7.6. SOHO - Broadband access device

Every day, more and more small companies as bookkeeping service, pharmacy, or the like, that are looking for a business solution that will allow them to mutual wired or wireless communication between their devices, voice communication with clients, and temporary or permanent access to the Internet. In Anglo-Saxon literature, has become the name of the SOHO (Small Office / Home Office), as compared to a small office or apartment-home users. Thus, a small internal personal network - PAN (Personal Area Network) with occasional or permanent connection to the Internet. For this purpose, there are several types of communications devices, from dial-up to ISDN and ADSL solutions. ADSL solution is increasingly widespread, and the principles of its operation are explained in Chapter 3.6.6. Conceptual diagram of such a home system, which is the basis of communication Thomson ST780WL, broadband access device (DSL broadband access device), is shown in the following figure.

Figure 7.6.1 SOHO, PAN environment.

To achieve given the physical schema is required at least one DSL broadband access device. The term broadband refers to a much wider range of frequencies used in the work to the standard voice frequency range. To make such a device can communicate with the Internet, with the service provider must have access to equipment that will enable it. For home users in urban areas, where the rugged cable television, for this purpose, can be used a device that uses one of the free TV channels for communication (cable modem - router), but the more common type of ADSL solutions, because they require PTT pairs that are present almost in all small offices and homes. Modern communication nodes (PTT exchange) will provide one of the types of ADSL communication and use of voice communications as a function of the distance from the hub. That is closer to the junction potential customers advanced ADSL2+ communications (24 Mbps downlink, 3 Mbps uplink), compared to standard ADSL communication (8 Mbps downlink, 1 Mbps uplink). As the capacity of the communication channel is inversely proportional to the distance between the user and the communication hub, it is clear that all users will be able to have the same service, but for small business or home users without specific demands and standard ADSL is more than sufficient.

In 2006. year the firm 'Thomson' has offered the market a very acceptable condition, SpeedTouch 780WL model, shown in the following figure, which is used by some Croatian ADSL service providers and customers. Said device allows the coexistence of 4 UTP wire - Ethernet communication with a dozen wireless devices (Wireless LAN - WLAN), and the use two analog voice-fax line. According to these requirements the device must fulfill functions splitter, router, access point and bridge, and enable all output devices through a single IP address (gateway) on the Internet, and with the specified ADSL subchannels should allow voice communication. Although it is the most important feature of the ability to act as a router, it should be viewed as a simpler but more complete device in relation to professional configuration for the same purpose, or as a GATEWAY (access) device.

If the network uses more than one computer, the easiest way to another 'see' is that they have different names, they are in the same GROUP (Figure 4.4.28 and Figure 4.5.20c) and that computers need an IP address automatically 'pick' DHCP mechanism of access devices based on the settings of the network card is set to computer |Obtain an IP address automatically| and |Obtain DNS server address automatically| (Figure 7.6.4). Setting the IP address can be carried out as described in Chapter 4.5.5. But if there is a program on one computer support should be used and other members of the network, it should adjust the firewall settings to let the traffic for the desired program support, and is useful to every computer that offers available (sharing) program support has made the user password-equivalent computer that his approach is that every time does not require registration.

Figure* 7.6.2 Thomson ST780WL, ADSL access device / Wiring diagram. ( + / - )

So, pretty much requires a small device (L×W×H = 240×160×40 mm) that must provide almost everything is built into one professional communication closet. From the above introduction about the device, it is clear that his program support must enable NAT, DNS, DHCP, Voice over IP, ATM, firewall features, and something else, which makes this device a comprehensive device that needs to be adjusted. Adjustment is made by using CLI commands and commands or through the web interface. CLI (Command Line Interface) involves setting via the Terminal program support the operating system, where you can adjust all the settings necessary services, and has a significant number of commands and describes them as one PDF manual of about 800 pages. Web interface does not offer as much wealth as the adjustment command line, but it's much more comfortable. Device to be accessed in one of these ways to keep its IP address and the username and password. Default settings are described in the manual for users (PDF manual of 130 pages) and ga course should consult either let a person skilled in tune. These two manuals along with some PDF documents is available Networking Academy in a nutshell. In subsequent chapters follow the procedure for connecting to the device via a terminal and via the web.

