Connecting Your Linux Box to the Internet
At this point, if you have followed my advice, you've managed a UUCP news and mail feed. You've worked with dial-up IP. Maybe you've even tried running a gopher, ftp, or HTTP server. And, you have learned a lot about Unix security. If you haven't, do it now!
A dedicated connection means your machine is connected to the Internet 24 hours a day. This speeds up services like news and mail. Mail between two Internet-connected machines happens literally in seconds. The frequency of Usenet news updates is controlled by each site. Hourly—or even more frequent—news updates are commonplace. You also get some services that are only available to Internet connected machines such as telnet, ftp, gopher, and World Wide Web.
In order to put your machine on the Internet, you will need a dedicated line between you and your service provider. A dedicated line is a telephone line that is open 24 hours a day. What do I mean by open 24 hours a day? Say you call a friend and talk for a few minutes. Then, you walk away from the phone for a while. When you have something else to tell your friend, you pick up the phone and tell him. You don't have to dial his number again because you've never hung up. This service is billed at a fixed, monthly rate; there is no charge for usage. The phone company connects the dedicated line to the destination phone number. Only the phone company may change the destination.
You will have to decide how fast a connection you will need. The minimum speed is 56 kbps, which is perfect for a small business. If you plan on transferring audio in real-time, you will need a 1.54 Mbps line, commonly known as a T1 line. If you plan to transfer video in real-time, you'll need a T3 line which transfers data at the rate of 45 Mbps. Watch out for bottlenecks—buying a T1 line in the hopes of talking with a remote site across the country at T1 speeds is pointless if any of the other lines the data will pass through are running at 56 kbps.
Dedicated lines come in several different flavours. Analog lines can handle speeds up to 28.8 kbps. This is the same grade as your typical home phone line. You probably don't want one of these. Digital lines handle speeds of 56 kbps right up to T3 (45 Mbps) speeds. The cost of a digital line depends on the distance between you and your service provider. An alternative to digital dedicated lines is frame relay. Frame relay is the new technology on the block. Frame relay charges are based on speed, not distance; this may offer significant savings over a digital line. Not all service providers support frame relay. Check with your service provider. For the purposes of this article, I will assume you are going to go with a digital line at 56 kbps. This is the most common Internet connection.
With a dedicated connection, your Linux box is available 24 hours a day to access the Internet. But beware, the reverse is also true. The Internet can access your Linux box 24 hours a day. Keep your machine secure or you could suffer a lot of damage from system crackers. In order to prevent this, consider reading Cheswick and Bellovin's Firewalls and Internet Security, reviewed in issue 6 of Linux Journal.
Before I describe a 56 kbps connection, let's review a connection with which you are probably more familiar: a regular 14.4 kbps modem connection. (See Figure 1 above.) A 14.4 kbps connection will require a serial port in each machine, a modem at each machine and, of course, a telephone line. The two modems communicate at 14.4 kbps using the v.32bis protocol. The serial connection between each modem and the Linux box can be set at 19.2, 38.4, or 57.8 kbps; data compression is the reason the serial connection runs faster than the modem. The modem connection is 14.4 kbps compressed with the v.42bis compression protocol; the serial connection is uncompressed. In order for the serial line to keep up with the modem connection, it must pass more bits per second than the modem. Now that you know where all the protocols fit into the picture in a 14.4 kbps connection, let's tackle a 56 kbps connection.
Take a look at Figure 2 (opposite). A 56 kbps connection may be too fast for your serial port, so Ethernet offers an alternative. Ethernet signals cannot be transferred over the telephone lines, so you must use a protocol specifically designed for telephone lines, v.35. What you end up with is Ethernet coming out of the Linux box, being converted to v.35 signals, and being transferred over the telephone lines to your Internet service provider. You need to install an Ethernet card in your Linux box and configure the kernel to support TCP/IP—see the NET-2-HOWTO document for the details. To convert Ethernet signals to v.35 signals you will need a router. Finally, to send the v.35 signals over the phone lines, you will need a 56 kbps CSU/DSU (also known as a digital modem).
The router with CSU/DSU is the most common configuration for dedicated connections to the Internet. Vendors are now selling hardware which combines the router and CSU/DSU into one box. The single box is cheaper, but not as flexible in case of future growth. For example, if you want to change from a 56 kbps to a 128 kbps line, you can use the same router with a 128 bkps CSU/DSU. If you go with the single box, you'll have to replace the entire unit. Take into account your plans for the future and pick the option that suits them.
It will soon also be possible to buy a v.35 CSU/DSU card that plugs directly into your Linux box. That is, it is possible to buy the card now, but the driver is still being developed as this is written. When the driver is available, this option will cost less than an Ethernet card, router, and external CSU/DSU, be a little less flexible, require that the Linux box it is attached to act as a router, and be ideal for many situations where the Linux box is being used as a firewall. On the other hand, it is a poor solution for sites with more than a few dial-in lines.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- The Qt Company's Qt Start-Up
- Devuan Beta Release
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- The Death of RoboVM
- The Humble Hacker?
- BitTorrent Inc.'s Sync
- New Container Image Standard Promises More Portable Apps
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide