Floating networks

By bgpwifi posted Jan 18, 2018 10:59 AM


Deploying and managing a network infrastructure is a challenge that requires a good plan, trained personnel and some care & feeding. This helps to sustain normal daily operations, change management, and faults after the deployment.

When the network is far away and difficult to reach some of these aspects that are taken for granted become critical.

The network of a cruise ship has some unique features compared to a regular campus network.


In a cruise ship, space is an expensive commodity. Any square meter not used for guests costs money and every part of the ship is detailed in the design. 
Technical rooms must accommodate a large number of devices in a smaller spaces while providing cooling and enough airflow. Unlike a regular network closet, you can’t increase the amount of space available to support more devices.

From the wired network side this means all switches have 48 ports and provide PoE to devices. All ports are used on most devices so cable management must be very neat.

Time and schedule

Deployment time of the network is a key factor of the project. The time window to install the devices is very small. Everything is prepared in advance to minimize any unforeseen changes. See my previous post about mac-auth with ClearPass for more details about how access port are managed saving time and reducing errors. Pre-configuration like this ensures that installation teams use their time to focus on the important installation and not on configuring services.

Redundancy and spare parts

Redundancy often means over-provisioning devices to survive a fault. In a campus network sometimes the best option is to install an additional switch in a stack to provide free ports to use in case of fault of one stack member.

When space is a big constraint free ports are not an option. On a cruise ship, most devices are fully utilized with no room for spares.

Spare parts are available on board but some additional factor must be considered when there are no trained personnel available on-site.

For example, to replace a switch in a stack the new one must run the correct software release to be able to join the existing stack. In most cases, the switch must be configured to join the stack and enable stack ports. All these configurations must be pre provisioned on spare parts to allow them to be used when needed.

Other devices like phones, CCTV cameras, and access points must be managed the same way. Using static IP addressed may not be an option. Devices should be able to connect to the network, get an IP, be placed in the correct VLAN and be ready for production with only minimal manual intervention.

This again is not what happens on most campus networks but it's critical when the network is floating in the middle of the ocean and broken parts must be replaced.


Cruise ships guests are not hackers. They just want to have a good time and use all the services provided. Security can't be underestimated nonetheless.

From the security point of view, ClearPass is used to avoid connections to wrong VLANs but it may not be enough. Guests may connect anything to the network so it is important to protect protocols like STP and LLDP. Everything else is filtered coming from access ports and using Loop Protect.


Today the guest of any hotel expects full WiFi coverage in all the common areas and rooms. As any wireless engineer already knows, RF signal and metal surfaces are not best friends. What about a ship that is made of steel? Signal reflection has a big impact in this deployment and requires some testing to find the best setting to provide coverage and performance.

Aruba 303H APs allowed our installation teams to connect smart TVs and phones in the guest rooms using the built-in three local Gigabit Ethernet ports.

One of the most appreciated tools to manage a guest WiFi network is Aruba AirWave with Clarity module that gives visibility of the end-user experience.
The key point is to understand if users have any difficulty to access, the Failure Rate in Clarity dashboard is an important KPI to monitor. Failure Rate can give you insight into where problem areas might arise and allow rapid resolution of user issues before they become problems.


One of the most important tools to manage a network that is not easy to reach physically is documentation. If something bad happens personnel on board need to receive detailed instructions to provide support. It's easy to imagine how hard it can be to ask someone to disconnect two power cables to reset a switch when it is one of eight members of a stack, a total of sixteen cables in a very crowded rack!

That is the reason why during the deployment phase every device and cable is labeled and every installation includes pictures and detailed documentation. ANSI-TIA-606-B can be a good starting point to create an internal labeling standard for cables that fits the requirements. 

Wrap up

A floating network is a challenge but with careful planning and attention to detail it is possible to provide an high quality service without worrying too much about the waves.