How-to: Setup up an Emulated Cisco Lab Using GNS3 in Ubuntu, Part1
GNS3 is a graphical network simulator that is integrated with the Cisco router emulator Dynamips. In this tutorial I will explain how to connect your Linux host to an emulated 7200 series router, then that router to another 7200 router, and finally that second router will be connected to a Linux VM running in VMware Server. In this lab environment we will also configure access control lists ( ACLs ), Network Address Translation ( NAT ), and a site-to-site Internet Security Protocol Virtual Private Network ( IPsec VPN ) tunnel between the two routers in Part 2.
• VMware Server
• A Cisco 7200 router firmware image ( You will have to get this on your own, I don’t want to step on Cisco’s copyright )
• This tutorial assumes the Linux host and the virtual machine are running Ubuntu 8.10
1. Install GNS3:
sudo apt-get install gns3 dynamips
2. Start GNS3 and follow the setup wizard, you will want to load the 7200 .bin files
3. Install VMware server: You will need to patch it see here ( http://ubuntu-tutorials.com/2008/11/01/vmware-server-107-on-ubuntu-810-intrepid-2627-7-generic/ ) before installing. Make sure to allow host-only networking ( You can chose to install all the different networking options ).
4. Create a Ubuntu 8.10 VM with host only networking in VMware server.
Setting up our layout in GNS3:
1. Start gns3 as root:
2. Create two Cisco 7200 by dragging the icon over from the left.
3. Right click each router, click on the slots tab, and change slot0 to C7200-IO-2FE and slot1 to PA-2FETX ( this will give each router 4 Fast Ethernet interfaces ).
4. Right click each router and change the host names to lab1 and lab2.
GNS3 Network Diagram
Basic configuration for each router:
1. Right click lab1 and chose start.
2. Right click lab1 and chose console.
3. You should see ‘Self Decompressing the Image’, we are now in the emulated IOS terminal connection.
a. Chose yes for ‘initial configuration dialog’.
b. Chose yes for ‘basic management setup’.
c. Call the router lab1.
d. Enter passwords when asked.
e. chose no to SNMP management.
f. Chose FastEthernet0/0 for ‘management network from the above interface summary’.
g. Chose Use the 100 Base-TX (RJ-45) connection.
h. Select no for full duplex.
i. Chose yes to Configure IP on that interface.
j. For the interface IP, chose a s /24 subnet that is not being used in your network or by VMWare ( run ifconfig on your host machine and look at what the vmnet interfaces are to see what VMWare is using ). For my example it is going to be 192.168.1.1
k. Accept the 255.255.255.0 subnet mask.
l. Press 2 to save.
m. Then go into enable mode by typing ‘
enable‘ and then type ‘
copy run start‘.
n. Save your work so far in GNS3 by choosing ‘Save as’ and also extract all your configurations by pressing the yellow arrow.
4. Repeat steps 1-3 above for the lab2 router but for step j:
i. Start your VMware Linux VM that was set up with host only networking.
ii. Look at what IP you have been given, for my example it is was 192.168.21.128
iii. Configure the F0/0 on this router to match that network, in my case it would be 192.168.21.1 with a subnet mask of 255.255.255.0
Getting the Routers to talk to each Other:
1. On lab1:
a. Open up the console for lab1.
b. Run the following commands in the lab1 console:
ip address 184.108.40.206 255.255.255.252
< ctrl-z >
copy run start
2. On Lab2:
a. Do the same as above but with:
ip address 220.127.116.11 255.255.255.252
3. In GNS3 click the icon that looks like an Ethernet cable, chose fast ethernet and connect f1/0 of lab1 to f1/0 of lab2 by clicking on a router and then clicking the other router. Expand the ‘Topology Summary’ for each router so you can verify that the correct interfaces are connected to each other. Do verify that you got the interfaces specified, I found this to be a bit buggy to get the interfaces I wanted.
4. Log into the console of each router and ping the other to make sure the connection is working.
Connect your Host Machine to the Virtual Network:
1. In GNS3 Create a cloud by dragging it from the left.
2. Right click the cloud and chose configure.
3. Click on the NIO TAP tab, type in ‘tap0′ to the field and click ‘Add’ and then ‘Apply’.
4. From your Linux host open up a terminal:
a. Install the utilities that let you create tap interfaces:
sudo apt-get install uml-utilities
b. Become Root:
sudo su -
c. Load the tun module:
d. Create the tunnel interface:
c. Give the tap interface an IP that matches your network for lab1′s f0/0, i.e. :
ifconfig tap0 192.168.1.100 netmask 255.255.255.0 up
d. If using iptables you may need to add some rules like:
iptables -I INPUT 1 -i tap0 -j ACCEPT
5. In GNS3 click the Ethernet icon and select fast ethernet. Then click Lab1 first and the cloud and select the tap0 interface.
6. Verify you can reach the IP of Lab1′s FastEthernet 0/0 ip by pinging it from you Linux Host.
Connect your Virtual Machine to the Virtual Network:
1. In GNS3 create a cloud by dragging it from the left.
2. Right click the cloud and chose configure.
3. Click on the NIO ETHERNET tab and then ‘Linux Ethernet NIO’, select the vmnet interface that corresponds to the host only networking and click ‘Add’ and then ‘Apply’. In my example it is vmnet1.
4. In a terminal on your Linux host note the IP of the vmnet interface of the previous step and then remove the ip by entering:
sudo ifconfig vmnet1 0.0.0.0 #if vmnet1 was the interface from step 3. The IP is removed because that is the IP we gave the FastEthernet interface on Lab2.
5. In GNS3 connect the cloud to the cloud by clicking the Ethernet icon, selecting fast ethernet, clicking lab2, and then selecting the nio_linux_eth:vmnet1 interface of the cloud.
6. Verify that you can reach the IP of Lab2′s FastEthernet 0/0 by pinging it from the Linux VM.
7. To be able to reach the VM from the Linux host throught the virtual network add the following route to the Linux host:
sudo route add -net 192.168.21.0 netmask 255.255.255.0 gw 192.168.1.1
You should now have a basic network with two routers that you can practice with. In the second article we will configure NAT, IPsec, and ACLs on the routers. Please do comment on any confusing steps in this tutorial, I wrote it after doing this myself and not as I did it, so something might be missing.