Jan
20

Twenty full Dynamips practice labs are now posted as part of our best-selling Volume 2 Workbook.

Enjoy the new labs, and as always, thank you for choosing INE!

Jan
03

INE would like to thank Nadeem Rafi for this guest blog post on using GNS3 with Ubuntu! Nadeem is one of our prized CCIE 2.0 Self-Paced students currently studying hard for his CCIE R&S exam. You will often see Nadeem in the INE Online Community working with his fellow students. Nadeem is currently enjoying 100 rack rental tokens from Graded Labs for his excellent post here!

Installing and Dual Booting Ubuntu

Linux is a stable Operating System and applications that do intense calculations can be handled in a more optimized way, as compared to other proprietary Operating Systems. Perhaps one of the best things, however,  is the fact that it is free and can co-exist with other Operating Systems.

Ubuntu is more user friendly than many other Linux flavors, especially considering that almost everything works out of the box with most laptop installations.

Ubuntu can be obtained in both 32-bit and 64-bit versions from:

http://www.ubuntu.com/GetUbuntu/download

For more information about how to install and dual boot with Windows XP (XP installed first), visit:

http://apcmag.com/how_to_dual_boot_windows_xp_and_linux_xp_installed_first.htm

For more information about how to install and dual boot with Windows Vista (Vista installed first), visit:

http://apcmag.com/how_to_dualboot_vista_with_linux_vista_installed_first.htm

After you have installed and booted Ubuntu successfully, you can proceed to the installation of GNS3 and the supporting software.

GNS3 and Supporting Software Installation

Installation of GNS3 is quite simple.

Step 1 - System - Administration - open the Synaptic Package Manager. You will be prompted for a password. Use your login password here.

Step 2- In the search box, type gns3, which returns the GNS3 and Dynamips packages. Select both of the packages (mark for installation).  In the pop up window it will show all of the dependencies which these two packages require. Click Mark for these as well.  Click Apply and installation will start by downloading and configuring GNS3 + Dynamips along with all required applications.

e-pic-1

Step 3 - After successful installation, you will see the following icon: Applications - Education - GNS3 Graphical Network Simulator.

Step 4 - For a multi tab console we need to install the utility called konsole.  In the Synaptic Package Manager type konsole and install it as previously described.

For best results, it is now time to configure Ubuntu for ease of use with GNS3.

Configuring Ubuntu for GNS3

For best operation of GNS3, we will create some directories. This will help to have a managed hierarchy of folders and files. Note: file and folder names under Linux are case sensitive, so the best option is to use lowercase names in all situations.

Step 1 - Create one root context-enabled Explorer. Go to Applications - System Tools and right click File Browser. Select Add this launcher to desktop.

Step 2 - You will see a new shortcut on the desktop for the file browser. Right-click it and choose Properties. In the Properties box you will see a command similar to “nautilus --no-desktop --browser %U”, which we need to replace with “gksudo nautilus” (without quotes). Now whenever you launch this version of the file browser, it will launch in root context and anything opened within this browser will automatically operate in the root context.

e-pic2

Step 3 - Now we will create one more shortcut for GNS3; using the above method. The only difference will be the command line text “gksudo gns3”. This shortcut will help you to launch GNS3 in the root context.

e-pic3

Step 4 - Open explorer using your newly created shortcut (root context file browser). Click on File System and create one new folder named gns3 (all lowercase).

e-pic4

Step 5 - Inside the gns3 folder, create the following folders: images, projects, configs, ie, capture, and tmp.

  • images will be used for storing images
  • projects will be used for storing .net files
  • ie will be the working directory for router temp files
  • capture will used for capturing network traffic
  • tmp will be used for temporary files created by GNS3

Configuring GNS3

Before we start configuring GNS3, you have to provide at least one IOS image, preferably in an unzipped format. Ensuring the image is unzipped will save  time when your routers boot and they will not need to unzip each time they are launched.

Step 1 - GNS3 requires to be run by the root account (admin account), for that we have created a shortcut which launches GNS3 in the root context. Launch Gns3 using this shortcut.

e-pic5

Step 2 - For the time being, cancel the first dialog box, and click on Edit - IOS Images and Hypervisors and click on the IOS Images in the newly opened window. (I assume that you have already placed one IOS Image of your choice into the /gns3/images folder). Please navigate to that folder and select your image, platform, and model accordingly. If you have a good Idlepc value, you can place it here also along with the default RAN for this IOS image. Do not forget to click on the Default image for this platform.

e-pic6

Step 3 - Now click on the External Hypervisors tab. Provide the proper working directory here /gns3/tmp and hit save 6 times. It will create 6 instances of Hypervisor.

e-pic7

Step 4 - Now go to Edit - Preferences and in the newly opened window, click on General and then on the General Settings tab. Configure this window as shown in following image, and replace the terminal command with the following:

/usr/bin/konsole --profile "gb" --new-tab -p tabtitle=%d -e telnet %h %p >/dev/null 2>&1 &

NOTE: The blog software is truncating one of the two  hyphens (-) before the keyword new in the above command.

