I’m sorry I simply believe that in 2018 with the advanced and cheap ptp radio (ubiquiti anyone? $300 and I have a 200mbit/sec link over 10miles! Spend a bit more and go 100km) plus the advancements in cubesats about to be launched, even the 3rd world can simply get with the times.
-Ben > On May 28, 2018, at 10:57 AM, Mike Hammett <na...@ics-il.net> wrote: > > To be fair, most of the conversation is people not realizing the OP is in a > third world country and believe that 1 mbit/s isn't enough for a single user > much less a village. > > https://www.facebook.com/groups/ubntedgeos/permalink/1046305928855488/ > > > Also, I think it's 40 kilotbit/s per user (so probably dial-up), not 40 > kilobit/s for the whole village. The whole village may very well have 1 > megabit/s worth of dial-up connections, but everyone potentially able to go > to 1 megabit is a lot more useful than capping each to 40 kilobit/s. > > > > > ----- > Mike Hammett > Intelligent Computing Solutions > > Midwest Internet Exchange > > The Brothers WISP > > ----- Original Message ----- > > From: "Grant Taylor via NANOG" <nanog@nanog.org> > To: nanog@nanog.org > Sent: Monday, May 28, 2018 11:17:10 AM > Subject: Re: Impacts of Encryption Everywhere (any solution?) > >> On 05/28/2018 08:23 AM, Mike Hammett wrote: >> To circle back to being somewhat on-topic, what mechanisms are available >> to maximize the amount of traffic someone in this situation could >> cache? The performance of third-world Internet depends on you. > > I've personally played with Squid's SSL-bump-in-the-wire mode (on my > personal systems) and was moderately happy with it. - I think that > such is a realistic possibility in the scenario that you describe. > > I would REQUIRE /open/ and /transparent/ communications from the ISP and > a *VERY* strict security control to the caching proxy. I would naively > like to believe that an ISP could establish a reputation with the > community and build a trust relationship such that the community was > somewhat okay with the SSL-bump-in-the-wire. > > It might even be worth leveraging WPAD or PAC to route specific URLs > direct to some places (banks, etc) to mitigate some of the security risk. > > I would also advocate another proxy on the upstream side of the 1 Mbps > connection (in the cloud if you will) primarily for the purpose of it > doing as much traffic optimization as possible. Have it fetch things > and deal with fragments so that it can homogenize the traffic before > it's sent across the across the slow link. I'd think seriously about > throwing some CPU (a single core off of any machine in the last 10 years > should be sufficient) at compression to try to stretch the bandwidth > between the two proxy servers. > > I'd also think seriously about a local root DNS zone slave downstream, > and any other zone that I could slave, for the purpose of minimizing the > number of queries that need to get pushed across the link. > > I've been assuming that this 1 Mbps link is terrestrial. Which means > that I'd also explore something like a satellite link with more > bandwidth. Sure the latency on it will be higher, but that can be > worked with. Particularly if you can use some intelligence to route > different CoS / ToS / DiffServ (DSCP) across the different links. > > I think there are options and things that can be done to make this viable. > > Also, considering that the village has been using a 40 kbps link, > sharing a 1 Mbps (or 1,000 kbps) link is going to be a LOT better than > it was. The question is, how do you stretch a good thing as far as > possible. > > Finally, will you please provide some pointers to the discussion you're > talking about? I'd like to read it if possible. > > > > -- > Grant. . . . > unix || die >
