The Book of GNS3: Build Virtual Network Labs Using Cisco, Juniper, and More

The Book of GNS3: Build Virtual Network Labs Using Cisco, Juniper, and More

Table of Contents

Foreword

Acknowledgments

Introduction

Who This Book Is For

What’s in This Book

My Approach

Book Overview

1. Introducing GNS3

Why Use GNS3?

Emulated Hardware

Simulated Operating Systems

Scalability with the GNS3 Server

Virtual Connectivity

Open Source Integration

The Dynamips Hypervisor

QEMU and VirtualBox

A Few Limitations

Some Assembly Required

Limited Emulation

Hamstrung Network Performance

Final Thoughts

2. Installing a Basic GNS3 System

General Requirements

Installing on Microsoft Windows

Installing on OS X

Installing on Ubuntu Linux

Installing GNS3 from Packages

Installing GNS3 from Source Code

GNS3 Appliances

A Few Pros and Cons

GNS3 WorkBench

Installing GNS3 WorkBench

Final Thoughts

3. Configuration

Acquiring an IOS Image

Setting Up Your First IOS Router

Configuring Dynamips

Adding IOS Images to GNS3

Setting a Manual Idle-PC Value

Final Thoughts

4. Creating and Managing Projects

Project Management Overview

Terminology

Screen Layout

Using the GNS3 Toolbar

First Toolbar Group

Second Toolbar Group

Third Toolbar Group

Fourth Toolbar Group

Using the Devices Toolbar

Creating Your First Project

Working with Routers

Creating Links Between Your Routers

Configuring Virtual Hardware

Starting, Stopping, and Pausing Routers

Logging On to Routers

Ethernet Switch Nodes

Changing Symbols and Organizing Your Devices

Final Thoughts

5. Integrating Hosts and Using Wireshark

Virtual PC Simulator

Installing VPCS

VPCS Commands

VPCS IP Addressing

VirtualBox

Installing on Windows

Installing on OS X

Installing on Linux

Importing Appliances

VirtualBox Preferences

VirtualBox Virtual Machine Settings

Using VirtualBox Hosts in a Project

Linking VirtualBox Host Nodes to Other Devices

Simple VirtualBox Project Using a Linux Virtual Machine

Wireshark

Installing on Windows

Installing on OS X

Installing on Linux

Capturing Packets in GNS3

Final Thoughts

6. Juniper Olive and VSRX Firefly

Installing QEMU on Windows and OS X

Installing QEMU on Linux

Introducing Juniper

Installing Juniper

Process Overview

Acquiring FreeBSD

Acquiring Juniper Olive Software

Creating a Juniper Olive CD Image File

Creating an ISO in Windows

Creating an ISO in OS X

Creating an ISO in Linux

Installing and Configuring FreeBSD Using QEMU

Preparing Your Build Directory

Installing a Junos-Friendly FreeBSD System

Installing the Juniper Olive Package in FreeBSD

Getting Your Olive Up and Running

Backing Up Juniper Olive

Configuring a Juniper Router in GNS3

Adding the Juniper Virtual Machine to GNS3

Adding Ethernet Interfaces

Testing a Juniper Router

Running Juniper vSRX Firefly

Creating a Firefly Virtual Machine with VirtualBox

Giving Your Virtual Machine More Processors

Adding vSRX Firefly to GNS3

Creating a Project with a Zone-Based Firewall

Final Thoughts

7. Device Nodes, Live Switches, and the Internet

Built-in Device Nodes

Node Configurator

Ethernet Hub

EtherSwitch Router

Frame Relay Switch

Simple Frame Relay Hub and Spoke Configuration

Creating a Frame Relay Switch Using IOS

ATM Switch

Cloud Nodes

Connecting GNS3 Devices to Physical Hardware

Dynamips Permissions

Preparing Your PC for a Bridge

Using a Loopback Adapter on Windows

TUN/TAP Drivers on OS X

TUN/TAP Drivers on Ubuntu Linux

Connecting to Live Switches

Configuring a Standard 802.1Q Trunk

Creating the Elusive Breakout Switch

Optional Breakout Switch Configuration

Using Multiple Adapters in Your PC

Connecting GNS3 Devices to the Internet

Configuring Windows

Configuring Unix-Based Systems

Creating a Simple Network

Final Thoughts

8. Cisco ASA, IDS/IPS, and IOS-XRv

Cisco Configuration Professional

Project Configuration

CCP Installation

Running CCP

Cisco ASA Firewall

Acquiring an Image

Prepping the ASA Image for GNS3

Configuring GNS3 for ASA

Testing an ASA in GNS3

ASDM Installation

Cisco IDS/IPS

Acquiring an IDS/IPS Image

Creating a QEMU-Ready IDS/IPS System

Hijacking the Hardware

Testing IDS/IPS (or Patience Is a Virtue)

