Slashdot Mirror

The home user would probably prefer the ATA 186-Analog Telephone Adapter
-k

Cisco is already in this market. They have had products out there for two years now.

I don't think they aspire to own the transport, they just want to profit from increased bandwidth usage and more Cisco devices being sold. They are sticking to standards in this market like they do everywhere else (AFAIK).

The set-up is simple. I had to buy a new Apple Airport hub for each end of the link.

I checked a recent link about designing Airport nets and some other Airport sites. They don't reveal any clues about this being possible.

I checked the Cisco/Aironet site. For the 340 Series WLAN gear they have a product called an Ethernet Bridge which is what you would use to do what Cringely said he did. This is different from their Access Points and Base stations . A Cisco base station looks to be equivalent to an Airport.

Does anyone have any references on how to do this with an Airport? I'm finding Cringely's story a little hard to believe.

Kevin

The set-up is simple. I had to buy a new Apple Airport hub for each end of the link.

I checked a recent link about designing Airport nets and some other Airport sites. They don't reveal any clues about this being possible.

I checked the Cisco/Aironet site. For the 340 Series WLAN gear they have a product called an Ethernet Bridge which is what you would use to do what Cringely said he did. This is different from their Access Points and Base stations . A Cisco base station looks to be equivalent to an Airport.

Does anyone have any references on how to do this with an Airport? I'm finding Cringely's story a little hard to believe.

Kevin

The set-up is simple. I had to buy a new Apple Airport hub for each end of the link.

I checked a recent link about designing Airport nets and some other Airport sites. They don't reveal any clues about this being possible.

I checked the Cisco/Aironet site. For the 340 Series WLAN gear they have a product called an Ethernet Bridge which is what you would use to do what Cringely said he did. This is different from their Access Points and Base stations . A Cisco base station looks to be equivalent to an Airport.

Does anyone have any references on how to do this with an Airport? I'm finding Cringely's story a little hard to believe.

Kevin

So at some point it makes no sense in making more directional antennas, as you have to decrease the power level accordingly.

See this link for more information.

I have never seen a better proxy advertisement for any company than this slurry of posts regarding the overall superiority of Cisco tech support. If getting their routers did not require the purchasing power of selling my soul or my firstborn child, I'd buy one.

p.s. would've applied (R), sm, and tm as needed, but <sup> isn't allowable HTML. :P

In light of this, perhaps the following names could be "confusingly similar" to well-known tradmarks:

Wal*Fart compared to Wal*Mart
Sysco compared to Cisco
IBN compared to IBM
Wintel compared to Intel
Microslop compared to Microsoft

Oh, and any router with the word "gateway" in its hostname must be changed!

Granted, *most* of the sites mentioned are backed by big businesses with even bigger legal budgets so they can get away with it, but still....

(P.S.--It seems to me that "well-known" and "confusingly similar" are mutually exclusive)

The idea behind DSL was to eliminate the usage of acoustic signals for data transfer. By modulating the DSL signal into an audio stream, you're defeating the purpose.

On the contrary, that was not the idea behind DSL. A telephone line is a single Unshielded Twisted Pair (UTP) of wires, of which only the first 4kHz is used (for voice transmission). The bandwidth (true bandwidth, measured in Hz not bits per second) of the line is much wider than 4kHz so DSL puts analog signals in the unused freuquencies. On each end (telco and user), there is a D/A and A/D converter that handles this translation. The signal on the phone line is an analog signal, not digital. See this diagram (and the rest of that document) for a somewhat better explanation of xDSL.

So turning a sound card into a DSL modem saves $ of the DSL modem (the sound card does the D/A and A/D and the CPU handles 'talking' to the other DSL modem). But I agree with you that it's basically becoming a 'Winmodem' where the CPU usage will shoot up to (IMHO) unacceptable levels. DSL modems aren't that much $...

Why this sad state of affairs? Because the "online" games (and browsers) Sega released before only work with the stupid freaking dialup 56K modem. Why? Because Sega never wrote/licensed a general purpose TCP/IP stack, so all the other software is FREAKIN' HARDCODED to a STUPIDUSELESS analog modem.

Sony was at least smart enough to license a modern IPV4/IPV6 stack from a company that maybe knows a little about TCP/IP.

If you and enough of your neighbors sign up for DSL service, they'll be turning a profit in no time.