On the front side of the device there are signs for the (power), USB, Ethernet and WLAN communication, situation of DSL communication (connection to the Internet), Internet traffic and voice traffic. There is still the ACL button is used to approve a new wireless user. On the back side next to the connector for connection to a separate power source and a switch to turn the device. USB connector is used to connect a computer that does not have a network card, and for that purpose to the computer to install the driver (driver) from the supplied CD. The following 4 UTP Ethernet switch ports that are used to connect a PC or other device using a network card and a regular RJ45 cable. DSL connection to the wall outlet PTT lines (lines as Internet service provider) provides access to the network, the PSTN (Public Switched Telephone Network) port if using a special separator (splitter) to split the internet from the phone in order to keep traffic of classic phone instead VoIP (Voice over IP), 2 phone ports for VoIP and hidden button for the 'reset' - to factory settings.

In Figure 7.6.2b shows how to connect to traditional phone system via the PSTN connection via use of the splitter. When connecting as shown in the telephone set is not used in the special access electronic switchboard. If it is in use mode (depending on the offer ISP) that the telephone call is carried over one of the available channels like ADSL digital signal (VoIP), then the DSL connection is directly to the wall outlet and no splitter. When using the STB (Set Top Box) for this product and IPTV monitoring program, two ports of SOHO devices are configured for this purpose. To connect TV and STB serves SCART cable (Syndicat des Constructeurs d'Appareils Radiorécepteurs et Téléviseurs). If the STB is not used, in the settings of the SOHO devices these ports can be configured as a classic Ethernet ports. In the absence of an Ethernet connection, connection options can be increased by connecting switch to the available Ethernet port of SOHO devices. Newer STB and SOHO devices are designed so that they have available HDMI communication.

To properly serve all of the following user to configure the device. But before setting the description of the device followed by several of his most important technical characteristics:

• WAN - full FXO (Foreign eXchange Office) ; full support for standard analog telephone service
  
  
• LAN - Local Area Network
  
  • 4 port 10/100Base-T switch; switch for Ethernet communication
  • Support for VLAN (Virtual Local Area Network) on the Ethernet ports
  • Wi‑Fi 802.11b/g ; peculiarities of wireless communications (1-11 Mbps / 1-54 Mbps)
  • 2 port for analog PTT device - FXS (Foreign Exchange Station) ; power supply support for Phones
    
    
• USB 1.1 - Universal Serial Bus; possible communication with the device
  
  
• ADSL compatibility - 8 Mbps for downstream and 1 Mbps for upstream
  
  
• ADSL2 compatibility - 12 Mbps for downstream and 1.5 Mbps for upstream
  
  
• ADSL2+ compatibility - 24 Mbps for downstream and 3 Mbps for upstream
  
  
• Wireless
  
  • Supported communication standards : IEEE 802.11g and IEEE 802.11b (Wi‑Fi)
  • Working frequency : 2.4 - 2.497 GHz
  • Support for WEP (Wired Equivalent Privacy) ; 64-bit or 128-bit key for accessing
  • Support for add user (Access Control) to access list (ACL - Access Control List)
  • Scope of operation : max.180 m of the antenna ; sumed depends on the standard of communication and barriers
    
    
• Voice over IP - VoIP
  
  • Peculiarities of telephone communications : basic outgoing and incoming traffic, put the call on hold, a message and a sign of the waiting, call hold, call back if busy, call forwarding
  • Support for FAX / Analog modem
  • Support for IP QoS (Quality of Service)
    
    
• ATM - Asynchronous Transfer Mode ; technology of transfer data to a service provider (ISP)
  
  
• Bridging -  ability to connect different devices
  • Automatic learning up to 4096 MAC addresses
  • Linking communication (Bridging) between 10/100 Mbps Ethernet, USB and 802.11g wireless network
    
    
• Routing - directing traffic
  • NAT (Network Address Translation) / PAT (Port Address Translation)
  • ALGs (Application Level Gateways) ; support for NetMeeting, FTP, Quick Time and similar
  • UPnP IGD (Universal Plug and Play Internet Gateway Device) ; set of network protocols
  • Static routes and Residential RIP; define permanent IP communications and communications protocols
  • DNS Relay, Dynamic DNS (Domain Name System); recognition PC system via DOMAIN and computer NAME
  • DHCP Client/Relay / Server (Dynamic Host Configuration Protocol); automatic supply of IP addresses of the computer
  • SNTP (Simple Network Time Protocol); Simplified protocol for synchronizing computer clocks
    
    
• Security - safety of the network
  • Firewall with filtering capabilities of IP packets based on IP address, port number, and protocol type
  • Protection against denial of service type attacks (DoS - Denial of Service)
  • Defining one of three types of wireless connections :
    • Low - not used protective security measures
    • Medium - encrypted traffic with static encryption key (WEP)
    • High - encryption of all wireless traffic (WPA-PSK)
  • Prohibition of automatic addition of new users to the access list
  • Support for URL filtering on-demand
    
    

These specifications indicate that up to this unit can achieve acceptable protected private network. Every computer can read, for example, the MAC address that will be monitored in the device, or create a base MAC addresses may communicate with each other, and can be set firewall rules to further protect the network. Users may access the wireless network are listed in the ACL (Access Control List) list, or MAC addresses of their network access devices. All other users whose MAC address is not in this list (for example, from the neighbors) are prohibited. So, after putting into operation and connection of all relevant participants of networks and 'shooting guests', followed by further configure the device in order to use all of its features and increased security measures (RTFM).

