An emulator for building a cisco network. Learning - light and high salary: an overview of software emulators for network equipment Cisco Systems and Juniper Networks

Viewed: 65204

What is GNS3?

GNS3 is a graphical network simulator that allows you to simulate a virtual network of routers and virtual machines. An indispensable tool for teaching and testing. Works on almost all platforms. Great for creating stands on desktop machines.
Depending on the hardware platform on which GNS3 will be used, it is possible to build complex projects consisting of routers Cisco, Cisco ASA, Juniper, as well as servers running network operating systems.

In the absence of access to real equipment, GNS3 will become an almost complete laboratory. In addition, GNS3 labs can complement real labs for students preparing for CCNA / CCNP and CCIE certification exams.
The only drawback of this software is the inability to fully simulate Cisco Layer 2 switches. This flaw will not be fixed in new versions, since it is caused by a fundamental difference in the hardware platform of Cisco routers and switches. In some cases, this drawback can be circumvented using the NM-16ESW network module. Unfortunately, the listing of commands is slightly different in the case of using the NM-16ESW and real Cisco switches, but it is quite suitable for training.
GNS3 does not include IOS / IPS / PIX / ASA / JunOS images as they are part of the commercial products of the respective companies and have no direct relation to the GNS3 project. At the moment, this is no longer a problem, since it is no longer difficult to find the necessary image.

One of the most interesting features of GNS3 is the ability to connect the designed topology to the real network. It gives just a unique opportunity test any project in practice, without using real equipment. Using WireShark allows you to monitor traffic within the designed topology, which gives additional information to understand the technologies being studied.
Best of all, GNS3 is completely free. It's open softwareand anyone can download it from. Currently there are versions for Linux, MS Windows XP and Windows 7, as well as for MacOS.

GNS or IOU?

In addition to GNS, there is another simulator - IOU - IOS on UNIX. GNS or IOU? IOU or GNS? Let's start with IOU, because we won't be using it yet.
As the name implies, it is installed on top of UNIX. Previously it was only Solaris, now Linux is supported.
Its most significant advantages:

Almost complete support for both L3 and L2. This emulator is used for the CCIE lab exams.
Low requirements for PC resources. More precisely to the CPU. You also need a lot of memory.
There are no restrictions on boards and interfaces. In the settings, you simply specify how much and what you want.

Minuses:

The most important thing is proprietary software, which is not officially distributed at all. There are L2IOU, L3IOU images in torrents, but this is illegal.
The cisco.com site at one time said:
Cisco IOS on Unix is \u200b\u200ba tool intended for internal use only. Distribution of IOU images to customers or external persons, or discussion of IOU with customers or external persons, is prohibited. Don’t do it or we’ll have to come and kill you.
installing and configuring the IOU is straightforward. You need to have great peace of mind and some nix experience to understand topologies, configuration files, and saving device configurations.
Poor graphical interface. Lets only see the resulting topology. Topology creation - only through a text set of lines describing links and devices. In general, you need to get used to it.

But this is a really useful utility for unprincipled IT workers. If you need a lab of 20+ devices or need to work with QinQ, Rapid PVST (and other L2 technologies), or want to seriously tackle Tshoot, or prepare for CCIE, then this is for you.
In the next article we will tell you how to work with IOU and give an example of preparing a CCIE RS stand at home.

Initial GNS Setup 3. Adding a Cisco IOS Image

The most important advantage of GNS3 is simplicity and convenience in creating projects for execution laboratory work... The installed program requires a minimum of initial settings that can be done in a couple of minutes.
We assume that you already have the images. Let's add them. Open the menu item of the program Edit -\u003e IOS images and hypervisors.

In the window that opens, you must specify the path to the Cisco IOS image file

As soon as the image file is selected, the platform for which this image is intended will be automatically selected and, in some cases, a drop-down list with a list of available models will become available. The minimum recommended amount of RAM will also be installed.

In most cases, at this stage, you can first click Save, then Close, and start creating a new project using the routers of the platform specified earlier.

In some cases, GNS3 does not recognize the platform, model, and required amount of RAM for the selected Cisco IOS image. In this case, you will have to specify all the above parameters yourself.
Pay attention to the IDLE PC field. Don't touch it yet.
After all the necessary parameters are specified, you must not forget to click the Save button. The selected image will appear in the list of available images for building the project.

Drag the router to the jobsite. Naturally, we take the model for which there is an image. There should be no mistakes.

Click on the green "Start" button on top. Notice how the CPU load has increased. One router loads one CPU core by 100%. If you have, for example, a Dual Core CPU (i.e. 4 threads), then the total load will be at the level of 25%. Now the excitement needs to be calm.
To do this, select Idle PC from the context menu. It is this mechanism that optimizes the use of processor resources. The PC calculates several values \u200b\u200band presents you with a list of them. It is recommended to select values \u200b\u200bwith a * sign. As soon as they are applied, the CPU load drops to zero. If suddenly it did not work out, we iterate until we reach the desired one. Now the next time you start after loading IOS GNS should not consume all the processor time.

Everything is ready to connect. GNS has standard facilities for this. In the context menu, select Console. By default, GNS uses the Putty application, but you can specify any of your own, for example, SecureCRT in the settings. It is enough to specify the full path in the terminal program file.

Good time.
When it comes to how to emulate Cisco IOS, everyone at once scrolls in the head: dynamips, dynagen or gns3 in the end, if you want everything in a set, and even with a GUI Front end.

Not so long ago I wrote that Cisco, since January 17, added Layer 2 to the CCIE RS laboratory in the TroubleShooting section, using virtual emulation based on L2IOU.