Here's a good cisco doco that I should have included in the origional post: here

www.cisco.com/ipv6

http://msdn.microsoft.com/downloads/sdks/platform/ tpipv6.asp

What's the problem?

That should push availability up considerably.

Also see http://www.cisco.com/ipv6

Apparently software has been in beta test for months, with the full release scheduled for the end of May.

Cisco is indeed pushing forward with their IPv6 support, as seen here.

This linksys/net2phone SIP-in-a-box product was just announced yesterday. What great timing to get it published on /. :-) They haven't even updated their websites yet.

A slightly different version of this service was discussed recently on /.

We've been playing around with a SIP gateway server and a VoIP phone on our DSL connection here in Europe. It works, but phone quality to the US sucks at best. The problem is QoS. Without spending US$10,000++ per month on a dedicated IP pipe from Europe to the US with a guaranteed QoS end-to-end, VoIP just doesn't replace regular phone service. But for IP connections within Europe, we get reasonable quality. Now, if only there were more than 3 people who could call us (and two of those are inside cisco TAC who only call to test their SIP setups)

This linksys/net2phone service requires you to pay them a subscription to use their SIP gateway, and the units probably are not configurable to use alternate SIP services. So if your account expires, your box becomes an expensive blinking light source.

It should work in Europe, I doubt they care which IP block you are coming from. But all the sessions will pass to north america for processing on their VoIP network. If you do buy one of these boxes, drop me a note. I'd love to see what kind of "virtual phone number" they assign you.

the AC

My understanding is the in the USA you do things differently thant he rest of the world: the rest of the world has apprenticship programs that lead to certification in a trade, but in the USA people join a union and the union claims all it's workers are "up to code".

Well there are several IT certification programs that don't require membership in any organization (A+, MCSE, CCNA, etc.). Most contracting firms will pay for their employees to get certified, so they may be supplanting those functions that you attribute to trade unions. Ensuring worker wellbeing is not their primary role, but they do have a stake in keeping employees happy since they only make money from their clients while their contractors are on the job.

I work for a relatively small ISP that provides Qwest DSL services. Unfortunately, in this situation, you are up the perverbial creek.

When Qwest upgraded their DSLAMs to us Discrete Multi-Tone line modulation (DMT) it basically left all users who were switching line service from location to location out in the cold. On the bright side, this only effects users with Cisco 675 and Intel 2100(Cisco 605) CPEs. (The vast majority of their customers)

We have dealt with numerous cusotmers with this issue and so far it doesn't seem like Cisco or Qwest are going to give anyone a break on a new CPE. Cisco does have a fun little article here that talks about CAP v DMT and the CPE issues.

When I was with USWest, I had a Cisco 675 which was great! It ran CBOS (Cisco Broadband OS), was a NAT, DHCP, TFTP and Telnet server.

After I switched to Verizon I sold it for $180.

While a Cisco Aironet would be nice, $1400 is a bit steep.

The issue is, with all these current 802.11b security issues and the probable introduction of new security features, what are good products to use and steps take? It's one thing to point out the flaws in the system; another entirely to show how to fix (or at least avoid) them.

I detect an "Ask Slashdot" here....

That's what I thought when I saw the headline for this article, too. I just checked, and sure enough, keepalives can use an MD5 hash.

here's the relevant documentation page
Check under "Configuring Global Keepalive Hash"

Yup. The ArrowPoint/Cisco ContentSwitch does this. Don't remember right offhand if it's MD5 (I believe it is), but it definitely uses some sort of checksum. I've even calculated it offline once to doublecheck, so it's something that's not an ArrowPoint proprietary summing algorithm.

one of the first things I did on my Cisco DSL router was to reset the exec and enable passwords.

This Alcatel really sucks if you can't even do that.

Oh, yeah; whereas Cisco never leaves wide-open back doors in their products.

-

Oh, really? I'm sure you're running a current version of the CBOS for the Cisco 600 series, right, since the other ones are prone to being seriously DoS'ed, among other things.

Seriously, though, if you're running a Cisco 675 with an earlier version of the CBOS than 2.3.5, you might want to consider updating, unless you want to be an unwitting accomplice to a DoS attack, or worse. I presume that the Alcatel compromise could lead to similar vulnerabilities.

They shipped their first product in 1986. That means they've been around more than 14 years. See here for details and lots of corporate posing.

