Tuesday, January 31, 2017

Connect Virtual Devices in UNL/EVE to External Virtual Machines

You will need to connect your emulated virtual devices inside UNL/EVE to external virtual machines often if you want to connect Windows Servers with Active Directory for authentications etc. This is how I did it.

Now go to the Settings of the UNL/EVE virtual machine to where you customize the hardware.
Add a Network Adapter and connect it to the custom VM network of VMnet2..























Now go to the Settings of the external virtual machine (ex:- Ubuntu server) to where you customize the hardware.
Add a Network Adapter and connect it to the custom VM network of VMnet2..























Now you can connect EVE devices to the external devices through pnet clouds.
pnet0 is connected your 1st network adapter..
pnet1 is connected your 2nd network adapter..
pnet2 is connected your 2nd network adapter..

So in this setup, what should be used to connect outside physical devices is pnet2..
pnet0 is used with NAT to connect to internet and to manage the UNL/EVE machine from host PC (laptop which the VMware Workstation is hosted) while pnet1 is used to connect physical devices which are connected directly to my physical Ethernet port.


So if the ip addresses of the UNL/EVE device and the external Ubuntu server are in the same subnet, everything will be ok..

Connect Virtual Devices in UNL/EVE to External Physical Devices

You will need to connect your emulated virtual devices inside UNL/EVE to external real world physical devices often specially if you are going to run wireless or voice labs because access points / ip phones cannot be emulated. This is how I did it.

Go to VMware Workstation >  Edit > Virtual Network Editor
Click on Change Settings.

You will see the VMnet0 is in Auto-Bridging mode.  It means that it will bridge the virtual network 0 to the best path to go to internet. Change it to the physical Ethernet network card which will be used to connect to the external physical devices.


























Now go to the Settings of the virtual machine to where you customize the hardware.
Add a Network Adapter and connect it to the custom VM network of VMnet0..























Now you can connect EVE devices to the external devices through pnet clouds.
pnet0 is connected your 1st network adapter..
pnet1 is connected your 2nd network adapter..

So in this setup, what should be used to connect outside physical devices is pnet1..
pnet0 is used with NAT to connect to internet and to manage the UNL/EVE machine from host PC (laptop which the VMware Workstation is hosted)

After adding and connecting a virtual EVE device to the pnet1; connect actual physical device (router/switch etc) to the Ethernet adapter of the laptop and assign ip addresses in the same subnet and it will work..

Saturday, January 21, 2017

Baremetal Installation of EVE on Dell PowerEdge 2970

This is how I could install Emulated Virtual Environment (EVE) on a dedicated (baremetal) server.
Hope this will be helpful for networkers who are going to simulate larger networking labs. 

After configuring RAID Arrays for the server you can begin the installation process. If you don't know how to configure RAIDs please read Making Logical Disks from Physical Hard Disks (Configuring RAID Controller)
I also wrote a post few days ago explaining how I installed UNetLab (the predecessor of EVE) on the same Dell server. You can go to that post from here.

My Server Info:
Model : Dell PowerEdge 2970
CPUs : 2 x Dual-Core AMD Opteron™ 2222SE
RAM: 32 GB
Hard Disks: (4x600GB) + (4x73GB) configured as 1.2 TB + 145.5 GB logical hard disks by RAID

Installing Ubuntu 16.04

First of all you need to install Ubuntu server 16.04 64-bit Server. You can download it from here.After downloading the image; create a bootable image with Rufus (download Rufus)



It will ask for this, select ISO image mode and hit ok.

After the bootable USB is ready, plug it to the server and boot it up.




Select Install Ubuntu Server.
From here it will be an easy to understand GUI.
It is better if the server is connected to a DHCP server and the server must have the reach-ability to internet.

(click on the images to view in full size)

When it asks for the host name, give the desired name for your machine. Ex: eve-ng



Use "Guided - use entire disk and setup LVM" in partitions. it will save you some time..











For software selection, choose "OpenSSH Server". I chose "Virtual Machine Host" additionally..

Then it will ask to install Grub boot loader and will ask to reboot.. Continue with the procedure and wait till it comes up with login prompt.. You can SSH to it now too.