NOTE: This modification is only required if you want to use konsole (multi tab terminal emulator), otherwise you can leave it as is.

e-pic8

Step 5 - Now click on Dynamips - Dynamips and configure this window per the following graphic:

e-pic9

Step 6 - After applying the above configuration, press Test. If everything succeeded, you will see "Dynamips successfully started”. If you want to capture and examine packets, click on Capture and provide the path to your capture directory: /gns3/capture (this directory was created earlier). You also need Wireshark for packet analysis.

Creating the First Project

Step 1 - Go to your /gns3/projects folder and create one file and rename it test.net.  Right click it and chose “Open with”, then “Open with other application”. In the command line type gns3, and click open. NOTE: Next time you can open any .net file by double clicking it, (this is the way of handling .net files because of a bug in GNS3 for Linux).

Step 2 - From the node types area, drag two instances of a router 3700 to the middle of the workspace ( I used the 3700 image, if you have used any other supported image, then drag that platform). Connect the devices using the Connect tool and then run the topology using the Run button.

pic10

You are now ready to create your topologies and start emulating. Remember, you can save your topologies to your /gns3/projects directory for later usage.

Happy emulating everyone! :-)

Dec
30

Hi Everyone,

As our blog polls reveal, many of you are using Dynamips hardware emulator for your CCIE exam preparations ;) So here are some good news for all you Dynamips-fans – we’ve completed and posted ten our of twenty of IEWB-RS-VOL2 labs adapted to the virtual platform. The remaining ten labs are to be completed and posted by end of January 2010 year. Notice that the Dynamips edition of VOL2 workbook could be purchased separately at a discounted price. However, keep in mind the limitations of the Dynamips platform, which restrict the amount of the features you can implement there. For a complete coverage of all relevant IOS features in full-scale labs format, you may want to choose the regular IEWB-RS-VOL2, which includes the Dynamips edition at no extra charge.

Happy studying and thanks for choosing INE!

Dec
22

As many of you know - I am NOT the Dynamips guru around here. For advanced questions on GNS3 and or Dynamips, I immediately direct students to our forum on ieoc.com. That is where all the emulating whiz kids hang out. With that said, I like to have a copy running on every computer I own. While I do not do full practice labs on the platform (I use Graded Labs for that), I love to be able to build little mini-scenarios on the fly whenever I quickly need to test a feature.

Last night I purchased Windows 7 Home Premium and set out to eradicate Windows Vista, doing a "clean install" for the upgrade. I thought I would walk you through the installation of GNS3 on this system as I heard that students have been having issues. Well, here we go (fingers crossed!):

Step 1: Download the all-in-one package for Windows from the download area of the gns3.net website.

Step 2: Install all components using a spousal approach (say "yes dear" to every prompt).

Step 3: Launch GNS3 using the Start Menu icon.

Step 4: Click 1 - Configure the test....

Step 5: Click Dynamips, then click the Test button. Dynamips fails to start. I notice the path to dynamips-wxp.exe is incorrect.

Step 6: Click the Browse button for the Executable Path and navigate to Program Files (x86) - GNS3 - Dynamips and select dynamips-wxp.exe and click Open.

Step 7: Click Test and Allow Access through the Windows Firewall.

Step 8: Dynamips starts successfully. Now time to setup the image. Click OK.

Step 9: Click 2 - Add one or more....

Step 10: Use the Browse button to select your image file.

Step 11: Click Save, then Close, then OK.

Step 12: Now time to set the critical Idle PC value. Drag an icon for your platform into the workspace.

Step 13: Right-click the device and choose Start.

Step 14: Use your favorite Telnet application and Telnet to the device.

Step 15: Respond to all prompts and access User Mode.

Step 16: Right-click the device in the workspace and choose Idle-PC.

Step 17: Choose the first Idle-PC value marked with a asterisk.

Happy emulating! Be sure to use the Task Manager to check on CPU usage as you work with the emulator.

Dec
11

We are thrilled to announce Lab 1 of the Version 4 R&S Dynamips product is released and available in all member accounts that are Volume II subscribers or previous Dynamips subscribers.

Lab 2 should also be completed this week as well.

All 20 labs are targeted for release by Feb 1, 2010.

Happy emulating everyone!

Sep
22

First of all, for those who have just started using Dynamips for their studies I strongly recommend looking over the following link Running IOS on PC. On that page you may also find the links to the Dynagen topology file for the previous edition of our virtual topology. As for GNS3 fans, Brian McGahan is working on the topology for this platform and plans to release it soon as well.

Now for the new Dynamips topology – the main change when comparing to the old one is the replacement of 3640 platform with 3725 router, which supports IOS 12.4T. Best of all, the 3725 routers with “ADV. ENTERPRISE SERVICES” images support most of the IOS features required for the updated CCIE R&S exam, including MPLS VPNs, ZFW, EIGRPv6 and OER. Additionally, the use of 3725 platform means we now have the built-in FastEthernet controller, which allows to get rid of the NM-4E modules used int 3640s. As a consequence, some interface names have changed too - specifically, all “Ethernet 0/X” interfaces have translated to “FastEthernet 0/X”.