FWIW, if the range is 10 miles that page says you could expect 11 Mb/sec out of the Ciscos.
--
spam spam spam spam spam spam
No one expects the Spammish Repetition!

Quoting Cisco, the Cisco Aironet 340 Series Direct Sequence Ethernet Bridge... :

• Offers up to 25-mile range

• Offers up to 11 Mbps data rate

• Links buildings into a single LAN

• Requires no license

  This looks like what you should get mainly because their is no real hacking that is needed. Yes this takes away the fun but Cisco is designed for the distance. I would recommend checking EBAY for some good prices. Remember that you will need two of these if you plan to have a wired network on this "island" of yours... But if you don't: just get one base for the mainland and then a pcmcia card for the island (cheaper that 2 base stations).

  I hope this helps!

Take a look at http://www.cisco.com/warp/public/cc/pd/witc/ao340a p/prodlit/obrc_in.xls. The Cisco Aironet stuff can do this no problem, the spreadsheet above will give you the ranges, height requirements for earth curvature, and expected bandwidth based on the different types of antennas, as long as you can get line of site. I have done a few shots maxing out at about 15 miles using the parabolic dish antennas w/o a problem at 11 meg. Works great!

If service in your area is anything like mine, make sure to request an "external modem". This comes in the form of a Cisco 675 router. Also, be prepared to be on your own as far as setup and maintenance is concerned. I havn't been particularly impressed with support. (Surprise!) They shipped the manuals for a later version of the BIOS then what was installed on the router. When I asked for a upgrade I got a lot of blank stares.

Also, I sent Qwest the following security notice about Cisco routers that came out last month. Packet filtering doesn't seem to be included until this later version of the BIOS. As before, blank stares when I tried to get an upgrade. Looks like Cisco will offer free upgrades anyway... Just be prepared to be on your own for support.

Eric

Listen, I am both Microsoft (MCSE) and Sun (SSA) certified. I have worked with Solaris, Linux and Windows for years. How can windows users that have little if any Unix knowledge, make any comment on what Taco has to say? I'm sure some of the posts were written by people with experiance on both platforms.. but.. Of the people that LOOVVEE M$ many know little or no Unix .. Most M$ users only know M$. Most Unix users know BOTH Unix and M$. Taco is entitled to his opinion (which it just so happens is accurate this time..you overly defensive Microsoft Borgs!) As far as microsoft.com being usefull, I guess that value is in the browser of the beholder. I don't personally have much use for Microsofts web site except when I need to patch my servers. Unfortunately, Microsoft often releases patches long LONG after a problem has been made known (see L0pht.com for a quote from the Microsoft folks). I admin both Unix and Windows machines, If I need a good technical reference I go to O'Reilly and buy a book on the subject.. not microsoft. Or I go to Docs.Sun.Com , Cisco or Linux.org but I don't go to Microsoft.com which is apparently a good thing because they have had DNS problems most of the day! -Celtic

Cisco offers their IPTV, which is commercially available.

There are several H.323 streaming server commercially available as well. This standard is used by many Internet2 video applications.

There are also open source alternatives. The vic vac and rat tools long in use on the old mbone are certainly available in open source : for netbsd and for Linux.(You might want to read this before you get into these.)

If you want to multicast your streaming video, you should contact Multicast Tech.

The MBone is still out there. Sorta. It's not really the same MBone that most of those web pages talk about, created with DVMRP tunnels and all. A lot of the major ISPs are starting to natively enable their networks for multicast with new protocols like PIM-SM, MSDP, and MBGP. With PIM-SSM coming up, it looks like we might finally have a really workable protocol to get multicast out there to the masses. Here's some sites for multicast information regarding ISPs.

• Sprint
• UUNET
• IP Multicast Initiative. Other ISPs that are doing multicast will be listed here along with contact information.

Most people who are doing video streaming via multicast end up going with Windows Media Server or Real Server. I think QuickTime is also multicast-enabled, but I haven't seen it used much. Another option is to go with Cisco IP/TV. Although most of their stuff says to use it in an enterprise network, I've seen it used for multicast video streaming on the MBone/Internet. Pretty good quality stuff... I've seen demos of DVDs streamed using it, and the quality was at least that of VHS.

In what way is that fair? In fact, it would be fairer to give regular/frequent/recent users higher priority because they're the ones doing whatever it is you want them to do (like, viewing banner ads, if you're /., and completing transactions if you're a brokerage).