Configuring GNS3 for IDS/IPS

Verifying IDS/IPS in GNS3

Cisco IOS-XRv

Configuring GNS3 for IOS-XRv

Creating a Simple IOS-XR Project

Final Thoughts

9. Cisco IOS On UNIX and NX-OSv

Cisco IOU

What IOU Means to GNS3

Switching, Switching, and More Switching!

IOU Images

Things to Know Before Installing IOU

Setting Up IOU on a Linux PC

Installing IOU

Creating a License File

Configuring GNS3

Using the GNS3 IOU Virtual Machine on Windows and OS X

Importing the GNS3 IOU Virtual Machine into VirtualBox

Uploading IOU Image Files

Configuring GNS3 for IOU

IOU in Action

NX-OSv

Importing NX-OSv into VirtualBox

Configuring GNS3 for NX-OSv

NX-OSv in Action

Final Thoughts

10. Cool Things To Do on a Rainy Day

Managing Devices from an Access Server

Installing the Virtual Interface

Preparing the GNS3 Server

Creating a Virtual Access Server in GNS3

Configuring a Cisco IP Hostname Table

Seeing the Virtual Access Server in Action

Deploying Configurations to Real Hardware

Exporting GNS3 Configurations to Cisco Routers

Importing Cisco Router Configurations into GNS3

Copying GNS3 Projects Between Platforms

IOS-Only Projects

Projects with IOU Devices

Projects with VirtualBox Devices

Exploring the GNS3 Console

Creating Projects Using Multiple PCs

A Dynamips Client/Server Setup

Creating a GNS3 Uberlab

Nerdy Labs for Fun and Profit

Preparing for Cisco Exams

Securing Your Networks

Practicing Real-World Scenarios

Final Thoughts

A. Help! I’ve Fallen and I can’t Get Up

Identifying the Problem

Sudden Problems

Stopping Dynamips Crashes

When IOS Images Fail to Load

Resolving IOS Memory Errors

Resolving NIO Errors

Correcting Console Problems

Feature Problems

Configuration Issues

Using Unsupported IOS Images

The Nuclear Option

Overburdened Hardware

Resolving Port Number Conflicts

Troubleshooting an ASA

Conserving Resources

Select Devices Carefully

Optimize Idle-PC Values

Backing Up Your Projects

Welcome to the Jungle

Final Thoughts

B. Cisco Hardware Compatible with GNS3

Supported Cisco Hardware

IOS Compatibility

C. NM-16ESW and IOU L2 Limitations

Unsupported NM-16ESW Features

Unsupported Features in Cisco IOU L2 Images

Glossary

Resources

About the Author

Index

The Book of GNS3: Build Virtual Network Labs Using Cisco, Juniper, and More

Jason C. Neumann

Published by No Starch Press

Foreword

Networks are everywhere. They connect all kinds of businesses, from local bookshops to huge corporations to universities, across multiple cities and continents. Networks are conceptually simple to understand, yet they are becoming more and more complex, with innovation in areas such as Software Defined Networks (SDN), the Internet of Things (IoT), and other technologies just around the corner.

To understand, design, and manage today’s complex networks, network professionals must not only master the theory but also practice and validate concepts in these ever-changing environments. This is where GNS3 comes in: it gives users immense flexibility to build their own networking labs, allowing them to experiment with new network features, capture packets to dissect protocols, and verify configurations for later deployment on real devices. All of this is done without the need to invest in expensive hardware. GNS3 is a powerful and adaptable tool, evolving to now integrate multiple vendors and iterating to meet the growing needs of network professionals. But how do you master GNS3 itself and where do you start?

In The Book of GNS3, Jason covers everything that network engineers, administrators, and people studying for certifications need to get started, from walking you through installing and configuring GNS3 to creating and managing your projects. Jason digs deep while showcasing the true breadth of the software, covering topics like how to capture network packets, how to connect to real networks and live switches, and how to include advanced systems such as Juniper’s vSRX Firefly and Cisco’s IOS-XRv in your labs. He spends significant time explaining concepts and giving tips that will make you an expert user in no time.

