Many of us now virtualize our “ad-hoc” networks, whether they be for studying, quickly testing something before applying to production, or just for looking at new things and having a tinker. There are a few players in this arena now. I used to be a stalwart GNS3 user, then switched to Web-IOU, then to UNetLab, and more recently have purchased VIRL and also use EVE-NG. Each of these platforms presents their own challenges and nuances. I have not toyed with GNS3 for a while, but have recently tried to spend more time using VIRL. I stress the word “tried”. This post will be a showdown, EVE-NG vs. VIRL, and why my mind has finally been made up to stick with one over the other.

Let battle commence!

EVE-NG vs. VIRL: Round one – Cost

VIRL: $199 for 20 nodes. This is less than the number of devices I encountered on my R&S lab, which presents an issue if you are planning to use it for trying out CCIE-scale labs. You can extend this limitation by running on Packet cloud, but this then costs you more, anywhere between $0.05 to $1.50 per hour. Did I mention that the $199 is per year? This is important. To continue using VIRL, you need to relicense it after a year. It is not a one-time purchase.

It used to be 30 nodes (and was when I bought it), but at the beginning of 2017, they reduced the node count to 20 and removed the academic version.

EVE-NG: Free, unlimited nodes (the only restriction is due to the amount of CPUs and memory on the machine). For instance, running EVE-NG within ESXi with 16vCPU and 40GB memory can run 200 nodes:

Winner: EVE-NG.

VIRL could end up costing you hundreds over the course of a few years.

EVE-NG vs. VIRL: Round two – Ease of setup and updating

These steps are specific for running the platform within VMWare ESXi.

VIRL: (Full steps: http://virl-dev-innovate.cisco.com/vs.web.php)

1. Download the OVA image.
2. Create four ESXi network port-groups (Flat, Flat1, SNAT and INT).
3. Deploy the OVA.
4. After install, log into the web page and activate VIRL using the User Workspace Management.
5. Install VMMaestro on the client machine.
6. Configure VMMaestro for the services.

EVE-NG: (Full steps: http://www.eve-ng.net/index.php/documentation/howto-s/65-howto-configure-eve-during-first-boot)

1. Download the OVA.
2. Deploy OVA.
3. Follow first-boot instructions.
4. Log into the web page.

Battle – Install!

Let’s compare some installation videos, specifically, the length of the video.

VIRL:

https://youtu.be/6jkuBnx-16M – 20 minutes 18 seconds

https://www.youtube.com/watch?v=q_dEac9cmUg – 18 minutes 01 seconds

https://www.youtube.com/watch?v=X30__xLBcZQ – 32 minutes (to be fair, this is slightly more in-depth and does cover creating a little lab).

EVE-NG:

https://www.youtube.com/watch?v=UYGoFyVqpYU – 10 minutes 13 seconds

https://www.youtube.com/watch?v=xMTPU8-q3Cw – 19 minutes 01 seconds

The installation steps are pretty similar to its predecessor, UNetLab, and the video I did here: https://www.youtube.com/watch?v=qBAoTa7oPdQ was only 16 minutes and 50 seconds long.

Battle – Updating!

Updating EVE-NG is easy, just run “apt-get update” and “apt-get upgrade”. Updating VIRL is not as easy. Upgrading to 1.3 (the latest as of August 2017) requires a fresh install, there is no update script, nothing to make you life easier – it’s a fresh install. Which sucks.

Winner: EVE-NG

It’s quicker and easier to install, updates can be run on the platform without having to do a completely fresh install.

EVE-NG vs. VIRL: Round three – GUI & Device configuration

This is probably the most important factor. How easy is it to use the platform? Both offer similar functionality. Add nodes to the topology, create a basic configuration (if required), start the devices and connect to them.

VIRL:

The VIRL GUI is much like GNS3, you have your devices down the left-hand side, with a bunch of property windows on the right. Your work pane is in the middle. It’s quite cluttered by default. Working on a small screen can be quite difficult.

EVE-NG:

Again, you have the menu on the left, but this controls everything and is very minimalistic with a much bigger workspace. This is usable even on tablet devices.

Battle!

It is easier to create topologies with multiple routers in EVE-NG, you add a node and select how many of that node you want to add. With VIRL you need to select the node type and then click on the workspace however many times you want to add that type of node. Connecting the devices is pretty similar, select the connect icon and click from one to the other.

If you want to do any form of pre-configuration, VIRL offers the ability to set up layer 3 routing protocols before you launch the topology, but the interface is still clunky. Neither platforms are perfect in this instance.

Winner: Draw

Both are fairly similar in functionality (as expected), while VIRL offers an easier method for configuring routing protocols, it still prefers to automatically assign IP addresses, which is a bit constrictive. EVE-NG is slightly better, but much of the work is manual, i.e. proper configuration, with no ability to pre-populate the configuration with interface names (such as differentiating between GigabitEthernet and Ethernet interfaces).

EVE-NG vs. VIRL: Round four – Devices and device support

VIRL:

Here is where I think VIRL is actually better, but not by much. When you license VIRL, you get access to a number of images, such as ASAv, CSR 1000v, IOSv (layer 2 and 3), NX-OSv and an Ubuntu server (https://learningnetworkstore.cisco.com/virlfaq/features). It does get confusing when the option to add an IOL image is shown, but the images are not actually available, see the section on support for more details.