Load-sharing boxes for server farms ought to have this feature. And it should go into Apache.

There are better solutions already in the marketplace for allocating resources for network services.

Let me point out there is some serious mis-information in some of these posts. Ignore any post with the term class-D IP address. That's multicast. You aren't even at the stage of getting internet connectivity at this point.

First, you will have to approach the telco, and possibly local councils who have copies of the proposed line, maybe even the state PUC, and gather as much info as possible. Find out where the cable will start and end, and what other easements they are obtaining. Perhaps your neighbors would also like to share in an additional line for internet access. Find out what kinds of equipment will be connected at each end of the cable. Find out everything.

Educate yourself on telco terminology, since it has nothing to do with the internet. Start with capacity reference and do searches on the terms "Class 5" "tandem switches" "SS7" "IXC" "ILEC/CLEC".

Then go down to the local county planning office, and ask around about easements and payments, or ask a licensed realtor. The clause for full access to a property is normal, because they want to use your road to get to the cable, and you might block it in the future. You can negotiate a specific route for them to use, but you can't just give an easement without access. It is pretty normal for an easement to be given for a one time payment or a continuing royalty scheme. With continuing royalties, make sure you have a lawyer and accountant review everything otherwise the cheques dry up after a year or two, the same probably goes for an internet connection.

Now we'll get into the realm of guesswork.

I'd guess that the telco is not laying a backbone, not if its something tiny like a T3 or OC3 (T3 is a layer 2 signalling spec, OCx is the physical spec). It sounds like a trunk (errr, trunkgroup) connecting two COs or a CO directly with an IXC tandem. Chances are they aren't just laying a single fibre, it will be a cable with 8 or 12 or more pairs, capacity for a predicted 20 years of growth. If they are hauling OC3/12/48 on monomode fibre, then one pair in the cable will probably be dedicated to SS7 traffic, and can't be subverted for anything else. The other pairs will be earmarked for leasing to customers over the years, and if there isn't a customer willing to pay market rates, the accountants will not allow it to be used for lesser revenue streams. Be forewarned, accountants are the enemy, even if the engineers and negotiators like your idea!

If you do get them to loan you a spare pair, you will need to get the telco end terminated at an ISP's router located in the same building. So you will have to find out if there is any colo space in the CO, and then start negotiations with the ISP. The ISP will probably have a big cisco router like this and you will probably have to buy an additional optical line card for them, or somehow pay them enough money to ammortize their investment over the life of your connection. I would charge US$600/month for a simple connection to one of my OC3/ATM line cards, plus additional for IP addresses, management, bandwith guarantees, traffic, etc. At your end, you will have to buy a small router capable of handling the conversion from optical and providing you with a 10/100 ethernet connection.

On the plus side, if you are going in for a full optical connection, you should lease a block of at least 16 or 32 IP addresses from the ISP, and have room to add extra devices. Chances are, if they are giving you a connection on one of their big routers, they would love to sell you more than just a single static IP address (actually, you will have to have at least a /30 block, one IP address for the router, broadcast, net, and 1 for you).

If you are truly far away from any big urban ISP coverage for high speed internet, you might consider adding a wireless card to your router, and running an antenna up high on your property, and letting your neighbors share in the excess bandwidth. Or find a local ISP who would love the extra revenue from locating a router/wireless on your property to sell to your neighbors, and let them deal with the business and support issues while you just have your own hardline connection.

No matter what you do, this will cost you money. Telcos don't want to have to engineer a simple internet connection for a rancher just so he can download his pr0n faster, it just isn't their business. Their business is laying optical interconnects between plants, so that is what you will have to ask them for, and leave the internet stuff until later.

You have a better chance if you can get a lot of technical help from the bitheads at a local ISP, or by approaching a local community college with courses in networking. Maybe you can purchase your own fibre cable and have it laid at the same time, and then plan on reselling the excess capacity to cell phone operators and ISPs. A cell site on your own fibre can earn you some revenue as well. Email with questions, and put slashdot in the subject or it gets auto-deleted.

the AC

Let me point out there is some serious mis-information in some of these posts. Ignore any post with the term class-D IP address. That's multicast. You aren't even at the stage of getting internet connectivity at this point.

