Author Archive

How VSAT Fair Access Policy (FAP) Works And How It Can Affect Your Business

May 19, 2014 Leave a comment

internetWith the proliferation of VSAT based Internet broadband in Africa, Many users have begun to notice a drastic reduction in pricing of VSAT broadband to ridiculously low prices, some even lower than terrestrial fiber and wireless prices. The question that many have at the back of their minds is, are these low prices a bait? What cosmic change in the VSAT industry caused this drastic drop in pricing? Let us find out.

When the deal is too good…

Satellite communication works on very scarce resources of satellite radio frequencies and spacecraft capacity. The transmission/bandwidth  capacity of the space craft is limited by the number of transponders which are again limited by the power the satellite can produce from its solar panels.

There have been drastic improvements in satellite technology in the last few years making satellite an attractive option for many businesses that are far from or have unreliable terrestrial services. These changes include but not limited to:

  1. Use of Spot beams which enables frequency re-use. Satellites are now beaming cellular-like beams over smaller geographical regions which enables for example a frequency in use in Kenya to be re-used in Zimbabwe or DRC on the same satellite. Frequency re-use can increase the satellites transmission capacity.
  2. The use of ion-based as opposed to liquid based station keeping propulsion systems on the satellite spacecraft. The use of electric systems that don’t need fuel tanks leaves more room on the spacecraft for more transponders and power batteries hence higher capacity satellites. The depletion of propulsion fluids also meant the end of life of the satellite. With Ion-based systems, the spacecraft can stay longer in orbit (translates to higher returns to its owners)
  3. The use of more efficient coding schemes with low power requirements and error detection algorithms such as LDPC which enable higher Bit per Hertz ratios and error free communications. This means more data than before can be pushed using the same radio capacity.

These developments have brought down the cost of satellite communications but not to the levels being advertised by many VSAT broadband operators, If this is the case then whats the catch?

The catch is VSAT vendors have come up with clever policies that create an environment where all users/customers are treated fairly. But the question that comes to mind is: Is this perceived fairness good for business?

Fair Access Policies (FAP)

These are policies that operators put in place to ensure that users on their network do not abuse the resources allocated to them. To make the FAP concept clearer, imagine for one moment at the VSAT operator as a water supplier capable of supplying say 1000 cubic meters of water  a day (30000 cubic meters a month). If this water supplier has customers whose demand totals to 50000 cubic meter a month (demand outstrips supply) with the customers who have a higher requirement having bigger diameter pipes to their premises and those with lower requirement having smaller diameter pipes. The problem that occurs is that most of the water will tend to flow to the customer with the bigger diameter pipe leaving the smaller pipe customers with just a trickle if lucky. What FAP does is it lays down rules on how much water volume the bigger diameter pipe guys can get over a period of time. The water company might set a FAP rule as such: Big diameter pipe customers can only be allowed 10 cubic meters a day. If they exceed this then a valve is turned on to throttle or limit the flow of water to them so as to play ‘fair’ to the smaller pipe diameter customers. If this is not done, the smaller guys will not get water during the day.

This might seem as a good thing until you realize that there was a reason why some of these customers asked for a bigger pipe. These are usually business that depend on this water for their day-to-day business. The providers bring in socialist ideas of fairness into capitalistic environment with disastrous results.

A promotion by one of the many VSAT providers in South Africa offering cheap VSAT service

A promotion by one of the many VSAT vendors in South Africa offering cheap FAPed VSAT service

VSAT operator customers who buy big internet pipes to enable them carry out their business transactions end up suffering at the hands of the ISP because they are told how much they can download per day and if they exceed this limit they suffer the indignity of slowed down speeds. A VSAT service with FAP cannot work for a business that depends on connectivity because:

  1. The FAP service assumes uniform activity throughout the month. This is ideal and unrealistic. Business activity varies throughout the month. There are times when a lot of data is exchanged (like during month end reporting or email campaigns or research) and sometimes of the month are slow when there isn’t much exchanged. The business should have a right t vary its internet usage patterns to its business activities.
  2. Fast efficient and on time business communications can mean survival or extinction. a business on a FAPed service is uncertain of their ability to rely on their internet connection because it might be throttled at a time when they least expected it. A FAPed service is a business risk.
  3. When a customer is FAPed, their ISP can “Un-FAP” them if they purchase a token to un-throttle them back to their original subscribed speeds. These tokens are similar to data bundles we purchase on mobile wireless services. These tokens are not cheap like mobile data bundles and herein lies the catch. At the end of the month that ‘cheap’ VSAT service ends up costing a business more money than they had anticipated because of repeated token purchase. If they decide not to buy the tokens, they will endure a painfully slow internet service.
  4. Point 3 above makes this kind of connectivity cost a variable cost. a variable cost can be a good thing and a bad thing for an organization. Any manager worth his salt will tell you that certainty on product delivery is good if there are guarantees on performance and cost.

So at the end of the day, the once seemingly dirt-cheap service from the operator soon becomes a headache as the business is rendered unable to effectively communicate to its customers and suppliers. The customers attraction to the cheap internet ends up costing the company more than what it saved by not going for business quality broadband connection. FAPed VSAT service is only good for the light usage client who is mostly a single user at home. It cannot work for a business user or in multi-user environments.

