GNS3 and dynamips on a remote server
Today, we will look at the diversity of GNS3 shell and Cisco IOS Dynamips emulator to different computers.
Given:
powerful server (home / work / Hetzner / Amazone) and a rather weak workstation (laptop / netbook / etc.).
Task:
transfer the load from emulating a large number of IOS to a server for comfortable work.
Decision:
Several options will be considered - regular (! Yes, you didn’t notice the “Hypervisors” tab in the settings?) And working with crutches [unix way], but in my opinion it is somewhat more convenient.
For work we will use the following software:
- GNS3 0.8.2-BETA, but should work on the 0.7.x branch
- Dinamips 0.2.8-RC2
- Linux Ununtu 11.10 / Windows 7
- bash, tmux, ssh
')
How it works.
The server is running dynamips in hypervisor mode. On the client (workstation with GNS3), the management of local hypervisors is disabled and the remote ones are registered.
If you see a similar message about starting the server, everything works.
Before launching the hypervisor, you need to go to the "working" directory, because in the process, he creates a lot of temporary files. In this case, they do not interest us, so we will work in the tmp folder.
You can leave the server and go to another terminal or stop the hypervisor.
For convenience, I advise you to use tmux .
Also, when using a firewall, do not forget to make exceptions to the incoming port of the hypervisor (in this case, TCP 7220) and console connections (configured in GNS3).
The hypervisor is ready, it remains to prepare the images of iOS.
Download the image from cisco.com or, in the absence of a subscription, from a known torrent tracker.
We do not forget to speed up the unpacking of images, for this we download the “ Cisco image unpacker 0.1 source code ” from the GNS3 website.
As they say, knowledgeable people - dynamips under win works stably worse, but proceed to install.
Downloading " GNS3 v0.8.2 BETA all-in-one ".
After installation, open the folder with GNS3 and dynamips and find the .bat file to start the hypervisor.
You can take a shortcut to a convenient place, for example on the desktop, because will have to run it often.
Next, in the editor, edit the port from the standard 7200 to 7220:
Once launched, the console window should look like this.
All other actions are not very different from those under Linux (see above):
- open ports in the firewall;
- download iOS images;
- unpack the image, unpacker .
Ubuntu can install GNS3 through packages
But there is a rather old version (0.7.4), so download the source code. Compiling does not have to, because it is written in python. To satisfy all dependencies, we first install GNS3 from the package, then download the latest version from the repository.
Edit-> Preferences check the local dynamic settings.
Do not forget to click "Test Settings"
Edit-> IOS images and hypervisors
In the HOST field, enter the ip address of our server with dynamips, the PORT is the port selected for manual launch of dynamips.
Now in the tab IOS images add the image.
IMPORTANT. The path to the "Image file" and "Base config" are indicated on the server. For the user from which dynamips is running, these files must be readable.
Locally such files may not exist.
Remove the item “Use the hypervisor manager” and select the server you need.
Then save. In the list of images, we see that the call will go not to the local hypervisor, but to that on server 172.16.1.1.
Further, as usual, we create a topology and work.
From here, download and install " GNS3 v0.8.2 BETA all-in-one " - compiled the latest version of GNS3.
All settings correspond to the client under Linux.
There are two disadvantages to a regular solution:
- the need to manually log in to a remote server to start the hypervisor;
- the open channel of the control connection with the hyper-visitor and consoles.
When you start the device with the key "-H 7220", dynamips opens a listening socket on all available addresses:
No authorization and encryption is provided, and when the paranoia mode is on, this is not exposed to the Internet. There is no opportunity to hang the hypervisor on a specific ip, for example 127.0.0.1, and in any case the port must be closed with a firewall.
At first glance, you need to use a VPN, which is beyond the scope of this article.
Also, when working locally, the manager of the hyper-detectors, under certain circumstances, runs several copies of dynamips on different ports.
Solution option - we configure GNS3 to work with local dynamips, but we create a layer that opens a remote connection via ssh to the server, automatically starts the hypervisor there and forwards ports on top of its encrypted connection. In fact, it will be one script, run with different keys - for the control connection and for the remote console.
Let's get started!
NOTE. For correct operation, authentication in SSH using the keys || edit the script.