I didn’t know before that Cisco has its own emulator, I started looking for information. It turned out that some of them successfully managed to run the whole thing at home, and everything works well, and what is most important does not eat as much CPU time as dynamips.

In general, it interested me and I decided to try it.
IOU runs on a unix-like system, I set up a virtual machine (vmware fusion under Mac OS), downloaded the latest Linux Ubuntu, installed it and got to work.

In my case, the file is named like this: i86bi_linux-ipbase-ms
If we try to run it, we get the following:

./i86bi_linux-ipbase-ms

***************************************************************
IOURC: Could not open iourc file

So, we see that we could not open a certain iourc file, let's create it with the touch iourc command and try to start it again:

./i86bi_linux-ipbase-ms
***************************************************************
IOS On Unix - Cisco Systems confidential, internal use only
Under no circumstances is this software to be provided to any
non Cisco staff or customers. To do so is likely to result
in disciplinary action. Please refer to the IOU Usage policy at
wwwin-iou.cisco.com for more information.
***************************************************************
Missing application ID
Usage:
: unix-js-m | unix-is-m | unix-i-m | ...
: instance identifier (0< id <= 1024)
Options:
-e Number of Ethernet interfaces (default 2)
-s Number of Serial interfaces (default 2)
-n Size of nvram in Kb (default 16KB)
-b IOS debug string
-c Configuration file name
-d Generate debug information
-t Netio message trace
-q Suppress informational messages
-h Display this help
-C Turn off use of host clock
-m Megabytes of router memory (default 128MB)
-L Disable local console, use remote console
-u UDP port base for distributed networks
-R Ignore options from the IOURC file
We see Missing application ID, well, asks, so let's enter some, for example 10:

./i86bi_linux-ipbase-ms 10
***************************************************************
IOS On Unix - Cisco Systems confidential, internal use only
Under no circumstances is this software to be provided to any
non Cisco staff or customers. To do so is likely to result
in disciplinary action. Please refer to the IOU Usage policy at
wwwin-iou.cisco.com for more information.
***************************************************************
IOU License Error: host not found in iourc file

ubuntu \u003d<16 char license>;

Ok, now we understand (IOU License Error: host not found in iourc file, that we need to put the following lines in the iourc file:

ubuntu \u003d 1010101010101010;

where, 1010101010101010 are some numbers, any, 16 pieces 🙂

After writing this to the iourc file, try to run:

./i86bi_linux-ipbase-ms 10
***************************************************************
IOS On Unix - Cisco Systems confidential, internal use only
Under no circumstances is this software to be provided to any
non Cisco staff or customers. To do so is likely to result
in disciplinary action. Please refer to the IOU Usage policy at
wwwin-iou.cisco.com for more information.
***************************************************************
IOU License Error: invalid license
License for key 10ac82b5 required on host "ubuntu".
Obtain a license for this key and host from the following location:
http://wwwin-enged.cisco.com/ios/iou/license/index.html
Place in your iourc file as follows (see also the web page
for further details on iourc file format and location)

ubuntu \u003d<16 char license>;

Now we see IOU License Error: invalid license, it would be silly to count on something else :)

Now we have to play a little bit.
Namely, we need to disassemble the file, find where the validity of the license is checked, and fix one bit there.
I did it using IDA.

I found this check:

We see jnz, this is where we need to change the transition address.
Go to Hex, then use hexeditor to look for 75148B45FCE8DB and replace the first 75 with 74. Save, try to run:

Router # sh ver
Cisco IOS Software, Linux Software (I86BI_LINUX-IPBASE-M), Experimental Version 12.4 (20090407: 185408)
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 08-Apr-09 01:29 by yuiu
ROM: Bootstrap program is Linux
Router uptime is 30 minutes
System returned to ROM by reload at 0
System image file is "unix: ./ i86bi_linux-ipbase-ms"
Linux Unix (Intel-x86) processor with 86409K bytes of memory.
Processor board ID 2048010
8 Ethernet interfaces
8 Serial interfaces
16K bytes of NVRAM.
Configuration register is 0x0

We see that everything works 🙂

In the next articles, we will understand how to build a topology based on IOU.

See you soon 🙂

p.s. I described the launch process very superficially, if someone encountered any problems, unsubscribe in the comments, or on the forum.

p.s.s. at the request of the workers, an English-language link, which helped to realize this whole thing. http://evilrouters.net/

There is also a video. Also, if you look for information on this issue, there are also Chinese sources, where you can also find useful information.

Dynamips is a software emulator for the hardware of Cisco routers. The project has been developed since 2005 as a cisco 7200 emulator on a regular computer.
Subsequently, support for other platforms appeared. Now (2008) the list is as follows: Cisco 3600 series (3620, 3640 and 3660), 3700 series (3725, 3745) and 2600 series (2610 at 2650XM, 2691).
Let's take a deeper look and try to understand how it works and what you can do with it.

Dynamips is good when you need to:

quickly check the configuration of the router for its direct application, the consequence on a real piece of hardware;
get a laboratory stand with little blood, but powerful enough for training or demonstration;
experience the benefits and capabilities of the Cisco IOS operating system without having to purchase the router itself.

The first thought that can come to mind at this point is: can the cisco emulator replace the router itself? To some extent, yes, but only at a very low load. The author of the project himself indicates that the performance of a real router is approximately 100 times higher (Dynamips performance is about 1 kilopacket per second, while even the earliest NPE-100 model gives 100 kilopacket / sec).
In addition to the hardware of cisco routers, it is possible to emulate network devices, such as:

a bridge (using which you can connect an emulated router to a real network or another virtual router);
Ethernet switch;
ATM switch;
ATM bridge (Ethernet ATM);
frame-Relay switch.