How do you tell whats good and whats bad VSAT service?

There is a simple yet effective way to find out if a service is subject to FAP or not: Ask. All you need to do is ask the sales person if the cheap service is FAPed. Most services that are FAPed are on what is known as either 10% period download limit or three day rolling average limit. What this means is you are not allowed to download 10% of your monthly volume in less than 10% of the month (3 days). So if you purchased a 20 GB a month plan, you can only download 2GB within 3 days, should you exceed this limit, your download speed will be halved. This policy does not take into consideration that a business users online activity varies through the month and is not uniform.

You can also look at the pricing, if its anything less than 70 Kenya shillings a Kbps then its a FAPed service (Yes, Business quality VSAT is pricey), The above advert is offering 7.5 shillings per Kbps.

Why CCK’s call for Infrastructure sharing is ill informed

April 14, 2014 2 comments

mastLast week we were treated to a spectacle that was the Communications Commission of Kenya (CCK) demanding that mobile network operators stand to have their licenses revoked or not renewed should they fail to open their infrastructure to competitors use. This call is not only ridiculous and careless, it is also backward, taking us back to the KP&TC days when the govt controlled telecoms and kept all operators on a short leash.

The CCK Director General seems to have been bit by the ‘populist’ bug, making road side populist declarations without carefully thinking of consequences. For one, the CCK is a regulator, by that definition, it should not dictate how operators go about their business, it should create an environment where operators find it advantageous to follow the laid down regulations. So instead of threatening non-renewal of operating licenses should they not share infrastructure, how about setting up some tax incentive for those who share their infrastructure with others? That way, operators will without coercion share infrastructure if they stand to benefit from the incentives.

Below I outline the reasons why I think CCK is mistaken in issuing vile threats to operators who don’t toe the infrastructure sharing line.

Technical incompatibilities

There is a general assumption that many of the technologies in the GSM market are compatible across manufacturers. This is not entirely true and a lot of work needs to go into making  various systems from different manufacturers work together. This is one hurdle that is difficult to cross. Take a scenario where one operator is using the slightly outdated RADIUS protocol for Authorization, Authentication and Accounting (AAA) while another is using the more advanced DIAMETER protocol for its AAA. In this case the radius user has to upgrade to diameter as backward compatibility of diameter to radius is a problem.

Lets even forget the more advanced issues of AAA, lets just go to basic mechanical compatibility. lets assume CCK forces operators to share Base stations.  One of the biggest issues that will arise is that when the existing owner of the base station was designing the mast, he made several assumptions such as the loading on the mast by the various antenna and cable, the mast was therefore designed to take this load without much trouble. However, here comes CCK demanding that additional load be put on the masts in the name of sharing, what happens? The structural integrity of the mast is lost and it now becomes unstable if it exceeds certain loads and wind speeds. This in turn will be a health hazard in two ways:

  1. The mast will be unstable posing a danger to neighboring structures such as residential houses as it will now carry more load than it was initially designed for.
  2. The levels of radio frequency radiation will now be higher due to additional  transmitters on that location, this calls for additional NEMA approvals and if they fail the approval test, a mast relocation has to be done to take it far from populated areas due to higher emitted radiation. Please note that this radiation might not be necessarily be a health hazard more than it interfering with other systems either directly or by production of harmonics to the nth level. I can bet CCK has never bothered about the effects of harmonic distortion and interference to communication systems. I recently shared an article of how FM radio stations can be the Achilles heel of LTE deployment if harmonic distortion from them is not checked. read it here. Forcing operators to transmit from the same location will only make such issues worse.

The radio frequency planning departments of many mobile operators are usually a bee hive of activity as engineers plan their networks to ensure that they maximize the use of scarce radio spectrum and avoid radio frequency interference (RFI). If CCK forces operators to share infrastructure without coming up with modalities of how these operators will work together to counter RFI, we will have a situation where different RF planning dept work in disharmony leading to increases cases of RFI on the GSM network which will in tun lead to poor service..

Legal and commercial issues.

You have all bought an electronic device and asked for a manufacturer warranty from the seller. This warranty however is only valid if you use the device within set guidelines otherwise you risk voiding the warranty. For example you void the warranty of a domestic washing machine if you use it in a commercial setting such as laundromat. Same thing applies to telecoms equipment. If operator XYZ has purchased equipment from a manufacturer for use in a particular way, this equipment has to be used within set guidelines and operating environments otherwise the warranty is void. As it stands many warranties in force right now will be voided the minute the operators share these equipment with competition, especially if this involves interfacing with non standard protocols or mediation tools and interfaces.

Many operators have also invested heavily in infrastructure roll-out mostly using finance tools such as loans and special purpose vehicles (SPV’s). The legal existence of SPV’s is anchored on a well defined return on investment (ROI) path which can be disrupted if CCK has its way. I cannot not claim to be a finance expert but i foresee many of these financial tools backfiring on the mobile operators should they  be forced by CCK to share assets purchased this way as their well anticipated ROI now becomes unpredictable. I welcome comments from finance experts on this matter.

