Update: If you want a FREE 28-page guide to getting started with UNetLab, then sign up to the mailing list at the bottom of this page.
Andrea, the guy behind the great IOU-WEB, has released Unetlab (Unified Networking Lab). It’s still in beta at the moment, but I thought I would have a look.
Even though I have not finished my CCIE R&S yet, I am looking towards the Service Provider CCIE, which I plan to do straight after the R&S. With the SP track (as it stands at the moment), you need to get your hands on the XRv. This will run, happily, on ESXi, and can be connected to IOU, or even into GNS3 (using VirtualBox). I had started to play around with this, but it’s not exactly the easiest thing in the world. So I was very pleased when Unetlab came out, as everything can be within one environment.
So I decided to get my hands dirty and have a go.
I am using an ESXi server, with 32GB ram, but it’ll run in VMWare player, workstation, Fusion, and VirtualBox as well.
Once I had downloaded it (it’s about 300Mb give or take) and imported it into ESXi, I followed the Unetlab install guide. It’s a simple process, and you are guided through it. It’s well worth doing an update as well to get the home page displayed below.
The interface is sparse (at the moment, remember this is a beta), but has everything that I need at the moment.
Importing IOU images to UNetLab
My first step was to import the IOU images. The caveat here is that you need to generate the IOU license, I won’t go into details, but it’s easy to google how to do this. The only gotcha I came across was that the images must have a .bin extension – so make sure that you add this first.
Following the install doc I copied the files, using FileZilla, to /opt/unetlab/addons/iol/bin, and fixed the permissions using the command “/opt/unetlab/wrappers/unl_wrapper -a fixpermissions”. Then I went back into the GUI and created my first lab.
From the Actions menu, I create a new lab, and call it IOL test
My two nodes appear on the screen:
I then repeat on R2, and my two nodes are connected:
From the Actions menu I then select “Open this Lab”, and now I can start my two routers:
If you haven’t followed the guide on the website, then you will find that the nodes do not start, so please do follow the guides to the letter.
So far memory usage is pretty good (remember that this is on a 4GB VirtualBox VM):
Importing XRv images to UNetLab
Let’s add the XRv image.
This is slightly more complex, but again the documentation for importing XRv into Unetlab explains every step.
Now I can add multiple XRv routers, and connect them to the IOU images.
I am going to edit my original lab, so we need to go to the Actions menu, and select “Edit this lab”:
I then add the XRv router:
Going back to the Actions menu, select Open this lab, and start the router. Here I did see an error, but after a few attempts, it did start:
Memory usage has now pretty much hit the ceiling, as the XRv takes quite a chunk (3GB), but nonetheless, it serves to prove that the system works. Adding more memory is clearly required here if you want to run a decent sized topology with a range of devices.
It takes a long time for the XRv to fire up, again this is down to the memory I have available, it worked much better on my ESXi server, but it does work:
It’s a little untidy at the moment, so let’s do a bit of reconfiguration:
We’ll add a new network, and set the XRv to use this, as well as moving the E0/1 interface of both the IOL routers to use this:
Still, let’s clean it up even more, and add another network, and reconfigure it a bit:
Much cleaner!CDP looks a bit funky, and pings don’t work, but then I think I just need to play around with it a bit. It’s only my first real go at playing with this, so there are bound to be teething troubles!
With this in mind, I shut everything down and fired them all up again. Now things look much better:
RP/0/0/CPU0:XRv-1(config)#interface Gi0/0/0/0
RP/0/0/CPU0:XRv-1(config-if)#ipv4 address 10.1.1.1 255.255.255.0
RP/0/0/CPU0:XRv-1(config-if)#cdp
RP/0/0/CPU0:XRv-1(config-if)#no shut
RP/0/0/CPU0:XRv-1(config-if)#int gi 0/0/0/1
RP/0/0/CPU0:XRv-1(config-if)#ipv4 address 10.1.2.1 255.255.255.0
RP/0/0/CPU0:XRv-1(config-if)#cdp
RP/0/0/CPU0:XRv-1(config-if)#no shut
RP/0/0/CPU0:XRv-1(config-if)#exit
RP/0/0/CPU0:XRv-1(config)#cdp
RP/0/0/CPU0:XRv-1(config)#commit
RP/0/0/CPU0:XRv-1(config)#exit
RP/0/0/CPU0:XRv-1#sh ip int bri
Wed Feb 18 13:18:20.485 UTC
Interface IP-Address Status Protocol
MgmtEth0/0/CPU0/0 unassigned Shutdown Down
GigabitEthernet0/0/0/0 10.1.1.1 Up Up
GigabitEthernet0/0/0/1 10.1.2.1 Up Up
GigabitEthernet0/0/0/2 unassigned Shutdown Down
RP/0/0/CPU0:XRv-1#ping 10.1.1.2
Wed Feb 18 13:18:26.475 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/61/279 ms
RP/0/0/CPU0:XRv-1#ping 10.1.2.2
Wed Feb 18 13:18:32.994 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/9/29 ms
RP/0/0/CPU0:XRv-1#sh cdp neigh
Wed Feb 18 13:22:11.959 UTC
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID
R1 Gi0/0/0/0 163 R Linux Uni Et0/1
R2 Gi0/0/0/1 138 R Linux Uni Et0/1
RP/0/0/CPU0:XRv-1#
R2#sh ip int bri | e unas
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 192.168.1.2 YES NVRAM up up
Ethernet0/1 10.1.2.2 YES NVRAM up up
R2#ping 10.1.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/7/14 ms
R2#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
R2#
R1#sh ip int bri | e unas
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 192.168.1.1 YES NVRAM up up
Ethernet0/1 10.1.1.2 YES NVRAM up up
R1#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/6 ms
R1#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 7/8/10 ms
R1#
There we have it, two IOL routers, one XRv router, all communicating happily, all contained within one environment.