Configuring Ubuntu for EVE

Login from your username

Enter following commands to get privilaged access
sudo su

Enter your user password

Enter following commands to setup a root password
passwd root


Enter following commands to edit sshd_config file to allow access to use root user ssh
nano /etc/ssh/sshd_config



Change this line:
PermitRootLogin without-password
to
PermitRootLogin yes
and save and exit..

now restart the SSH server:
service ssh restart


Now enter following 2 commands to rename the network interface names and update the grub
sed -i -e 's/GRUB_CMDLINE_LINUX=""/GRUB_CMDLINE_LINUX="net.ifnames=0"/'  /etc/default/grub

update-grub

Now reboot the server. If you could ping the DHCP ip address after reboot, your network drivers configuration is ok. But for me, it was not ok.. The problem was after the reboot, my Ethernet driver was missing. So I had to install it manually offline.

Install The Network Driver

My firmware was firmware-bnx2_20161130-2_all.deb
I downloaded it to my pen drive and plugged in again to the server. This is how I did it..

Log into the machine as root & enter mkdir /media/usb to create a mount point called usb..


Enter fdisk -l to look for the USB drive already plugged in..

You can see from the last line that the name of the USB drive is sdc1.




To mount a USB drive formatted with FAT16 or FAT32 system, enter:
mount -t vfat /dev/sdc1 /media/usb -o uid=1000,gid=100,utf8,dmask=027,fmask=137

OR, To mount a USB drive formatted with NTFS system, enter:
mount -t ntfs-3g /dev/sdc1 /media/usb

Now browse to the directory..
cd /media/usb

Enter the following command to install the package..
dpkg -i DEB_PACKAGE firmware-bnx2_20161130-2_all.deb

Now it's the time to change the interface names manually..
nano /etc/network/interfaces


You will have to change the eno1 to eth0 like the following lines

After save and exit, reboot the server and log again..






Install & Configure EVE

Enter the following commands in order to download and install EVE

wget -O - http://everbx.podzone.net/repo/eczema@ecze.com.gpg.key | sudo apt-key add -

apt-get update

add-apt-repository "deb [arch=amd64]  http://everbx.podzone.net/repo xenial main"

apt-get update

DEBIAN_FRONTEND=noninteractive apt-get -y install eve-ng

Now it's the time to answer the questions..
Enter the following command..
su -

Give a password of your own..
Give the host name as eve-ng
Give the domain name as eve.lab
Give static IP, subnet mask, gateways.. Leave NTP blank..
Select direct connection and after the final question it will reboot..

After the reboot, you will be able to access EVE through a web browser using the static IP you gave..

Note:- This will install a clean installation of EVE with no images. You will have to upload images from UNL. After you uploaded images enter following command in terminal to give permissions to get them work properly..
/opt/unetlab/wrappers/unl_wrapper -a fixpermissions

Monday, January 16, 2017

Baremetal Installation of UNetLab (UNL) on Dell PowerEdge 2970

After several nights of hard work, figured out the best way to deploy UNL on a dedicated server. Baremetal means that there is no additional virtualization layer.
Most methods including the tutorials on official website did not work for me. Anyway this is how I could do it on my server and hope this will be helpful for someone who is going to simulate larger networking labs.

After configuring RAID Arrays for the server you can begin the installation process. If you don't know how to configure RAIDs please read Making Logical Disks from Physical Hard Disks (Configuring RAID Controller)


My Server Info:
Model : Dell PowerEdge 2970
CPUs : 2 x Dual-Core AMD Opteron™ 2222SE
RAM: 32 GB
Hard Disks: (4x73GB) + (4x600GB) configured as 1.2 TB + 145.5 GB logical hard disks by RAID

Installing Ubuntu 14.04

First of all you need to install Ubuntu server 14.04 64-bit Server.
This exact image is no longer available to download from the official Ubuntu website. Instead they have 14.04.5 which is an updated version. I'm not sure it will work or not, but for me it didn't work. So from somewhere online, you will be able to find the 14.04.
You can check the integrity of the image by verifying the following MD5 hash.
01545fa976c8367b4f0d59169ac4866c

Create a bootable image with Rufus (download Rufus)


It will ask for this, select ISO image mode and hit ok.

