The title should in fact read: How to connect dynamips routers to IOS-XRv, or and other emulated network device, as well as real switches connecting to more devices – But this title is far too long.
I did all of this on an older ESX 4.0 server. I’m pretty sure the steps would be almost identical if not identical on a newer version. Note that this blog shows how I set up and use it. You might tweak it to your own environment. What I do is host a linux VM running dynamips on my ESX server. I load up Firefly and IOS-XRv images as needed. I log into all these devices via telnet over an IPSec tunnel.
Head over to Cisco to download IOS-XRv
Importing the .ova file is a piece of cake. For now ensure you have at least two E1000 NICS attached to the VM. The first one goes to the management port and the second to Gig0/0/0/0
Create another VM and install your favourite version of *nix on it. Ensure the machine has at least two NICs. Install dynamips and dynagen. As I’m using Ubuntu server 12.04LTS I simply do it like so:
sudo apt-get install dynamips dynagen
Upload your IOS images as needed.
In IOS-XRv, the first NIC connects to the mgmt interface while the second connects to gi0/0/0/0. Add more NICs and you get gi0/0/0/1 and so on. For now we just need our single interface.
On the ESX host, create a new virtual switch. If you are going to connect your virtual devices to real switches and device in the real world, you’ll need to bind a physical NIC to it. If not you don’t need to.
vswitches in vmware drop tagged frames by default. You can add a vlan to the vswitch, but thats only a single vlan and its only for the vswitch sending traffic out the vhost on the physical NIC. You need to let vmware know that you intend to send tagged traffic from your vms. To do this you set the VLAN ID to 4095. When you click OK, it will change that to ‘ALL’
At this point, you can tag your gi0/0/0/0 interface which will send tagged frames into the vswitch. We now need to ensure dynamips can accept those frames and get them to the right router.
I’ll load up a very small topology in dynamips like so:
autostart = False [127.0.0.1:7200] workingdir = /home/darreno/dynamips/working/blog [] image = /home/darreno/dynamips/ios/7200/c7200-advipservicesk9-mz.122-33.SRE7.bin ram = 512 idlepc = 0x6278f1a4 ghostios = True npe = npe-400 midplane = vxr idlemax = 100 [[ROUTER R1]] model = 7200 console = 2001 f1/0 = s1 1 [[ROUTER R2]] model = 7200 console = 2002 f1/0 = s1 2 [[ETHSW s1]] 1 = dot1q 1 2 = dot1q 1 100 = dot1q 1 nio_gen_eth:eth1
A port on each 7200 is connected to a dynamips dumb switch. The switch is configured to accept tagged frames, with the native vlan being 1. Port 100 on this switch is connected to eth1, the second nic on the system.
You can either use nio_linux_eth or nio_gen_eth. When using nio_linux_eth, it seems to send tagged frames, but not receive them. Stick with nio_gen_eth.
If you wanted to connect all of this to the outside world, you can create another port on the switch that is mapped to eth2. In vmware ensure that eth2 maps to a physical NIC. Turn on promiscuous mode in vmware as well:
That physical NIC can then go off to a switch which you can then connect anything you want to.
On both 7200s I have very simple configs:
interface FastEthernet1/0.20 encapsulation dot1Q 20 ip address 220.127.116.11 255.255.255.0 ip ospf network point-to-point ip ospf 1 area 0 ! interface Loopback0 ip address 18.104.22.168 255.255.255.255 ip ospf 1 area 0
On an IOS-XRv box:
interface GigabitEthernet0/0/0/0.10 ipv4 address 10.10.10.4 255.255.255.0 encapsulation dot1q 10 ! interface GigabitEthernet0/0/0/0.20 ipv4 address 22.214.171.124 255.255.255.0 encapsulation dot1q 20 ! router ospf 1 area 0 interface Loopback0 ! interface GigabitEthernet0/0/0/0.10 network point-to-point ! interface GigabitEthernet0/0/0/0.20 network point-to-point ! ! !
Do they speak? IOS:
R1#sh ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 126.96.36.199 0 FULL/ - 00:00:37 10.10.10.4 FastEthernet1/0.10
RP/0/0/CPU0:XR4#show ospf neighbor Fri Feb 14 11:50:25.458 UTC * Indicates MADJ interface Neighbors for OSPF 1 Neighbor ID Pri State Dead Time Address Interface 188.8.131.52 1 FULL/ - 00:00:32 10.10.10.1 GigabitEthernet0/0/0/0.10 Neighbor is up for 00:01:28 184.108.40.206 1 FULL/ - 00:00:31 220.127.116.11 GigabitEthernet0/0/0/0.20 Neighbor is up for 00:01:28 Total neighbor count: 2 RP/0/0/CPU0:XR4#ping 18.104.22.168 Fri Feb 14 11:57:07.951 UTC Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 22.214.171.124, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/9 ms
- You need to use subinterfaces. I use them extensively in real life so its not a problem for me.
- It’s possible to do it without subinterfaces, but you’ll need a vswitch per p2p link. There is a limit to how many vnics you can have on a vm so it becomes unworkable quickly
- With the above, you would need to create a link for every p2p link and add NICs on the fly. By using tagged interfaces I can connect any device to another simply by matching vlan tags.
- All devices can send to each other directly via untagged interfaces. This generally isn’t a problem, but it can make looking at CDP offer up some interesting results:
R1#show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Local Intrfce Holdtme Capability Platform Port ID XR4.CCIE Fas 1/0 152 R IOS XRv S Gig 0/0/0/0 R2 Fas 1/0 172 R 7206VXR Fas 1/0
- You can prevent the above happening by putting each dynamips port into their own native vlan
At this point you can spin up any VM network device, like a Juniper FireFly, connect it to the same vswitch, and you’ll have full connectivity via tagged frames.