Safety and registration of new users is good enough and easily solved for a wireless network. WLAN LED indicator lights red if it takes unprotected traffic. If the eligible beneficiaries listed in the ACL list and shall be protected by traffic lights will indicate green or yellow. ACLs can automatically fill when pressed button on the front panel. Then the ACL list of unlocks for one minute to during that time has established communications with a new user, add their data to the list and then the list is automatically locked again. Not everything has to be 'manually' configure. One for each device connected to the 'Thomson gateway' writes his MAC address that is through the display device settings visible. If by chance during automatic authorization list with the desired amendment laptop and also with the 'neighbor', easily through the list of devices to determine who is the 'intruder' and the product is easy to erase. Wireless communication is described in detail in Chapter 4.4.4, but the setting for another type of SOHO devices (Scientific Atlanta EPC2434), which supports communication and advanced security encryption type WPA2-PSK.

ADSL modem is listed on the user side and a conventional PTT wires connected to the DSLAM (Digital Subscriber Line Access Multiplexer) - DSL access multiplexer having ISP. Purpose DSLAM is to provide standard telephone services and data on the existing PTT line so that one service does not interfere with the other, in a basic computer, phone and fax communication with the perspective of video transmission. Increased bandwidth compared to traditional modem which uses an analogue modulation, ADSL digital signal transmission is realized by using multiple channels on the principles of TDMA technology. As mentioned in Chapter 3.6.6 above, capacity depends on the physical distance from the exchange and the user is moving at about 25 Mbps / 300 m and 1 Mbps / 5 km (Shannon's theorem). So when choosing types of deals should not take one that can not be achieved. Besides total output throughput capacity of the ISP to the Internet can reduce the throughput of individual users if they are more active than the usual estimates on which the leased output throughput capacity of an ISP to the world, which is especially evident in the reach geographically distant seat or seats which are not able to accept sporadic excessive requirements. Even if the PTT line customers poorly maintained, or used by multiple users (double users or PBX - Private Branch eXchange) reason for frustration is enough.

User authentication to the network ISP normally uses the following two modes of operation:

• Router mode - The mechanism of user authentication via user name and password entered into the device (router) by the ISP or the user, and the device can be connected to a computer in which there is no need to implement any authentication type and will automatically 'pick up' the network settings of the device (must be turned on DHCP on your computer) to become a participant of local private network and be able to use the resources of the Internet through NAT mechanisms. The computer is an equal participant in the private network in which there is and can communicate with other computers or devices on the local private network.
  
  
• Bridge mode - The mechanism of user authentication via user name and password entered into the computer (such as a modem) and device that forwards to ISP on the basis that passed through the device in order to use Internet services. Each computer has its own authorization with their unique username and can not be the same name and password on multiple computers. Will automatically 'pick up' the network settings of the device (DHCP must be turned on the computer) to become a participant of local private network but can not use the resources of the Internet through NAT mechanisms without authorization. The computer is an equal participant in the private network in which there is and can communicate with other computers or devices on the local private network.

'Router mode' is suitable for local area networks that are connected to the ISP with the tariff model which is leased throughput capacity regardless of the turnover (flat rate) and the number of users, a 'bridge mode' is suitable for local networks at ISP connected with the tariff model which is paid by the turnover per customer. 'Router mode' and 'flat rate' tariff model are more comfortable to work hard and expensive. In both cases, customers are in a local network with private addresses in the ' C ' class that is automatically assigned to your computer via DHCP mechanism and NAT mechanism provides simultaneous output of multiple computers to the Internet (the number may be limited). Both modes use a PPPoE (Point-to-Point Protocol over Ethernet) protocol that operates at the second layer of the OSI model and encapsulates PPP, which contain no such authorization mechanism, and in this way you can monitor the ADSL users to ensure authorization, monitoring (charging) and other important traffic for the ISP.

