I have finished my cruise now, which was mostly holiday, but also some work. I did some training for my mates (mainly in C coding) and we did various coding as well (there were a few sea days). But now I am back I am making up the next version of my “internet in a box” that I take on cruises like this. I’m doing it now whilst I remember the last cruise is detail, even though my next cruise is some way off.
OK, that is not it – we have one of those, and it would be really cool if I could fit the bits in that box, but at present is is a tad larger … More like this …
So, what’s in the box?
- Aruba 2900
- 2x Aruba AP – H
- 3x PoE injectors
- 1x 4 way power strip
- Magic tape to hold it all in place
- FireBrick FB
This is obviously somewhat overkill, so worth some explanation …
FireBrick FB 08229
The FireBrick is a “swiss army knife” or network contraptions. It does a lot. When you are trying to use internet on a ship you have a challenging, even hostile, environment. There are blocked ports and protocols, 823 ms round trip latency (or randomly much more), packet loss at various levels, strange MTU issues, and seriously messing with TCP packets (acceleration). This can all change on the fly as you travel (the Panama trip was especially complicated).
To be clear, this is not stealing internet service – it is expensive and we pay for the premium, unlimited, steaming package for multiple devices.
Whenever I take a FireBrick on a cruise we find new ways to improve it. This can be changes to handle high latency, or new features to handle some of the limitations. Even simple higher level protocols can struggle with the very high latency and low level packet loss. A lot of new features are the result of testing in this harsh environment and have benefitted the FireBrick code. Not sure I can expense my cruises as R&D just yet though, shame.
So, this alone, is one of the reasons for the crazy set up. The FireBrick can do various VPNs, UDP over faked TCP, TCP relaying, all sorts.
The main objective is to connect to the ship internet (WiFi) and provide internet to laptop or apple TV. For the apple TV to work in any expected way without regional blocks, it needs a working UK IP address in some way, and the FireBrick can do that.
The FireBrick can also monitor the connection in various ways and fall back, even to simple NAT over the ship’s WiFi as last resort, and report status on an LED to make it clear. If ever I fit this in one of those black boxes, the LED will not just blink red: -)
Aruba 2019
This is a rather nice WiFi client. It connects to the WiFi and can do MAC cloning, where it will associate using the same MAC address the FireBrick is using. We found that the WiFi on ship filters other MAC addresses, and even locks down the connection after a little while if it sees more than one MAC. We were changing MACs every day until we managed to lock it down to no see any others.
Aruba AP – H
Having connected to the Internet, and set up a VPN, we then provide internet over WiFi. It can be done with cables, but WiFi is fine and not as messy or such a trip hazzard. Previously I took a larger ceiling mount AP, but that gets hot, especially if not ceiling mounted. So this time I have smaller, and lower power, AP – 303 H units. I also have two, one facing each way, so the box can go in the corridor. Ships have big metal walls which make WiFi tricky. Even so, I am taking some 90 m ethernet cables to allow me to place the APs to cover the whole cabin if necessary.
We actually had to set a hidden SSID, as we found that in at least one port we were seeing de-auth attacks. Interestingly this was not happening once we changed to hidden SSID. Even with the metal walls, we often see people running personal hotspots when in port, so it may be an attempt to stop that (AFAIK not legal to de-auth people like that, but who knows on a ship). PoE injectors
This is another change from previous cruise – the last couple of times I took a nice 8 port Aruba PoE switch, which is quite big and has a big chunky power supply. This time I have three small PoE injectors which take a lot less space overall. There are some multiple port in-line PoE injectors which may be a good alternative to consider, but even with just one such unit I still need a power strip to power it and the FireBrick.
The AP – H includes a switch , so if I need more Ethernet ports, they can provide them, so the bigger switch was not needed.
Power strip
The three PoE injectors and FireBrick mean a 4 way power strip – though I am considering making a lead with daisy chained C 90 plugs and a C8 all on one lead perhaps. However, the 4 way strip fits fine. One option may be an IEC socket in the side of the Peli case so it can be closed. It looks like the whole lot is not generating enough heat for that to be an issue, but something to test.
Spare space
The whole box, even with all those bits taped in to place, has a lot of space. In fact I can pack my laptop, charger, mouse, mat, Apple TV, spare cables, phone charger, and so on, all in the one case. This means all of the tech in one small Peli case which then just sits in the corridor to provide “internet in a box”.
Yes, it is overkill, but it is what I call “fun”, honest.
Read More 1200
GIPHY App Key not set. Please check settings