GNS3 with ExaBGP Part 1

ExaBGP is a programatic tool that can be used to talk to other systems using BGP. There are quite a few cool applications available such as programattic blackhole route insertion, failover and other things, however my goal is to use ExaBGP to simulate a full internet routing table being offered to a router running in GNS3

There is a great introduction on how to initially setup ExaBGP on the PacketGeek which I am going to use as the basis for my SROS configuration.

ExaBGP will be running on my GNS3 host itself (Ubuntu 16.04.1 LTS) and we will connect to SR4 via tap1.

Simple GNS3 and ExaBGP Topology
Simple GNS3 and ExaBGP Topology

The Tap1 interface will be created as below (in a previous post I was using the tunctl commands to create a tunnel, however this is deprecated and ip based commands should be used.)

adam@gns3:~$ sudo ip tuntap add tap1 mode tap user gns3
adam@gns3:~$ sudo ip addr add 1.2.3.3/24 dev tap1
adam@gns3:~$ sudo ip link set tap1 up
adam@gns3:~$ ip addr show dev tap1
21: tap1:  mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 22:84:63:de:96:52 brd ff:ff:ff:ff:ff:ff
    inet 1.2.3.3/24 scope global tap1
       valid_lft forever preferred_lft forever
    inet6 fe80::2084:63ff:fede:9652/64 scope link
       valid_lft forever preferred_lft forever

SR4 is an SROS based router with a basic BGP config:

A:SR4# configure router
A:SR4>config>router# info
----------------------------------------------
#--------------------------------------------------
echo "IP Configuration"
#--------------------------------------------------
        interface "ExaBGP"
            address 1.2.3.4/24
            port 1/1/5
            no shutdown
        exit
        interface "system"
            address 10.10.10.4/32
            no shutdown
        exit
        autonomous-system 1234
#--------------------------------------------------
echo "BGP Configuration"
#--------------------------------------------------
        bgp
            group "ExaBGP"
                neighbor 1.2.3.3
                    peer-as 64512
                exit
            exit
            no shutdown
        exit
----------------------------------------------

Verify IP Connectivity:

A:SR4>config>router# ping 1.2.3.3 count 3
PING 1.2.3.3 56 data bytes
64 bytes from 1.2.3.3: icmp_seq=1 ttl=64 time=1.54ms.
64 bytes from 1.2.3.3: icmp_seq=2 ttl=64 time=1.62ms.
64 bytes from 1.2.3.3: icmp_seq=3 ttl=64 time=1.70ms.

---- 1.2.3.3 PING Statistics ----
3 packets transmitted, 3 packets received, 0.00% packet loss
round-trip min = 1.54ms, avg = 1.62ms, max = 1.70ms, stddev = 0.065ms

Assuming that we followed the ExaBGP installation procedure described in the Packet Geek’s page – we shall set up a very simple exabgp config

group test {
    router-id 1.2.3.3;
    neighbor 1.2.3.4 {
        local-address 1.2.3.3;
        local-as 64512;
        peer-as 1234;
    }
    process add-routes {
        run /usr/bin/python /home/adam/example.py;
    }
}

The configuration should be relatively self explanitory, where process add-routes comes to play is where a python script gets called to generate BGP messages.

#!/usr/bin/env python

from sys import stdout
from time import sleep

messages = [
'announce route 100.10.0.0/24 next-hop self',
'announce route 200.20.0.0/24 next-hop self'
]

sleep(5)

#Iterate through messages
for message in messages:
    stdout.write( message + '\n')
    stdout.flush()
    sleep(1)

#Loop endlessly to allow ExaBGP to continue running
while True:
    sleep(1)

Before we start, lets confirm the route-table on SR4

A:SR4# show router route-table

===============================================================================
Route Table (Router: Base)
===============================================================================
Dest Prefix[Flags]                            Type    Proto     Age        Pref
      Next Hop[Interface Name]                                    Metric
-------------------------------------------------------------------------------
1.2.3.0/24                                    Local   Local     00h15m36s  0
       ExaBGP                                                       0
10.10.10.4/32                                 Local   Local     00h19m44s  0
       system                                                       0
-------------------------------------------------------------------------------
No. of Routes: 2
Flags: n = Number of times nexthop is repeated
       B = BGP backup route available
       L = LFA nexthop available
       S = Sticky ECMP requested
===============================================================================

Nothing particularly surprising here. Let’s start exabgp.

A lot of logging information gets pushed out to the console but the last lines are the most interesting.

