Kyle Brandt

Introduction:
GNS3 is a graphical network simulator that is integrated with the Cisco router emulator Dynamips.  In this tutorial I will explain how to connect your Linux host to an emulated 7200 series router, then that router to another 7200 router, and finally that second router will be connected to a Linux VM running in VMware Server.  In this lab environment we will also configure access control lists ( ACLs ), Network Address Translation ( NAT ), and a site-to-site Internet Security Protocol Virtual Private Network ( IPsec VPN ) tunnel between the two routers in Part 2.

Pre-Requists:
• VMware Server
• A Cisco 7200 router firmware image ( You will have to get this on your own, I don’t want to step on Cisco’s copyright )
• This tutorial assumes the Linux host and the virtual machine are running Ubuntu 8.10

Getting Started:
1. Install GNS3: sudo apt-get install gns3 dynamips
2. Start GNS3 and follow the setup wizard, you will want to load the 7200 .bin files
3. Install VMware server: You will need to patch it see here ( http://ubuntu-tutorials.com/2008/11/01/vmware-server-107-on-ubuntu-810-intrepid-2627-7-generic/ ) before installing.  Make sure to allow host-only networking ( You can chose to install all the different networking options ).
4. Create a Ubuntu 8.10 VM with host only networking in VMware server.

Setting up our layout in GNS3:
1. Start gns3 as root: gksudo gns3
2. Create two Cisco 7200 by dragging the icon over from the left.
3. Right click each router, click on the slots tab, and change slot0 to C7200-IO-2FE and slot1 to PA-2FETX ( this will give each router 4 Fast Ethernet interfaces ).
4. Right click each router and change the host names to lab1 and lab2.

GNS3 Network Diagram

Basic configuration for each router:
1. Right click lab1 and chose start.
2. Right click lab1 and chose console.
3. You should see ‘Self Decompressing the Image’, we are now in the emulated IOS terminal connection.

a. Chose yes for ‘initial configuration dialog’.
b. Chose yes for ‘basic management setup’.
c. Call the router lab1.
d. Enter passwords when asked.
e. chose no to SNMP management.
f. Chose FastEthernet0/0 for ‘management network from the above interface summary’.
g. Chose Use the 100 Base-TX (RJ-45) connection.
h. Select no for full duplex.
i. Chose yes to Configure IP on that interface.
j. For the interface IP, chose a s /24 subnet that is not being used in your network or by VMWare ( run ifconfig on your host machine and look at what the vmnet interfaces are to see what VMWare is using ). For my example it is going to be 192.168.1.1
k. Accept the 255.255.255.0 subnet mask.
l.  Press 2 to save.
m. Then go into enable mode by typing ‘enable‘ and then type ‘copy run start‘.
n. Save your work so far in GNS3 by choosing ‘Save as’ and also extract all your configurations by pressing the yellow arrow.

4. Repeat steps 1-3 above for the lab2 router but for step j:

i. Start your VMware Linux VM that was set up with host only networking.
ii. Look at what IP you have  been given, for my example it is was 192.168.21.128
iii. Configure the F0/0 on this router to match that network, in my case it would be 192.168.21.1 with a subnet mask of 255.255.255.0

Getting the Routers to talk to each Other:
1. On lab1:

a. Open up the console for lab1.
b. Run the following commands in the lab1 console:
enable
conf t
int F1/0
ip address 12.12.12.1 255.255.255.252
< ctrl-z >
copy run start

2. On Lab2:

a. Do the same as above but with: ip address 12.12.12.2 255.255.255.252

3. In GNS3 click the icon that looks like an Ethernet cable, chose fast ethernet and connect f1/0 of lab1 to f1/0 of lab2 by clicking on a router and then clicking the other router. Expand the ‘Topology Summary’ for each router so you can verify that the correct interfaces are connected to each other. Do verify that you got the interfaces specified, I found this to be a bit buggy to get the interfaces I wanted.
4. Log into the console of each router and ping the other to make sure the connection is working.

