VSAT Community Networks

I just read that the internet is growing faster in Africa than anywhere else in the world. Most of us here in Africa are connecting via satellite or VSAT connections which are a fairly expensive way to transmit data (though costs are rapidly dropping). While I am finding sufficient knowledge on how to purchase VSATs, I have found very little discussion or collaboration online concerning how best to maintain VSAT internet connections.

Just yesterday I received an email from a friend here in Malawi describing the experience of another friend who “successfully” installed a VSAT connection for their NGO. The NGO found that the the installers from the company they hired to install the VSAT “haven't got a clue [how to install a VSAT]. It took them over 10 days to get it running - basically they installed it and it didn't work and they couldn't work out why.” After asking help from a local internet cafe owner the NGO found “the VSAT company had supplied the wrong kind of network cable (not a cross over one) - a fairly basic mistake and they haven't apologised or anything - so we're not really very impressed.”

Poor quality technical support seems to be a common complaint of those organizations installing VSATs. Often the price for poor technical support in VSAT service contracts is very high. Organizations are usually asked to pay travel, room and board expenses for foreign technical support consultants in addition to paying fees for fixing connection problems. In the case of the University here in Mzuzu, we have found that maintaining the connection can be challenging because the network infrastructure was designed by outside consultants. Very few of the skills needed to keep the VSAT running optimally were transferred in documentation or training to the University IT staff.

Here in Mzuzu there is some consensus that organizations using VSATs could themselves improve technical support services while reducing service contract costs by collaborating online. We are interested in creating an online community to help other organizations around the world sustain and manage their VSAT internet connections. This would include: tools/guides to help organizations estimate and budget for usage costs, a tutorial collection to help build staff capacity for maintaining the VSAT and reduce dependence on outside consultants, a collection of success stories and best practices/uses for internet (giving professors blogs, etc), an online forum for technical questions to be answered by other members of VSAT community.

The other phase of our work here involves designing open source software to control, allocate and optimize network bandwidth on the VSAT (as I discussed before). I truly believe that this is the this is the other piece of the puzzle that could really fuel of fire of internet development here in Africa. User friendly software that turns old PCs into network appliances for allocating bandwidth would empower community groups, NGOs, churches, universities, and cities and allow them to collectively purchase VSAT equipment and distrubute and manage their bandwidth according each organizations contribution towards the connection cost.

I have found that the NoCat (http://www.nocat.net) project is pretty much what we need to begin allocating bandwidth based upon user logins. It is a great community networking product, but the problem is, the project stopped development sometime in 2004. Currently assessing the state of the NoCat code to see if it suits our needs and can be built upon. We are also looking into rolling out our own system.

Here is a more technical details of the community network system we are trying to create:

  • Place a Linux authentication gateway to filter all network traffic just before it is sent out the VSAT to the rest of the world
  • The authentication gateway should optionally allow unlimited local network traffic (email, file and print sharing, web browsing)
  • When a user tries to send data out to the world through the VSAT, the authentication gateway captures the request and the user is asked to login
  • After logging in network bandwidth limits are set on the gateway on a per user basis according to which network privileges the user has been granted. These are settings controlled by the network administrator.
  • The user is shown how much network time they have remaining in their account, how much bandwidth has been allocated to them etc.
  • The user is redirected to the website the originally requested before the capture. A small javascipt frame in the web browser continually checks in with the authentication gateway so that the gateway knows the user is still using the network.
  • Once logged in the user can send any type of network requests that are permitted by the network administrator through the VSAT
  • To end the VSAT network session the user closes their web browser
  • The authentication gateway notices that the user has not checked in for some time and closes network access to the VSAT for the user.

NoCat does most of this already, but is lacking an accounting system that would permit easy creation of network access limits for groups of users. Now to figure out if we can add it to the system... I love nerding.