To install devices, you need to use VMMaestro to download all the “node subtypes” to add them to VIRL. Other devices can be added, using a QEMU base. There are some instructions here: https://learningnetwork.cisco.com/docs/DOC-30476.

EVE-NG:

Because EVE-NG is not an official product, you need to supply the images yourself, leading to a very gray area. This is the same as GNS3 (to an extent, though if you have a VIRL account, you can import the images into GNS3 easily. You need to have a basic understanding of Linux, specifically transferring files to the EVE-NG server, and how to name them correctly (http://www.eve-ng.net/index.php/documentation/images-table). Once you have done this once, it becomes second nature.

The bonus with EVE-NG is that it will run QEMU images very happily, and this increases the number of supported images considerably, offering a much wider range than VIRL does (http://www.eve-ng.net/index.php/documentation/supported-images), and supports a much wider range of vendors, so you are not just limited to Cisco devices. Many devices do not even require a license, cutting down on the grey-area of legality.

Battle!

Whilst both platforms can use QEMU-based VMs, there are many more steps needed in VIRL than in EVE-NG. Take creating a Kali Linux VM, for example. I covered getting Kali Linux added into EVE-NG before, and the steps for VIRL are covered here: https://learningnetwork.cisco.com/docs/DOC-30427. However, let’s (quickly) go through them (briefly).

VIRL:

1. Create Linux VM in VirtualBox or ESXi.
2. Install Kali packages.
3. Power off VM
4. Copy VMDK to VIRL server.
5. Create new node resource in UWM (User Workspace Management).
6. Press create and wait (about 15 minutes apparently).
7. Add the Kali node to topology.

EVE-NG:

1. Create directory called “linux-kali”
2. Change to this directory and download the ISO image, naming it “cdrom.iso”.
3. Create Qemu harddisk and set it to use the cdrom.iso image.
4. Add the Kali node to the topology and start it up.

Winner: Draw.

This is a tough one. EVE-NG has a better publicized supported image list, but both could run the same images. It is much easier to get new images working in EVE-NG, than VIRL. However, VIRL does come with a number of licensed images, which is important if the whole legality thing worries you.

EVE-NG vs. VIRL: Round five – External connectivity

VIRL:

When you install VIRL, you need five networks, Flat, Flat1, SNAT and INT, along with the default network (your management network). Flat is for L2 external connectivity, Flat1 provides an additional external network, SNAT provides an external network using source NAT, and INT is used for internal communication and clustering (https://the-packet-thrower.com/ccna-workbook-rs/network-fundamentals/using-virl/).

EVE-NG:

EVE-NG provides a number of interfaces (9) for external connectivity. These can be mapped to different network interfaces, or port-groups in ESXi to provide external network connectivity.

Winner: EVE-NG

VIRL is way too confusing.

EVE-NG vs. VIRL: Round six – Support and troubleshooting

We will start with a quick look at the change log for both platforms for 2017, then look at the support and troubleshooting options.

VIRL:

No updates have been released in 2017 (https://learningnetwork.cisco.com/docs/DOC-30946). This is despite Cisco saying that they plan for three releases per year. Bearing in mind that we are in August, there is not much of 2017 left for them to push out the three releases. *UPDATE* there has been an update in August 2017.

There were three VIRL releases in 2016, and two in 2015. Support is through the Cisco Learning community site, but information from the VIRL product team is sparse. Many users feel that VIRL is severely under-supported. Some features are half-implemented, such as IOL support. You can see the device available in the workspace, but there is no actual image available as yet.

All of the support is done through the Learning Network, despite being a licensed Cisco product, no TAC support is available.

Major issues are resolved by performing a complete reinstall. Or multiple reinstalls.

VIRL is not easy to set up, use, or fix in the event that there are issues. Updates, such as 1.3 require a fresh install of the system. Which is less than helpful. Surely in this day and age, updating software should be a case of running a couple of commands or clicking update, not having to reinstall the entire thing. Even complete operating systems are not this difficult anymore. Updating Windows or OSX to the latest and greatest does not mean a complete reinstall, the update runs over the top, and all your settings are retained. Expecting people to do a completly new install is, quite frankly, unreasonable.

EVE-NG:

There have been 11 12 13 updates/releases, so far, in 2017. Support is strong, and the developers listen to the users, the forum is active and users and developers work together and resolve issues quickly.

Winner: EVE-NG

A clear win for EVE-NG who even managed to sneak out a new release in the time it’s taken to write this post. The frequency of releases is not just the deciding factor. They are very forthcoming with the direction that the platform is going, and the support is excellent and pretty speedy. Because it is a much-less complicated platform, major issues do not usually end up in a complete reinstall.

EVE-NG vs. VIRL – Other views:

It is not just me that feels that VIRL is severely lacking (on all levels), see these posts:

http://etherealmind.com/opinion-cisco-virl-aug-2017/

https://learningnetwork.cisco.com/message/617573

Conclusion

EVE-NG is a much better and more solid product that VIRL. While it is a little harder to get to grips with (mainly getting the images into the system), it is far less frustrating, especially considering the difference in how they are created, the financial might of Cisco versus the crowd-funded newcomer that is EVE-NG.