First, you will have to approach the telco, and possibly local councils who have copies of the proposed line, maybe even the state PUC, and gather as much info as possible. Find out where the cable will start and end, and what other easements they are obtaining. Perhaps your neighbors would also like to share in an additional line for internet access. Find out what kinds of equipment will be connected at each end of the cable. Find out everything.

Educate yourself on telco terminology, since it has nothing to do with the internet. Start with capacity reference and do searches on the terms "Class 5" "tandem switches" "SS7" "IXC" "ILEC/CLEC".

Then go down to the local county planning office, and ask around about easements and payments, or ask a licensed realtor. The clause for full access to a property is normal, because they want to use your road to get to the cable, and you might block it in the future. You can negotiate a specific route for them to use, but you can't just give an easement without access. It is pretty normal for an easement to be given for a one time payment or a continuing royalty scheme. With continuing royalties, make sure you have a lawyer and accountant review everything otherwise the cheques dry up after a year or two, the same probably goes for an internet connection.

Now we'll get into the realm of guesswork.

I'd guess that the telco is not laying a backbone, not if its something tiny like a T3 or OC3 (T3 is a layer 2 signalling spec, OCx is the physical spec). It sounds like a trunk (errr, trunkgroup) connecting two COs or a CO directly with an IXC tandem. Chances are they aren't just laying a single fibre, it will be a cable with 8 or 12 or more pairs, capacity for a predicted 20 years of growth. If they are hauling OC3/12/48 on monomode fibre, then one pair in the cable will probably be dedicated to SS7 traffic, and can't be subverted for anything else. The other pairs will be earmarked for leasing to customers over the years, and if there isn't a customer willing to pay market rates, the accountants will not allow it to be used for lesser revenue streams. Be forewarned, accountants are the enemy, even if the engineers and negotiators like your idea!

If you do get them to loan you a spare pair, you will need to get the telco end terminated at an ISP's router located in the same building. So you will have to find out if there is any colo space in the CO, and then start negotiations with the ISP. The ISP will probably have a big cisco router like this and you will probably have to buy an additional optical line card for them, or somehow pay them enough money to ammortize their investment over the life of your connection. I would charge US$600/month for a simple connection to one of my OC3/ATM line cards, plus additional for IP addresses, management, bandwith guarantees, traffic, etc. At your end, you will have to buy a small router capable of handling the conversion from optical and providing you with a 10/100 ethernet connection.

On the plus side, if you are going in for a full optical connection, you should lease a block of at least 16 or 32 IP addresses from the ISP, and have room to add extra devices. Chances are, if they are giving you a connection on one of their big routers, they would love to sell you more than just a single static IP address (actually, you will have to have at least a /30 block, one IP address for the router, broadcast, net, and 1 for you).

If you are truly far away from any big urban ISP coverage for high speed internet, you might consider adding a wireless card to your router, and running an antenna up high on your property, and letting your neighbors share in the excess bandwidth. Or find a local ISP who would love the extra revenue from locating a router/wireless on your property to sell to your neighbors, and let them deal with the business and support issues while you just have your own hardline connection.

No matter what you do, this will cost you money. Telcos don't want to have to engineer a simple internet connection for a rancher just so he can download his pr0n faster, it just isn't their business. Their business is laying optical interconnects between plants, so that is what you will have to ask them for, and leave the internet stuff until later.

You have a better chance if you can get a lot of technical help from the bitheads at a local ISP, or by approaching a local community college with courses in networking. Maybe you can purchase your own fibre cable and have it laid at the same time, and then plan on reselling the excess capacity to cell phone operators and ISPs. A cell site on your own fibre can earn you some revenue as well. Email with questions, and put slashdot in the subject or it gets auto-deleted.

the AC

Let me point out there is some serious mis-information in some of these posts. Ignore any post with the term class-D IP address. That's multicast. You aren't even at the stage of getting internet connectivity at this point.

First, you will have to approach the telco, and possibly local councils who have copies of the proposed line, maybe even the state PUC, and gather as much info as possible. Find out where the cable will start and end, and what other easements they are obtaining. Perhaps your neighbors would also like to share in an additional line for internet access. Find out what kinds of equipment will be connected at each end of the cable. Find out everything.

Educate yourself on telco terminology, since it has nothing to do with the internet. Start with capacity reference and do searches on the terms "Class 5" "tandem switches" "SS7" "IXC" "ILEC/CLEC".