Connect your Host Machine to the Virtual Network:
1. In GNS3 Create a cloud by dragging it from the left.
2. Right click the cloud and chose configure.
3. Click on the NIO TAP tab, type in ‘tap0′ to the field and click ‘Add’ and then ‘Apply’.
4. From your Linux host open up a terminal:

a. Install the utilities that let you create tap interfaces: sudo apt-get install uml-utilities
b. Become Root: sudo su -
c. Load the tun module: modprobe tun
d. Create the tunnel interface: tunctl
c. Give the tap interface an IP that matches your network for lab1’s f0/0, i.e. : ifconfig tap0 192.168.1.100 netmask 255.255.255.0 up
d. If using iptables you may need to add some rules like: iptables -I INPUT 1 -i tap0 -j ACCEPT

5. In GNS3 click the Ethernet icon and select fast ethernet.  Then click Lab1 first and the cloud and select the tap0 interface.
6. Verify you can reach the IP of Lab1’s FastEthernet 0/0 ip by pinging it from you Linux Host.

Connect your Virtual Machine to the Virtual Network:
1. In GNS3 create a cloud by dragging it from the left.
2. Right click the cloud and chose configure.
3. Click on the NIO ETHERNET tab and then ‘Linux Ethernet NIO’, select the vmnet interface that corresponds to the host only networking and click ‘Add’ and then ‘Apply’.  In my example it is vmnet1.
4. In a terminal on your Linux host note the IP of the vmnet interface of the previous step and then remove the ip by entering: sudo ifconfig vmnet1 0.0.0.0 #if vmnet1 was the interface from step 3. The IP is removed because that is the IP we gave the FastEthernet interface on Lab2.
5. In GNS3 connect the cloud to the cloud by clicking the Ethernet icon, selecting fast ethernet, clicking lab2, and then selecting the nio_linux_eth:vmnet1 interface of the cloud.
6. Verify that you can reach the IP of Lab2’s FastEthernet 0/0 by pinging it from the Linux VM.
7. To be able to reach the VM from the Linux host throught the virtual network add the following route to the Linux host: sudo route add -net 192.168.21.0 netmask 255.255.255.0 gw 192.168.1.1

Conclusion:
You should now have a basic network with two routers that you can practice with.  In the second article we will configure NAT, IPsec, and ACLs on the routers.  Please do comment on any confusing steps in this tutorial, I wrote it after doing this myself and not as I did it, so something might be missing.

Reference:
http://www.blindhog.net/tutorials/linux-loopback-tap0.htm
Lab1 Router Configuration
Lab2 Router Configuration

Wojciech Kocjan’s Learning Nagios 3.0 is a clear and gentle introduction that takes readers through the basics and introduces them to the more advanced topics of infrastructure monitoring with Nagios. The writing has a good balance of concise technical information while also providing thorough examples in a tutorial style. This keeps the book from being too dense while not being so repetitive that it comes off as condescending.

The installation and initial configuration are covered together in the same chapter. The installation instructions are thorough; different package managers as well as compiling from source code are included. There are also troubleshooting instructions that cover common mistakes that people tend to encounter when first installing Nagios. One troubleshooting detail that the author neglected to include is a short CPAN tutorial. This would be useful because when standard plug-ins are missing necessary Perl dependencies, CPAN can be used to install them. The configuration of Nagios involves an inheritance engine that can often lead to a high level of complexity. This book includes illustrations for this and many other concepts that are more easily understood visually, and each illustration is explained well.

The more advanced topics covered include distributed monitoring, automated responses to problems (event handlers), and options to reduce the performance impact that monitoring can have. These chapters have inspiring introductions to taking Nagios to a level beyond just a mechanism for the notification of problems. For example, event handlers can be created to restart services that have failed automatically. Also, something such as configuring Nagios to escalate issues to certain people can improve the organization of an IT administration team. The book also explores different organizational styles for configuration files.

Probably the most universal monitoring protocol is Simple Network Management Protocol. This book has one of the clearest explanations of SNMP I have read, as well as a very clear explanation of how to use SNMP with Nagios. I would recommend this chapter to anyone looking for a good SNMP introduction, even if Nagios is not the primary interest.

The one chapter I felt was lacking in thoroughness was ‘Extending Nagios,’ which gets into writing your own plug-ins. The first simple example is a thirty line Python script, but an effective Nagios plug-in can be a shell script that is only a few lines. Also there are standards to writing Nagios plug-ins (see http://nagiosplug.sourceforge.net/developer-guidelines.html) which are discussed in Chapter 4, but this part is glossed over.

Overall I found this to be a well written and informative book that guides an administrator through Nagios with more clarity than Nagios’ own documentation does.