Where UNetLab is superb, is that everything is within the same environment. There is no mucking about with creating multiple networks in VMWare. To be honest, some will probably find that easy, but I like to have it all contained like Unetlab does.
Running two XRv routers did cause the default memory to top out, so I shut down the VM and increased the memory to 20GB. Now I can run loads of routers, and the memory usage (as reported on the “Home” page remains within reasonable levels. Please note though that I am showing screenshots from a VirtualBox install, with a lower amount of memory.
Next steps with UNetLab
So what’s next?
The vendor support in Unetlab is very wide-ranging. I haven’t tried all of them but will add some dynamips images, CSR1000v and the vIOS images this week.
At the moment the supported images are:
- Aruba ClearPass
- Alcatel 7750 SR
- Arista vEOS
- CheckPoint Security Gateway VE
- Cisco ASA (porting)
- Cisco ASAv
- Cisco CSR 1000V
- Cisco IPS (porting)
- Cisco IOS 1710 (dynamips, ethernet only)
- Cisco IOS 3725 (dynamips, ethernet only)
- Cisco IOS 7206VXR (dynamips, ethernet only)
- Cisco IOL (for Cisco internal use only)
- Cisco Titanium (for VIRL customers only)
- Cisco vIOS (for VIRL customers only)
- Cisco vIOS L2 (for VIRL customers only)
- Cisco XRv
- F5 BIG-IP LTM VE
- Fortinet FortiGate (new)
- HP VSR1000
- Juniper Olive (porting)
- Juniper vSRX
- Palo Alto VM-100 Firewall
- VyOS
I like it but it's not ready for labbing yet. I'm using right now CSR1000v with ESXi 64G of RAM, it's working perfectly for INE CCIEv5.
how r u bro
some questions about the UNL
1- the UNL is not have an IPS or ASA or any router after the installation, so what's the way to add any equipments on UNL?
2- how i can add the IOS for any thing on UNL? and can i change the IOS any time?
I have posted a how-to to get ASAs working, not tried IPS yet. So check out how to do ASAs.
It's not an all-in-one. Andrea (very sensibly) won't want to get Cisco angry by adding their software. The assumption is that you have already got a copy you can use. Similarly I won't post links to any for the same reason. Google is the way to go here!
Define IOS… There are many flavours of IOS, such as the Dynamips images used in GNS3, the linux images used in IOL/IOU and so on. Its just a matter of copying them to the right place and running a couple of commands. Andrea's guides are very good, so it's just a matter of following them.
Dear Stuart Fordham;
What are the ideal PC and VM Configs for running this UNL seamlessly?
Regards.
Hi Stuart,
Stil struggling to get XRv working.
I am getting the following error while telnetting the XRv, please advise:
KVM: injection failed, MSI lost (Operation not permitted)
That looks like a Qemu bug: https://bugs.launchpad.net/qemu/+bug/1186984
Try doing an apt-get update and seeing if the latest version works.
How much memory have you given to the XRv?
Hello
I have this error Failed to start node (12).
any ideas?
thanks
Have you got an image loaded for the node? Have you got enough memory/CPU? Have you checked the logs?
Hello,
Im using Junos Olive and Cisco routers, but the issue I see is when I connect more then 2 devices to the same network I get that error.
where can i check the logs?
thanks.
This are the logs
ERROR: Cannot add interface to bridge (80030).
can't add vunl0_2_0 to bridge vnet0_1: Operation not supported
ERROR: Cannot add interface to bridge (80030).
ERROR: Failed to start node (12).