adam@gns3:~$ exabgp conf.ini
....
Mon, 07 Nov 2016 23:37:25 | INFO     | 18062  | processes     | Forked process add-routes
Mon, 07 Nov 2016 23:37:28 | INFO     | 18062  | network       | Connected to peer neighbor 1.2.3.4 local-ip 1.2.3.3 local-as 64512 peer-as 1234 router-id 1.2.3.3 family-allowed in-open (out)
Mon, 07 Nov 2016 23:37:30 | INFO     | 18062  | processes     | Command from process add-routes : announce route 100.10.0.0/24 next-hop self
Mon, 07 Nov 2016 23:37:30 | INFO     | 18062  | reactor       | Route added to neighbor 1.2.3.4 local-ip 1.2.3.3 local-as 64512 peer-as 1234 router-id 1.2.3.3 family-allowed in-open : 100.10.0.0/24 next-hop 1.2.3.3
Mon, 07 Nov 2016 23:37:31 | INFO     | 18062  | reactor       | Performing dynamic route update
Mon, 07 Nov 2016 23:37:31 | INFO     | 18062  | reactor       | Updated peers dynamic routes successfully
Mon, 07 Nov 2016 23:37:31 | INFO     | 18062  | processes     | Command from process add-routes : announce route 200.20.0.0/24 next-hop self
Mon, 07 Nov 2016 23:37:31 | INFO     | 18062  | reactor       | Route added to neighbor 1.2.3.4 local-ip 1.2.3.3 local-as 64512 peer-as 1234 router-id 1.2.3.3 family-allowed in-open : 200.20.0.0/24 next-hop 1.2.3.3
Mon, 07 Nov 2016 23:37:32 | INFO     | 18062  | reactor       | Performing dynamic route update
Mon, 07 Nov 2016 23:37:32 | INFO     | 18062  | reactor       | Updated peers dynamic routes successfully

Now lets check the route-table on SR4

A:SR4# show router route-table

===============================================================================
Route Table (Router: Base)
===============================================================================
Dest Prefix[Flags]                            Type    Proto     Age        Pref
      Next Hop[Interface Name]                                    Metric
-------------------------------------------------------------------------------
1.2.3.0/24                                    Local   Local     00h19m13s  0
       ExaBGP                                                       0
10.10.10.4/32                                 Local   Local     00h23m20s  0
       system                                                       0
100.10.0.0/24                                 Remote  BGP       00h02m36s  170
       1.2.3.3                                                      0
200.20.0.0/24                                 Remote  BGP       00h02m35s  170
       1.2.3.3                                                      0
-------------------------------------------------------------------------------
No. of Routes: 4
Flags: n = Number of times nexthop is repeated
       B = BGP backup route available
       L = LFA nexthop available
       S = Sticky ECMP requested
===============================================================================

So there we go, routing information has been pushed into SR4 via a script called by ExaBGP. Part Two will look at taking a data feed such as RIPE NCCs Routing Information Service and transforming it into something that ExaBGP can offer to a router.

Multicast testing with Ostinato (3/3)

Ostinato is a great open source traffic generation tool, lately I have been using it for some virtual labs using GNS3 with Nokia SROS based routers, however there is no reason what I am doing here cannot be adapted to any routing system that supports PIM and IGMP.

This post should be the final in the my current series on using Ostinato to generate and received multicast traffic flows.

So a quick recap of the network topology:

5 Router Multicast Topology
5 Router Multicast Topology

Test Scenario

We shall be transmitting multicast IP packets (destination 239.0.0.9) from the Ostinato Drone Port1 (Connected to R5), while Ostinato Drone Port2 (Connected to R4) and Port3 (Connected to R3) shall use IGMP to request reception of that multicast stream.

The previous blog two posts described constructing the multicast router network and the initial part of the Ostinato where I created IP hosts that connect to the network

Now that the precursors have been done, lets continue on by crafting the multicast stream that will be transmitted from Ostinato Port1 to R5:

In Ostinato, in the Ports and Streams window pane select Port1. Make sure the streams tab is visible and right Click to create a new stream – Stream 1 will be created with a blank name. If you click in that area you can give the stream a name (I will use MC-239.0.0.9)

Ostinato Port 1 - New Stream

Right Click on Stream 1 and select edit stream. There are multiple tabs available, pick the protocol selection tab and Select:

  • L1 – Mac
  • VLAN – untagged
  • L2 – Ethernet II
  • L3 – IPv4
  • L4 – UDP
  • L5 – None
Protocol Options to Create IP Multicast stream
Protocol Options to Create IP Multicast stream

Then select the Protocol Data Tab and populate the following information

  • Media Access Protocol
    • Destination: 01:00:5e:00:00:09 Mode:Fixed (For IP Multicast Group 239.0.0.9)
    • Source: 48:00:01:2E:10:83 Mode:Fixed (From the device configuration ToR5-OST-e1)
    Stream Protocol Data Tab - MAC
    Stream Protocol Data Tab – MAC
  • Internet Protocol Version 4
    • Source: 10.0.5.1
    • Destination: 239.0.0.9
    Stream Protocol Data Tab - IP
    Stream Protocol Data Tab – IP
  • User Datagram Protocol
    • Override Source Port – 222
    • Override Desination Port – 222
    Stream Protocol Data Tab - UDP
    Stream Protocol Data Tab – UDP

Now we create the Stream Control Options:

  • Send 100 Packets
  • Rate 10 Packets/Second
  • After this stream: Stop
Multicast Source 100 packets at 10 packets/second
Multicast Source 100 packets at 10 packets/second

What this means is when we run this stream, it will attempt to send 10 multicast IP packets encapsulated in multicast Ethernet Frames each second for a period of 10 seconds and then it shall stop.