Other than technical infrastructure, the CCK also requires the sharing of sales and marketing infrastructure such as vendors, resellers and agents. Building an agency network takes a lot of effort, time and money. The dedication that one operator has put into building an extensive network even where others have failed cannot go unnoticed. The agency and vendor network  and not the technology network is the key differentiator between many operators in Kenya. It will not be easy for say Safaricom to open up its agency network to competition without a legal fight. CCK has no legal mandate to force operators to share agency networks in a willing buyer willing seller market. These same agents have been approached by competition and competition has not offered enough incentive to woo them, i do not think a law would work either. Also, those who tried failed and offered valuable lessons to the rest.  When the once successful Mobicom ditched Safaricom dealership in favour of Orange in 2010, that was the last time we heard of them. The agents also know that in as much as CCK will allow their current principal (Safaricom) to allow its competition to approach them, many agents will not be willing to take them on board.

For CCK to peg license renewal on a new radical rule such as this contravenes the laws of natural justice, you cannot introduce clauses in a license that will seem to put the licensee at a commercial disadvantage especially if no possibility of future amendment was mentioned in the initial licence requirements. There are some specific grandfather clauses that the CCK cannot just wake up and remove from the original licensing requirements especially after operators have put so much in the way of investment into network and capacity building.

Also one last thing. The fact that CCK is transforming to an Authority (Communications Authority of Kenya- CAK) also means it now can also be a player in the telecoms sector especially in an equalizing capacity of setting up infrastructure and leasing to operators in a commercial setting. This change to an authority, plus the demand to operators to share infrastructure introduces Nemo iudex in causa sua on the part of CAK especially when disputes arise in matters of infrastructure sharing. It cannot be a judge or arbitrator in an area they also have an interest in.

The Importance of Local Internet eXchange Points (IXPs)

March 17, 2014 Leave a comment

IXP-network_switchImagine you work for a company on the 2nd floor of a building in Nairobi and you send an email to your neighboring company on the 3rd floor. What would be the typical path your email will take to get to the recipient? Will it just cross the floor to your neighbors mail server and eventually to his inbox? it’s not as simple as that.

The Internet works by use of a specialized routing protocol called Border Gateway Protocol (BGP). ISP’s use BGP to tell each other what networks are behind them effectively letting other ISPs know which customers and mail servers are on their networks. This action is called announcing or advertizing of routes. In simple terms each ISP effectively says to the rest “The person with the IP address x.x.x.x is on my network, if you want to reach him talk to me”. IP x.x.x.x could be a server running your email, web or any service on the internet or your PC. The other routers that receive this announcement keep a record of this info on what is known as a routing table. Each ISP has a special router on the border (hence BGP) of their network to the rest of the internet that ‘speaks’ BGP and keeps a routing table of all the routes it has learned from listening to announcements made by other ISP routers while at the same time announcing the network behind it to others.

The above system has worked very well in the US and EU where most of the internet infrastructure is located. When less developed areas like Africa started to connect to the Internet, the BGP speaking routers of African ISPs were talking to US and EU routers telling them how to reach African Networks. There seems to be no problem with this setup because African networks were largely net recipients of traffic and sent out very little. However with time, African networks started generating quite some considerable amount of traffic (like your email to your neighbor on 3rd floor). A problem arose because African ISPs were exchanging traffic in US and EU through more established tier 1 ISPs. This therefore meant that your email to your 3rd floor neighbor will leave your PC, go to your ISP network which then takes the traffic to USA or EU to a tier 1 ISP which then exchanges this traffic with another tier 1 which is connected to your neighbors ISP network, this 2nd tier 1 then hands your neighbors ISP this traffic and transmits it back to Africa to your neighbors mail server on 3rd floor. This long path taken poses several problems:

  1. Traffic whose source and destination was Nairobi, left the country to USA or EU and came back. This utilized expensive International undersea fiber optic bandwidth to and from USA or EU making email delivery an expensive affair.
  2. Due to the above, should there be an undersea fiber-optic cable cut, your email would remain undelivered for the duration of the outage. This can sometimes take days. It would be faster to take the stairs and talk to your neighbor.
  3. Other than email, some sensitive local traffic such as banking traffic ends up crossing international borders posing a legal challenge of who or what law applies to instances where that data is tampered with after its left the country. Some countries actually forbid banks from exchanging their traffic outside the country’s borders leading to investment in expensive networks that keep such sensitive traffic within the country. The cost of this investment is usually passed on to consumers.

With time, more and more traffic is being locally generated and locally consumed. Your neighbors ISP now needs to exchange traffic with your ISP in Nairobi and not in USA. They can do this through the use of a local Internet eXchange Point (IXP). Kenya currently has the Kenya Internet eXchange Point (KIXP) which was formed in response to the need for local ISP’s to exchange traffic locally. This not only made local traffic local but also meant that we could continue communicating within the country without the need of undersea cables. So in the email to your neighbor scenario, the email leaves your PC, goes to your ISP which is now exchanging traffic with your neighbor’s ISP at KIXP at Sameer ICT park on Mombasa road, your neighbors ISP then pick this traffic and delivers it to your neighbor. This is faster, cheaper and more reliable than the traditional way of exchanging traffic outside the country.

