As we all know Cisco recently released the CSR1000v. This post will describe how
to create a home lab consisting of Dynamips and CSR1000v running on ESXi.
You should already have deployed the CSR and have a Dynamips box ready. I will
use Ubuntu for my Dynamips machine but you can choose whatever OS you like.
So to start you should have ESXi 5.0. If you have an enterprise version of ESX
that is great but I don’t so I’m using ESXi. I am managing it via the vSphere client.
I have installed Ubuntu desktop 12.10 64-bit version. You will need some tools to
have a good setup. I recommend you install the following:
sudo apt-get install dynamips sudo apt-get install dynagen sudo apt-get install xrdp sudo apt-get install wireshark sudo apt-get install open-vm-tools sudo apt-get install screen sudo apt-get install gnome-session-fallback cd ~ touch .xsession echo gnome-session --session=gnome-fallback > .xsession
You can then use RDP to connect to the Ubuntu machine. If you don’t need the graphics you
can use use SSH as usual.
I will put together a topology that looks like this:
As you can see I will be using 3 VLANs. One VLAN is for managing the devices.
I can login to the CSRs and the Dynamips routers from this network. The CSRs
uses GigabitEthernet0 by default as a management interface that are placed
in the VRF Mgmt-intf.
You can use a dedicated vSwitch or create the VLANs on the standard vSwitch. I have
just created VLANs in the regular vSwitch. You configure this under Inventory -> Configuration
-> Networking -> Add networking
After clicking “Add Networking” choose connection type “Virtual machine”
Choose an existing vSwitch or create a new one if you wish.
Then choose the name for your network and assign a VLAN ID to it. You can use the same
numbers I did or choose something else.
Finish the guide and the new network will be present. We want to edit a setting
for the networks that will connect to Dynamips. We want to set the port group to
promiscous mode so that CDP frames and other traffic not destined to the VM can
arrive to the VMs. This will create some overhead but shouldn’t be an issue in
a lab network. Click “Properties…” for the vSwitch.
Select the network and choose “Edit…” then under the Security tab set
“Promiscous Mode:” to Accept.
After creating all the networks they need to be assigned to the virtual machines.
For the CSRs the GigabitEthernet0 will be assigned to the MGMT network and Gi1 to
CSR to Dynamips 1 and Gi2 to CSR to Dynamips2.
Right click the VM and choose “Edit Settings…”. The NICs should be assigned like this:
Do the same also for the Dynamips VM. In theory there should now be connectivity.
We will use a topology that looks like this:
We need to create a .net file that can be used to create this topology.
5 routers will be running in Dynamips so 1 or 2 hypervisors should be enough.
As usual you need to find suitable Idle-PC value for your topology. My .net
looks like this.
autostart = False [127.0.0.1:7200] workingdir = /home/daniel/dynamips/working/CSR udp = 10000 [] image = /home/daniel/IOS/c7200-adventerprisek9-mz.150-1.M1.bin-unpacked ram = 256 idlepc = 0x628cc49c ghostios = True [[ROUTER R1]] model = 7200 console = 20061 f1/0 = R2 f1/0 f1/1 = R3 f1/0 f2/0 = nio_gen_eth:eth1 [[ROUTER R2]] model = 7200 console = 2002 f1/0 = R1 f1/0 f1/1 = R4 f1/0 [[ROUTER R3]] model = 7200 console = 2003 f1/0 = R1 f1/1 f1/1 = R4 f1/0 [[ROUTER R4]] model = 7200 console = 2004 f1/0 = R2 f1/1 f1/1 = R3 f1/1 [[ROUTER R5]] model = 7200 console = 2005 f1/0 = nio_gen_eth:eth2
The only thing special here is that R1 and R5 are connecting to the outside
world. By using the generic NIO descriptor we are connecting to the Ethernet
interfaces leading to the VM networks.
It’s time to start the Dynamips process. I will use screen because I want to
keep the process running even if I disconnect my session.
[email protected]:~/.gns3$ sudo screen -mS dynamips dynamips -H 7200 & [email protected]:~/.gns3$ dynagen CSR3.net
I have started all devices so I should be able to reach them and configure them now.
I will configure routers R1-R4 to run OSPF. R4 will announce its loopback 126.96.36.199
and this should be reachable from R5 on the other side of the network.