  • We apply the configuration (click the Apply button in the upper right hand corner of the window)
  • Click on Port 0
  • Select Resolve Device Neighbors
  • Click on start packet capture (looks like a speaker icon)
  • Select clear statistics (this port or all ports)
  • Then click start
Packet Stats Multicast Transmission
Packet Stats Multicast Transmission

After 10 seconds, we should have seen around 100 packets transmitted (it could be slightly more if ARP or other processes were active)

Click on stop packet capture (looks like a speaker icon with a line through it)
Click on view packet capture (looks like a magnifying glass)

Wireshark Capture - Ostinato Drone (Multicast)
Wireshark Capture – Ostinato Drone (Multicast)

If we look at R5, we can see that it is aware that there is multicast traffic entering from Ostinato:

A:R5# show router pim group

===============================================================================
Legend:  A = Active   S = Standby
===============================================================================
PIM Groups ipv4
===============================================================================
Group Address               Type                Spt Bit  Inc Intf       No.Oifs
   Source Address              RP                  State    Inc Intf(S)
-------------------------------------------------------------------------------
239.0.0.9                   (S,G)                        OST-e1         0
   10.0.5.1                    10.10.10.2
-------------------------------------------------------------------------------
Groups : 1
===============================================================================

This appears to be working – so we shall proceed to configuring the other Ostinato ports to send IGMPv2 Group Reports for 239.0.0.9 and see if they will receive the multicast traffic.

Ostinato Port2 to R4 (Multicast Receiver):

Following the same concept as what was done for Port1, we will focus primarily on the differences. In Ostinato, in the Ports and Streams window pane select Port2. Make sure the streams tab is visible and right Click to create a new stream – Stream 1 will be created with a blank name. If you click in that area you can give the stream a name (I will use MJ-239.0.0.9)

Right Click on Stream 1 and select edit stream. There are multiple tabs available, pick the protocol selection tab and Select:

  • L1 – Mac
  • VLAN – untagged
  • L2 – Ethernet II
  • L3 – IPv4
  • L4 – IGMP
  • L5 – None

Then select the Protocol Data Tab and populate the following information

  • Media Access Protocol
    • Destination: 01:00:5e:00:00:02 Mode:Fixed (For IP Multicast Group 224.0.0.2)
    • Source: 34:00:02:BF:69:5B Mode:Fixed (From the device configuration ToR4-OST-e2)
    • Source: 10.0.4.1
    • Destination: 224.0.0.2
    • TTL: 1
  • Internet Group Management Protocol
    • Message Type – 22 IGMPv2 Report
    • Group Address 239.0.0.9

Now we create the Stream Control Options:

  • Send 1 Packets
  • Rate 0.1 Packets/Second
  • After this stream: Goto First

What this means is when we run this stream, it will attempt to send 1 IGMP Join every 10 seconds continuously.

  • We apply the configuration (click the Apply button in the upper right hand corner of the window)Click on Port 2
  • Click on start packet capture (looks like a speaker icon)
  • Select clear statistics (this port or all ports)
  • Select Resolve Device Neighbors
  • Then click start

After 10 seconds, we should have seen a few packets transmitted (it could be slightly more if ARP or other processes were active) we probably would be receiving very little as well assuming the multicast source is not currently transmitting.

Click on stop packet capture (looks like a speaker icon with a line through it)
Click on view packet capture (looks like a magnifying glass)

Wireshark Capture - Ostinato Drone (IGMP)
Wireshark Capture – Ostinato Drone (IGMP)
A:R4# show router igmp group
===============================================================================
IGMP Interface Groups
===============================================================================

(*,239.0.0.9)                                             UpTime: 0d 00:01:44
    Fwd List  : OST-e2
-------------------------------------------------------------------------------
Entries : 1
===============================================================================
IGMP Host Groups
===============================================================================
No Matching Entries
===============================================================================
IGMP SAP Groups
===============================================================================
No Matching Entries
===============================================================================

This looks good, we shall configure a similar stream for Port 3 on the drone.

Ostinato Port3 to R3 (Multicast Receiver)::

Following the same concept as what was done for Port2, on Port3 create stream MJ-239.0.0.9.

Right Click on Stream 1 and select edit stream. There are multiple tabs available, pick the protocol selection tab and Select:

  • L1 – Mac
  • VLAN – untagged
  • L2 – Ethernet II
  • L3 – IPv4
  • L4 – IGMP
  • L5 – None

Then select the Protocol Data Tab and populate the following information

  • Media Access Protocol
    • Destination: 01:00:5e:00:00:02 Mode:Fixed (For IP Multicast Group 224.0.0.2)
    • Source: 10:00:03:29:03:98 Mode:Fixed (From the device configuration ToR3-OST-e3)
    • Source: 10.0.3.1
    • Destination: 224.0.0.2
    • TTL: 1
  • Internet Group Management Protocol
    • Message Type – 22 IGMPv2 Report
    • Group Address 239.0.0.9

Now we create the Stream Control Options:

  • Send 1 Packets
  • Rate 0.1 Packets/Second
  • After this stream: Goto First

What this means is when we run this stream, it will attempt to send 1 IGMP Join every 10 seconds continuously.

