I receive a fair amount of questions from readers concerning my Internet access here in Iraq, and I thought it would be neat to do a post on how I'm able to maintain a website from a forward operating base in the middle of the Iraqi desert.
For Internet access, I lease a satellite connection from a company called Bentley-Walker, which provides service to regions in Europe, the Middle East, Africa, and South America. A 1.8 meter dish mounted on the roof of my billet functions as the antenna (pictured below).
Inside, the satellite signal is fed to a ViaSat LinkStar S2 modem. The particular plan I lease provides a shared 2048 Kbps downstream and 512 Kbps upstream (I typically achieve 10% to 50% of these speeds). The modem (middle) connects to a Linksys WRT54GL SOHO router (top), which runs a custom firmware (more on that in a bit). The WRT54GL in turn connects to the Cisco 3550 (bottom) for layer two aggregation.
A number of dumb switches not pictured are also scattered about my neighborhood to extend the service to neighboring buildings. Everything is wired; I don't have the patience to secure or troubleshoot wireless configurations on a bunch of home user-owned laptops.
Not including hardware costs, the service contract with Bentley-Walker for a 2 Mbps/512 Kbps connection (shared) runs about $3985 per quarter (that's $1330/mo, something to think about next time you complain about your ADSL bill). Of course, I don't pay all that out of pocket; acting as a mini-ISP, I share the uplink with other people who chip in at $80/mo each. With 16 people buying we just about break even on the monthly cost. $80 may seem steep given the quality of the connection, but it's not a bad deal for Iraq. Remember also that the costs mentioned are for an admittedly high-tier plan; lower bandwidth allocations are available for proportionately less cost.
To accommodate more than 13 clients on the LAN (a limit imposed by the provider-assigned /28 subnet), I had to install a router to double-NAT an internal subnet of my own. My first choice for this, like a good Cisco tool, was an ASA 5505, but this soon proved to be a poor fit. The ASA has a bunch of features I didn't need, while lacking a few I did. (Plus, when I eventually head back stateside and turn the network over to someone else to maintain, I'm not giving up my ASA.)
Recently I purchased a Linksys WRT54GL to act as an internal router and installed on it the custom Tomato firmware. Tomato sports some very handy features, like QoS enforcement and real-time bandwidth monitoring. Here's a 24-hour graph for example:
Tomato offers advanced configuration through an intuitive web-based administration interface, so Cisco experience won't be required of my successor when I leave.
Overall I've been pretty surprised at the quality of the satellite connection. It will drop out for brief periods once in a while, as is to be expected, but it has been largely trouble-free. Throughput isn't as bad as you might think, either: a 700 MB file typically takes between 12 and 18 hours to download, depending on how saturated the link is. Web browsing is responsive, and even Skype works under light load. Real-time gaming is a no-go, of course, because the propagation delay inherent in all satellite shots will always be there, regardless of the bandwidth allocated.