Creating a Cisco switch using IOUl2 loaded on CentOS Qemu Image

The tutorial describes steps required for creating Cisco switch based on IOUl2. The Qemu image with installed CentOS Linux is loaded with IOU image. The IOU instances are attached to the network using iou2net.pl script written by Jeremy L. Gaddis. The script forwards frames between a IOU instance and a Qemu network adapters. The script is started using tap mode when Qemu interfaces are bridged with virtual tap interfaces.

1. Create Qemu image

/usr/local/bin/qemu-img create -f qcow2 ./centos6.0-ioul2.img 2000M

2. Download CentOS 6.0 minimal install CD

wget http://centos.arcticnetwork.ca/6/isos/i386/CentOS-6.0-i386-minimal.iso

Start Qemu image with attached CentOS minimal CD.

qemu-kvm -no-acpi -boot d -hda centos6.0-ioul2.img -cdrom ./Download/CentOS-6.0-i386-minimal.iso -m 1G

3. Install CentOS 6.0

I am not going to describe all the necessary steps required for CentOS installation. If you are not familiar with Linux installation, please have a look here:

https://brezular.com/2011/09/01/building-linux-l3-switchrouter-on-x86-part2-centos-6-0-installation/

Configure following settings during installation:

- hostname - centos
- root password - centos
- /dev/sda1 - ext4 - 1500 MB
- swap - 499 MB

After installation, shutdown CentOS and update it using yum.

qemu-kvm -no-acpi -boot c -hda centos6.0-ioul2.img -m 1G
dhclient eth0
yum update

4. Console support and autologin configuration on tty0 and ttyS0

We want to redirect console output to serial port and allow autologin on both tty0 and ttyS0.

a) Add line to /etc/inittab

S0:12345:respawn:/sbin/agetty ttyS0 9600 vt100

b) Modify in /etc/init/tty.conf

exec /sbin/mingetty --autologin root $TTY

c) Modify line "exec /sbin/agetty /dev/$DEV $SPEED vt100-nav" in /etc/init/serial.conf

exec /sbin/mingetty --autologin root /dev/$DEV $SPEED vt100-nav

d) Allow root login on serial port

echo "ttyS0" >> /etc/securetty

e) Edit /etc/sysconfig/init and prevent graphical startup to blow up a terminal

Substitute BOOTUP=color with BOOTUP=serial. Use the command below or edit /etc/sysconfig/init manually.

sed -i `s/BOOTUP=color/BOOTUP=serial/g` /etc/sysconfig/init

f) Edit /etc/grub.conf to redirect console output to the serial port – /dev/ttyS0

- Comment out these 2 lines by putting # at the beginning of the line:

#splashimage=(hd0,0)/grub/splash.xpm.gz

#hiddenmenu

- Set timeout to 0 seconds.

timeout=0

- Add this line end at the end of line starting with "kernel"

console=ttyS0,9600n8

Shutdown Centos.

halt

5. Disable Firewall and SElinux

qemu-kvm -no-acpi -boot c -hda centos6.0-ioul2.img -serial telnet:0.0.0.0:3000,server,nowait

telnet localhost 3000

a) Disable ipv4 and ipv6 firewall

/etc/init.d/iptables stop
/etc/init.d/ip6tables stop

rchkconfig --level 2345 iptables off
chkconfig --level 2345 ip6tables off

b) Disable SElinux

Change parameter SELINUX=enforcing to SELINUX=disabled in /etc/selinux/config

6. Change default behaviour of presented Ethernet cards

if the MAC address of Ethernet interface changes, system keeps the pair - the name of interface and its MAC address unchanged. It means that it creates the new interface with the new MAC address. As the script in GNS3 responsible for staring Qemu - qemuwrapper always starts the Qemu Ethernet interfaces with completely new MAC addresses, the names of interfaces are always changed. This behaviour is not desired and we have to changed to avoid confusion.

Add following line to /lib/udev/rules.d/75-persistent-net-generator.rules, right after line

ENV{MATCHIFTYPE}="$attr{type}"

ENV{MATCHADDR}=="*", ENV{MATCHADDR}=""

Edit /etc/sysconfig/network-scripts/ifcfg-eth0 and delete line starting with HWADDR

7. Additional CentOS configuration

a) Pair hostname with loopback ip address

echo "127.0.0.1 centos" >> /etc/hosts

b) load 8021q module

modprobe 8021q

c) Allow forwarding between interfaces

sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv6.conf.all.forwarding=1

To keep enabled forwarding after next boot of CentOS, you need to edit /etc/sysctl.conf and change/add the following line.

net.ipv4.ip_forward = 1
net.ipv6.conf.default.forwarding = 1

8. Layer 2 IOU Installation

a) Create symbolic link which points libcrypto.so.4 to libcrypto.so.10

ln -s /usr/lib/libcrypto.so.10 /usr/lib/libcrypto.so.4

b) Create license file

echo -e "[license]n$(uname -n) = 0000000000000000" > iourc

c) Create NETMAP file

The NETMAP file is generated by perl script.