The great thing about Dynamips is that it can run in hypervisor mode. That is, at the same time it is possible to run not one virtual tsiska, but a whole network with all the dynamips capabilities: switches, routers, bridges .. Thus, it becomes possible to execute labs without real equipment. Or demonstration stands. And practically of any complexity. In this case, the hypervisor is controlled over the TCP / IP network, and dynampis itself starts up something like this:

dynamips -H 7200

where 7200 is the port for communication with the hypervisor.

It should be notedwhich is launched by default, the emulator loads the computer a lot. Even 100%. To reduce the load, the "Idle PC" option has been created. With its help, you can reduce the load on the processor and, thus, run the second, third and more cisco emulators simultaneously without significant processor load. The IdlePC value is specific to each IOS image. The required value is chosen empirically. Directly with Dynamips, this is done as follows: after loading the router, preferably with an empty configuration after the prompt Press RETURN to get started! You need to press "Ctrl-] + i" after 5 seconds. The statistics of the processor utilization will begin to be collected. After this process (about 10 seconds), several values \u200b\u200bwill be displayed, of which the potentially best ones will be marked. It may be necessary to try several values \u200b\u200bbefore the CPU load drops from 100% to about 5% (differently on different computers).

Dynamips is a single executable file. Moreover, there are options for Linux, Mac OS and Windows. But it takes many arguments at startup to set specific emulation parameters. You can read more about the arguments on the project page xgu.ru.

However, it is often required to quickly deploy a virtual network, and using (studying, typing) dynamips with all the necessary arguments for launch is problematic, if you also take into account the need to create a configuration file describing the virtual network. Here is an example of such a file:

IF: E0: udp: 10000: 127.0.0.1: 10001
IF: E1: udp: 10002: 127.0.0.1: 10003
IF: E2: gen_eth: eth0

DOT1Q: E0: 1
ACCESS: E1: 4
DOT1Q: E2: 1

And this is just a config describing a simple switch. And if there is a need to emulate Frame Relay or ATM trunks? ... In general, you can finish the picture yourself and try to plan all your necessary actions to emulate a cisco network using only bare dynamips.

So, to facilitate the work, several tools have been created that facilitate the creation of configuration files and the launch of dynamips with the required parameters. By the way, they are also more user-friendly in terms of the interface.

Dynagen (project site dynagen.org). Uses CLI-like (Command Line Interface) to manage dynamips that run in hypervisor mode. It is nevertheless necessary to create a configuration file of type INI and dynagen through the network (see starting the hypervisor) will manage dynamips. This suggests that the hypervisor itself can be launched on a remote computer. An example of such a config:

image \u003d \\ Program Files \\ Dynamips \\ images \\ c7200-jk9o3s-mz.124-7a.image
# On Linux / Unix use forward slashes:
#image \u003d /opt/7200-images/c7200-jk9o3s-mz.124-7a.image
npe \u003d npe-400
ram \u003d 160

[]
s1 / 0 \u003d F1 1

[]
s1 / 0 \u003d F1 2

[]
s1 / 0 \u003d F1 3

[]
1:102 = 2:201
1:103 = 3:301
2:203 = 3:302

You can calculate the Idle PC value and reduce the processor load in dynamips using the idlepc command. Command List -? ...
Dynagen and dynamips can be downloaded.

Xenomips and Xentaur. These projects went even further.
Xenomips combines cisco emulation and Xen virtualization. Thus, the list of virtual devices dynamips is expanded by the capabilities of Xen. And on one physical computer as a host system, you can create a laboratory bench from cisco virtual routers, switches, Ethernet bridges, Frame Relay and ATM backbones, Cisco PIX firewalls (using the Pemu parallel project), Linux, FreeBSD, Windows servers and workstations , MacOS and so on.
The aim of the Xentaur project is to develop tools and methods for rapidly building virtual networks and researching their work. Networks can be not only purely virtual, but also mixed: along with virtual nodes, ordinary computers and network devices can work in them.
You can read more about these projects on the project website xgu.ru: Xenomips, Xentaur.

Thus, to emulate cisco networks, we need to choose for what purposes we need it. For many cases, GNS3 is sufficient. If you need to create a large project and consider (or demonstrate) the relationship between virtual servers, workstations and network devices, then you should pay attention to Xenomips.

Good luck learning!

P.S. It remains at times to ask this question. All of the described tools are licensed under the GPL and / or free and free to download. However, not the IOS image itself. So the question of where to download Cisco IOS remains open. This software is distributed commercially by Cisco. However, if you set yourself a goal, then you can download IOS for educational purposes - you can easily find it. ;-)

FEDERAL FISHERIES AGENCY

Federal State Budgetary Educational Institution of Higher Professional Education

Astrakhan State Technical University

Institute of Information Technologies and Communications

Department of "Information Security"

Lab on the basics of organizing secure networks based on cisco hardware using the Cisco Packet Tracer software emulator

Methodical manual on the discipline "Hardware and software for information security"

for students of specialty 090303 "Information security of automated systems"

Astrakhan 2011

Compiled by: Savelyev A.N., Candidate of Technical Sciences, Associate Professor of the Department of Information Security

Belov S.V., Candidate of Technical Sciences, Associate Professor of the Department of Information Security

Vybornova O.N., student of the DIB-51 group

Donskoy A.A., student of group DIB-51

Soloviev Yu.Yu., Candidate of Economic Sciences, Senior Lecturer of the Department of Economics and Enterprise Management

Reviewer: Popov G.A., Doctor of Technical Sciences, Professor, Head of the Department of Information Security

The methodological manual is a collection of laboratory works on the discipline "Hardware and software for ensuring information security of automated systems." The laboratory works contain basic theoretical information regarding the organization of secure IP-networks based on Cisco equipment. Practical examples implemented using Cisco Packet Tracer software.

