The Cisco IOS XE Release 3.10 brings support for Kernel Based Virtual Machine (KVM) hypervisor. Thanks to the this awesome enhancement, Cisco CSR 1000v running IOS XE 3.10 can be easily connected to devices running inside GNS3 topology. The goal of this tutorial is to install CSR 1000v IOS XE 3.10 on a virtual machine that is run by Qemu hypervisor. As the both Guest and Host CPU are the same x86 architecture, Qemu can use kvm for hardware assisted virtualization. In a last part of the tutorial we will configure GNS3 to support CSR 1000v Qemu Virtual machine and test connection between CSR 1000v and Cisco 3725 both running inside GNS3.
REQUIREMENTS
1. Hardware Requirements
- Computer with at least 6 GB RAM
- Each CSR 1000v Virtual machine consumes 4 GB RAM plus 2 GB RAM for OS and installed applications e.g. GNS3, Dynamips
- Processor with built-in hardware virtualization support (VT-x or AMD-V)
2. Software Requirements
- Linux Fedora 17 x86-64 (or any other x86 or x86-64 Linux) with working KVM and Qemu installation
- KVM installed on Fedora Linux
- Qemu installed on Fedora Linux
- GNS3 0.8.4 or later
- Qemu 1.6.0 or later and compiled for i386 or x86_64 support (Qemu 0.12 is officially supported)
- Dynamips 0.2.8-RC7-x86_64.bin or later
- CSR 1000v IOS XE Release 3.10.0S or later - Download Page
Cisco CSR 1000v Installation on Qemu Virtual Machine
1. Create Qemu Virtual Machine
$ /usr/local/bin/qemu-img create -f qcow2 ./CSR_1000v.img 8G
2. Start Qemu Virtual Machine
$ /usr/local/bin/qemu-system-i386 -boot d CSR_1000v.img -enable-kvm -m 4096M -cpu Nehalem -smp 4,sockets=4,cores=1,threads=1 -device virtio-net-pci,mac=00:00:ab:c1:bd:02 -device virtio-net-pci,mac=00:00:ab:2c:41:03 -cdrom ~/csr1000v-universalk9.03.10.00.S.153-3.S-ext.iso
The command start a Qemu Virtual machine with attached CSR installation ISO image. Qemu 32 bit binary may be used to run a Virtual machine but CPU model Nehalem must be explicitly configured. Also be aware of RAM requirement. If less than RAM 4096 MB is assigned to a Virtual machine, installation fails. Finally, CSR 1000v IOS XE Release 3.10 only supports virtio-net-pci NIC model for kvm hypervisor.
Picture 1 - CSR 1000v Grub Menu Window
CSR 1000v is installed automatically. Once finished, it will restart and finally the router prompt appears.
Picture 2 - Booting CSR 1000v
License Activation and Output to Serial Port
In order to redirect output to serial port use the following command:
CSR_1000v(config)#platform console serial
Cisco CSR 1000v license model and benefits of activation an evaluation license is explained here in more details. To activate evaluation license for Cisco IOS XE 3.12S and earlier, us the following command:
CSR_1000v(config)#license boot level premium
Save configuration and reboot a router with the reload command.
1. License Activation for Cisco IOS XE 3.13S and later
Unlicensed Cisco IOS XE 3.13S and later has throughput limited to 100 kbps. Comparing to release Cisco IOS XE 3.12S and earlier, evaluation license is not bundled in software. The license is valid for 60 days and it is available at the Cisco Licence Portal.
The following evaluation licenses are available:
- AX technology package license with 50 Mbps maximum throughput
- PPX technology package license with 10 Gbps maximum throughput
If you need an evaluation license for the Security technology package, or for an AX technology package with higher throughput, you must contact your Cisco service representative.
Perform the following steps after the Cisco CSR 1000V first boots:
1.1 Enter the following command to obtain the UDI
Router>enable
Router#show license udi
Picture 3 - Getting License UDI
1.2 Log on to the Cisco Software Licensing portal to obtain the evaluation license
http:/www.cisco.com/go/license
Click on Continue to Product Registration and navigate to Get Other Licenses and select Demo and Evaluation. Under Product Family, select Router & Switches. Under Product , select Cisco Cloud Services Router 1000V and click Next.
Select the evaluation license and a standalone deployment. Select Cisco CSR1000V Maximum throughput AppX Evaluation License. In the UDI Serial Number field, enter the 11-character UD we obtained in a previous step.