  • We apply the configuration (click the Apply button in the upper right hand corner of the window)
  • Click on Port 3
  • Select clear statistics (this port or all ports)
  • Select Resolve Device Neighbors
  • Then click start

After a few seconds, we should be able to see if R3 has an IGMP member for group 239.0.0.9

A:R3# show router igmp group
===============================================================================
IGMP Interface Groups
===============================================================================

(*,239.0.0.9)                                             UpTime: 0d 00:00:03
    Fwd List  : OST-e3
-------------------------------------------------------------------------------
Entries : 1
===============================================================================
IGMP Host Groups
===============================================================================
No Matching Entries
===============================================================================
IGMP SAP Groups
===============================================================================
No Matching Entries
===============================================================================

Full End to End Test – Multicast Sender and Receivers

The sequence of events will be:

  • Resolve Device Neighbors on Ports 1/2/3
  • Start Ports 2 and 3 so they are waiting to receive multicast traffic.
  • Start Port 1 which should send 100 Packets to Group 239.0.0.9 in 10 seconds
  • Look at the stats to verify that Ports 2 and 3 receive 100 packets.
Port 1 Transit 100 Frames, Port 2 and 3 Receive 100 Frames
Port 1 Transit 100 Frames, Port 2 and 3 Receive 100 Frames

Multicast Forwarding Topology:

A:R5# show router pim group 239.0.0.9 source 10.0.5.1 detail | match Intf
Incoming Intf      : OST-e1
Outgoing Intf List : R1, R2
A:R1# show router pim group 239.0.0.9 source 10.0.5.1 detail | match Intf
Incoming Intf      : R5
Outgoing Intf List : R3
A:R2# show router pim group 239.0.0.9 source 10.0.5.1 detail | match Intf
Incoming Intf      : R5
Outgoing Intf List : R4
A:R3# show router pim group 239.0.0.9 source 10.0.5.1 detail | match Intf
Incoming Intf      : R1
Outgoing Intf List : OST-e3
A:R4# show router pim group 239.0.0.9 source 10.0.5.1 detail | match Intf
Incoming Intf      : R2
Outgoing Intf List : OST-e2

Individual Streams, or the entire test session can be saved so you don’t need to recreate the test scenario each time.

This was a somewhat long example as to what you can do with Ostinato, however being able to do multicast testing using more than igmp static joins on routers and pings to multicast addresses on a virtual environment is quite helpful.

I am by no means an expert with this tool and I am sure that there are ways to optimise my workflow to achieve similar results.  Working through this example was fun – as I find having a particular problem to solve is usually a good way to try to learn how to use a tool and now I am better armed for other situations.

As a note – from my preliminary investigations, unicast traffic flows seems to be generally more straight forward as Ostinato allows you to populate some stream layer information (such as MAC addresses) via ARP (this is using mode resolved instead of mode fixed – however this is dependant on defining the appropriate end devices)

Ostinato Virtual and Actual IP connectivity to the network (2/3)

Before we fully get into configuring Ostinato, we shall configure the Ostinato facing interfaces on the router topology originally started in the previous post

Just to recap here – this is the topology

5 Router Multicast Topology
5 Router Multicast Topology

The Interfaces facing Ostinato will be attached to an Internet Enhanced Service (IES) which is a form of IP connectivity to the network Global Routing Table (GRT). SROS defines an IES as a customer connectivity service (Access) as opposed to internal infrastructure (Network)

We will be creating IES Services on R3, R4 and R5:

Service Router Ostinato Drone
Router Service ID Interface SAP IP Address Interface IP Address
R3 33 OST-e3 1/1/4 10.0.3.3/27 e3 10.0.3.1/27
R4 44 OST-e2 1/1/4 10.0.4.4/27 e2 10.0.4.1/27
R5 55 OST-e1 1/1/4 10.0.5.5/27 e1 10.0.5.1/27

By default SROS has Ports configured as network. A SAP (Service Access Point) which is basically the same as a UNI (User Network Interface) can only be attached to an access port, so we are required to change the port mode prior to creating the SAP by associating it with a port.

A:R5# configure port 1/1/4
A:R5>config>port# shutdown
*A:R5>config>port# ethernet mode access
*A:R5>config>port# ethernet encap-type null
*A:R5>config>port# no shutdown
*A:R5>config>port# exit all 

Once this has been done on R3, R4 and R5 we can create the IES Services.

A:R3# configure service ies 33 customer 1 create
*A:R3>config>service>ies$ service-name "Multicast Receiver OST-e3"
*A:R3>config>service>ies$ interface OST-e3 create
*A:R3>config>service>ies>if$ address 10.0.3.3/27
*A:R3>config>service>ies>if$ sap 1/1/4 create
*A:R3>config>service>ies>if>sap$ exit
*A:R3>config>service>ies>if$ exit
*A:R3>config>service>ies$ no shutdown
*A:R3>config>service>ies$ info
----------------------------------------------
            interface "OST-e3" create
                address 10.0.3.3/27
                sap 1/1/4 create
                exit
            exit
            service-name "Multicast Receiver OST-e3"
            no shutdown
----------------------------------------------

As the Ostinato E3 will be a multicast reciever, we shall enable IGMP on this interface (IGMPv3 is enabled by default, however the IGMP version will fallback to previous versions depending on the supported version of the attached end systems)

A:R3# configure service ies 33 customer 1 create
*A:R3>config>service>ies$ /configure router igmp interface "OST-e3"
*A:R3>config>router>igmp>if# exit all
*A:R3# show router igmp interface

===============================================================================
IGMP Interfaces
===============================================================================
Interface               Adm  Oper Querier         Cfg/Opr Num     Policy
                                                  Version Groups
-------------------------------------------------------------------------------
OST-e3                  Up   Up   10.0.3.3        3/3     0       none
-------------------------------------------------------------------------------
Interfaces : 1
===============================================================================