IXPs are now evolving to not only become data exchange points, but are now increasingly being used to provide content caching for BW hungry services such as videos. Imagine a popular YouTube video which has been shared on social media and all over sudden everyone in the country is clicking the link to watching it. Instead of every person who is watching it connecting to a server in USA, the video can be locally cached on Mombasa road so that other than the first two or three people who had to leave the country to get the video, the rest of the subsequent viewers would get the video from Mombasa road now and not from USA. At the moment however, KIXP is not offering content caching, this is being provided by Google directly using content cache servers in the same data center as the IXP.   Other than KIXP which is based in Nairobi, a second IXP was launched in Mombasa so that users in Mombasa wishing to exchange traffic within Mombasa do not have to come to the Nairobi IXP to do that, they can now exchange traffic locally within Mombasa. at the moment 29 ISPs and enterprise networks such as banks are exchanging traffic in Nairobi while 8 are doing so in Mombasa.

To see a full list of current IXPs worldwide and the amount of traffic they are keeping local, please click here

More importantly from a network engineering perspective, IXPs allow network operators to exchange quite a considerable amount of traffic amidst all the IPv4 address scarcity today. Many IXPs such as the one in Kenya bend rules to allow its members announce or advertize more specific networks (up to less than /24 i think) which would otherwise be filtered by BGP routers on the Internet that aim to keep smaller routing tables. This therefore means other than keeping traffic local, IXPs help its members increase its bits exchanged per IP ratio during these difficult times of IPv4 scarcity.

Harmonic Convergence? FM Interference to 700 MHz LTE Service

March 10, 2014 Leave a comment
Categories: Regulation and Law Tags: , ,

Why The Future Is In The Sky

March 6, 2014 Leave a comment

Drone.jpgAfter it’s headline acquisition of Whatsapp, Facebook is finalizing the process of acquiring Titan Aerospace a manufacturer of light weight drones. Facebook wants to use these drones to provide Internet services. By parking the drones about 20Km up in the sky, they will effectively be very low earth orbiting satellites that can beam high-speed internet services to large areas of land and sea.

In April last year, I wrote an article on how low orbit drones will revolutionize telecommunications by replacing Geo-synchronous satellites found at Clarke’s orbit. Other than reducing latency by being close to the earth, they are very cheap to deploy and maintain. To give you an Idea of how cheap they can be, Facebook bought Whatsapp for $19Billion but will buy Titan Aerospace for a paltry $60Million. On the other hand a brand new Geo-synchronous satellite will set you back by about $250Million

Why Drones?

Telecommunications technology advancements mean that telecoms equipment is now smaller and much lighter than before. This means that very powerful equipment is small and can even fit in a backpack. Vodafone recently exhibited a 2G base station that weighs 11 Kgs and could fit in a backpack that can be used to provide GSM coverage in disaster areas, 10 years ago you needed a 20 foot shipping container to host a 2G base station. With these kinds of advancements, it is now possible to use light-weight drones to provide telecommunication services.

The advantage that drones bring is that they are very easy to deploy, no need to dig up streets for several years trying to lay last mile fiber optic cables, they can also be deployed and be re-deployed with relative ease of just launching and flying it to a different position. The drones will use solar panels on their wings to power the telecommunication equipment and also power its engines. The Titan drones can stay in the sky for 5 years non-stop meaning that service reliability from them will be very good and lower running costs. See a video below of the drone model that Facebook will use to provide Internet across the world, they intend to deploy 1100 of these in the first phase.

Other than drones, high altitude weather baloons are also drawing interest from Google Inc who are currently testing internet provision in New Zealand using then. The project called “Project loon” is similar to the drone approach only that in this, baloons are used to suspend telecoms equipment 25Kn in the sky. Read more on this Google project by clicking here

What does this mean?

This project is a text-book example of a disruptive innovation. In his book titled “The Innovators Dilemma” Prof. Clayton Chistensen analyzes how companies or markets that were faced with disruptive innovation reacted and won or lost out to new innovations that were cheaper, simpler and easier. Here is a video of the Professor explaining this concept. (I recommend reading the book though)

This therefore means that the traditional mass market ISPs as we know them are about to face their biggest disruption ever. Any ISP that is to survive the future has to adapt and face skyward and not underground.

A Sad Day For The Internet

February 24, 2014 Leave a comment

netflix-comcast-partnership23rd February 2014 marked one of the saddest days since the invention of the Internet. On that day Netflix signed a deal with Comcast which will see the latter give higher preference to the formers streaming traffic on their network.

Since the invention of the Internet, it has operated as a neutral network as far as how traffic is handled is concerned. A router doing routing on the Internet did not care if the packet it was routing was from a server at MIT  or a  server hosting the content of a secondary school in my village, the two packets were treated as equals limited only by the bandwidth the two institutions have purchased to their servers and their servers processing ability. The Internet was an equal opportunity network.

Up to now, the US Federal Communications Commission (FCC) has classified ISP’s as Information Service Providers and not as Telecommunications providers and thus have not been subject to common carrier regulations. That effectively meant that the general US regulatory framework that governed the transmission of data over networks did not apply to ISPs.  However, a citizen petition to the White House called for Internet providers to be treated more like telephone companies, which would give FCC more oversight power. It collected 105,572 signatures, prompting a response from the Obama administration. Last week, FCC announced that it would write new net neutrality rules to prevent telecommunications companies from blocking, slowing or otherwise discriminating against web content. Last month, a federal appeals court threw out the FCC’s 2010 net neutrality rules after a legal challenge from Verizon. The court said the FCC has some authority to protect consumers and regulate Internet service provides but declared the 2010 rules invalid because the agency had failed to classify the Internet as a “common carrier” service like telephones that could be regulated more like a public utility.  This then set the stage for yesterdays sad event.