Jason’s book is ideal to harness GNS3 and make the most out of your network labs. Whether you are a beginner in the networking space or a seasoned professional, I can guarantee that you will walk away learning something new.

Jeremy Grossmann

Co-founder of GNS3 May 2015

Acknowledgments

It’s been said that it takes a village to raise a child, and GNS3 is everyone’s baby. I’d like to thank all the people who have helped to create and promote GNS3 and make it the awesome software tool that it is. You’re all great!

Special thanks to:

My wife, Sharon, for her patience and for allowing me to be a GNS3 übergeek

Jeremy Grossmann, our benevolent GNS3 dictator

Christophe Follot, the creator of Dynamips, the man who started it all

Julien Duponchelle, the silent code master

Stephen Guppy, who answers more email in a day than I do in a year

Mark Blackwell, GNS3 evangelist extraordinaire

Flávio J. Saraiva, Dynamips guru

Chris Welch, the creator of GNS3 Workbench and Jungle crowd control

Radovan Brezula, who can make any network OS run in GNS3

Daniel Lintott—we can convert that project, but let’s use Debian!

Rene Molenaar of gns3vault.com, u bent groot. Dank u veel!

Chris Bryant of the Bryant Advantage, Bulldogs unite!

Jeremy Cioara, Cisco God extraordinaire (grip #1)

Keith Barker, Cisco God extraordinaire (grip #2)

Andrew Coleman, GNS3 Super Moderator, get some sleep!

The GNS3 Crowd Funders—you know who you are!

I’d also like to extend special thanks to everyone at No Starch Press for all their help with creating The Book of GNS3. In particular, I’d like to thank:

Jennifer Griffith-Delgado—you’re the best!

Serena Yang—you’ve been very patient with me, and you’re awesome!

Bill Pollock, the NSP overlord

Because I’m a schmuck, I’m sure that I’ve forgotten loads of important people, but rest assured that I appreciate you too! Let me now say to all you unnamed souls out there: thank you!

Introduction

I started using GNS3 early in its development and took to it like a duck to water. From the beginning I could see it was going to be an invaluable networking tool. I’ve used it to get hands-on experience with operating systems such as Cisco IOS, Junos OS, and Arista, as well as to pass quite a few network certification exams. To this day, I use it on a regular basis to test router configurations before deploying real equipment to the field. The Book of GNS3 is my way of sharing this great resource with other networking professionals, like you.

Who This Book Is For

This book is for anyone involved with networking routers, switches, or firewalls. Whether you use Cisco, Juniper, Arista, Vyatta, or some other network operating system, GNS3 is a great alternative to building physical labs. Unlike labs that use physical equipment, GNS3 virtual labs let you create and save unlimited network configurations, without having to tear apart an existing lab. This book covers all the details to get your projects up and running fast.

What’s in This Book

The Book of GNS3 guides you through installing, configuring, and running GNS3 on Windows, OS X, and Linux, and it shows you some geeky and fun tricks along the way. Whether you’re just getting started or have used GNS3 before, I think you’ll find a new appreciation for how much is possible when you have the right tool. I don’t cover TCP/IP networking fundamentals, but I do provide plenty of examples of how to configure GNS3 devices.

My Approach

The most effective way of learning is by doing. That’s why I use a tutorial-based approach to creating fully functional multivendor labs using GNS3. The tutorials explain how to build and configure labs using the virtual devices introduced in the chapters. I provide examples of configuring Cisco IOS, Junos OS, and Juniper vSRX Firefly, and more. You don’t need to be an expert with network operating systems because I’ll guide you step-by-step through the configurations. You could spend days, or even weeks, searching the Web to figure out how to configure features such as connecting to live switches, creating a virtual access server, or connecting your virtual labs to the Internet. But there’s no need to do that after you read The Book of GNS3.

Book Overview

The Book of GNS3 guides you through the installation and use of GNS3, and each chapter introduces new concepts that build on skills from previous ones. You’ll learn how to create and manage simple to complex projects, using only a single computer or sharing the load across multiple computers.

Chapter 1, covers what GNS3 is and how it works, provides an overview of GNS3, and discusses the benefits of virtual networks.

Chapter 2, discusses installing GNS3 on Windows, OS X, and Linux, and it explains the benefits of using virtual appliances to run GNS3 as an alternative to installing it directly on your PC.