You may find a sample .NET file for Dynagen here; the file has been created with a dual-CPU workstation on mind. However, a more powerful platform is recommended to simulate the full CCIE R&S rack (10+3 routers). Notice that you need to provide a correct path to the IOS image used in the topology as well as obtain the image itself. You may also need to edit other directory variables, such as working directory in order to get working configuration. Of course, you may want to play around with the IdlePC value to obtain optimal performance with your hardware platform and operating system. As a side note, two good tricks to reduce the load on your CPU

1) Disable spanning-tree for all VLANs in SW1-SW4 and provide a loopless topology by shutting down unused links and connecting switching in a star topology.
2) Shut down the backbone routers and only bring them up for testing purposes.

And finally, for the Dynamips version of our Full-Scale Labs Workbook. This one is coming right after we finish updating the “classic” VOL2 for the new R&S lab blueprint. You may expect the first “fully-Dynamips” labs to appear by the mid of October.

Happy studying!

Mar
21

Hi, Everyone!

We are in the progress of upgrading our CCIE Security racks with the new software and hardware. Here are the specs that you can use to build your own rack. The rack consists of six routers, two switches, two ASA firewall appliances and one IPS sensor. The hardware models and their specs are outlined below:

R1-R5: 2611XM 32/128, IOS 12.4(15)T ADVANCED SECURITY
R6: 2811 64/256, IOS 12.4(24)T ADVANCED ENTERPRISE SERVICES
SW1-SW2: CAT3550, IOS 12.2(50)SEE
IPS: Cisco IPS 4235 or 4240, SW version 6.0(3)E1
ASA1-ASA2: Cisco ASA 5510, SW version 8.0
AAA/CA Server: Win 2k running CS ACS 4.0 and IPS Manager Express.
Test PC: Win XP workstation with ezVPN Client Installed.

You can find a more detailed topology description at IE's Security Hardware List

All the hardware cabling remains the same and the backbone routers did not change. If you compare this to our current hardware blueprint, you will see that only R6 needs to be replaced with an ISR router. Optionally, instead of 2811 you can use another ISR such as 1841 64/192 for R6. If you are using the Dynamips emulator for you virtual CCIE rack, you can use 3725 model for SSL VPN, for instance. Simply put, you just need any router that supports SSL VPN and other ADVANCED ENTERPRISE features. As for the GET VPN feature - even though Cisco FN does not list it as being supported by 2611XM routers, it is still present in the ADV. SECURITY feature set. Surprisingly enough, ADVANCED ENTERPRISE SERVICES image for 2611XM does not support the feature :)

Now for the IPS appliance: the latest software version for the IPS is 6.2 and it does not support older 4235 or 4215 IPS sensors (nor does version 6.1). Instead the blueprint suggests using the newer 4240 model. However, if you look at the release notes for IPS SW 6.2 and 6.1 you will note the following tow major new features:

a) IPS management via IPS Manager Express
b) IPv6 support

Other updates are minor, including some cosmetic changes such as health monitoring, customizable dashboards, uauthenticated NTP etc. Of course, you can still configure the IPS using IDM (IPS Device Manager) or the CLI and use IMX for appliance monitoring. As for IPv6, it is not the part of the current blueprint; plus the blueprint specifies IPS version 6.1 which does not support IPv6. Therefore, until they announced IPv6 as being testing in the CCIE Security blueprint, you may freely hang with the older IPS models and save on buying the more expensive 4240. Even better, the older 4215 appliance could be emulated on VMware! Note, that you will see the older 4235 models for some more time in our racks, but they are going to be gradually replaced with the newer 4240 models. The labs will still rely on the 6.0 code.

As for the switches - right now we use the 3550s in the racks, but those will be gradually replaced with 3560s. The CCIE hardware blueprint states the use of 3560 and 3750 switches in the lab. If you compare the 3560 model against 3550, you will see the following major differences: different QoS features, IPv6 support in the 3560 and no Private VLANs in the 3550 (even though the FN states they are supported there, sigh). Everything else is virtually the same. While QoS and IPv6 are not very important from the standpoint of the Security exam, Private VLANs are. However, if you look at the CCIE lab exam blueprint, you will see that Private VLANs are not listed there. Based on that, you can stick with the 3550s switches for 99% of the Security features tested in the CCIE lab.

Also, until April 20th you will see the PIX and the VPN3k appliances in our racks. So even if you are still pursuing the old-blueprint exam, you can use the rental racks, as most features are upwards compatible with the updated software. And get ready for the upcoming initial update of our IEWB-SC VOL1 next week – 50+ technology-focused scenarios for the ASA firewall appliance.

Good luck with your studies!

Subscribe to INE Blog Updates

New Blog Posts!