What does this mean to the Internets’ future?

Up to now, internet access to any website or content was limited to a very large extent by the throughput of your link to the Internet. However, from now on content owners can pay ISPs to give their traffic higher priority on their networks to the end users. This will lead to two problems.

  1. It will kill innovation. Right now ceteris paribus, an Internet start-up in Nairobi has the same opportunity to make it big as a start-up in Shenzen, Lahore, Silicon Valley, London or Johannesburg. This is because the ISPs do not care how much money these start-ups have in their bank accounts, their traffic is treated equally. With the commencement of ISPs now asking content providers to pay for their traffic to get preference on their networks, it means that only those who can afford it will get their traffic to their target audience/market. For the poorer lot, their traffic will now be sent on a ‘best effort’ basis with no guarantee of delivery.
  2. It will spur anti-competitive tendencies by big operators and content providers. Apple can spend some pocket change to buy a tier 1 carrier such as Verizon or AT&T, this way, all iTunes traffic and traffic to Apple app stores will be treated preferentially on their newly acquired network with traffic to say Google’s play store being slowed down or blocked completely. We could also have a scenario where Apple pays carriers much more money to give their traffic preference, something Google might not be willing to do because they do not make any significant revenues off their Google play app stores.
  3. On the other end of the spectrum is the end-user consumer who because the content provider is not paying the ISP for priority of their traffic will now be asked by the ISP to foot the bill. So in the example above where Google is not paying for priority of Google play store traffic, the end-user might be asked by the ISP to pay a premium for a better Google play store experience. The burden will now shift to the end-user. This will then lead to a ‘tiered’ Internet service offering by ISPs where you no longer just buy Internet pipe but you now have to choose what you want to access and pay a premium for it.

So what then happens is that the Internet will no longer be this neutral network where a user can download an app from Google app store with the same speed as from the Apple app store. The catch however is that many of the ISPs end users outside the USA deal with are tier 3/tier 4 ISPs who peer with tier 2 and tier 1. With content providers paying tier 1 ISPs for preferential treatment, me walking to my ISP in Nairobi to pay for a better experience will not work because my tier 3 ISP in Nairobi gets to the said content and traffic via a tier 1 ISPs such as Verizon and AT&T. Even though the global dependence of tier 1 peering has been reducing in the last few years, their role on the overall performance of the Internet cannot be underestimated, they still control the infrastructure on which most of the Internet runs on.

Those who are calling this a simple paid peering agreement are wrong as a peering agreement involves the exchange of traffic and preferred routes at layer 3 of the OSI model and not the speeding up or preferential treatment of traffic at layer 7 which is what this deal is about.

Internet Link Performance For Dummies

February 14, 2014 3 comments

Capacity: (noun)- : the ability to do something : a mental, emotional, or physical ability

When an ISP sells you a 10Mbps capacity link. is it 10Mbps ‘to the internet’ or is is just selling you the ability to do 10Mbps without specifying over what distance?

When a data packet travels from your computer to the Internet, it takes some time to get there depending on how long the path is, these packets of data travel at the speed of light which is 1,080,000,000 Kilometers per hour. For an Internet link via an undersea fiber optic cable from Mombasa to Europe (about 10,000 km) the packet will take about 0.1 seconds to travel from Mombasa to Europe compared to 0.6 seconds for the same packet to travel to a satellite and back via a satellite link through a satellite that is 35,000Kms away.

These data packets are usually sent in batches that are known as windows, the batch size is determined by the ability of the network equipment to buffer or store information before processing it. These network equipments include your modem and any other routers, switches along the route.

Let us take three identical  sets of equipment and we place one over a 10Mbps satellite link, the other over a 10Mbps 10,000Km fiber link and the other over a 10Mbps 1,000km fiber link. These equipment sets are configured to have identical buffer sizes of 512Kbits (default for your desktop Windows PC connected to the Internet). Due to the distances the packets will have to travel (70,000 Kms for Satellite, 10,000 Kms for fiber 1 and 1000 Km for fiber 2) the packets will take about 0.6 seconds, 0.1 seconds and 0.01 seconds to go back and forth the links respectively.

With all the three links being 10Mbps, will the three users get the same Internet experience? Lets find out.

Whereas all the three links have the same speed, they do not have the same throughput. This is because throughput is a factor of the buffer size of the equipment (Window size) and the link distance which determines the time it takes for the packet to make a round trip.  Therefore the maximum throughput experienced by the users is as below:


As seen above, even though the links have been ‘assigned’ capacities of 10Mbps, the PC connected to the satellite link manages a paltry 853Kbps, while the one on the 10,000km fiber (Mombasa to Europe) manages only 5Mbps while the short 1,000km fiber (e.g Milan to London) can attain 50Mbps which is way above what the ISP has allocated.

