What is ADSL?

ADSL Broadband Internet Connections: all you want to know.

ADSL is a broadband technology that delivers higher speed data links of up to 2Mbit/s across existing copper wire telephone lines on the last mile between the local telephone Exchange and the customer premises. It works by using a frequency splitter device to split a traditional voice telephone line into two frequency bands; a narrow one for voice and a much wider one for data, thus creating an ADSL enabled line which can be used concurrently for phone conversations and high speed Internet access. The equipment required at the Exchange end of your ADSL line is known as a DSLAM (Digital Subscriber Line Access Multiplexer).

Telstra is the largest Australian provider of ADSL. They sell it direct to consumers as their Telstra Bigpond Broadband ADSL service and as part of their Telstra InternetDirect service. It is also offered to ISPs through TelstraWholesale. Most Australian providers of ADSL services purchase the service between the telephone Exchange and the customer premises from TelstaWholesale.

TelstraWholesale offers to ISPs a range of DSL services, most of the ADSL services utilising three speed profiles:

  • Up to 64Kb/s upstream and up to 256Kb/s downstream
  • Up to 128Kb/s upstream and up to 512Kb/s downstream
  • Up to 256Kb/s upstream and up to 1.5Mb/s downstream

and two configuration methods

  • PPPoE/PPPoA
  • Bridged

When you purchase ADSL from an ISP you will request the speed you want to pay for, but the configuration type is often not clear to you before you buy. It is however important to know if you are to configure your own hardware and software.

Some people make the mistake of thinking that just because an ISP resells the Telstra DSL service, they are also using Telstra's Internet backbone overseas and domestically. This not the case. For all non-Telstra ISPs all data flows from the Telstra network in each state through to a router belonging to the ISP and from there on via the ISPís inter-network. Web browsing performance, for example, is much more dependent upon how good the ISPs Internet and DNS network is than any of the ADSL components.

ADSL is inherently more secure than other broadband communications, namely the majority of the currently deployed cable modem services. ADSL is a point-to-point connection between a customer location and the telephone company switching Exchange. Cable, on the other hand, is a point-to-multipoint connection that shares network connectivity among homes in a neighbourhood, much like a shared LAN. In addition, with ADSL each customer has a separate Private Virtual Circuit, a unique connection that authenticates and secures the communication between the customers PC and the Internet.

What you need to get connected?

  • A Telstra Telephone Line
    It has to be within 5 kilometres of an ADSL enabled Telephone Exchange (You can test this at our Availability Checker). Your line must pass a number of tests before installation can go ahead Telstra will do these as part of the upgrade at the Exchange.
  • An ADSL Modem or Router
    Most ISPs will supply you with a modem or router as part of the installation kit or at additional cost. You can also purchase them through us if you like. Connection equipment can be broken down into two basic categories:
    SpeedTouch 330 USB ADSL modem Ethernet, PCI or USB ADSL Modem
    The easiest way to get online with prices averaging around the $120 mark. Just pop in the CD, install the drivers and plug in the modem. The majority of home users choose USB modems to get online.
    ADSL modem and router Ethernet/Wireless ADSL Modem-Router
    A standalone device which maintains the connection to the Internet for you. Most routers have an Ethernet connection to your local area network and act as a gateway, DNS, DHCP and firewall service. You can use a router to connect multiple computers to the Internet without the need for connection sharing software such as Microsoft Internet Connection Sharing (ICS).
  • A filter
    A Filter for each Phone Socket
    A filter is designed to plug into your phone socket. Its purpose is to separate voice from data and must be connected to each phone socket in your house. If you do not have a telephone, or any device which uses the phone line, a filter isnít required. Most ISPs and retailers sell filters.

Choosing the right ISP and Service Plan

Before you choose an ISPís ADSL Plan you need to have addressed a number of issues first. Some plans (the cheaper ones usually) may restrict you so that you will not be able to use the ADSL connection as you expect to.

Consider these questions:

  • How many computers do you want to share the one ADSL connection?
  • With ADSL your computers potentially can be permanently connected to the Internet. This raises the question of the best ways of protecting them from unauthorised Internet intrusion.
  • Do you want to host services such as Web-sites and SMTP mail servers that can be accessed from the Internet?
  • Do you require a permanent IP address assigned to you or not?

Discussion:

If you want more than one computer to access the ADSL connection concurrently, the best solution is to use a modem/router/switch combination unit. There are many of these on the market today and we sell a selection of the best ones. These usually have about 4 Ethernet ports for connecting local PCs or up-linking to another hub/switch to allow many more PCs to connect.

If you are using Windows XP you could use a USB modem and implement Internet Connection Sharing and Internet Connection Firewall to share the access to other computers. We consider this not to be as good from the security perspective as the above hardware solution.