The methodological manual was approved at a meeting of the methodological council of the department "___" _____________ 201_, protocol No. ______

Laboratory work No. 1

Overview of Cisco Packet Tracer Emulator Features

Objective: to get basic concepts and knowledge about the functioning of the Cisco Packet Tracer software emulator as a software tool for emulating the line of software and hardware equipment from Cisco Systems.

Theoretical description

Cisco Packet Tracer is a powerful data network simulation software based on network equipment from Cisco Systems. The Cisco Packet Tracer software emulator allows you to create models of data transmission networks, administer virtual active network equipment, and use various types of data transmission channels. This software allows you to create complex layouts of data transmission networks, check the performance of their topology. The Packet Tracer software emulator complements the Cisco Networking Academies curriculum to facilitate the learning of complex technical concepts and network system design.

Figure 1.1 shows the appearance of the interface window.

Figure: 1.1. Cisco Packet Tracer Emulator Interface

The Cisco Packet Tracer emulator interface contains the following elements:

1. Working area. Area for building and configuring networks;

2. Main menu;

3. Main toolbar;

4. Button "Network Information" allows you to enter a description of the current network;

5. Button "Contents (F1)" calls the help file;

6. General toolbar. Contains tools that are often used in the workspace of the program:

1) "Select". Used to highlight, move and select objects, devices and unconnected cables;

2) "Move Layout". Used to move the work area within the network logic field;

3) "The Place Note". Used to add notes to the work area;

4) "Delete". Used to remove objects, devices, notes, and links (cables);

5) "The Inspect". Allows to view tables related to the selected device (ARP table, routing table, etc.);

6) "The Resize". Allows you to resize device icons and objects in the workspace.

7. Buttons for visual modeling of data streams:

7) "The Add Simple PDU". Performs a simple ping between two devices;

8) "The Add Complex PDU". Allows to form complex data packets.

8. The "Realtime" tab. By default, Packet Tracer runs in real time. On the counter on the left side of this panel, time runs in the same way as on a regular watch;

9. Tab "Simulation". Serves to enter the simulation mode. This mode is used to monitor network traffic. In this case, the time is controlled by the user. Time can be paused or slowed down to view network traffic at a rate of 1 packet at a time;

10. Window for monitoring visual modeling packages according to a given scenario;

11. Block of scripts. Allows users to create and delete device scenarios;

12. Block for selecting the model of network components or connections belonging to a certain class (Figure 1.1 shows devices belonging to the Routers class);

13. Block for selecting a class of a device or connection;

14. Tab "Logic", toolbar "Logic". The buttons located on this panel function only in the working area of \u200b\u200bthe "Logic" tab;

15. Tab "Phisical". Designed to navigate to the physical work area. Also has its own toolbar. The physical workspace provides a physical view of the logical topology of a network, giving a sense of the space and location of devices and networks.

The construction of a data transmission network model is carried out by dragging and dropping the necessary devices into the workspace. The Cisco Packet Tracer software emulator implements the following types of connections listed in Figure 1.2, namely:

1. Automatic;

2. Console connection;

3. Direct patch cord (end network device (personal computer, server, network printer), router, access point, etc.);

4. Cross (reverse) patch cord (personal computer, server - personal computer, server, printer; active network device - active network device);

5. Fiber-optic data transmission channel;

6. Telephone data transmission channel;

7. Coaxial data transmission channel;

8. Serial (serial) data transmission channel.

Figure: 1.2. Connector types

The Cisco Packet Tracer software emulator allows you to save information about the network topology and settings of network devices in a * .pkt file.

As an example, let's put together a simple network diagram consisting of two personal computers and one router. To do this, select and drag the following devices to the workspace:

In the Routers class - a router of model 2811,

· In the End Devices class (end devices) - Generic (PC-TP).

By default, personal computers are named “PC1” and “PC2”, and the router is named “Router1”. The device name can be changed by left-clicking on it and entering a new device name.

Next, we connect the personal computers "PC1" and "PC2" with the ports "FastEthernet0" of the router "Router1". To do this, select the connection type "Cooper Cross-Over" (cross patch cord), click on the icon of the personal computer "PC1", select the port "FastEthernet", then click on the icon of the router "Router1" and select one of the free ports on it " FastEthernet0 "(it is recommended to assign network connections in order). We also connect the router "Router1" and the personal computer "PC2".

Ultimately, you should get the circuit shown in Figure 1.3. Initially, interfaces on devices are disabled. Disabled interfaces are marked in red, enabled interfaces are displayed in green.

Figure: 1.3. Data transmission network diagram

To assign network details to a personal computer, you need to click on its icon, in the dialog box that appears, select the "Desktop" tab, and in it - "IP configuration" (Fig. 1.4).

Let's assign to the personal computer "PC1" - ip address 192.168.1.2, ip address of the default router (default gateway) 192.168.1.1, subnet mask 255.255.255.0. Personal computer "PC2" - ip address 192.168.2.2, gateway 192.168.2.1, subnet mask 255.255.255.0.

Figure: 1.4. Configuring a personal computer

In the software emulator Cisco Packet Tracer, configuration of active network devices (routers, switches, hubs, etc.) can be performed by entering the required parameters in the corresponding fields of the Config tab. It is recommended not to use this method, since in real conditions of configuring network devices this is not possible. When performing the tasks specified in the tutorial, the configuration should be performed in the "CLI" tab using the control commands of the Cisco IOS operating system in the console mode.