Then go down to the local county planning office, and ask around about easements and payments, or ask a licensed realtor. The clause for full access to a property is normal, because they want to use your road to get to the cable, and you might block it in the future. You can negotiate a specific route for them to use, but you can't just give an easement without access. It is pretty normal for an easement to be given for a one time payment or a continuing royalty scheme. With continuing royalties, make sure you have a lawyer and accountant review everything otherwise the cheques dry up after a year or two, the same probably goes for an internet connection.

Now we'll get into the realm of guesswork.

I'd guess that the telco is not laying a backbone, not if its something tiny like a T3 or OC3 (T3 is a layer 2 signalling spec, OCx is the physical spec). It sounds like a trunk (errr, trunkgroup) connecting two COs or a CO directly with an IXC tandem. Chances are they aren't just laying a single fibre, it will be a cable with 8 or 12 or more pairs, capacity for a predicted 20 years of growth. If they are hauling OC3/12/48 on monomode fibre, then one pair in the cable will probably be dedicated to SS7 traffic, and can't be subverted for anything else. The other pairs will be earmarked for leasing to customers over the years, and if there isn't a customer willing to pay market rates, the accountants will not allow it to be used for lesser revenue streams. Be forewarned, accountants are the enemy, even if the engineers and negotiators like your idea!

If you do get them to loan you a spare pair, you will need to get the telco end terminated at an ISP's router located in the same building. So you will have to find out if there is any colo space in the CO, and then start negotiations with the ISP. The ISP will probably have a big cisco router like this and you will probably have to buy an additional optical line card for them, or somehow pay them enough money to ammortize their investment over the life of your connection. I would charge US$600/month for a simple connection to one of my OC3/ATM line cards, plus additional for IP addresses, management, bandwith guarantees, traffic, etc. At your end, you will have to buy a small router capable of handling the conversion from optical and providing you with a 10/100 ethernet connection.

On the plus side, if you are going in for a full optical connection, you should lease a block of at least 16 or 32 IP addresses from the ISP, and have room to add extra devices. Chances are, if they are giving you a connection on one of their big routers, they would love to sell you more than just a single static IP address (actually, you will have to have at least a /30 block, one IP address for the router, broadcast, net, and 1 for you).

If you are truly far away from any big urban ISP coverage for high speed internet, you might consider adding a wireless card to your router, and running an antenna up high on your property, and letting your neighbors share in the excess bandwidth. Or find a local ISP who would love the extra revenue from locating a router/wireless on your property to sell to your neighbors, and let them deal with the business and support issues while you just have your own hardline connection.

No matter what you do, this will cost you money. Telcos don't want to have to engineer a simple internet connection for a rancher just so he can download his pr0n faster, it just isn't their business. Their business is laying optical interconnects between plants, so that is what you will have to ask them for, and leave the internet stuff until later.

You have a better chance if you can get a lot of technical help from the bitheads at a local ISP, or by approaching a local community college with courses in networking. Maybe you can purchase your own fibre cable and have it laid at the same time, and then plan on reselling the excess capacity to cell phone operators and ISPs. A cell site on your own fibre can earn you some revenue as well. Email with questions, and put slashdot in the subject or it gets auto-deleted.

the AC

Let me point out there is some serious mis-information in some of these posts. Ignore any post with the term class-D IP address. That's multicast. You aren't even at the stage of getting internet connectivity at this point.

First, you will have to approach the telco, and possibly local councils who have copies of the proposed line, maybe even the state PUC, and gather as much info as possible. Find out where the cable will start and end, and what other easements they are obtaining. Perhaps your neighbors would also like to share in an additional line for internet access. Find out what kinds of equipment will be connected at each end of the cable. Find out everything.

Educate yourself on telco terminology, since it has nothing to do with the internet. Start with capacity reference and do searches on the terms "Class 5" "tandem switches" "SS7" "IXC" "ILEC/CLEC".

Then go down to the local county planning office, and ask around about easements and payments, or ask a licensed realtor. The clause for full access to a property is normal, because they want to use your road to get to the cable, and you might block it in the future. You can negotiate a specific route for them to use, but you can't just give an easement without access. It is pretty normal for an easement to be given for a one time payment or a continuing royalty scheme. With continuing royalties, make sure you have a lawyer and accountant review everything otherwise the cheques dry up after a year or two, the same probably goes for an internet connection.

Now we'll get into the realm of guesswork.