The above therefore means users using similar equipment and PCs in Europe will get better throughput to reach servers that are nearby than those who are far away like Mombasa. With Europe and USA hosting most of the Internet servers, it means Internet experience there is much better than for someone who is in Kenya accessing the same resources using the same equipment. This is the main reason behind the governments drive to have content hosted locally within the country and not in Europe or USA, it would tremendously improve the throughput of accessing such content if it’s locally hosted.

How does Satellite overcome the latency Challenge?

Due to the inherently low throughput over standard TCP/IP equipment used on Satellite links, Hughes Network Systems developed a standard called IPoS (IP over Satellite) which enables Satellite equipment to use much bigger window sizes and selective acknowledgement (SACK) of packets to achieve higher throughput in high latency networks. The myth that satellite is slower due to latency is therefore not entirely true as we have seen that other than latency, window size is also a key determinant of throughput of any link.

I mentioned “selective acknowledgement” in the paragraph above, what is it?
When one system sends packets across the network, TCP protocol demands that the recipient must send an acknowledgement of the packets receipt. During the sending of this message, no other data is coming through and this means the more acknowledgements sent, the more the missed opportunities to send data across the link. By minimizing the number of acknowledgements across the link, more time is available for sending data across the link and hence making the download faster. The use of selective acknowledgement (SACK) by Satellite systems has improved throughput tremendously. Below is a speed test on my Satellite link showing throughput achievable due to the use of IPoS and SACK.


Tales of Internet Access in Rural Africa

January 15, 2014 Leave a comment

We take it for granted that at the swipe of your finger on your phone, you can access the world wide web, chat with friends, send emails and download apps due to the availability of 3G and Wi-Fi internet in nearly every place we visit. We also take it for granted when that email pops into your inbox. Its how life is supposed to be. Its normal. It’s a human right.

The narrative of how Africa is leap frogging the west when it comes to mobile broadband penetration has been told and retold in various forums to the excitement of many. However, traveling to various places in Africa most of them just 100 miles from the capital cities reveal that much still needs to be done to fully connect Africa. The tales of the extent to which some people go to connect to the world wide web and send emails sound like stories straight out of an Indiana Jones movie.

Email via Shortwave radio.

Shortwave radio signals were once used for long distance transmission for radio broadcast. However, some ISPs in Uganda and Congo are providing email services to regions that are very remote or difficult to reach due to war. The nature of short wave signals make them unsuitable even for reliable voice communication and are mostly used in one way radios (Walkie Talkies). Using them to do error-free data transmission therefore becomes a challenge. However, this is sometimes the only means of communication in these regions and some ISPs have adapted it for data transmission. Due to the high error rates and slow speeds that short waves present, a single email with a 1MB attachment can take up to 4 hours to download. That might seem a pretty awful time to get one email. But considering it would take close to 5 days of traveling to get a letter to the recipient in this place, a 4 Hour wait for an email is ‘fast’.

The users also use Email to browse the Internet. They get their daily dose of news and social media by sending a mail to a particular address with the URL as the subject and they get the web page via email after some few hours. Such Services include Web2PDF that allow you to get any webpage (with images) by sending a mail to with the first line of the body containing the URL you want. This not only compresses the otherwise large and rich webpage to a smaller PDF file, but also enables its delivery over an extremely slow link as an email because a web browser would simply time out. Below is a screen shot sample page of today’s front page of the  New York Times I got using this service

PDF Version of the front page of NY Times newspaper

PDF Version of the front page of NY Times newspaper

Other services include TEK which is an email based web browser that fetches webpages as emails and has extremely long timeout periods. There are also other web to email services that can send you the text version without the images for an even smaller email. you can also interactively participate on social media all via email. Example of such as service is Flexamail

Cyber cafes

Most of us imagine a cyber cafe to be a room with several computers connected to the internet where you can walk in and pay per use.

How about one where there is only one computer and a printer operated by the owner. The owner then receives Skype/IM messages and VoIP calls and prints/writes down the message and delivers to the villagers by motorbike? This is a popular way of doing things in rural Cameroon where the villagers can communicate with their relatives in the cities. The good thing with IM messages is that they can be sent even when the recipient is offline and he then receives them for a period of time when he powers on his generator and his satellite link comes online. he will then write down the messages on pieces of paper. Some of these messages go like “This is XYZ son of ABC who lives at the third home stead from the market as you walk from the dispensary. Please tell them i will come on 31st Of this month”. And for a few coins the recipient gets the message. For those who can afford, they can even make skype/VoIP calls at these ‘cafes’. The most popular VoIP platform for these cafes is Nymgo due to its cheap calling rates.


For some rural users especially charity organizations that work here, they can afford a reliable VSAT connection to communicate with the rest of the world. These links come on when the generator is powered on or in some cases the VSAT modem and computers are solar-powered ensuring connectivity for most of the day. The customers enjoy anything from 128Kbps to 15Mbps of internet speeds. The challenge however comes during the installation or when there is a problem on site that needs on-site  support. Getting to these areas can some times take a week or more. A Congolese technician once gave me a story that closely resembles this journey here which was incidentally captured by one of my customers; an NGO called People in Need. Patience is virtue that a technician working in these regions needs as it can sometimes take days to get spare parts on site, I once casually told someone to get a replacement of a failed electronic equipment thinking its something he could get in  a few hours, it took him a 4 day journey by boat from Kisangani to Kinshasa and back on the Congo river. Here is a video of typical boat trip.