[email protected]:/opt/unetlab/data/Logs#
can any one help me with calculating idle PC for me of dynamips image for 7200 router, referred unetlab website steps but unable to calculate best idle pc for my system.
I donot get why my directly connected link do not ping
Going to need more information than that to help – what devices/versions are you running?
Trial and error – try one, then on the UNetLab VM console, use the "top" command to see how the CPU usage is doing. Then try a different idle value and the top command again…
It's trying to start and stops after 3 sec when I click start all nodes and can't connect with telnet, connection refused error. There is no any error in log
What are you trying to run, Dynamips, IOU?
IOL. Am trying to run c7200 router and c3745 switch
Those arnt IOL, those are dynamips. Are the files in the dynamips folder, or IOL folder?
But they are bin. I have put it to iol folder
No they dont. Have you tried reading the documentation: http://www.unetlab.com/2014/11/adding-dynamips-images/
Thanks a lot Stuart, i used wrong images, finally i have started a router
Hi Stuart – I am struggling to get Palo Alto VM-100 image working. After uploading the image to unetlab i am unable to access firewall through the management interface. I raised this question in unetlab forum but didn't get any response. Any guidance is appreciated. I am using VMWare Fusion and using the latest unetlab version.
Hi Stuart – I am struggling to install the Palo Alto VM-100 image on unetlab. After installation i am unable to access the PA VM-100 through the management interface. I am using VMWARE Fusion and latest unetlab. Any help is highly appreciated.
What steps are you doing to get it into UNL? I have not tried it myself, but show me what you are doing, and I'll try it out.
Hi Stuart –
Thanks for the reply. Here is configurations i have.
1. Unetlab is running as a Guest OS in VMWare Fusion
2. As per the instructions given in Unetlab website i converted the Palo Alto VM-100 image from .ova to .qcow2 format
3. After conversion i uploaded them to /opt/unetlab/addons/qemu/paloalto- 6.1.0 and fixed the permissions.
4. I created a new Palo Alto firewall node and selected the qcow2 image. I am able to start the firewall and access the firewall through telnet
5. I changed the management IP address of the Palo alto firewall to the same range as my host and guest operating system but the management interface is unreachable.
Please let me know and thanks for the help.
Rgds,
Venkat
Ok, so the nodes you run in UNL, wont be accessible unless you have a pnet/cloud interface. It's not the same as running a VM. try running a Windows host in UNL, and connecting the two together with a switch – think of it as an isolated environment…
Hi Stuart – Sorry for my ignorance. Can you tell me how i can setup a pnet/cloud interface? Is there any reference available to load a windows host in UNL?
Hi Stuart – I just found an article that explains how to setup a cloud interface. Let me try this and i will update you.
Hi Stuart – I followed the instructions to create cloud interface and it is working like a charm. Thanks for the enlighting me.
Hi. When I try start my topology, apparently my IOU router started, but few seconds later, it turns off. I can find any log, with the exception of "sudo: unable to resolve host (none)" in /opt/unetlab/data/Logs# more unl_wrapper.txt. Maybe, do you know why it's happening this?
You have created an iourc file?
Hello Stuart, when u said about create an iourc file, you mean that create a .txt file and write down in there the license that we created by phyton3 ???
It's not got a .txt extension – its just called iourc it should just have two lines in it, one of which is the code. Just google "generate iourc license" and look at the github link
It's supposed I generate the license, firstly I uploaded both IOS and CiscoIOUKeyGen.py to /opt/unetlab/addons/iol/bin and the iourc with the license but when I want to play from gui.. suddenly stop and I dont know why… I check the unl_wrapper.txt but I cant see what is the exact issue.. I was figuring out about that but I just saw that this problem is related with the license…
How can I know this???
Pls help
whats in the iourc file?
I get the "Failed to start node (12)" after i attach the routers to the network. Anyone had similar issues ? I am using VMWS 10 and Dynamips 3725 images. These start fine when they are not attached to the network.
I have same problem ("Failed to start node (12)") in VMWare Workstation. I can't start any node.
have you got the iourc file?
Hi Venkat,
Could you please share the article that you referred?
I was able to create a mgmt cloud, but not sure what IP is allocated to my router instance. Should there be console access to these router instances?
Hello, can anyone help me configure a Mgmt port (of a 7750 vSR) and attribute an ip address to it so that i can link it to another host interface.
Thanks in advance
Dear Stuart Fordham,
I want to get the a FREE 28-page guide to getting started with UNetLab,
Please kindly send a email to me: [email protected]
You need to sign up to the newsletter. Once you do this you will get the download link.
I need to get a free 28-page manuel guide to start with UNetLab.
Thanks.
You get that by signing up for the newsletter.
thanks
Reading your book, and interested in the virtual lab for study. Very cool stuff… thanks for sharing.
Thanks
Hi there Thanks