Initially, you need to put the router into privileged mode with the command enable (abbreviated - ru ) - this changes the console prompt to the "#" character. Then we switch to the configuration mode from the terminal line with the command configure terminal (conf t ). In router configuration mode, the console prompt ends in "config-terminal". In the configuration mode of the router, its basic parameters are administered.

To administer the network interfaces of the router, you must switch to the network interfaces configuration mode. To switch to the network interface configuration mode, in the device configuration mode, execute the command:

interface interface_name.

This mode configures the selected interface. Team ip address address mask the IP address of the network interface is assigned.

The interface is enabled by the command no shutdown (no shut ), shutdown - with the command shutdown (shut) ... For informational purposes, using the interface subcommand description you can add a text comment.

The state of the interfaces can be viewed by exiting the configuration mode (with the command exit or by clicking<Ctrl + Z\u003e ) and running the command show interface (shint ). A brief summary of the status of all interfaces available on the device can be obtained using the command show ip interface brief .

The result of configuring a Cisco device is a configuration command script that is interpreted by the device. The current, or used, device configuration - the device configuration script - can be viewed using the command show running-config (sh run ).

Let's look at an example of configuring a router. Assign the port FastEthernet0 / 0 - IP address 192.168.1.1, mask 255.255.255.0; port FastEthernet0 / 1 - IP address 192.168.2.1, mask 255.255.255.0 (Fig. 1.5).

Figure: 1.5. Configuring the router

As a result, the device interfaces turn green. This is a sign that they are on and functioning properly.

You can check the functioning of the network by sending an ICMP request (by executing the command “ ping ») From personal computer PC1 to personal computer PC2. The command " ping »Can also be performed on active network devices such as a router. There are two ways to send an ICMP request in the Cisco Packet Tracer software emulator:

1. Using the console application ("Command Prompt" in the "Desktop" tab of one of the computers or the "CLI" tab of the router);

2. Using the “The Add Simple PDU” data flow simulation tool: select the “The Add Simple PDU” tool, click on the request source device, click on the request receiver device. If the request is successful, the status "Successful" is set in the window for observing the visual modeling packages (Fig. 1.6).

Figure: 1.6. Data flow modeling

The Cisco IOS operating system that manages Cisco devices has a built-in help system that can be accessed from command execution mode. The help system is contextual, which means that the help provided depends on what the user is trying to do in the Cisco IOS at a given time. To get a list of available options, just enter the command in the form of a question mark ( ? ). This command will search for available commands (subcommands) and list them on the screen. The help system is structured in such a way that the left side of the displayed text contains the commands themselves, and the right side contains short explanations for each of them.

Remember that in the Cisco Packet Tracer emulator, the help system only shows a list of commands that can be simulated by the program. This list may differ slightly from the list of commands available on a real device.

In addition, the built-in help system allows you to enter commands not completely, but automatically completing the command to the end when you press a key Tab ... If you enter a part of a command that does not have multiple meanings and press the key Tab , then IOS will complete the command itself. If you enter an ambiguous command, Cisco IOS will not be able to complete it.

1. In the software emulator Cisco Packet Tracer, build a network layout according to the scheme described above.

2. Configure devices according to options;

3. Check the availability of active network elements using the command ping .

4. Check the availability of active network elements using the data flow modeling tool "The Add Simple PDU".

Job options:

Option	Subnets
1	172.16.1.x / 24; 172.16.2.x / 24
2	192.168.1.x / 30; 192.168.2.x / 30
3	172.12.1.x / 24; 172.12.2.x / 24
4	192.168.1.x / 24; 172.12.1.x / 24
5	192.168.1.x / 28; 192.168.5.x / 24
6	192.168.1.x / 24; 192.168.21.x / 28

test questions:

1. Seven-level OSI model.

2. Functioning of the physical and data link layers of the OSI model.

3. Functioning of the network and transport layers of the model.

4. Functioning of the session layer, presentation layers and applications.

5. Basic information on the Ethernet 802.3u standard.

6. Concept of IP address, subnet mask.

7. Classes of IP addresses.

8. Dividing networks into subnets, segmenting networks.

Laboratory work No. 2

Overview of Cisco Hardware Devices Implemented in the Cisco Packet Tracer Software Emulator

Objective: Learn about active network devices implemented in the Cisco Packet Tracer software emulator. Learn to configure and manage a router through the console port. Read and configure the network services of the virtual server.

Theoretical information

Network switch (switch from English switch) is an active-type network device that connects hosts on a data network within one network segment. The switch transmits the received packets not to all ports, as the hub does, but directly to the recipient, thereby establishing a virtual data transmission channel. An Ethernet network switch compared to a hub (hub) has increased efficiency and performance. By using isolated data transmission channels, the level of network security is increased.

Router or router (from the English router) is a specialized network device that transmits network layer packets (layer 3 of the OSI model) between different parts of the network infrastructure based on data on the network topology and certain algorithms and rules.

Each Cisco device has a console port that is used to access it using a direct-attached terminal. The console port is often an RS-232C or RJ-45 type interface port and is labeled “Console”.

Having established a physical connection between the terminal or personal computer and the device, it is necessary to configure the terminal for its appropriate interaction with the device. To do this, configure the parameters of the terminal (or the terminal emulation program on a personal computer) in such a way that the following settings are supported:

· Type of emulated terminal - VT100;

· Data transfer rate - 9600 baud;

· Prohibition of parity control;

· 8 data bits;

· 1 stop bit.

After checking that the settings are correct, apply power to the device. Information about the device will appear on the terminal screen, which indicates a successful connection. If there is no message on the screen of the terminal or device emulating it, you need to check the connection and make sure that the terminal settings are correct.