R1 will run BGP to both CSR1 and 2. This is the configuration applied to R1.
interface FastEthernet1/0 ip address 188.8.131.52 255.255.255.0 ip ospf 1 area 0 duplex auto speed auto ! ! interface FastEthernet1/1 ip address 184.108.40.206 255.255.255.0 ip ospf 1 area 0 duplex auto speed auto ! ! interface FastEthernet2/0 ip address 10.10.10.1 255.255.255.0 duplex auto speed auto ! ! interface FastEthernet2/1 no ip address shutdown duplex auto speed auto ! ! router ospf 1 router-id 220.127.116.11 log-adjacency-changes redistribute bgp 1 subnets ! router bgp 1 no synchronization bgp router-id 18.104.22.168 bgp log-neighbor-changes redistribute ospf 1 neighbor 10.10.10.11 remote-as 100 neighbor 10.10.10.12 remote-as 100 no auto-summary
Configuration for CSRs is very simple.
interface GigabitEthernet1 ip address 10.10.10.11 255.255.255.0 negotiation auto ! interface GigabitEthernet2 ip address 22.214.171.124 255.255.255.0 ip ospf 1 area 0 negotiation auto ! interface GigabitEthernet0 vrf forwarding Mgmt-intf ip address dhcp negotiation auto ! router ospf 1 redistribute bgp 100 subnets ! router bgp 100 bgp log-neighbor-changes redistribute ospf 1 neighbor 10.10.10.1 remote-as 1
CSR2 only has different addressing. Now do we see any routes?
CSR1#sh bgp ipv4 uni BGP table version is 7, local router ID is 126.96.36.199 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 188.8.131.52/32 10.10.10.1 3 0 1 ? *> 184.108.40.206/24 10.10.10.1 0 0 1 ? *> 220.127.116.11/24 10.10.10.1 0 0 1 ? *> 18.104.22.168/24 0.0.0.0 0 32768 ? *> 22.214.171.124/24 10.10.10.1 2 0 1 ? *> 126.96.36.199/24 10.10.10.1 2 0 1 ?
Looks good. Now let’s just verify that R5 sees them as well.
R5#sh ip route ospf | be Gate Gateway of last resort is not set 188.8.131.52/32 is subnetted, 1 subnets O E2 184.108.40.206 [110/1] via 220.127.116.11, 00:03:33, FastEthernet1/0 [110/1] via 18.104.22.168, 00:05:18, FastEthernet1/0 22.214.171.124/24 is subnetted, 1 subnets O E2 126.96.36.199 [110/1] via 188.8.131.52, 00:03:33, FastEthernet1/0 [110/1] via 184.108.40.206, 00:05:18, FastEthernet1/0 220.127.116.11/24 is subnetted, 1 subnets O E2 18.104.22.168 [110/1] via 22.214.171.124, 00:03:33, FastEthernet1/0 [110/1] via 126.96.36.199, 00:05:18, FastEthernet1/0 188.8.131.52/24 is subnetted, 1 subnets O E2 184.108.40.206 [110/1] via 220.127.116.11, 00:03:33, FastEthernet1/0 [110/1] via 18.104.22.168, 00:05:18, FastEthernet1/0 22.214.171.124/24 is subnetted, 1 subnets O E2 126.96.36.199 [110/1] via 188.8.131.52, 00:03:33, FastEthernet1/0 [110/1] via 184.108.40.206, 00:05:18, FastEthernet1/0
ECMP is implemented since the cost is the same to ASBRs.
Final test is to ping 220.127.116.11.
R5#ping 18.104.22.168 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 22.214.171.124, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/20/24 ms
And it works! Pretty cool stuff. So now we have a lab with both IOS and IOS-XE.
If we had real switches we could throw this into the topology as well.
If you have enterprise ESX you could even practice Nexus with N1kv image.
So you see that we can build some great topologies here.
This does take some computing power, mostly RAM. If I check ESXi I see that
the Ubuntu box is using around 2GHz CPU and about 2GB RAM. The CSRs are using
each 750MHz CPU and 3GB RAM. So in total you are looking at around 4GHz CPU
and 8GB RAM. It is doable on a well equipped laptop.