African ISP Engineering

The ISP Debone Series

One technology per week. Five technologies. One coherent system. By Friday, you are pilot in command of infrastructure that powers the best ISPs in Africa.

Start with BIND9 arrow_forward Explore Series
The Premise

Building the Best ISP in Africa

You left the ISP world in 2010 as a senior network engineer. You have been around the world. You are back as CTO of Sprint Group — AS328939 Uganda, AS329647 Tanzania, five Points of Presence, two countries, and a third on the way.

This is not a certification course. This is not a survey. This is an engineer returning to his field with twenty years of additional context and the intention to build something that has never existed at this level in East Africa.

One technology per week. Fully deboned. Every file explained. Every decision justified. By the end of each book you are not familiar with the subject — you are pilot in command of it.

Five Technologies

The Complete Series

Book 01
BIND9
Naming the Internet
✓ Complete

Every file in /etc/bind/ — what it is, what it does, why it exists. The three roles BIND can play. Cache poisoning, DNSSEC from first principles. Small ISP and national ISP config. Docker deployment.

Payload: You sign your zones, close your resolvers, and your DNS infrastructure is harder to attack than most enterprise networks.
Read Now arrow_forward
Book 02
Nginx
The Front Door
◆ Planned

Every file in /etc/nginx/. The mental model: not a web server — a traffic router. Reverse proxy, load balancer, TLS termination, rate limiter. The front door to every subscriber-facing service.

Payload: You control the entire web-facing surface of your infrastructure. Nothing is exposed that you did not choose to expose.
Coming Soon
Book 03
FreeRADIUS
The Heartbeat
◆ Planned

Every file in /etc/freeradius/. AAA — Authentication, Authorization, Accounting. The protocol that decides who gets on your network and what they can do. Without this you are a hotspot. With this you are an ISP.

Payload: Every subscriber is authenticated against your database. Every session is logged. You have the data to bill, troubleshoot, and comply.
Coming Soon
Book 04
PostgreSQL
The Memory
◆ Planned

Every concept from first principles. The connective tissue that makes everything else a coherent system. FreeRADIUS stores here. Nginx logs feed here. Your NOC dashboard queries here.

Payload: One query away from knowing anything that has ever happened on your network. Subscriber sessions, billing data — all queryable, all yours.
Coming Soon
Book 05
Asterisk
The Intelligence Layer
◆ Planned

Every file in /etc/asterisk/. SIP from first principles. The dormant intelligence layer in every commercial building in East Africa. Bio locks. IP cameras. Intercoms. All speak SIP.

Payload: A deployable customer container that activates an existing installed base. A go-to-market for a completely new service category.
Coming Soon
The Architecture

Five Technologies. One System.

BIND9
Infrastructure has a name
Nginx
Infrastructure has a door
FreeRADIUS
Subscribers authenticated
PostgreSQL
Everything recorded
Asterisk
Network becomes platform
About the Author

Built by Someone Who Built BGP

David Emiru Egwell is a network engineer with twenty years in infrastructure. BGP deployment at MTN Uganda in 2006. Infrastructure architecture in Tullow Oil fields. Senior network roles across East Africa. Now CTO at Sprint Group, building the fastest-growing ISP network in the region.

This is not theoretical. Every configuration in these books runs in production. Every decision is grounded in operational reality. Every example is from infrastructure you can visit.

CTO, Sprint Group
Uganda · Tanzania · East Africa