Chapter 3, looks at installing a Cisco IOS image and setting up your first virtual router using Dynamips. You’ll also learn the importance of setting an Idle-PC value for Dynamips routers.

Chapter 4, teaches you to configure a virtual router. After that, you’ll look at all the toolbar options and create a simple two-router network.

Chapter 5, shows you how to install VPCS and use it to add simple PC-like hosts to your projects. You’ll learn how to add full-blown virtual PCs using VirtualBox and create a lab using a virtual Cisco IOS router and a VirtualBox Linux PC. You’ll then learn about capturing packets using Wireshark.

Chapter 6, explains how to install QEMU and use it to create your own virtual Juniper router. You’ll create a network using Juniper and Cisco, learn how install Juniper vSRX Firefly, and configure a basic vSRX firewall.

Chapter 7, demonstrates the built-in device nodes in GNS3 and explains how they can be used to conserve resources on your PC. You’ll also learn how to connect your GNS3 projects to live switches and the Internet.

Chapter 8, takes you from setting up GNS3 devices to configuring them. You’ll create a Cisco ASA firewall and an IDS/IPS and create a network lab using Cisco IOS-XRv.

Chapter 9, continues the theme of device creation. You’ll learn how to install Cisco IOS on Unix and create a virtual NX OS switch using NX-OSv.

Chapter 10, presents some fun things you can do with your new GNS3 knowledge, such as creating a simulated access server to managing your devices and deploying GNS3 virtual device configurations to real Cisco routers.

Appendix A, discusses some common problems that you may encounter in GNS3 and provides solutions to correct them.

Appendix B, lists Cisco routers that are compatible with GNS3 and what Cisco IOS image files work best.

Appendix C, provides information about IOS on Unix and NM-16ESW Cisco switches that are used in GNS3.

Now, get ready to dive into GNS3. Before embarking on this journey, be sure to kiss your family goodbye because once you get started, you won’t be able to stop!

Chapter 1. Introducing GNS3

GNS3 is a cross-platform graphical network simulator that runs on Windows, OS X, and Linux, and it’s the collaborative effort of some super-talented, industrial-strength nerds—folks such as Christophe Fillot, Jeremy Grossmann, and Julien Duponchelle, just to name a few. Fillot is the creator of the MIPS processor emulation program (Dynamips) that allows you to run Cisco’s router operating system, and Grossmann is the creator of GNS3. He took Dynamips and integrated it, along with other open source software, into an easy-to-use graphical user interface. Duponchelle assists with coding GNS3, and his contributions have helped to advance the software.

GNS3 lets you design and test virtual networks on your PC, including (but not limited to) Cisco IOS, Juniper, MikroTik, Arista, and Vyatta networks, and it’s commonly used by students who need hands-on experience with Cisco IOS routing and switching while studying for the Cisco Certified Network Associate (CCNA) and Cisco Certified Network Professional (CCNP) exams. But that merely scratches the surface of what GNS3 can do. In this chapter, I discuss what GNS3 is, as well as the benefits and limitations of the software.

Why Use GNS3?

Before the wonders of virtualization, network engineers, administrators, and students had to build labs with physical hardware or rent time on a rack. Both options can be expensive and inconvenient, and they limit the network designs available to you. Software simulation programs such as RouterSim and Boson NetSim have been around for a long time, too, but these limited applications merely simulate the commands of Cisco IOS. Cisco Education does offer cheaper virtualized rack rental, based on Cisco IOS on Unix (IOU), but it allows you to practice on only specific precon-figured network configurations. It also requires that you have an active Internet connection to access the labs. Cisco also offers a product named Virtual Internet Routing Lab (VIRL) that’s similar to GNS3, but it requires an annual fee, limits the number of objects you can use in your labs, and uses only simulated Cisco operating systems.

GNS3, on the other hand, allows you to customize your network labs to exactly meet your needs, create unlimited projects using Cisco and non-Cisco technology, add unlimited objects to your projects, and access those projects anytime, regardless of Internet connectivity. GNS3 provides maximum flexibility for your designs through a combination of emulated hardware devices that run real network operating systems such as Cisco IOS, simulated operating systems such as NX-OSv, and the ability to share resources across multiple computers.