d) Copy cracked IOU L2, wrapper, perl script - iou2net.pl to CentOS image

Please, don't ask to provide any IOU images. As for IOUl2 on Linux Fedora, you might read this tutorial:

https://brezular.com/2011/04/30/iou-on-fedora-linux/

Perl script connecting IOU to the real network is available here:

e) Install necessary packages

yum install telnet wget tunectl

9. Install perl and dependencies

dhclient eth0

a) Install perl, libpcap

yum install perl perl-Time-HiRes libpcap libpcap-devel

b) Add rpmforge repository - it needed for package perl-net-pcap

wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.i686.rpm

pm -ihv rpmforge-release-0.5.2-2.el6.rf.i686.rpm
rm /root/rpmforge-release-0.5.2-2.el6.rf.i686.rpm

c) Install perl-net-pcap

yum install perl-Net-Pcap.i686 perl-Net-PcapUtils.noarch

10. IOU L2 configuration

a) Perl script for creating IOU topology file - NETMAP

Script "check_netmap.pl" creates NETMAP file if it doesn't exist. Every time a script is started, it generates unique local ID for IUOl2 instance and unique pseudo ID for each instance of iou2net.pl. IDs are generated in range from 10 to 1010.

If NETMAP file exists, nothing is done.

Note  All IDs in your topology must be unique numbers otherwise problem with duplicate MAC can occur.

/root/check_netmap.pl

 

 

 

 

 

 

 

Assign privileges to script.

chmod +x check_netmap.pl

NETMAP file could possibly looks like following.

10:0/0@centos 20:0/0@centos
10:0/1@centos 21:0/0@centos
10:0/2@centos 22:0/0@centos
10:0/3@centos 23:0/0@centos
10:1/0@centos 24:0/0@centos
10:1/1@centos 25:0/0@centos
10:1/2@centos 26:0/0@centos
10:1/3@centos 27:0/0@centos

Explanation

10:0/0@centos 20:0/0@centos

The local instance IOUl2 with ID 10 is running on PC with hostname centos and it is connected with its interface Ethernet0/0 to pseudo interface 0/0 of pseudo IOUl2 instance with ID 20. Pseudo IOUl2 instance with ID 200 is a script iou2net.pl running on the same PC with hostname centos.

The number of rows in NETMAP file matches the number of ethernet interfaces found in /sys/class/net/ directory. For example if there is only one interface eth0 presented in Qemu image, NETMAP file contains only one row.

This table matches IOU interfaces with corresponding CentOS interfaces:

IOU - CentOS

Eth 0/0 - eth0
Eth 0/1 - eth1
Eth 0/2 - eth2
Eth 0/3 - eth3
Eth 1/0 - eth4
Eth 1/1 - eth5
Eth 1/2 - eth6
Eth 1/3 - eth7

b) Bash script for starting IOU

This script  /root/iou_start.sh is responsible for these jobs:

  • starting script check_netmap.pl
  • starting IOU image on port - i86bi_linuxl2-upk9-ms.M with local IOU ID on port 6000
  • bringing up ethernet interfaces in /sys/class/net directory
  • creating as many tap interfaces and bridges br as they are ethernet interfaces
  • adding a particular ethernet interface e.g eth0 and tap interface e.g tap0 to the particular bridge e.g br0
  • starting iou2net.pl script for particular tap ineterface e.g tap0 with particular unique pseudo ID

 

 

Assign privileges to script and start the script.

chmod +x /root/iou_start.sh

Allow script to by automatically started during the boot of CentOS.

echo "/root/iou_start.sh" >> /etc/rc.local

If you wish to start IOUL2 after boot, put this line to /etc/rc.local

echo "telnet localhost 6000" >> /etc/rc.local

Telnet to switch.

telnet localhost 6000

Note

Always delete NETMAP file before shutdown, if you start your base centos6.0-iuol2.img image outside of GNS3. Otherwise script check_netmap.pl doesn't create a valid NETMAP file.

11. Optional steps - cleaning CentOS

a) Delete file .ssh/known_hosts

rm /root/.ssh/known_hosts

b) Delete temporary files

rm -rf /tmp/*

c) Clean content of files in directory /var/log/

for file in /var/log/*; do echo "" > $file; done

d) Delete bash history

echo "" > /root/.bash_history

4 thoughts on “Creating a Cisco switch using IOUl2 loaded on CentOS Qemu Image

  1. Hi, Thanks a lot for your great articles.

    I tried CentOS install into qemu on my macbook.
    Unfortunately after step 4. (Console support and autologin configuration on tty0 and ttyS0), I can't go ahead.

    Which thing should I check?

    I have checked there is no miss-config around all files in step 4 trying rescue-mode in CentOS install option mounting the system under /mnt/sysimage.

    To see what happens, I removed the option "quiet" in the line starting with "kernel" in /etc/grub.conf and it seems that the system is going well except that I can't login.

    Please see the below ( telnet localhost 3000 output log)
    http://pastebin.com/tpDCbbzN

    Thanks,

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.