Let's put together a diagram consisting of 3 personal computers, a server, a router and a switch. To do this, select and drag the following network components onto the workspace:

In the Routers section - router model 2811,

In the Switches section - switch model 2960-24,

· In the End Devices section - Generic personal computers (PC-TP), Generic server (Server-PT).

Let's connect the devices to each other, as shown in Figure 2.1, and proceed with the network configuration.

Figure: 2.1. Network model diagram

In this network diagram, we use the following subnets:

1. Personal computers PC1, PC2 and Server0 connected to the router through Switch0 and the FastEthernet0 / 0 port of Router0 are a NetA subnet;

2. Personal computers PC0 and Router0 (FastEthernet0 / 1 port) are a NetB subnet.

In the laboratory work, the router must be configured through a terminal connection from a personal computer PC1. To do this, we connect PC1 and Router0 with a console connection (on PC1 we select the RS 232 port, on Router0 - the console port Console). Then on PC1 go to the "Desktop" tab, select "Terminal" and click "Ok". If everything is done correctly, then in the end we connect to the router through a terminal connection (Fig. 2.2).

Figure: 2.2. Terminal connection interface

As an example, the NetA subnets will be 192.168.1.0/28 and the NetB subnets will be 192.168.2.0/28.

Assign IP addresses to network interfaces, similar to the previous lab.

It is possible to administer network active devices not only through a console connection, but also remotely using the telnet protocol. To do this, you must first configure access for remote (virtual) users on the device (router). In privileged mode, run the following commands:

Line vty 0 4

passwordpassword.

After that, from any computer, you can go to the command line and enter the command telnet Ip_address... If the connection is successful, then the password is requested, which is set for access to the router for remote users. If the password is entered correctly, we connect to the router (Fig. 2.3).

Figure: 2.3. Connecting to a router via telnet

Switch0 can also be assigned an IP address. To assign an IP address to the device as a whole, you must assign an IP to the Vlan1 interface. Now the switch has been assigned an ip-address, and its availability can be checked with the command ping ... Switches can operate both on the 2nd layer of the OSI network model and on the 3rd layer of this model. Layer 3 switches have the ability to assign IP addresses to individual ports. Layer 3 switches allow you to segment your data network into separate isolated subnets.

The following virtual server network services are implemented in the Cisco Packet Tracer emulator.

DNS service(English Domain Name System) is a system (database) capable of reporting its IP address on request containing the domain name of a host (computer or other network device). Each computer in TCP / IP data transmission networks has its own unique address - this is a series of digits of the format XXX.XXX.XXX.XXX (where XXX is a number from 0 to 255). Remembering the IP address of a host is quite difficult; it is much easier to remember the symbolic name of a particular network element associated with its IP address, for example, www.mail.ru, www.rambler.ru, etc.

HTTP service (abbreviated from the English. HyperText Transfer Protocol - "protocol of transfer of hypertext") - the protocol of the application layer of data transfer (initially - in the form of hypertext documents). HTTP is based on client-server technology, that is, it is assumed that there are consumers (clients) that initiate a connection and send a request, and providers (servers) that wait for a connection to receive a request, perform the necessary actions and return a message with the result.

The main object of manipulation in HTTP is the resource pointed to by the URI (Uniform Resource Identifier) \u200b\u200bin the client's request. Typically, these resources are files stored on the server, but they can be logical or abstract objects. A feature of the HTTP protocol is the ability to specify in a request and a response a way to represent the same resource by various parameters: format, encoding, language, etc. It is thanks to the ability to specify how the message is encoded that the client and server can exchange binary data, although this protocol is textual. The HTTP protocol is implemented by default on TCP port 80, if necessary, the port number can be changed.

HTTPS service (HyperText Transfer Protocol Secure) - An extension to the HTTP protocol that supports encryption. Data transmitted over the HTTPS protocol is “packed” in a cryptographic SSL or TLS protocol, thereby ensuring data protection. Unlike HTTP, HTTPS uses TCP port 443 by default.

Email (English email, e-mail, from English electronic mail) is a technology and the services it provides for sending and receiving electronic messages over a distributed (including global) computer network. To send mail from users to servers and between servers for further forwarding to the recipient, the SMTP protocol (TCP port 25) is used. The email client uses POP3 (TCP port 110) or IMAP (TCP port 143) to receive mail.

FTP service (English File Transfer Protocol - file transfer protocol) is a protocol designed for transferring files in data transmission networks. FTP allows you to connect to FTP servers, view directory contents, and upload files from or to a server; in addition, the mode of transferring files between servers is possible.

Consider the specifics of configuring these network services in the Cisco Packet Tracer software emulator.

On the Server0 server, let's configure the DNS server. To do this, go to the "Config" tab, select the "Services" ® "DNS" tab on the left panel. Next, select the "A Record" record type, enter the name (symbolic address) of the host in the "Name" field, enter the host IP address in the "Address" field, and click the "Add" button. The record will be added to the table (Fig. 2.4).

If necessary, the table entries can be edited and deleted. To do this, select the appropriate table record, make the necessary changes and press the “Save” button to save the changes, or the “Remove” button to remove the row from the table.

Figure: 2.4. DNS server configuration interface

After setting up the DNS server in the configuration of computers in the "DNS Server" field, you must enter the IP address assigned to Server0.

Let's configure the HTTP service in the same way. On the Server0 server, go to the “Config” tab, on the left panel, select the “Services” ® “HTTP” tab, enable “HTTP”.

The text box shows the HTML of the page that will be displayed in the browser. The page code can be changed using HTTP tags. Figure 2.5 shows the modified HTML for the index.html page. Here the color of the "Cisco Packet Tracer" text and the title text have been changed.