We shall do similar for R4:

A:R4# configure service ies 44 customer 1 create
*A:R4>config>service>ies$ service-name "Multicast Receiver OST-e2"
*A:R4>config>service>ies$ interface OST-e2 create
*A:R4>config>service>ies>if$ address 10.0.4.4/27
*A:R4>config>service>ies>if$ sap 1/1/4 create
*A:R4>config>service>ies>if>sap$ exit
*A:R4>config>service>ies>if$ exit
*A:R4>config>service>ies$ no shutdown
*A:R4>config>service>ies$ /configure router igmp interface "OST-e2"
*A:R4>config>router>igmp>if$ exit all
*A:R4# show router igmp interface

===============================================================================
IGMP Interfaces
===============================================================================
Interface               Adm  Oper Querier         Cfg/Opr Num     Policy
                                                  Version Groups
-------------------------------------------------------------------------------
OST-e2                  Up   Up   10.0.4.4        3/3     0       none
-------------------------------------------------------------------------------
Interfaces : 1
===============================================================================

For R5, creating the IES repeats the same concept, however as the Multicast sender will be connected to this service, there are some minor variations, particularly we add the interface into OSPF (passively) so the RPF checks to the multicast source work, and we add the interface into PIM rather than IGMP.

A:R5# configure service ies 55 customer 1 create
*A:R5>config>service>ies$ service-name "Multicast Sender OST-e1"
*A:R5>config>service>ies$ interface OST-e1 create
*A:R5>config>service>ies>if$ address 10.0.5.5/27
*A:R5>config>service>ies>if$ sap 1/1/4 create
*A:R5>config>service>ies>if>sap$ exit
*A:R5>config>service>ies>if$ exit
*A:R5>config>service>ies$ no shutdown
*A:R5>config>service>ies$ /configure router pim interface "OST-e1"
*A:R5>config>service>ies$ /configure router ospf area 0 interface "OST-e1" passive
*A:R5>config>service>ies$ exit all
*A:R5# show router pim interface

===============================================================================
PIM Interfaces ipv4
===============================================================================
Interface                   Adm  Opr  DR Prty         Hello Intvl  Mcast Send
   DR
-------------------------------------------------------------------------------
R1                          Up   Up   1               30           auto
   10.1.5.5
R2                          Up   Up   1               30           auto
   10.2.5.5
OST-e1                      Up   Up   1               30           auto
   10.0.5.5
-------------------------------------------------------------------------------
Interfaces : 3 Tunnel-Interfaces : 0
===============================================================================

Firing up the Ostinato GUI

When the Ostinato GUI is first started, it assumes that the locally attached interfaces on the GUI machine is the portgroup we intend to work with.

Initial startup assumes the portgroup is on the local system
Initial startup assumes the portgroup is on the local system

Clicking on a portgroup and using the File menu (or right click context) will allow you to disconnect or delete the port group. For this example we will just delete the existing port group and then create a new portgroup where we specific the IP or hostname of the ostinato drone.

Port Group on a remote machine in this case box.home.local
Port Group on a remote machine in this case box.home.local

Now that we can see the list of interfaces, we can get ready to create a device – in this case a device doesn’t actually send traffic in of itself, however it is configured to simulate a layer 2 or layer 3 device connected to the network or device under test. We shall start with Port0 (e1) on the Drone which is connected to R5. We need to select the port, then the devices tab. Clicking in the window we can then right click and create a new device group.

Create a device on port0 (eth1)
Create a device on port0 (eth1)

We will select the IPv4 stack for the device, go with the default (VLAN tag 0, 1 device) and populate the IP address information for the Drone (10.0.5.1/27) with the Gateway being the IP of the adjacent Router (R5 10.0.5.5) Once configured, this must be applied (clicking the button in the upper right corner) which then pushes the configuration from the GUI to the drone.

Populating IPv4 information for ToR5-OST-e1
Populating IPv4 information for ToR5-OST-e1

Once a device has been populated, Ostination can generate and respond to IPv4 ARP and IPv6 ND. We need to select the Column of the port of interest (Port 2-0) in the Statistics window pane(from the ports and streams box) and click on the button second from the right (Resolve Neighbors) – ARP traffic should be generated.

Generate ARP Ostinato device (ToR5-OST-e1)

To verify if this was successful, In the Ports and Streams window pane, go to the devices tab and click on the information radio button. If you then click on refresh, you should see ARP and a number of send/received ARP messages – clicking on that should give you the neighbor resolution status.

ARP Status

We can confirm this is working from the router side as well:

A:R5# show router arp dynamic

===============================================================================
ARP Table (Router: Base)
===============================================================================
IP Address      MAC Address       Expiry    Type   Interface
-------------------------------------------------------------------------------
10.1.5.1        00:45:d3:03:b4:04 03h59m08s Dyn[I] R1
10.2.5.2        00:45:d3:58:a9:02 03h59m45s Dyn[I] R2
10.0.5.1        48:00:01:2e:10:83 03h55m03s Dyn[I] OST-e1
-------------------------------------------------------------------------------
No. of ARP Entries: 3
===============================================================================
A:R5# ping 10.0.5.1 count 3
PING 10.0.5.1 56 data bytes
64 bytes from 10.0.5.1: icmp_seq=1 ttl=64 time=1.71ms.
64 bytes from 10.0.5.1: icmp_seq=2 ttl=64 time=2.60ms.
64 bytes from 10.0.5.1: icmp_seq=3 ttl=64 time=1.32ms.