Next time you try to give yourself ulcers because your 3G or fiber link has been down or slow for the last one hour, remember these tales.

Telecoms Made in China

December 16, 2013 5 comments

shaolin_monkI bet by now you must have noticed the numerous projects in the country being carried out by the Chinese, notable of these include the construction of the standard gauge railway, the new KCB tower in upper hill, Lang’ata road dual carriage extension to Galleria mall, the Southern bypass and the recently completed Thika-Nairobi multi-lane road just to name a few.

On other non-civil engineering fronts China is also exerting its presence on the consumer electronics market especially when it comes to smart phones. Over the weekend, I came across a Huawei Ascend P6 and I was thoroughly impressed by the specs and performance. I am no smart phone fan but i can tell a good phone when i see one. ( My personal phone is an  Alcatel one touch 217D)

However, the real Chinese onslaught is behind the scenes, on the back-end of the telecoms service delivery market. Chinese vendors Huawei and ZTE are slowly taking over the telecoms sector in Kenya and Africa by extension. They have proved that they can match and even surpass established vendors such as Ericsson, Alcatel-Lucent and my former employer Nokia Siemens.

How they got their foot into the market

The story of how the Chinese managed to edge out long-established players in the market would make stuff for movies. Lack of business ethics, running operations on the edge of affordable and cheap and lack of red tape and no existent change control processes enabled the Chinese take this market.

The following are the key differentiators that gave and continue to give the Chinese the edge:

  1. Affordability and Total Cost of Ownership: With the fast changing telecoms sector, who needs a system that will last 10 years? The Chinese systems wont last long but will be around just in time for the next technology cycle. This makes them a favorite especially to bean counters. One of the biggest costs in a telecoms company is the depreciation cost of assets especially in short technology cycles. Telcos saw that their depreciation costs for expensive systems in a fast changing telecoms sector was sky rocketing and needed to be tamed. The Chinese solved this problem by offering more affordable services and equipment to telcos and with flexible payment terms. Depreciation on equipment costs are now much lower today than ever before. This has had the effect of improved books of accounts for many operators.
  2. Robust systems that are easy to change and deploy: If you owned a mobile phone around  the years 2002-2004, you will recall with a smile how you could randomly be able to make calls for free on a certain mobile operators network sometimes for close to 8 hours in a day. However all this ended when the mobile operator replaced his European supplied core billing system with one from Huawei of China. The Chinese system proved more resilient in handling a rapidly growing networks needs and that is the last time we heard of the free calls. Other than this one incident, the key difference offered by the Chinese is lower cost of deployment. If you have had the privilege of working in any mobile operator you will note a key similarity between Chinese and European projects; both are done by Chinese or Indian engineers. Yes you read that right, there are instances where Nokia Siemens and Huawei are doing two different projects at a telco and both the Nokia Siemens and Huawei engineers are Chinese. How do you tell the difference? The Huawei project has more Chinese people. When the Chinese companies deploy a solution, they not only send the solution implementation engineer, they send the solution architect, technical writer (to document project), solution developers, software engineers and some RnD people. this means that any problems that occur during solution deployment are fixed on the spot without further reference to the head office which can sometimes take weeks. customer change process management is faster due to lack of red tape and in this fast paced market, this is a critical determinant of business success. The fact that it costs four times to host a European engineer in Kenya than it is to host a Chinese or Indian one, projects that need many resources and long periods of implementation force even the European companies to look East for human resource.
  3. Lack of business ethics: The business world is one full of underhand dealings to ensure tenders are awarded, contracts are signed and money flows quickly enough. One of the biggest problems with  telco operators is employee fraud. The Chinese are well aware of this weakness and have exploited it to the maximum to gain market share. This is not just happening in telecoms but in other sectors they play in such as the alleged bribery claims on the railway project. The Chinese have been known to buy houses, top range luxury cars and fund the education of the children of some officials in the telcos so as to win tenders. One of the reasons why Vodafone appointed its Corporate Governance Director for Africa Mr. Bob Collymore as the new Safaricom CEO was to stem out deep-rooted corruption at the top echelons of the telco. Many heads rolled when he took office after it was revealed that some C-level executives were now millionaires thanks to bribes from the Chinese for project favors. To the Chinese, this is how business is done. When their Franco-American counterparts tried the same tricks, it didn’t go too well as seen here in this story.
  4. Euro Crisis and Government backing: The Euro crisis led to the slowing down of the European economy, the effect was loss of jobs in many countries in the Euro zone as companies cut costs, some of these cost cutting measures included closure or reduction of Africa based operations and centralization of many processes. This presented a great opportunity for non EU based companies such as those from China to extend their market reach deeper into Africa. This is not just true for the telecoms equipment sector but rings true in the consumer electronics area where Huawei from China, Samsung and LG  from Korea have greatly diminished market share of European firms such as Nokia. The other key ingredient is the direct government backing of Chinese companies in the diplomatic deal making circles. Top Chinese business men and executives get long-term entry Visa and are introduced at high level meetings to the top government officials including the president as seen here. Their embassy plays a big role in them securing business locally and are not left to the forces of supply and demand like their European counterparts.

image courtesy of

Categories: Mobile Telephony Tags: , , ,

The illusion of Online privacy

November 4, 2013 Leave a comment


With the world reeling from the news of NSA eavesdropping on telephone and email communication of both citizens and their leaders, many questions are being asked about the security of modern communication channels. The biggest of them is if what we have believed as secure communication was just an illusion. The dossiers released by Edward Snowden on the extent of the US government sanctioned eavesdropping of communication channels are just but the tip of the spying iceberg.