NOTE. The GNS3 version should be above 0.8.2 beta2 (for example, from the repository), because it has a bug in which the control script cannot correctly extinguish the remote dynamips.
Edit-> Preferences in the settings of the local dynamips and instead of its binary we write the path to our script
We also change the console connection string
Do not forget to set the full path to the file in the command and replace the variables in the script.
Principle of operation:
- an attempt to start the master connection to the server (automatically completing by idle timeout);
in the course of work, quite a lot of dynamips-over-ssh and telnet-over-ssh sessions are created and multiplexing, in this case, significantly speeds up the work.
- the creation of a trap for the correct stopping of a remote dynamips;
- launch a hypervisor or telnet connection.
Forwarding X11 GUI applications.
Pros: it works, and everything is out of the box.
Cons: slowly. A satisfactory result is only within the LAN at low latency and high speeds.
-C includes compression
-X activates X11 session forwarding / don't forget to enable 'X11 Forwarding yes' in sshd_config /
But in the case of using X11 Forwording, we actually lose the ability to download .net files and view saved configurations locally.
For users of heavy shells can take advantage of built-in functions. For example, Nautilus can add sftp links to bookmarks.
A more versatile option is possible in conjunction fuse + ssh = sshfs.
This topic has already been discussed in Habré, so the idea will be only.
Create in the home directory the main folder for working with GNS and the auxiliary script.
Work model:
- Download, for example, laboratory. Assume ROUTE: EIGRP .
- Mount sshfs.
- Unpack the archive in ~ / CISCO
- we start
PS1
baseconfig.txt
This is not a combat configuration and has security problems, but is convenient for training.
PS2
Configure tmux to work with dynamips consoles.
In tmux, I create a separate session for consoles, and from GNS3 I only add a connection to an existing one.
GNS3 Edit-> Preferences "Terminal command"
Materials:
Given:
powerful server (home / work / Hetzner / Amazone) and a rather weak workstation (laptop / netbook / etc.).
Task:
transfer the load from emulating a large number of IOS to a server for comfortable work.
Decision:
Several options will be considered - regular (! Yes, you didn’t notice the “Hypervisors” tab in the settings?) And working with crutches [unix way], but in my opinion it is somewhat more convenient.
For work we will use the following software:
- GNS3 0.8.2-BETA, but should work on the 0.7.x branch
- Dinamips 0.2.8-RC2
- Linux Ununtu 11.10 / Windows 7
- bash, tmux, ssh
- Option 1 - regular
- Server: Linux
- Server: Windows
- Client: Linux
- Client: Windows - Option 2 - unix way
- Option 3 - unix way / part 2
- PS1 - baseconfig.txt
- PS2 - tmux
')
Option 1 - regular
How it works.
The server is running dynamips in hypervisor mode. On the client (workstation with GNS3), the management of local hypervisors is disabled and the remote ones are registered.
Server: Linux
$ sudo apt-get install dynamips $ cd /tmp $ dynamips -H 7220 Cisco Router Simulation Platform (version 0.2.8-RC2-amd64) Copyright (c) 2005-2007 Christophe Fillot. Build date: Jan 18 2011 19:25:29 Hypervisor TCP control server started (port 7220). If you see a similar message about starting the server, everything works.
Before launching the hypervisor, you need to go to the "working" directory, because in the process, he creates a lot of temporary files. In this case, they do not interest us, so we will work in the tmp folder.
You can leave the server and go to another terminal or stop the hypervisor.
^CHypervisor: closing control sockets. Hypervisor: closing remote client connections. Shutdown in progress... Shutdown completed. For convenience, I advise you to use tmux .
Also, when using a firewall, do not forget to make exceptions to the incoming port of the hypervisor (in this case, TCP 7220) and console connections (configured in GNS3).
The hypervisor is ready, it remains to prepare the images of iOS.
Download the image from cisco.com or, in the absence of a subscription, from a known torrent tracker.
We do not forget to speed up the unpacking of images, for this we download the “ Cisco image unpacker 0.1 source code ” from the GNS3 website.