---- 10.0.5.1 PING Statistics ----
3 packets transmitted, 3 packets received, 0.00% packet loss
round-trip min = 1.32ms, avg = 1.88ms, max = 2.60ms, stddev = 0.538ms

We’ll follow the same concept for Port2 (connecting to R4)

Populating IPv4 information for ToR4-OST-e2
Populating IPv4 information for ToR4-OST-e2
A:R4# show router arp dynamic

===============================================================================
ARP Table (Router: Base)
===============================================================================
IP Address      MAC Address       Expiry    Type   Interface
-------------------------------------------------------------------------------
10.2.4.2        00:45:d3:58:a9:03 03h47m55s Dyn[I] R2
10.3.4.3        00:45:d3:1c:b6:01 03h47m54s Dyn[I] R3
10.0.4.1        34:00:02:bf:69:5b 03h59m57s Dyn[I] OST-e2
-------------------------------------------------------------------------------
No. of ARP Entries: 3
===============================================================================
A:R4# ping 10.0.4.1 count 3
PING 10.0.4.1 56 data bytes
64 bytes from 10.0.4.1: icmp_seq=1 ttl=64 time=2.17ms.
64 bytes from 10.0.4.1: icmp_seq=2 ttl=64 time=0.995ms.
64 bytes from 10.0.4.1: icmp_seq=3 ttl=64 time=3.65ms.

---- 10.0.4.1 PING Statistics ----
3 packets transmitted, 3 packets received, 0.00% packet loss
round-trip min = 0.995ms, avg = 2.27ms, max = 3.65ms, stddev = 1.09ms

And for Port3 (connecting to R3)

Populating IPv4 information for ToR3-OST-e3
Populating IPv4 information for ToR3-OST-e3
A:R3# show router arp dynamic

===============================================================================
ARP Table (Router: Base)
===============================================================================
IP Address      MAC Address       Expiry    Type   Interface
-------------------------------------------------------------------------------
10.1.3.1        00:45:d3:03:b4:03 03h44m53s Dyn[I] R1
10.3.4.4        00:45:d3:01:30:01 03h47m07s Dyn[I] R4
10.0.3.1        10:00:03:29:03:98 03h53m53s Dyn[I] OST-e3
-------------------------------------------------------------------------------
No. of ARP Entries: 3
===============================================================================
A:R3# ping 10.0.3.1 count 3
PING 10.0.3.1 56 data bytes
64 bytes from 10.0.3.1: icmp_seq=1 ttl=64 time=1.11ms.
64 bytes from 10.0.3.1: icmp_seq=2 ttl=64 time=1.22ms.
64 bytes from 10.0.3.1: icmp_seq=3 ttl=64 time=0.932ms.

---- 10.0.3.1 PING Statistics ----
3 packets transmitted, 3 packets received, 0.00% packet loss
round-trip min = 0.932ms, avg = 1.09ms, max = 1.22ms, stddev = 0.117ms

Now that the network is multicast enabled and we have basic IP device connectivity from Ostinato to the network we are ready to generate test streams and do something.

The next post (and final of the current Ostinato series) is actually configuring Multicast Streams and generate IGMP reports

Ostinato and Nokia SROS Routers in GNS3 (1/3)

Here is the GNS3 Topology for this blog post:

5 Router Multicast Topology
5 SROS Router Multicast Topology with Ostinato

For the moment let us ignore Ostinato and the Cloud parts of our topology and initially concentrate on building the network infrastructure.

  • OSPF is the IGP
  • PIM is enabled on all inter-router interfaces
  • Candidate BSRs are R3 (Priority 100) and R4 (Priority 90) – R3 should become the BSR (Like Basketball, highest wins)
  • Candidate RPs for 224.0.0.0/4 are R2 (Priority 90) and R4 (Priority 100) – R2 should become the RP (Like Golf, lowest wins)
/configure
    system
        name "R1"
    exit
    card 1
        card-type iom3-xp-b
        mda 1
            mda-type m5-1gb-sfp-b
            no shutdown
        exit
        no shutdown
    exit
    port 1/1/1
        ethernet
        exit
        no shutdown
    exit
    port 1/1/3
        ethernet
        exit
        no shutdown
    exit
    port 1/1/4
        ethernet
        exit
        no shutdown
    exit
    router
        interface "R2"
            address 10.1.2.1/27
            port 1/1/1
            no shutdown
        exit
        interface "R3"
            address 10.1.3.1/27
            port 1/1/3
            no shutdown
        exit
        interface "R5"
            address 10.1.5.1/27
            port 1/1/4
            no shutdown
        exit
        interface "system"
            address 10.10.10.1/32
            no shutdown
        exit
        ospf 0
            area 0.0.0.0
                interface "system"
                    no shutdown
                exit
                interface "R2"
                    no shutdown
                exit
                interface "R3"
                    no shutdown
                exit
                interface "R5"
                    no shutdown
                exit
            exit
            no shutdown
        exit
        pim
            interface "system"
            exit
            interface "R2"
            exit
            interface "R3"
            exit
            interface "R5"
            exit
            no shutdown
                bsr-candidate
                    shutdown
                exit
                rp-candidate
                    shutdown
                exit
        exit
exit all

