool Kit for crimping, wiring and testing cables
Recommend UNIX as the operating system Recommend RADIUS for user authentication and accounting (http://www.livingston.com/Forms/radiusform.cgi, http://www.merit.edu/aaa/) Recommend TIS FireWall ToolKit for basic security (http://www.tis.com/docs/products/fwtk/) Suggested Books on Internet (http://www.ora.com/)
One unit for the International Router(s) One unit for DNS computer and Internal Router One unit for Internal Network if required.
|