After the bootable USB is ready, plug it to the server and boot it  up.





Select Install Ubuntu Server.
From here it will be an easy to understand GUI.
It is better if the server is connected to a DHCP server and the server must have the reach-ability to internet.

(click on the images to view in full size)



Use "Guided  - use entire disk and setup LVM" in partitions. it will save you some time..









For software selection, choose "OpenSSH Server". I chose "Virtual Machine Host" additionally..

Then it will ask to install Grub boot loader and will ask to reboot.. Continue with the procedure and wait till it comes up with login prompt..




Configuring Ubuntu for UNL and Installing UNL


Login from your username

Enter following commands to get privilaged access
sudo su

Enter your user password

Enter following commands to change root password
sudo passwd root





Enter following commands to edit sshd_config file to allow access to use root user ssh
nano /etc/ssh/sshd_config

Change this line:
PermitRootLogin without-password
to
PermitRootLogin yes
and save and exit..

now restart the SSH server:
sudo service ssh restart






Enter following command to install UNetLab..
curl -s http://www.unetlab.com/install.sh | bash

Now enter the following command to to edit the default grub.
nano /etc/default/grub














Change the following lines..
GRUB_DEFAULT=0
GRUB_TIMEOUT=0
to
GRUB_DEFAULT=saved
GRUB_TIMEOUT=2
and save and exit..

Now enter the following commands to make the "saved" kernel you placed in the /etc/default/grub to UNetLab one and update the grub..
grub-set-default "Advanced options for Ubuntu>Ubuntu, with Linux 3.16.7-ckt8-unetlab"
update-grub

Now it will ask for a reboot.. After the reboot, login as the root..
Now answer the questions for the poping up dialog boxes. It is now normal UNL configuration which is same as the installation on VMware Workstation. Please refer this if you are not familiar with it.

After answering the final dialog box, it will restart and boot up with the UNL kernel and if so everything will work fine..

Tuesday, January 10, 2017

Making Logical Disks from Physical Hard Disks (Configuring RAID Controller)

This is probably the first thing you will need to do after you bought a used server. My server is Dell PowerEdge 2970 and it had 8 physical hard disks inside when I bought it.
(4x73GB + 4x600GB)

Which means all the physical disks have 2.69 TB in total. But actual useful space is lower than that. It depends on how we design our storage to be in terms of high availability, fault tolerance, speed and performance.. I'll explain it now.. Above 8 hard disks can be combined in several ways to make logical hard disks.  After all, the logical hard disks are the disks which can be seen by Operating Systems which are going to be installed later on this server. (Do not misunderstand this with partitions).
Those combining methods are called RAID levels and this combining is done through the RAID controller in the server. This server uses PERC 5/i as the Configuration Utility.

Understanding RAID Levels

RAID is the abbreviated term for Redundant Array of Independent Disks.

Basically what we do here is that we take several physical hard disks and group them to create logical hard disks. So we can choose which RAID level (combining method) to be used in our storage based on our requirements. Each type has advantages and disadvantages. Some methods are good for high availability while some are better for speed etc.

Following are the most common..

RAID level 0 - 
No redundant / back up.. It only write data in 2 disks at the same time. Half of data in one disk and the other half in the other disk. If one disk become faulty you don't have a backup. All the array fails. Advantage is the speed..

RAID level 1 -
This method stores same data in 2 disks. So if one disk fails you have a back up. Disadvantage is you can use only half of your total disk space for your storage..

RAID level 5 - (Most Common Implementation, Better for Overall Performance)
You need to have 3 or more disks for this method. Data is not duplicated, works like level 0 RAID but it uses a parity for data recovery in a case of a hard disk failure. So this method is fast and reliable while you can use 3/4 of your total disk space to store data. Using a Hot Spare drive (dedicated drive to act as a recovery disk in a case of a disk failure) will be a good option with this level of RAID. The size of the Hot Spare disk must be at least equal to the largest physical disk in the array..