Online security facade 

There exists (or so we thought) various security measures that ensure secure communication. This is by way of encryption of the information being communicated. Encryption is not new and has existed since ancient times. One of the most notable use of encrypted communication was by Germans in the second world war, The allied victory in 2nd world war against the Germans was hinged on their ability to de-crypt German communication which revealed their war strategies leading to their eventual defeat. Secure communications (or lack of it) can build or destroy civilization.

Today, many algorithms exist to encrypt data and voice over communication channels. Many of these are created using complex mathematical computations such as Algebraic Number Theory (ANT) to secure data over communication channels. However the fact still remains that all these methods were created by humans and if enough effort is put, can be decrypted. Advancement in mathematics also means that encryption systems that were previously secure due to mathematicians inability to solve some mathematical theorems are now becoming less secure as solutions to these are being found. A recent article suggests that due to inching closer to developing a more efficient way of solving the ‘discrete logarithm problem’, both RSA and Diffie-Hellman key exchange that relied on there being no efficient algorithm to solve the discrete logarithm problem might be defunct in 5 years as there will be solutions to that problem by then. 3 years ago, a Chinese mathematician cracked the Triple DES encryption by solving a previously unsolved mathematical theorem.

The above plus the fact that these Keys are generated on systems accessible by humans with motives, means that data encryption is 99% trust and 1% mathematics. The motives of NSA means that they can decrypt any communication on the Internet today should it be of interest to them.

Deep Packet Inspection

The availability of devices from manufacturers such as Allot and Bluecoat and Nokia Systems and Networks that can perform Deep Packet Inspection of traffic means that IP packet signatures can be read to ascertain exactly what a user is doing or saying online. These devices are being used by ISP’s worldwide and posses in them powerful mechanisms to sniff deep into a users communication stream. Just to show how deep this can go, there exists devices today that can not just sniff and know you are accessing, they can also detect and read your status update and block/modify it if need be. The systems are also able to build create log of your online activity. These systems are being used by ISPs here in Kenya today. Local ISP’s main use of these devices is mostly for bandwidth management and quality of service delivery, however, this is just but one of the many capabilities of these units as they can do much more than assign subscribers bandwidth.

Is Quantum Cryptography the answer?

I think so.

End-to-end quantum cryptography could be our answer to the currently non-existent privacy in our communication systems.

Our capacity to decrypt encrypted communication is based on our ability to observe a channel and see patterns which when matched with certain keys, can be decrypted legally or illegally. The key thing in this is our ability to observe. What if there exists an encryption system that by the mere fact that you observe it, it changes its state so that what you saw one second ago wont be the same thing you see now if you re-looked at exactly the same thing, the mere fact of observation changes its state. This was initially postulated by Erwin Schrödinger in his Schrödinger’s Cat theorem. In this he says that a cat can be both dead or alive depending on some random event in the recent past. He says that a cat that has just been poisoned by say a radioactive element will be dead because we chose to observe it and saw it dead, if we hadn’t observed it, then we are uncertain about its state. Read about this theory here.

Unlike the current cryptology techniques that depend on mathematics, quantum cryptology depends on Physics. The foundation of quantum physics is the unpredictability factor. This unpredictability is pretty much defined by Heisenberg’s Uncertainty Principle. This principle says, essentially, that it’s impossible to know both an object’s position and velocity — at the same time. It is this principle that can be harnessed to come up with secure communication.

In layman terms, quantum encryption works on the principle of Quantum entanglement brought forward by Einstein, Podolsky and Rosen in their 1935 paper. What they said is that if two quantum particles such as photons interact closely, they will start influencing each others behavior even if they are separated by long distances, if you take a photon close to another, they become entangled and the behavior of one modifies the behavior of the other even if one was in North Pole and the other in South Pole, (This entanglement was first coined by Schrödinger).  Using this, photons can carry encryption keys or be used to generate keys for transmission keys across communication channels with one photon left behind influencing the other wherever it goes. If an observer along the way tries to measure the photon properties such as spin and polarity, the photons spin and polarities change because of attempted measurement. (The act of measuring beings this photon to close proximity of other particles that influenced it). However, when it arrives at the destination, the original photon can influence the traveled photon to its original state. There you have it! encryption that changes by the mere fact of observation :-)

NB: Some MIT researchers claimed to have been able to hack a quantum encrypted channel, they have however not been able to replicate their results.

Unlike current cryptographic techniques that were developed in government (read USA) and university research labs, many of the new quantum cryptology techniques are being developed by private corporations which in my opinion makes them more secure and less prone to government sanctioned decryption in the “interest of national Security”.


Get every new post delivered to your Inbox.

Join 85 other followers