The described device has a basic purpose to connect computing devices to the Internet, and producer commonly referred to as 'Thomson gateway' and its instructions explain how to install and configure and connect to a PC or LAN (Local Area Network) to the Internet. The reason given is that the device that is described here is only one of the family 'gateway' device. The device comes in a POTS (Plain Old Telephone Service) or ISDN (Integrated Service Digital Network) version. The first is labeled 780WL and the second 780WL(i). POTS version implies that the splitter is used to separate the conventional telephone traffic from Internet traffic. PBX traffic operates within the standard speaking (300-4000 Hz) and the signals is the same as the 'old' postal exchanges, which means that you can also use the phone with the 'wheel'. Then two electronic circuits which belongs to 'PHONE' port not functioning, communications and ADSL uses frequency range above the voice.

As opposed to the ISDN version is interesting because it is an existing ISDN infrastructure can connect this device and use the ADSL service. If no ISDN infrastructure, while ensuring the device characteristics of ADSL data transmission provides up to two analog transmission over 'PHONE' connections modeled on standard telephone channel, over two subchannels over ADSL VoIP telephone switchboard, without using the splitter. Emulates a standard telephone channel with all the associated signaling, but the phone at the 'wheel' can not work. All the above parameters indicate quite of the available options for a SOHO environment.

SUMMARY:

Therefore, the device should be adjusted according to your needs. Subsequent pages of this chapter describing his tune. The computer can connect to the device via wired Ethernet port or via a USB port or wirelessly over integrated WLAN adapter. At the same time it can only use one of these three ways to connect a computer or other network device on the 'Thomson gateway'. What is most important is that all internal traffic takes place in a private network. If the network is for example a web server with the contents that should be publicly available, it can be given a public IP address (DMZ). When all this is added feature of built-in VLAN switch can achieve extra safety aspects concerning internal accruals traffic. Support for device is a good, all the necessary documents is available and its operating system is updated regularly, which is a very important factor in the maintenance process.

So, SOHO device is running uses two sets of IP addresses:

• Internal set of IPv4 addresses, normally in a private class ' C ' one of which is used to access the device, and the other for 'bradcast' and 'multicast', and addresses of devices connected to the SOHO device, either as a static IP address or dynamic via DHCP service.
  
  
• One external public IP address by the ISP, type the IPv4 or IPv6, which is the usual changes automatically every 24 hours, and can be rented as a static IP address, which of course will cost considerably more. However, if the SOHO environment a WEB / mail-server, use an external static IP address is necessarily.

The above is best illustrated by Figure 7.4.16. Recent product from this family unit is, for example, 'THOMSON TG782(i)' and 'THOMSON TG546 VDSL2', the devices in the described has additional features in accordance with the requirements of the time, namely:

• Improved security - Better firewall
• Voice over IP - VoIP; enhanced coders for telephone service
• Mapping connections - support for mapping ports for video on the RJ45 connector
• Expansion of 'Wireless' features - WPA2, WPS
• VDSL2 compatibility - Device 'THOMSON TG546 VDSL2'

Casing and interface with the rear of the device similar to the device described. The device complies with the requirements posed by the widespread use of multimedia content and high definition (Multiple High-Definition IPTV channels). Well designed and promoted SOHO device. The TG series offers devices and optical connections to the ISP, which would in the foreseeable future should be common practice to transfer high-quality video signals. SOHO device manufacturers use very diverse access interfaces, and interface described further refers to 'Thomson SpeedTouch ST780i WL', and the adjustment made for the wireless communication is described for the SOHO device 'Scientific Atlanta EPC2434' in Chapter 4.4.4 and the 'Cisco EPC2425' in Chapter 4.5.5. Effective SOHO system that uses a cable infrastructure NAS and multimedia switch is shown in the Chapter about multimedia.

What to do if your ISP does not want to support the work unit to the 'router' mode? Either change your ISP or on one of the Ethernet ports SOHO device, which works like a modem in 'bridge' mode using the PPTP protocol (Point-to-Point Tunneling Protocol), the Ethernet-to-Ethernet router - Cable/DSL Router (as Linksys WRT54GC for example), with support for the wireless network, or without it, as appropriate. Then in the router settings enter username and password supplied by the ISP, router that delivers to 'modem' of ISP about establishing communication. It is good to choose such a router, which in itself has already integrated switch to obtain several Ethernet ports, and if supported by the wireless communication options, definitely needs to have control of the connected wireless devices and the protection from unauthorized connections. Connection to the SOHO router / modem device called the 'Internet' port integrated switch and the connectors are called 'Ethernet' connections, though first mentioned by mode belongs to the same group as the switches and connectors but operate using different protocols. True, one more device, but fortunately not so big and any more expensive.