Figure: 2.5. Setting up an HTTP server

To check the functionality of the DNS server and the HTTP server, you must launch the “Web Browser” in the “Desktop” tab of your computer and enter the host name in the address bar. If the settings are correct, an HTML page will open (Fig. 2.6).

Figure: 2.6. Web Browser Emulation Window

Let's configure a mail server on Server0. To do this, go to the "Config" tab, select the "Services" ® "EMAIL" tab on the left panel. Enable "SMTP Service" and "POP3 Service". Register a domain name and press the "Set" button. Add users (Fig. 2.7).

Figure: 2.7. Setting up a mail server

After setting up the server, you need to configure the mail client on your PC. In the "Desktop" tab, select "E Mail". The mail client configuration window will open. Subsequently, it will be possible to call it by clicking the "Configure Mail" button in the client window.

In the window for configuring the mail client in the "User Information" block, enter the name of the author of letters and the mailing address of the form username @ domainname, in the "Server Information" block the symbolic name or IP address of the mail server is indicated, in the "Logon Information" block the username and password of the user registered on the mail server are indicated (Fig. 2.8). After that, you should press the "Save" button, which will open the "Mail Browser" - the main window of the mail client.

Figure: 2.8. Mail client setup

To write a letter, press the "Compose" button, fill in the text fields and send the letter (Fig. 2.9).

Figure: 2.9. Sending an email

To check whether the letter has arrived to the addressee, you need to go to the mail client on the addressee's PC and press the "Receive" button. We will see if there are letters for this addressee. The content of the selected message is displayed in the text field below the list of incoming letters (Fig. 2.10).

To reply to any of the leading letters, you must select it and press the "Reply" button.

Figure: 2.10. Received email

Let's configure an FTP service on Server0. To do this, go to the "Config" tab, select the "Services" ® "FTP" tab on the left panel. Enable "FTP Service". Add a user to access the FTP resource. To do this, enter the username and password in the “UserName” and “Password” fields, assign access rights (Write, Read, Delete, Rename, List) and press the “+” button to add (Fig. 2.11). The File table contains a list of files available to users.

Rice ... 2.11. Setting up an FTP server

To access the FTP server, you must enter the command in the command line of one of the PCs ftp hostname (symbolic name or IP address). We will be prompted for a username. If you entered the username registered on the FTP server, you will be prompted for a password. If the password is entered correctly, then we are connected (Fig. 2.12).

Figure: 2.12. Connect to FTP Server

Using the command dir you can view a list of files that are stored on the server. You can also download a file from the server using the command get File name... Team put file name allows you to upload a file to an FTP server.

Assignment for laboratory work:

1. In the software emulator Cisco Packet Tracer build the network model according to the diagram shown in fig. 2.1;

2. Configure devices via terminal connection from PC1 according to options;

3. Connect to the router via telnet protocol.

4. Configure network services DNS, HTTP, EMAIL, FTP.

5. Check the availability of network nodes using the utility ping .

6. Check the work of the installed server services.

Job options:

			Hostname
	NetA	NetB	Hostname
1	172.16.1.x / 24	172.16.2.x / 24	myHost.ru
2	192.168.1.x / 28	192.168.2.x / 30	Cisco.lab
3	172.12.1.x / 24	172.12.2.x / 24	MySecondLab
4	192.168.1.x / 24	172.12.1.x / 24	Lab2.ib
5	192.168.1.x / 28	192.168.5.x / 24	Ib4.astu
6	192.168.1.x / 24	192.168.21.x / 28	Host.name

Test questions:

1. General information about the Cisco product line.

2. The concept of a switch. At what level of the OSI model does the switch operate?

3. The concept of a router. At what level of the OSI model does the router operate?

4. The concept of a gateway, firewall.

5. DNS service, types of DNS records.

6. HTTP service, general concepts.

7. Concept of e-mail, protocols SMTP, POP3 and IMAP.

8. FTP file exchange protocol, basic concepts and commands of FTP.

9. Telnet protocol, basic concepts.

Laboratory work No. 3

Friends, we are pleased to announce that we are starting to publish articles of our readers.
Today is material from our podcast guest Alexander aka Sinister.

============================
Especially for the linkmeup project

There are quite a large number of simulators and emulators for Cisco Systems equipment.
In this short overview I will try to show all the existing tools that solve this problem.
The information will be useful to those who study network technologies, prepare to take Cisco exams, collect racks for troubleshooting or research security issues.

First, a little terminology.
Simulators - they imitate a certain set of commands, it is sewn in and if you just go beyond the scope, we will immediately receive an error message. The classic example is Cisco Packet Tracer.
On the other hand, emulators allow you to play (by byte translation) images (firmware) of real devices, often without visible restrictions. An example is GNS3 / Dynamips.

Let's take a look at Cisco Packet Tracer first.

Cisco Packet Tracer

This simulator is available for both Windows and Linux, free of charge for Cisco Networking Academy students.
In the 6th version there were such things as:

IOS 15
HWIC-2T and HWIC-8A modules
3 new devices (Cisco 1941, Cisco 2901, Cisco 2911)
HSRP support
IPv6 in the settings of end devices (desktops)

The feeling is that the new release was just in time for the update of the CCNA exam to version 2.0.

Its advantages are the friendliness and consistency of the interface. In addition, it is convenient to check the operation of various network services, such as DHCP / DNS / HTTP / SMTP / POP3 and NTP.
And one of the most interesting features is the ability to go into simulation mode and see packet movements with time dilation.
It reminded me of the very Matrix.