Picture 4 - License Registration
Note The UDI is case-sensitive, and should be entered in all capital letters.
Now you can download the evaluation license. The license was also sent to your email address.
1.3 Install license
In a default Qemu NAT mode, an installed guest (Cisco IOS XE) have direct access to the host and its IP address of the guest is obtained from the default built-in Qemu DHCP server. Assuming that you downloaded the evaluation licence file to host with OS Linux, you can upload and install license to your base IOS XE image with following commands:
Router(config)#interface gigabitEthernet 1
Router(config-if)#ip address dhcp
Router(config-if)#no shutdown
Router(config-if)# ^Z
The interface GigabitEthernet 1 should have assigned IP address 10.0.2.15/24 and can reach the IP address of the default gateway 10.0.2.2. Now, we can both download a license file from the Linux and install it with the single command:
Router#license install scp://brezular@10.0.2.2:/92UTSI4VLIZ_20141214141756172.lic
As we installed the APPX feature set evaluation license, we should configure license level appx.
Router(config)#license boot level appx
% use 'write' command to make license boot config take effect on next boot
Router(config)#interface gigabitEthernet 1
Router(config-if)#no ip address
Router(config-if)#shutdown
Save configuration and reload a router.
Router(config-if)#do write
Router(config-if)#do reload
The Cisco CSR 1000V reloads with the evaluation license activated. The evaluation license expires 60 days from when it is activated. You can check the license with the commad:
Router#show license detail
Picture 5 - License Detail
Use the following command to check the allowed throughput:
Router#show platform hardware throughput level
Picture 6 - Platform Hardware Throughput Level
GNS3 Qemu Guest Virtual Machine Configuration
Navigate to Edit-> Preferences -> Qemu-> General Settings. Assuming that you Qemu installation is working configure GNS3 Qemu settings as following:
Picture 7 - Qemu General Settings
Click on the Test button to check if you finshed Qemu General settings configuration. If you settings are correct GNS3 displays the message All components have successfully started.
Navigate to Edit-> Preferences-> Qemu-> Qemu Guest and configure your Qemu guest settings as following.
Picture 8 - Qemu Guest Settings
Testing Connection between Cisco CSR 1000v and 3725 routers
Drag and drop both routers on the GSN3 desktop. Start routers and configure them according the network diagram.
Picture 5 - Network Topology
Be aware that CSR 1000v reserves interface GigabitEthernet 0 for management purpose so use interface GigabitEthernet 1 instead for connection to the Cisco 3725 router. As we previously configured CSR 1000v to direct IOS output to serial port, you can use the serial console. Right click on the device and select option Console.
1. Configure the Hostname, CDP Protocol and the IP Address for the Interface GigabitEthernet 1 of the Cisco CSR 1000v
Router>enable
Router#conf t
Router(config)#hostname CSR_1000v
CSR_1000v(config)#cdp run
CSR_1000v(config)#interface GigabitEthernet 1
CSR_1000v(config-if)#ip address 10.10.10.2 255.255.255.252
CSR_1000v(config-if)#cdp enable
CSR_1000v(config-if)#no shutdown
CSR_1000v(config-if)#do write
2. Configure the Hostname and the IP Address for the Interface FastEthernet 0/0 of the Cisco 3725 Router
Router(config)#hostname c3725
c3725(config)#interface FastEthernet 0/0
c3725(config-if)#ip address 10.10.10.1 255.255.255.252
c3725(config-if)#no shutdown
c3725(config-if)#do write
3. Check if the Layer 2 and 3 Connection is Established between the Routers
If the Layer 2 connection is established between routers and CDP protocol is enabled on CSR 1000v, it should appear in the output of show cdp neigbours command issed on the Cisco 3725. Similarly, if Layer 3 connection is established between routers, we should be able to successfully ping ip address of CSR 1000v GigabitEthernet interface 10.10.10.2
Picture 9 - Checking Connection between the Routers
Excellent as Always
Hi brezular,
I tried it on ubuntu 12.04 64bit but i when i tried to start virtual machine i had the following error. I tried everything with SDL with no success
No protocol specified
No protocol specified
Could not initialize SDL(No available video device) - exiting
is it possible to help me?
Thank you
What is the exact command syntax you use to start your image?
Hi brezular,
Now it is working without changing anything. I run again the command to send it to you and it is working.
Thank you very much
it will work on core i3 with 3GB RAM ??