$ mkdir ~/IOS $ cd ~/IOS $ mv ~/Downloads/Unpack-0.1_src.tar.bz2 ./ $ mv ~/Downloads/c2600-ipbasek9-mz.124-17.bin ./ $ tar -xjf Unpack-0.1_src.tar.bz2 $ rm Unpack-0.1_src.tar.bz2 $ python ./Unpack/unpack.py --format=IOS c2600-ipbasek9-mz.124-17.bin warning [c2600-ipbasek9-mz.124-17.bin]: 17812 extra bytes at beginning or within zipfile (attempting to process anyway) IOS binary image successfully unpacked in c2600-ipbasek9-mz.124-17.bin.unpacked Server: Windows
As they say, knowledgeable people - dynamips under win works stably worse, but proceed to install.
Downloading " GNS3 v0.8.2 BETA all-in-one ".
After installation, open the folder with GNS3 and dynamips and find the .bat file to start the hypervisor.
You can take a shortcut to a convenient place, for example on the desktop, because will have to run it often.
Next, in the editor, edit the port from the standard 7200 to 7220:
rem Launch a local copy of dynamips set dynamips=%CD%\dynamips.exe cd %TEMP% start /belownormal /B /wait "Dynamips" "%dynamips%" -H 7220 pause Once launched, the console window should look like this.
All other actions are not very different from those under Linux (see above):
- open ports in the firewall;
- download iOS images;
- unpack the image, unpacker .
Client: Linux
Ubuntu can install GNS3 through packages
$ sudo apt-get install gns3 But there is a rather old version (0.7.4), so download the source code. Compiling does not have to, because it is written in python. To satisfy all dependencies, we first install GNS3 from the package, then download the latest version from the repository.
$ sudo apt-get install gns3 $ sudo apt-get install mercurial $ cd ~/IOS/ $ hg clone http://code.gns3.net/gns3-devel $ cd gns3-devel $ ./gns3.pyw Edit-> Preferences check the local dynamic settings.
Do not forget to click "Test Settings"
Edit-> IOS images and hypervisors
In the HOST field, enter the ip address of our server with dynamips, the PORT is the port selected for manual launch of dynamips.
Now in the tab IOS images add the image.
IMPORTANT. The path to the "Image file" and "Base config" are indicated on the server. For the user from which dynamips is running, these files must be readable.
Locally such files may not exist.
Remove the item “Use the hypervisor manager” and select the server you need.
Then save. In the list of images, we see that the call will go not to the local hypervisor, but to that on server 172.16.1.1.
Further, as usual, we create a topology and work.
Client: Windows
From here, download and install " GNS3 v0.8.2 BETA all-in-one " - compiled the latest version of GNS3.
All settings correspond to the client under Linux.
Option 2 - unix way
There are two disadvantages to a regular solution:
- the need to manually log in to a remote server to start the hypervisor;
- the open channel of the control connection with the hyper-visitor and consoles.
When you start the device with the key "-H 7220", dynamips opens a listening socket on all available addresses:
$ sudo netstat --numeric --listening --program | grep dynamips tcp 0 0 0.0.0.0:7220 0.0.0.0:* LISTEN 12756/dynamips No authorization and encryption is provided, and when the paranoia mode is on, this is not exposed to the Internet. There is no opportunity to hang the hypervisor on a specific ip, for example 127.0.0.1, and in any case the port must be closed with a firewall.
At first glance, you need to use a VPN, which is beyond the scope of this article.
Also, when working locally, the manager of the hyper-detectors, under certain circumstances, runs several copies of dynamips on different ports.
Solution option - we configure GNS3 to work with local dynamips, but we create a layer that opens a remote connection via ssh to the server, automatically starts the hypervisor there and forwards ports on top of its encrypted connection. In fact, it will be one script, run with different keys - for the control connection and for the remote console.
Let's get started!
NOTE. For correct operation, authentication in SSH using the keys || edit the script.
NOTE. The GNS3 version should be above 0.8.2 beta2 (for example, from the repository), because it has a bug in which the control script cannot correctly extinguish the remote dynamips.
Edit-> Preferences in the settings of the local dynamips and instead of its binary we write the path to our script
/home/%username%/IOS/rdyn.sh We also change the console connection string
gnome-terminal -t %d -e '/home/%username%/rdyn.sh -R %p' >/dev/null 2>&1 & Do not forget to set the full path to the file in the command and replace the variables in the script.