Minuses:

Almost everything that goes beyond the CCNA framework cannot be assembled on it. For example, EEM is completely absent.
Also, sometimes various glitches can appear, which are treated only by restarting the program. The STP protocol is especially famous for this.

What do we end up with?
- Not a bad tool for those who have just started their acquaintance with Cisco equipment.

GNS3

The next one is GNS3, which is a graphical interface (in Qt) for the dynamips emulator.

Free project, available for Linux, Windows and Mac OS X.
GNS project website - www.gns3.net/
But most of its features designed to improve performance work only under Linux (ghost IOS, which works when many of the same firmwares are used), 64-bit version is also only for Linux.
The current version of GNS at the moment is 0.8.5
This is an emulator that works with real IOS firmwares. In order to use it, you must have firmware. Let's say you bought a Cisco router and you can take them out of it.
You can connect VirtualBox or VMware Workstation virtual machines to it and create rather complex schemes, if you wish, you can go further and release it into a real network.
In addition, Dynamips can emulate both old Cisco PIX and the notorious Cisco ASA, even version 8.4.

But with all this, there are many disadvantages.

The number of platforms is strictly limited: only chassis provided by dynamips developers can be launched.
It is possible to run ios 15 version only on the 7200 platform.
It is impossible to fully use Catalyst switches, this is due to the fact that they use a large number of specific integrated circuits, which, accordingly, are extremely difficult to emulate. It remains to use network modules (NM) for routers.
When using a large number of devices, performance degradation is guaranteed.

What do we have in the bottom line?
- A tool in which you can create fairly complex topologies, prepare for the CCNP level exams, with some caveats.

Boson NetSim

A few words about the Boson NetSim simulator, which has recently been updated to version 9.

Available only for Windows, prices range from $ 179 for CCNA to $ 349 for CCNP.
It is a kind of collection of laboratory works, grouped by exam topics.
As you can see from the screenshots, the interface consists of several sections: task description, network map, on the left side there is a list of all labs.
After finishing the work, you can check the result and find out if everything has been done.
It is possible to create your own topologies, with some restrictions.

Cisco CSR

Now let's look at a fairly recent Cisco CSR.
The virtual Cisco Cloud Service Router 1000V appeared relatively recently.

Perfect for anyone preparing to take a Data Center track.
It has some peculiarity - after switching on, the boot process starts (as in the case of CSR, we will also see Linux) and stops. It seems that everything is frozen, but it is not.
The connection to this emulator is done through named pipes.

A named pipe is one of the interprocess communication methods.
They exist both on Unix-like systems and on Windows.

To connect, just open putty for example, select serial connection type and specify \\\\. \\ pipe \\ vmwaredebug.

Using GNS3 and QEMU (a lightweight OS emulator that comes with GNS3 for Windows), you can build topologies that use Nexus switches. And again, you can release this virtual switch into a real network.

Cisco IOU

And finally, the famous Cisco IOU (Cisco IOS on UNIX) is a proprietary software that is not officially distributed at all.

It is believed that Cisco can trace and identify who is using the IOU.
At startup, an HTTP POST request is attempted to the xml.cisco.com server.
The data that is sent in this case includes hostname, login, IOU version, etc.

Cisco TAC is known to use the IOU.
The emulator is very popular with those who are preparing for the CCIE.
Initially, it only worked on Solaris, but was eventually ported to Linux.
It consists of two parts - l2iou and l3iou, you can guess from the name that the first emulates the link layer and switches, and the second - the network layer and routers.

Configuration is carried out by editing text configuration files, but some time ago a graphical interface, a web frontend was developed for it.

The interface is quite intuitive, with its help you can perform almost all actions.

Running this topology only leads to 20% CPU load.

By the way, this is the topology for preparing for the CCIE.

In order to connect to any device in the diagram, just click on it and putty will open immediately.

The possibilities of IOU are really great.
Although not without drawbacks, there are still some problems at the data link layer.
In some, for example, it is impossible to rigidly set the duplex, but these are all trifles - all the basic functionality works, and works perfectly.

The web interface is authored by Andrea Dainese.
His website is: www.routereflector.com/cisco/cisco-iou-web-interface/
On the site itself, there is no IOU or any firmware, moreover, the author claims that the web interface was created for people who have the right to use the IOU.

And a small summary in the end

As it turned out, at the moment there is a fairly wide range of emulators and equipment simulators from Cisco.
This allows you to almost fully prepare for exams of various tracks (classic R / S, Service Provider and even Data Center).
With some effort, you can collect and test a wide variety of topologies, conduct vulnerability studies and, if necessary, release emulated equipment into a real network.

(The Bay Bridge, which connects San Francisco to Treasure Island, has been converted into the world's largest light sculpture, using Cisco switches.)

===========================

Add-ons from eucariot.

I would like to say about the Huawei hardware simulator.

eNSP

Enterprise Network Simulation Platform simulates Enterprize routers, switches and end equipment. In fact, it is closer to Cisco Packet Tracer, it has a clear graphical interface, it is a simulator.

It is distributed completely free of charge - just register on the site.

It implements a huge number of functions of real equipment, in fact, only rather specific things cannot be implemented. MSTP, RRPP, SEP, BFD, VRRP, various IGPs, GRE, BGP, MPLS, L3VPN are available.
You can run multicast, that is, you select a video file on the server and through the configured network on the client you can watch the video (we will definitely use this in the SDSM about multicast).

You can catch packets with a wirewire.

I didn't work very much with it, but no glitches were found, the processor load is quite acceptable.

And, they saythat there is a special super-powerful Huawei emulator that fully implements all the high-end router capabilities that Huawei TAC uses, but everyone knows that these are just rumors.