Most modem/routers also provide network address translation (NAT) to shield the PCs from being easily accessed from the Internet (a firewall feature) and by default no TCP/ UDP ports are open in the direction from the outside to the inside network. All ports are open from inside to outside, however. What this means is if a communication such as accessing a web site is initiated from inside the network, the modem/router will allow the response through the modem/router to the computer that originated the request. Any unsolicited request from outside will be blocked. You can enable specific TCP/UDP ports so that any unsolicited request to that port from outside will be directed to a specific local host computer. This enables you to run your own Web-sites or FTP-sites, for example, through the firewall.

If you want to host web-sites or have a SMTP server that receives mail, you really need a permanently assigned IP address. There are ways around this with Internet-based Dynamic-DNS but this adds complexity. If Internet activity is always initiated from the PCs then it is best, for security reasons, not to have a fixed IP address.

Connecting it all Together

Single PC system
Single PC

The diagram above shows the basic installation of a Single PC to an ADSL access service. The best interface between your PC and the ADSL modem is Ethernet, however, a USB option is becoming more commonly available. We recommend using Ethernet connection between your PC and the ADSL modem, and not purchasing a USB-type modem. The splitter device separates the ADSL data service from your analogue (POTS) telephone service. Your ADSL service and telephone service will not affect each other.

In the above configuration the ADSL Modem is acting as a Bridge, connecting two different wiring systems. If your ISP has a PPPoE/PPPoA type implementation of ADSL there needs to be a piece of software called a PPPoE Client. This can be built into the modem (commonly in modem/routers) or needs to be run on the PC. Telstra supplies the Enternet300 PPPoE software on its CD-ROM, however both Windows XP and MacOSX have it as a part of the dial-up networking component of their operating system. The PPPoE software requests a username/password combination that authenticates you to the ISPs network and assigns you an IP address (either static or dynamic depending on the ISP implementation). You need one user account for each PPPoE concurrent session.

Local Area Network

There are several options that you can use to provide more than one PC with access to your ADSL service.

LAN Diagram

The above is a simple extension of the single PC solution. The ADSL modem is fed into an Ethernet switch or hub and connected to multiple PCs. A separate PPPoE client is run on each PC with different usernames. Each PC would take up a session on the ADSL network while connected.

LAN Diagram

ADSL Modem/Routers usually have a built-in PPPoE client. The Modem/Router makes the PPPoE connection on behalf of all user PCs on the LAN. The PCs can be assigned private IP addresses and use the Network Address Translation (NAT) facility of the Modem/Router. Only one PPPoE account is required for this configuration. This method is our preferred solution.

If your ISP has a Bridged implementation of ADSL, for a LAN network you need a Modem/Router wired-up as above and your ISP will provide the external IP address to be used for the router and the Default Gateway address. You dont need to configure a PPoE Client. The router is the best set up to enable NAT and issue Private IP addresses via DHCP to the internal network clients.

ADSL Security

Your ADSL access line provides a fast, always available connection to the Internet. One difference between conventional dial-up modem connections and ADSL connections is that users are likely to spend more time online, mostly due to the always available nature of the service. Your PCs can therefore be connected to the Internet 24 hours a day for many days at a time. The longer your PCs are connected to the Internet, the longer they are at risk.

Fortunately there are a number of measures you can take to minimise these intrusions.

  • Do not use public IP addresses on the PCs ó only on the connecting modem/router. Network Address Translation (NAT) can be used to hide PCs internal to your network. NAT functionality is available when using Microsoft Internet Connection Sharing (ICS), a hardware firewall, or an ADSL modem with built-in router and PPPoE functionality.
  • Use a Router with built in Firewall features if possible. The router should at least feature NAT, but also Stateful Packet Inspection (SPI) to prevent Denial of Service (DoS) attacks (eg. syn flood, ICMP flood, UDP flood, ping of death, IP spoofing, land attack, tear drop attack, IP address sweep attack, Win Nuke attack) and an Intrusion Detection System (IDS) including logging, reporting and e-mail alerts. Also choose a firewall that will allow you to control Web URL access and content filtering so you can control what sites your users can access.
  • Only use a fixed-IP address service if you need a fixed IP address (you are hosting web-sites or mail servers), otherwise use a variable IP address service.
  • Disable file sharing on Microsoft Windows platforms if it is not needed.
  • For more active protection install hardware or software firewalls between the LAN and the ADSL modem. See CERT Home Network Security for guidance on protecting networks.
  • Install a virus-checking program and ensure your virus database is up to date. Scan all downloads and e-mail attachments.
  • Use strong passwords, at least seven (7) characters in length. Mix upper and lower case, and try not to use dictionary words. Passwords that are made up of common words or names and separated by numbers are not good examples of secure passwords.