RAID level 10 - 
Combination of RAID 1 and RAID 0. Again has a disadvantage of loosing a half of total disk space..

How I Planned..

I am chose RAID level 5 because the availability matters for me. The thing is I could create a one logical hard disk by combining all 8 physical disks. but because there are 2 sizes of hard disks with me, it will not be a good solution. Because they don't work well just like that if the sizes are different. I really tried to do that once but the maximum logical hard disk I could create was about 450 GB in size with RAID level 5.

So to get maximum out of the drives I have with high availability, I designed it to be like this..
















So as you can see, I am going to create 2 logical disks because I have 2 types in sizes.
Logical disk 1 will contain three 73 GB hard disks with a one 73 GB Hot Spare disk..
Logical disk 2 will contain three 600 GB hard disks with a one 600 GB Hot Spare disk..

Configuring RAID Controller

Booted up and read the outputs to find the key combination to break into the RAID controller interface. It will show something like Press Ctrl+R to Run Configuration Utility


(click on the images to view in full size)



I am deleted all the RAIDs configured by the previous owner.

Highlighted the Controller 0 by arrow keys and delete Foreign Configurations (disks configured for other outside systems) if there are any..


Then selected and hit Enter to Reset Config..

Again highlighted the Controller 0 and selected Create New VD..

VD stands for Virtual Disk.. (Logical Disk)

Using Tab & Space  you can select the RAID levels, hard disks you want to put in a single logical array.  You can see my selections and all the settings for my 1st VD. VD size is auto generated to the maximum value and I gave the name VD-01. In advanced settings, I selected the write policy to be "write through" which is the fastest way.

Also selected to configure Hot Spare.
Hit Ok..

Now it asked which disk to be the Hot Spare. I selected the remaining 73 GB one and Hit Ok..







Now created the 2nd VD just like the 1st one..


Total size for VD-02 is like about 1.14 TB..









Selected the remaining 600 GB disk to be the Hot Spare for the VD-02.









Now the setup is configured but had to wait a long time till the controller initialize the virtual disks..

After the 1st one is initialized, it will go to the 2nd one..
After the initialization is completed, hit Escape and it asked to hit Alt + Ctrl + Del to restart the system.







You can see the logical disks I created in the final capture as it appeared during an OS installation..
Now it's like  2 hard disks of 145.5 GB and 1.2 TB..










Monday, January 9, 2017

Making a DHCP Server by Raspberry Pi

I wanted to connect my lab equipment to an external dedicated DHCP server but the problem is my home ADSL router is too far to connect via a cable. So I decided to use my Pi to do DHCP work. It's simple but many online tutorials would not work if you are using newer R-Pi (Ex:- Model B-3). So I decided to take a note on it. There are many ways to do this & this is how I did it..

First of all, you should assign a static IP address to your Ethernet interface of Pi..
Best way is to use GUI..

Go to the network icon of the front right corner and edit settings.

Give your interface a static IP and a DNS server address. I want the DHCP service to run on Ethernet interface only. So I did it to Eth0 only. If you want it to go wireless, you have to edit the Wlan0 settings.

Enter the following command to download the required package..
sudo apt-get install dnsmasq




Now enter following commands to create a backup default config file for the DHCP server..
cd /etc
sudo mv dnsmasq.conf dnsmasq.default

Now goto the file and specify the parameters and save & exit..
sudo nano dnsmasq.conf

interface=eth0
dhcp-range=10.1.1.10,10.1.1.20,255.255.255.0,12h

It says that the interface which listens DCHP requests is eth0 and the range of IPs to offer are 10.1.1.10 - 10.1.1.20 with a subnet mask of 255.255.255.0 and the leased time is for 12 hours..


Now enter the following command to start the service effectively..
sudo service networking restart

Even though the Pi is rebooted the DHCP service will be delivered..

Tuesday, January 3, 2017

Making a Wireless Bridge from Raspberry Pi

I don't know whether this term "Wireless Bridge" really can be used to this, anyway it does what I want to do which is more like acting as a point to point wireless link. The reason I wanted this is my new networking lab hardware (routers/switches/servers) which do not have a wireless adapter, needs to connect to internet to get updates/ ping internet etc and the home router is in a another room (about 50 feet from my lab). I don't like to mess with Ethernet cables around my home. If I had to lay an Ethernet cable, it should have to be done from outside of the house or else I have to drill holes through my walls.
So I chose to give a wireless solution with the things I have..