#!/usr/bin/env bash HOST=host.tld #HOST=2001:470::1 PORT=4444 USER=username ####################################### WRKDIR='/tmp' DYNAMIPS='/usr/bin/dynamips' RCMD=$1 RPORT=$2 SSHOPT="-a -T -q -x -o ExitOnForwardFailure=yes -o TCPKeepAlive=yes -o BatchMode=yes -o ControlPersist=10 -o ControlPath=/tmp/rdyn.%h.%p.%r -p $PORT $USER@$HOST " TELNETCMD="ssh -N -f -L 127.0.0.1:$2:127.0.0.1:$2 $SSHOPT" ######################################## trap quit INT TERM HUP KILL function quit { if [ $RCMD = '-H' ] ; then ssh $SSHOPT "pkill -f \"$DYNAMIPS -H $RPORT\"" & else pkill -f "$TELNETCMD" fi exit } ######################################## if [ "$1" = '' ] ; then echo 'Error: script expects some commands.' exit fi ssh -M -f $SSHOPT exit > /dev/null 2>&1 if [ "$1" = '--help' ] ; then ssh $SSHOPT "$DYNAMIPS --help" else if [ "$1" = '-H' ] ; then ssh -L 127.0.0.1:$2:127.0.0.1:$2 $SSHOPT "cd $WRKDIR ; $DYNAMIPS -H $2" 2> /dev/null & while : ; do wait; sleep 1; done else $TELNETCMD > /dev/null 2>&1 telnet 127.0.0.1 $2 pkill -f "$TELNETCMD" read fi fi Principle of operation:
- an attempt to start the master connection to the server (automatically completing by idle timeout);
in the course of work, quite a lot of dynamips-over-ssh and telnet-over-ssh sessions are created and multiplexing, in this case, significantly speeds up the work.
- the creation of a trap for the correct stopping of a remote dynamips;
- launch a hypervisor or telnet connection.
Option 3 - unix way / part 2
Forwarding X11 GUI applications.
Pros: it works, and everything is out of the box.
Cons: slowly. A satisfactory result is only within the LAN at low latency and high speeds.
$ ssh -X -C username@host.tld gns3 -C includes compression
-X activates X11 session forwarding / don't forget to enable 'X11 Forwarding yes' in sshd_config /
But in the case of using X11 Forwording, we actually lose the ability to download .net files and view saved configurations locally.
For users of heavy shells can take advantage of built-in functions. For example, Nautilus can add sftp links to bookmarks.
A more versatile option is possible in conjunction fuse + ssh = sshfs.
This topic has already been discussed in Habré, so the idea will be only.
Create in the home directory the main folder for working with GNS and the auxiliary script.
$ sshfs username@host.tld:/home/%username%/CISCO ~/CISCO $ cat << ENDL > ~/CISCO/rgns3 ssh -X -C username@host.tld gns3 \$1 ENDL $ chmod +x ~/CISCO/rgns3 Work model:
- Download, for example, laboratory. Assume ROUTE: EIGRP .
- Mount sshfs.
- Unpack the archive in ~ / CISCO
- we start
$ ~/CISCO/rgns3 ~/CISCO/EIGRP/topology.net PS1
baseconfig.txt
! hostname %h no ip domain-lookup line con 0 exec-timeout 0 0 logging synchronous privilege level 15 service timestamps debug datetime msec line vty 0 15 no login exec-timeout 0 0 logging synchronous privilege level 15 This is not a combat configuration and has security problems, but is convenient for training.
PS2
Configure tmux to work with dynamips consoles.
In tmux, I create a separate session for consoles, and from GNS3 I only add a connection to an existing one.
$ cat gconsole.sh unset TMUX; tmux new-session -d -s GNS3 >/dev/null 2>&1 gnome-terminal -e '/usr/bin/tmux attach-session -t GNS3' GNS3 Edit-> Preferences "Terminal command"
unset TMUX; tmux new-window -t GNS3 -n '%d' 'telnet %h %p ; cat' >/dev/null 2>&1 & and using the dynamips-over-ssh option unset TMUX; tmux new-window -t GNS3 -n '%d' '/home/%username%/IOS/rdyn.sh -R %p' >/dev/null 2>&1 & Materials:
- forum.gns3.net
- man dynamips
- man tmux
Source: https://habr.com/ru/post/135884/
All Articles