 

/configure
    system
        name "R2"
    exit
    card 1
        card-type iom3-xp-b
        mda 1
            mda-type m5-1gb-sfp-b
            no shutdown
        exit
        no shutdown
    exit
    port 1/1/1
        ethernet
        exit
        no shutdown
    exit
    port 1/1/2
        ethernet
        exit
        no shutdown
    exit
    port 1/1/3
        ethernet
        exit
        no shutdown
    exit
    router
        interface "R1"
            address 10.1.2.2/27
            port 1/1/1
            no shutdown
        exit
        interface "R4"
            address 10.2.4.2/27
            port 1/1/3
            no shutdown
        exit
        interface "R5"
            address 10.2.5.2/27
            port 1/1/2
            no shutdown
        exit
        interface "system"
            address 10.10.10.2/32
            no shutdown
        exit
        ospf 0
            area 0.0.0.0
                interface "system"
                    no shutdown
                exit
                interface "R1"
                    no shutdown
                exit
                interface "R4"
                    no shutdown
                exit
                interface "R5"
                    no shutdown
                exit
            exit
            no shutdown
        exit
        pim
            interface "system"
            exit
            interface "R1"
            exit
            interface "R4"
            exit
            interface "R5"
            exit
            rp
                static
                exit
                bsr-candidate
                    shutdown
                exit
                rp-candidate
                    address 10.10.10.2
                    group-range 224.0.0.0/4
                    priority 90
                    no shutdown
                exit
            exit
            no shutdown
        exit
exit all

 

/configure
    system
        name "R3"
    exit
    card 1
        card-type iom3-xp-b
        mda 1
            mda-type m5-1gb-sfp-b
            no shutdown
        exit
        no shutdown
    exit
    port 1/1/1
        ethernet
        exit
        no shutdown
    exit
    port 1/1/3
        ethernet
        exit
        no shutdown
    exit
    router
        interface "R1"
            address 10.1.3.3/27
            port 1/1/3
            no shutdown
        exit
        interface "R4"
            address 10.3.4.3/27
            port 1/1/1
            no shutdown
        exit
        interface "system"
            address 10.10.10.3/32
            no shutdown
        exit
        ospf 0
            area 0.0.0.0
                interface "system"
                    no shutdown
                exit
                interface "R1"
                    no shutdown
                exit
                interface "R4"
                    no shutdown
                exit
            exit
            no shutdown
        exit
        pim
            interface "system"
            exit
            interface "R1"
            exit
            interface "R4"
            exit
            rp
                static
                exit
                bsr-candidate
                    priority 100
                    address 10.10.10.3
                    no shutdown
                exit
                rp-candidate
                    shutdown
                exit
            exit
            no shutdown
        exit
exit all

 

/configure
    system
        name "R4"
    exit
    card 1
        card-type iom3-xp-b
        mda 1
            mda-type m5-1gb-sfp-b
            no shutdown
        exit
        no shutdown
    exit
    port 1/1/1
        ethernet
        exit
        no shutdown
    exit
    port 1/1/3
        ethernet
        exit
        no shutdown
    exit
    router
        interface "R2"
            address 10.2.4.4/27
            port 1/1/3
            no shutdown
        exit
        interface "R3"
            address 10.3.4.4/27
            port 1/1/1
            no shutdown
        exit
        interface "system"
            address 10.10.10.4/32
            no shutdown
        exit
        ospf 0
            area 0.0.0.0
                interface "system"
                    no shutdown
                exit
                interface "R2"
                    no shutdown
                exit
                interface "R3"
                    no shutdown
                exit
            exit
            no shutdown
        exit
        pim
            interface "system"
            exit
            interface "R2"
            exit
            interface "R3"
            exit
            rp
                static
                exit
                bsr-candidate
                    priority 90
                    address 10.10.10.4
                    no shutdown
                exit
                rp-candidate
                    address 10.10.10.4
                    group-range 224.0.0.0/4
                    priority 100
                    no shutdown
                exit
            exit
            no shutdown
        exit
exit all

 

/configure
    system
        name "R5"
    exit
    card 1
        card-type iom3-xp-b
        mda 1
            mda-type m5-1gb-sfp-b
            no shutdown
        exit
        no shutdown
    exit
    port 1/1/2
        ethernet
        exit
        no shutdown
    exit
    port 1/1/3
        ethernet
        exit
        no shutdown
    exit
    router
        interface "R1"
            address 10.1.5.5/27
            port 1/1/3
            no shutdown
        exit
        interface "R2"
            address 10.2.5.5/27
            port 1/1/2
            no shutdown
        exit
        interface "system"
            address 10.10.10.5/32
            no shutdown
        exit
        ospf 0
            area 0.0.0.0
                interface "system"
                    no shutdown
                exit
                interface "R1"
                    no shutdown
                exit
                interface "R2"
                    no shutdown
                exit
            exit
            no shutdown
        exit
        pim
            interface "R1"
            exit
            interface "R2"
            exit
            rp
                static
                exit
                bsr-candidate
                    shutdown
                exit
                rp-candidate
                    shutdown
                exit
            exit
            no shutdown
        exit
exit all

Initial Multicast Verification:

A:R4# show router pim status | match " BSR" post-lines 5
BSR State                         : Candidate BSR

Elected BSR
    Address                       : 10.10.10.3
    Expiry Time                   : 0d 00:01:15
    Priority                      : 100
    Hash Mask Length              : 30
    Up Time                       : 0d 00:06:58
Candidate BSR
    Admin State                   : Up
    Oper State                    : Up
    Address                       : 10.10.10.4
    Priority                      : 90
    Hash Mask Length              : 30

Although R4 was a possible BSR, it knows R3 has the job.