Emulated Hardware

GNS3’s graphical interface allows you to create virtualized network labs with a variety of routers, switches, and PCs, but it really shines when it’s paired with Cisco IOS. Unlike similar applications, GNS3 doesn’t merely mimic Cisco IOS commands or features. Instead, it uses a backend hypervisor application to emulate the hardware that runs Cisco IOS. Because only the hardware is emulated, you run an actual IOS image file on your PC. All the configuration commands and output come from a real IOS, and theoretically, any protocols or features that an IOS version supports are available to use in your network designs. This functionality distinguishes GNS3 from programs such as RouterSim, Boson NetSim, or VIRL, which simulate the entire experience and provide only limited environments, commands, and scenarios for you to work with.

Simulated Operating Systems

In addition to emulated hardware, GNS3 integrates simulated operating systems, and they can be fully networked to other GNS3 devices. One such example is Cisco IOU, which I cover in Chapter 9. IOU consists of a series of Linux binary files that emulate the features of IOS images, and it’s fully supported by GNS3.

In addition to Cisco IOS, GNS3 can integrate Quick Emulator (QEMU) and VirtualBox virtual machines running operating systems such as Linux, BSD, or Windows. For example, to practice installing and configuring an Apache web server on Linux, just add a VirtualBox virtual machine (VM) running Linux and Apache to GNS3 and test it by browsing to it from another VirtualBox host. All of this is done within the GNS3 user environment. If you want to throw a firewall in front of your Apache server, you could use a Cisco router, adaptive security appliance (ASA) firewall, or even a Linux-based firewall such as Vyatta.

Scalability with the GNS3 Server

GNS3 leverages client-server technology; much like a web browser connects to a web server to access and display web pages, the GNS3 graphical user interface (GUI) program accesses a GNS3 server, allowing it to start, stop, and otherwise control GNS3 devices. This allows your projects to scale because they’re not restricted to running on a single computer. If you work with large or complex topologies, you can also run the GNS3 server program on a different PC than the GNS3 GUI program. If you have access to a high-end server with a lot of memory and processing power, you can install the GNS3 server program on the server hardware but control all the devices from the GNS3 GUI program running on a more modest PC.

Virtual Connectivity

The true beauty of GNS3 lies in its ability to network your virtual devices together, usually using protocols such as Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6), to create labs that can run on just a single computer. Some of the simplest designs may have only a few components, like the project shown in Figure 1-1.

Figure 1-1. A GNS3 topology integrating Fedora Linux, Cisco, and Juniper routers

The project in Figure 1-1 allows a Fedora Linux host to access the live Internet via a switch, a Juniper router, a Cisco router, and finally a GNS3 Cloud node. That’s a simple network, but you can create complex networks made up of a dozen or more routers, switches, and PCs, like the design in Figure 1-2.

Figure 1-2. A complex, multiprotocol GNS3 topology

The project in Figure 1-2 is configured with more than 25 devices, including redundant switch blocks, EtherChannel, L2 Hot Standby Routing Protocol (HSRP), Frame Relay, Enhanced Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF), and Border Gateway Protocol (BGP), but the project can be run on a modestly configured PC. To keep your devices straight, you can also annotate your designs with colored, scalable text, as I’ve done in this example. If you have a laptop, you can even take projects on the road to present to clients, solve design issues, or study for certification exams. CCNA or CCNP candidates can also create all the training labs necessary to learn Cisco’s exam material, practice with real operating systems, and study from anywhere.

GNS3 has the ability to bridge virtual interfaces in your lab devices to one or more physical Ethernet interfaces in your PC. This allows you to connect your virtual networks to real hardware such as routers, switches, and other PCs. For example, you can run two or more GNS3 networks using multiple PCs and connect the PCs together using an Ethernet crossover cable or a physical switch. Doing so gives you the capability to connect all GNS3 devices across all the PCs. (I affectionately refer to this as a GNS3 ubernet!)

Open Source Integration

GNS3 performs its magic by leveraging open source technologies, including Dynamips, QEMU, and VirtualBox. It can run Juniper, Arista, and many other network operating systems as easily as Cisco IOS.

The Dynamips Hypervisor

To emulate Cisco hardware, GNS3 comes bundled with Dynamips, a wonderful application created in 2005 by Christophe Fillot of France and kept current by contributions from Flávio J. Saraiva and others. The Dynamips hypervisor program can emulate Cisco 1700, 2600, 3600, 3700, and 7200 series router hardware. Thanks to Dynamips, you can quickly and easily configure these router models with a variety of emulated Cisco network SLOT and WAN interface cards (WICs) in GNS3. Virtual input/output (I/O) cards allow you to add multiple Ethernet interfaces, switch modules, and serial