J.T.O. (Phase I) : INTERNET, Module – 8, Chapter 3.

4 RAS

CHAPTER 3.4
REMOTE ACCESS SERVER
How does a Dial-up Network Work?
There are three basic components of any dial-in network : telephone lines,
modems and authentication servers. Let's look at each component

Telephone lines
The telephone lines that make up a dial-in network can range from plain
old telephone lines to expensive T and OC carriers. For most users, plain old
phone lines serve as the entry point to a dial-up network. The limitations of plain
telephone lines are numerous. First, a plain old telephone line cannot carry data
very quickly This has more to do with the design of the telephone system than it
has to do with the material limitations of copper wiring. Additionally, plain
telephone lines suffer from interference along the lines themselves as well as
interference generated by telephone switching equipment. The phone company
has established certain noise standards for telephone lines. Compared to other
types of telephone lines, a voice line has a fairly low standard for line noise.
Noise has to be quite obtrusive before it interferes with a telephone conversation,
but a burst of noise as short as a few milliseconds can destroy a data stream
easily. This is one reason that dial-up networks use higher quality phone lines for
transmitting data once they have reached the network. Phone lines that move
data from the dial-up network to other points in the network or other network
altogether, are usually high-speed, high-capacity digital lines carrying aggregated
traffic. That is, they carry many different data streams to and from the greater
Internet.

Regional Telecom Training Centre.Mysore

J.T.O. (Phase I) : INTERNET, Module – 8, Chapter 3.4 RAS

Modems
Beyond the phone lines are the modems. When you establish a
connection to your Internet Service Provider, you are calling into what is known
as a modem pool. A modem pool is a connection of phone lines with modems
attached that serve as a connection point between your computer and the
Internet or other network. When we think of modems, we may think of a small
box that sits outside of our computer, or perhaps a card that sits inside our
computer. Modems that are part of a modem pool aren't remarkably different.

These modems are usually printed circuit cards that sit inside of a box
called a "frame". The frame sits in an equipment rack at your ISP. These boxes
can control many modems. Also, inside this frame is a card that accommodates a
high-speed phone line, such as T1 line. A T1 line supports up to 24 different
channels, meaning that a T1 line can carry 24 separate phone connections. The
T1 card's job is to take data from up to 24 modems and aggregate them into a
transmission frame. Some frames may support multiple T1 cards.

Your ISP may have its own modem pool, or it may contract out these
services with another provider. In this case, many ISPs in an area may use the
exact same modem pools to provide their customers with access to the Internet.

Authentication
The last major portion of a dial-in network is the authentication server.
Most dial-in systems require users to have an access ID of some sort. This
allows the network operators to distinguish legitimate users from users who are
not eligible to use the network.

The "authentication" usually comes in the form of a user name. In the case
of a large dial-in network used by many organizations a user's access ID may
consist of his or her user name and the realm from which they are attempting to
authenticate. For most users, a realm is the fully qualified domain name of their
organization or ISP. Specific information about access IDs are stored on access
servers. These access servers are operated by the organization that supports the
dial-in network. Many dial-up networks use software called RADIUS to perform
authentication and other important functions.

Regional Telecom Training Centre.Mysore

J.T.O. (Phase I) : INTERNET, Module – 8, Chapter 3.4 RAS

RADIUS is an acronym for Remote Authentication Dial-in User Service

and was originally developed by Livingstone for use with its PortMaster Network
Access Servers. RADIUS servers kept track of dial-in use. In basic terms, a user
enters his/her Access ID and password, and the RADIUS server determines
whether the user is a legitimate user of the system and if access for that user is
allowed under current network conditions.

RADIUS was originally designed to run on UNIX systems, although ports

to several other platforms are now available. RADIUS servers perform three
basic functions : authentication, authorization and accounting.

Authentication is just that the system determines that the user is or is not
who he says he is. This is accomplished through the use of user IDs and
passwords. The RADIUS server can authorize a user to use the network. Even if
the user's ID and password are correct, a user may not be able to use the system
for reasons that are beyond the control of the user. For example, connection
ports may not be available at the time the user wishes to connect. Connections
may be limited to a certain number of minutes or hours. In this case RADIUS is
responsible for determining whether a user's session may continue or must be
terminated. RADIUS can also determine if certain users are eligible to use fee-
based services. Finally, RADIUS can perform accounting functions. Sometimes,
its important to keep track of a user's log-in and log-out times, the number they
dialed into, the port they used and so on. RADIUS can perform these kinds of
logging.

Regional Telecom Training Centre.Mysore

J.T.O. (Phase I) : INTERNET, Module – 8, Chapter 3.4 RAS

Putting it all together

So what happens when you place a call to a dial-up network ? Your call is
transferred through the Public Switched Telephone Network to the modem pool.
Each modem in the pool has its own assigned phone number. These numbers,
which may or may not be consecutive, are organized into a "hunt group". Rather
than having a list of potentially hundreds of numbers to dial in search of an open
modem, calls to the pool are routed through a single number. The switching
equipment "hunts" for the first available modem in the group. When an open
modem is found, the call is connected to the open modem. If no open modems
are found in the hunt group, a busy signal is returned to the caller.When the
modem answers the call, a connection is negotiated. This negotiation is a
complex conversation between your modem and the modem at your ISP. The
modems work together to determine the connection speed and services that will
be available during the call, such as error correction and data compression. Once
the connection is negotiated, the user is authenticated. This is akin to knocking
on a door and giving a secret password. If the system accepts your password,
you are allowed access to the network and its services. Normally, you are given
a certain number of chances to authenticate. After this number is exceeded, the
authenticating software at your ISP will terminate the call. If your call is accepted,
you are given access to the network. Each modem in the pool is assigned an IP
address. When a call is accepted by the network, the caller "borrows" the
modem's IP address for the duration of the call.

Once you're inside the network, the authenticating software may keep tabs
on your call. This does not mean that your ISP tracks your movements around
the Internet. As a general rule, ISPs are not interested in what you're doing or the
sites you've visited, since keeping this data requires a large volume of space that
most ISP's are not willing to provide. Instead, basic information about your call is
kept. The time your logged in and out, the phone number you dialed to gain
access to the system, the port or IP address your call was assigned and the
name you authenticated under would be standard pieces of information that an
ISP would keep. If you have concerns about the information your ISP keeps, you
should discuss them with your provider.

Regional Telecom Training Centre.Mysore