Regarding the RP? Well the BSR sends all RP candidates and lets the PIM enabled routers decide themselves – in this case, lowest priority (R2) will be what matters

A:R1# show router pim rp

===============================================================================
PIM RP Set ipv4
===============================================================================
Group Address                                                Hold Expiry
  RP Address                                   Type     Prio Time Time
-------------------------------------------------------------------------------
224.0.0.0/4
  10.10.10.2                                   Dynamic  90   150  0d 00:02:06
  10.10.10.4                                   Dynamic  100  150  0d 00:02:06
-------------------------------------------------------------------------------
Group Prefixes : 1
===============================================================================

So lets look at Ostinato.

There are two parts to it

  1. the Drone (Server that generates/receives traffic) which is a virtual appliance in my GNS3 topology
  2. the GUI which is running on my desktop and connects over the network to the Drone

What may not be obvious is that I run GNS3 on a separate device (an desktop pc given 16GB of ram which runs Ubuntu and starts the GNS3 server upon bootup) as a remote server which I connect to via the GNS3 GUI on my PC.

The Ubuntu Server /etc/network/interfaces configuration is a little different to most as a bridge interface is used rather than the eth0 interface directly:

adam@gns3:~$cat /etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
iface eth0 inet manual
auto pnet0
iface pnet0 inet dhcp
    bridge_ports eth0
    bridge_stp off

This comes in handy because I can then add other interfaces to the bridge and be part of the same IP subnet. The follow command makes sure the gns3 user (which the GNS3 server application runs as) can control the tunnel interface (tap0) and it is added to bridge pnet0 and is enabled.

adam@gns3:~$cat /etc/rc.local
tunctl -u gns3
brctl addif pnet0 tap0
ifconfig tap0 up
exit 0
Ostinator e0 tap interface
Ostinato e0 connected to server tap0

Within GNS3, a cloud that is attached to nio_tap:tap0 is created and the link is attached to the Ostinato VM interface e0.

Lets fire up the Ostinato VM (I downloaded it from Bernhard Ehlers’s site – I use the qcow2 version because I’m running it as a qemu app) and see if it has world connectivity:

Core Linux

username 'gns3', password 'gns3'
Run filetool.sh -b if you want to save your changes
box login: tc
login: can't change directory to '/home/tc'
   ( '>')
  /) TC (\   Core is distributed with ABSOLUTELY NO WARRANTY.
 (/-_--_-\)           www.tinycorelinux.net

tc@box:/$ netstat -l | grep tcp
tcp        0      0 0.0.0.0:7878            0.0.0.0:*               LISTEN

tc@box:/$tc@box:/$ ifconfig eth0 | grep "inet addr"
          inet addr:192.168.1.66  Bcast:192.168.1.255  Mask:255.255.255.0
tc@box:/$ ping 8.8.4.4 -c 5
PING 8.8.4.4 (8.8.4.4): 56 data bytes
64 bytes from 8.8.4.4: seq=0 ttl=55 time=25.842 ms
64 bytes from 8.8.4.4: seq=1 ttl=55 time=25.151 ms
64 bytes from 8.8.4.4: seq=2 ttl=55 time=24.438 ms
64 bytes from 8.8.4.4: seq=3 ttl=55 time=25.739 ms
64 bytes from 8.8.4.4: seq=4 ttl=55 time=25.540 ms

--- 8.8.4.4 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 24.438/25.342/25.842 ms

The Ostinato drone is on our network and ready to rock, we can see the drone is listening on tcp port 7878 for the Ostinato GUI and it has reachability on the LAN to the router and off to the wild and woolly internet.

The Next Post will focus on connecting Ostinato up to the topology and using it to play with multicast.

We shall:

  • Connect he Ostinato GUI to the Drone
  • Create Virtual Devices in Ostinato to appear as ARP/ICMP responders to the network
  • Create a multicast stream (Mac/EthII/IPv4/UDP) to be sent to the network
  • Create streams which send IGMP reports to the network so the network will forward multicast packets to those ports

First Post

Lately I have been playing with virtual routers using GNS3 which has come along quite a bit from being a front end to dynamips when I was studying for my CCIE a few years ago.

In particular I have been using GNS3 to run a topology of Nokia (previously Alcatel-Lucent) service routers.  These routers are simulated using QEMU and it has been quite entertaining.

Just recently I have been needing to generate traffic – GNS3 supports the use of Ostinato as test appliance and while it seems quite powerful and perhaps not quite the same level as what you get from Ixia or Spirent, the cost makes it very appealing to invest your time in working things out.

I think my first real blog here will be to describe how I have been using Ostinato to be both a multicast source and multicast recievers at the same time using a SROS router topology.