I'd guess that the telco is not laying a backbone, not if its something tiny like a T3 or OC3 (T3 is a layer 2 signalling spec, OCx is the physical spec). It sounds like a trunk (errr, trunkgroup) connecting two COs or a CO directly with an IXC tandem. Chances are they aren't just laying a single fibre, it will be a cable with 8 or 12 or more pairs, capacity for a predicted 20 years of growth. If they are hauling OC3/12/48 on monomode fibre, then one pair in the cable will probably be dedicated to SS7 traffic, and can't be subverted for anything else. The other pairs will be earmarked for leasing to customers over the years, and if there isn't a customer willing to pay market rates, the accountants will not allow it to be used for lesser revenue streams. Be forewarned, accountants are the enemy, even if the engineers and negotiators like your idea!

If you do get them to loan you a spare pair, you will need to get the telco end terminated at an ISP's router located in the same building. So you will have to find out if there is any colo space in the CO, and then start negotiations with the ISP. The ISP will probably have a big cisco router like this and you will probably have to buy an additional optical line card for them, or somehow pay them enough money to ammortize their investment over the life of your connection. I would charge US$600/month for a simple connection to one of my OC3/ATM line cards, plus additional for IP addresses, management, bandwith guarantees, traffic, etc. At your end, you will have to buy a small router capable of handling the conversion from optical and providing you with a 10/100 ethernet connection.

On the plus side, if you are going in for a full optical connection, you should lease a block of at least 16 or 32 IP addresses from the ISP, and have room to add extra devices. Chances are, if they are giving you a connection on one of their big routers, they would love to sell you more than just a single static IP address (actually, you will have to have at least a /30 block, one IP address for the router, broadcast, net, and 1 for you).

If you are truly far away from any big urban ISP coverage for high speed internet, you might consider adding a wireless card to your router, and running an antenna up high on your property, and letting your neighbors share in the excess bandwidth. Or find a local ISP who would love the extra revenue from locating a router/wireless on your property to sell to your neighbors, and let them deal with the business and support issues while you just have your own hardline connection.

No matter what you do, this will cost you money. Telcos don't want to have to engineer a simple internet connection for a rancher just so he can download his pr0n faster, it just isn't their business. Their business is laying optical interconnects between plants, so that is what you will have to ask them for, and leave the internet stuff until later.

You have a better chance if you can get a lot of technical help from the bitheads at a local ISP, or by approaching a local community college with courses in networking. Maybe you can purchase your own fibre cable and have it laid at the same time, and then plan on reselling the excess capacity to cell phone operators and ISPs. A cell site on your own fibre can earn you some revenue as well. Email with questions, and put slashdot in the subject or it gets auto-deleted.

the AC

The only real solution to preventing DDoS attacks is cooperation with your upstream provider(s) and something like Cisco's Secure IDS box which will dynamically update and block DDoS type attacks as fast as they appear. Fast enough to make it useless to even attempt. I didn't say it was cheap solution, but it's a very effective one.

Jason Roysdon, CCNP: Security Specilization

PS Normally I wouldn't use a signature or pull out cert letters, but here it's appropriate (plus I left off a bunch of my other nifty initials).

The only real solution to preventing DDoS attacks is cooperation with your upstream provider(s) and something like Cisco's Secure IDS box which will dynamically update and block DDoS type attacks as fast as they appear. Fast enough to make it useless to even attempt. I didn't say it was cheap solution, but it's a very effective one.

Jason Roysdon, CCNP: Security Specilization

PS Normally I wouldn't use a signature or pull out cert letters, but here it's appropriate (plus I left off a bunch of my other nifty initials).

The only real solution to preventing DDoS attacks is cooperation with your upstream provider(s) and something like Cisco's Secure IDS box which will dynamically update and block DDoS type attacks as fast as they appear. Fast enough to make it useless to even attempt. I didn't say it was cheap solution, but it's a very effective one.

Jason Roysdon, CCNP: Security Specilization

PS Normally I wouldn't use a signature or pull out cert letters, but here it's appropriate (plus I left off a bunch of my other nifty initials).

It sounds like your vendor is trying to milk you for a buck or they don't know what they are talking about. The only exception to this is if your 2500/2600 is under heavy load already that it can't handle the CPU overhead of the encryption. The 2600's have hardware DES accelerators for the NAM slot that can greatly improve VPN performance. You would still have to bump up your RAM and Flash to the IOS specs of choice.