Nope. You have to have at least 4 GB of RAM. Check hardware requirements.
Hi Brezular.
I've configured the CSR-1000v as you've indicated above (Fantastic tutorial by the way), but got quite a number of errors when booting!
For instance, in the screenshot of the CSR booting, I see:
Successfully installed virtual service csr_mgmt
On my instance I see:
Failed to activate virtual service csr_mgmt
I also see the following error:
error : storageVolumeLookupByName:1151 : Storage volume not found: no storage vol with matching name '_rootfs.csr_mgmt'
I might mention that I'm using a newer image (namely: csr1000v-universalk9.03.11.00.S.154-1.S-std.iso) - could this be the root of my problems?
Cheers,
ak.
It appears I stumbled onto the solution to my issue above. I was having ping issues between the CSR and a qemu guest so decided to try deleting the files created in the 'qemu-flash-drives' subdir of the project folder. This fixed the issue with CSR, but I still can't ping between the CSR and the guest connected to interface G1! I added another qemu guest and attached that to interface G2 and I can ping in both directions. Still working the issue!
Cheers,
ak.
Check if both interfaces - G1 and Ethernet interfaces of the guest 1 are up (L1 layer). If yes, check the IP settings on both interfaces - guest1 and interface G1.
If ping won't be working try to connect any router that can be emulated by Dynamis to the interface G1 (instead of the guest 1). Check if L2 connection is working between routers using the command show cdp neigbours.
One other question:
How do I shutdown the device when I'm done using it? Should I simply yank the carpet under its feet by closing the qemu window? Being that this is an installed instance, I'm hesitant to continually do as I suggest above (i've had to do this already) to avoid corrupting the underlying file system!
Cheers,
ak.
To answer my own question, it appears that 'yanking the carpet' is the only option to shutting down the Router:
http://www.cisco.com/en/US/docs/routers/csr1000/software/configuration/csroverview.html#wp1076978
Cheers,
ak.
Am I right in reading this as I have to install a Linux distribution in a VM so I can run the GNS3 emulator software on Linux? I'm guessing this is a limitation imposed by Cisco's 1000v IOS.
For others, you can find some relatively-decently priced Dell Precision workstations with a nice chunk of processing power and memory on eBay. I bought my first (old) 690 to support GNS3, years ago, then upgraded to a T7400 (because it was double the processing power and used the same memory I had installed in the old model). With memory riser cards, even at the relatively cheap memory in the 1-2GB range (it gets exponentially more expensive if you want more dense chips - such as 4GB), you get 16-slots available so for (relatively) cheap you can end up with 16-32GB of RAM on a VM-supporting multi-processor Xeon architecture. Mine was at ~40GB RAM.
Lastly: Sorry I missed the crowd-sourcing for GNS3. I wish you had waiting until tax returns were in because I've been using this since it was only DynaMIPs and we had to write our own INI-like files.
As Cisco CSR 1000v can be installed on Qemu Guest VM you don't need GNS3 to run CSR. Thus download Qemu for Windows, create Guest VM with particular parameters and install CSR. Then you can configure GNS3 to use this Qemu guest with installed CSR and connect it to the other devices running inside GNS3.
Or you can completely omit GNS3 and connect Qemu guest to Dynamips / Dynagen via UDP tunnels. The last Qemu version support UDP tunnels so you don't need to patch it for UDP and multicast.
Hope this helps.
Some of your advices in this thread got me off track when I tried to build my own qcow2 images with CSR 1000V 3.13 and 3.14.
I was finally able to run qemu nodes inside GNS3 1.2.1 with the following attributes inside virt-manager 1.1.0 (GUI application, much easier than the CLI):
- processor model: westmere (Nehalem is too old for my hardware)
- CPU: 2vCPU, but that depends on your capabilities
- RAM: 3072 MB are more than enough and the node can boot with that
- network adapters (8) type: e1000 and not virtio, otherwise the node cannot run inside GNS3
Let me know if you need any more details.
Thanks for this - it is much appreciated. I didn't know you could upgrade throughput on eval licence.
Great post! Very informative.
Good afternoon dear, thanks for the information generated on your page, you will have some recommendation to add the CSR1000 to the GNS3 2.2.7 version, which is totally different from the previous versions the way of configuration and addition of the router in the qemu option in GNS3, I appreciate your collaboration and help
Hello, has anyone tried running csr1000v.03.10/11/ or at least 03.12 on EVE-NG?