During an NSF inspection, this network setup was declared an NSF "best practice" in 2010. This is meant as a guide to get you started, but individual ships' networks can vary, so ... your milage may vary. Undertake this modification at your own risk.
The basic idea here is to take advantage of Border Gateway Protocol (BGP) (the routing protocol that makes the Internet work) to concurrently keep track of two routing paths to/from the ship. Using normal HiSeasNet, as well as GRE tunnel through the FleetBroadband (FBB), one can set up HiSeasNet-over-FleetBroadband (HSN-over-FBB) . With two paths two/from the same two routers (your ship's and one of the HiSeasNet routers), BGP can keep track of which links are available, IP space is preserved, and downloads, etc, only suffer a brief interruption when toggling between the two, rather than dying and having to be restarted. Since IP space is preserved, and your packets land at the HSN router, your accelerator invisibly works on both links, too.
There will be some values you have to know that are relevant to each ship's setup. In this example, mostly generic values were chosen. These are:
tunnel IP subnet
HSN tunnel IP addr
ship tunnel IP addr
router NIC to use for FBB
188.8.131.52 – this will be one of the two values below
Login to your router and find out the MAC address of the NIC you will use to talk to your FBB.
So, in this example, the MAC address we care about is
Configure your FBB to accept this MAC address
If your FBB box hasn't been configured much, you can probably get started http://192.168.0.1/
Once logged into the FBB UI, goto
Settings -> LAN -> Network User Groups, and create/edit your first User Group (mapped to User "A") to be in Bridged Mode. If you are using this , e.g. Ship's Business, with the following values...
Settings -> LAN -> Network Classification, create an entry, like so:
Whatever IP address this is, you will have to ask Al Suchy or Inmarsat to allow GRE traffic from 184.108.40.206 or 220.127.116.11 to this address. Until you're told that this is ready, and your FBB box has been rebooted, the following example will not work.
Now, configure your router
Note that we make the router's FBB interface a DHCP client. This is so that the FBB can serve up it real-world "Bridged" IP address to the router – this is required for the GRE tunnel to work.
There's a lot of MTU voodoo in the FBB tunnel setup below, as well as some in the FBB interface setup above. Read the FleetBroadband Best Practices (also at http://www.inmarsat.com/wp-content/uploads/2013/10/Inmarsat_FleetBroadband_Best_Practices_Manual.pdf) if you're really curious as to why. FBB, to date, has not explained the technical reasons behind the 1360 MTU, but testing reveals that one should heed it.
We must then force the HiSeasNet router's public-facing IP address to only be reached through the FBB interface.
We then fiddle with the BGP process on the router...
First, we adjust the timing so that HSN fails over to HSN-over-FBB within 20s.
You should have something like this in your router already (to make normal HSN work), but will have to add the
We then basically copy-and-paste the same info, but adjust IP addresses and weights. Less weight means "less preferred", so if HSN and HSN-over-FBB are available, HSN will win with a weight of 30,000 (versus HSN-over-FBB's weight of 25,000).
Finally, to take advantage of rate-limiting FBB's most prominent traffic (and not run up a huge FBB bill), create an access list like so, using your ship's IP space in lieu of "
Once this is setup, and HSN and FBB are both up and active, you should be able to see two different default routes (routes to
At this point, your router's ready to toggle between the links. Try `
show ip route` to see which way you're routing, then turn off HSN, and watch HSN-over-FBB kick in.
A status page (see Report what route you're router is using to your shipboard users, via PHP) to alert your shipboard users as to what's going on is nice too.