A few notes for the fray:
A PIX-to-IOS-Firewall is fairly easy. You can use 3DES on both ends (if you can legally get it offshore) or DES for other stuff. To my knowledge the PIX doesn't support Cisco proprietary encryption so IPSec would be the way to go. Setup the connections with the same group key on ISAKMP and IPSec tunnel parameters and you should be ready to roll.

The only caveat is that your router should have IOS 12.1 or higher (12.1(4) has a NAT bug) - the 12.0 series has troubles with VPN key negotiation. The other option is to manually exchange the keys and SPIs on a 12.0 IOS version but that is difficult to get right and not recommended for the weak at heart.

User interfaces for PIX or IOS-Firewall configuration are lacking at best. The Cisco tools available are difficult to follow, rather unintuitive, and lagging behind in the development cycle from the firmware releases by about 6 months. The command line isn't too difficult for those with some router experience although the PIX is sorta unique. Just remember "the PIX is not a router" - it does not support routing protocols (other than simplified RIP) or many interfaces other than Ethernet. It also has a wierd arrangement for access-lists. Check this Cisco page for command notes:

http://www.cisco.com/univercd/cc/td/doc/product/ia abu/pix/pix_v42/pix42cfg/pix42cmd.htm

You would be better off monitoring with a syslog stream on the secure fringes of your VPN and a server-side script to parse out violations.

Hope this helps...

Why don't you check yourself on CCO ?

Or better, why don't you ask a question on the Cisco Open Forum ?

Jacco
---
# cd /var/log

Cisco sells a product called CIM, the Cisco Interacive Mentor.

Its not a fully functional IOS emulator, it is used for training for various certificates. There are maybe a dozen different flavors, maybe even more now. There were modules for routing protocols, wan links, lan switching, and some others. Maybe what the training companies are selling is the same thing, repackaged.

Go search their site for CIM and simulator, and you'll find it.

They used to give these out at Networker conferences like candy, but most of the people who can afford to go to Networkers already know more about routers than can use the disks. Try asking around any cisco people you know. I gave away all my copies of the disk I've ever had.

As others have mentioned, buy yourself a used router on ebay. Start with one (a 2513 or so), and expect to buy at least two others later to build your own networks. There are tons of scenarios of things to try out floating around the internet, and a bunch of sites where you can telnet into a term server and play around with a small stack of routers. Watch the comp.dcom.cisco newsgroups for info. When you have studied enough, you can usually re-sell the routers for about 75%-80% of what you paid for them, they don't depreciate very much.

If you are in europe, I've got a couple of AGS+ routers sitting unused, and I can't even give them away. They have every bizarre interface cisco ever made, and are perfect for studying IOS 11.0.

the AC

Links:

Cisco - IP+ATM Solutions

IETF MPLS Charters

They may not be able to deliver, and many businesses HAVE failed due to a inability to deliver what they promise. Failure also comes from a lack of capitolization, and a lack of talent.

This Cisco press release points out how Cisco has $260 million dollars worth of faith in them.

The Cogent founder has had 4 'successful' startups, (4 for 4, and success means they were bought by someone else), they have a group of digex staffers, have hired away Bell Labs employees (upper level lab rats) to research the preformance of the fiber eq, etc.

(All of this is findable in public records...so no NDA's were harmed in the making of this post)

Failure won't be because of lack of capitolization or a lack of talent. They may not be able to deliver 100 M to your doorstep. This *lack* of ability to deliver on a promise may not kill them either. Look at the promise that is Microsoft software, and the inability of M$ to deliver...it hasn't killed M$.

Odds are, they will suffer the fate of nap.net. Built out a network, were bought out, and there they are....the network growth is stalled. They buy bigger pipes, but no longer have the growth rate they used to have.

You don't share your 100Mbps of optical ring with anyone else......
I love it when people manage to turn a limitation on their equipment into an advantage...

Unfortunately you do have to share the bandwith when you and your 23 other 100Mbps users
try to fit your 2.4Gbps over the 1Gbps link to the router which is servicing the ring....
And you have to share the backbone bandwidth.

Sounds like fraudulent advertizing to me....

You can see for yourself by looking at the Cisco customer profile of Cogent Communications

Take a look at the figure at the bottom of the page for the juicy details....