Sample setup is like the following..












Assign IP Addresses

I assigned an IP address to Pi's Ethernet interface. I gave 10.1.1.5
Assigned Pi's Ethernet IP address as the default gateway of the devices (ex:- server)
Pi's wireless interface does not need to be manually configured, as it gets a DHCP IP address from the ADSL router.. Only what needed was to give the WiFi password and connect to the network..

Enable IP Forwarding in Pi

IP forwarding should be enable to route traffic between interfaces. Entered the following command to edit the sysctl file..
sudo nano /etc/sysctl.conf

Scrolled down until I found #net.ipv4.ip_forward=1 and uncommented it (removed #) and hit Ctrl + X, Y, Enter to save and quit.


















Entered the following command too..
sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"

Setup Network Address Translation (NAT)

From the IPs comming from the Ethernet interface side of the Pi will not be able to go to Internet and comeback with their own source IP because the real default gateway of my home network, the ADSL router (192.168.1.1) does not no those source IP addresses to route traffic back. It only knows the 192.168.1.0 subnet which it leases from it's DHCP.

Entered the following command..
sudo /sbin/iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE

Edit IP Tables

Now let's see my Pi's routing table (IP tables)









As I can see there are 2 default routes in the table.
Via Eth0 interface with a metric of 202..
Via Wlan0 interface with a metric of 303..

Eth0 interface will be the preferred path by default because of the lower metric. Here, I'm deleting the 1st default route by entering the following command. Let's see what happens..
sudo route del default








Now only one default route is there and it is the wlan0 interface. So now everything works fine for me..

Save IP Tables

I wanted to save the routing table and the forwarding configurations I made because otherwise every time I power off the Pi, it will go to defaults and I have to config again and again.

This is how I saved my work..

Entered the following commands..
sudo apt-get install iptables-persistent

After installation is done, following commands will save the iptables and start at the bootup..
sudo su
iptables-save >/etc/iptables/rules.v4

Now all done, Bridge works fine..

Note:- Each time I add persistent route to the routing table, I have to save it using the above 2 commands. Then only they will survive after a reboot..
In addition to this setup, if you want to connect to the subnets beyond the Pi's end via the home router (ex:- connect 10.1.1.0 subnet from my laptop) you willl have to put static routes on the home router.
ex:- static route to 10.1.1.0 as the next hop 192.168.1.7

Monday, January 2, 2017

Low Cost Network Monitoring Server - Cacti on Raspberry Pi

SBCs (Single Board Computers) are a good way to reduce your infrastructure cost easily. It is more reliable because it is a dedicated hardware and doe not need expensive licenses like when you deal with Hyper-visors. Also it is a good and cheap environment for learners and lab testers of these tools on Linux servers. In this post we will see how Cacti will be installed on a Raspbary Pi.

About Cacti, It is an open source web-based network monitoring tool which can do lot of things if you configured it well.
Go to the Pi's terminal and enter the following command to install Cacti
sudo apt-get install cacti

During the installation, your 1st stop will be to give a root password for the MySQL server.



Because I didn't install a database server this will popup.

(click on images to view in full)










Next, it will ask to install a web server..

I chose the default Apache2..


Now it will go again with a long installation procedure..






Again it will stop to ask whether you like to configure database for Cacti..

Hit Yes and enter the password you entered previously as the database admin password..








Next it will ask for MySQL application password for Cacti..






Now the installation is done..



Now open a web browser from a PC which can reach the Pi and type the "ip address of the Pi with a following /cacti" on url space..

Ex:- 192.168.1.7/cacti



Hit Next and it will ask whether this is a new installation or an upgrade..

Go for new and you will have the following page.










































After hitting Finish, you will be asked for the Cacti login. Default login is un:admin pw:admin
So the installation is complete.. Let's configure some devices using SNMP on a later post..