Friday, December 25, 2020

Guest Shell on CSR1000v 17.3.2

Software used:

  • GNS3 2.2.17
  • VMware Workstation for Windows 16.1.0
  • Windows 10 x64 Version 20H2 (Build 19042.685)
  • Cisco CSR 1000v (csr1000v-universalk9.17.03.02-serial.qcow2)


In VMware Virtual Network Editor, a NAT network was created with subnet address 192.168.28.0/24. (Your subnet might be different.  But the NAT network should have been created when you install VMware).

When I created GNS3 VM, I told it to use NAT network.  As shown in the picture below, it got a DHCP IP 192.168.21.128.


In GNS3, create a CSR instance and connect to GNS3-VM cloud, so that the CSR can have Internet access (to download software).  If your GNS3-VM has only one NIC, it'd be eth0.  My GNS3-VM has two NICs and the eth1 is connected to the NAT network.  When connecting CSR's Gi1 to the GNS3-VM eth1, we actually put the CSR Gi1 into the NAT network.


When CSR boots up, it shall get a DHCP IP from NAT network.  It also gets the DNS IP from DHCP.

To verify Internet is working, try to ping www.google.com.

Guest Shell is like a service module in the router (like the RSM in Catalyst 5500 switch, or the CUE module in Cisco 2800 router).  A Virtual PortGroup (VPG) is needed to be the gateway between Guest Shell and the physical interfaces.  In Cisco's document, VPG and Guest Shell are configured with private IP and  NAT.  See diagram below.


In home lab, you may do it in a different way.  You may configure VPG with "ip unnumber Gi1".  VGP will use the IP of Gi1.  Then configure the Guest Shell interface in the same subnet as Gi1 (but a different IP).  The advantage is - one less subnet in the network.  No NAT is needed.  The disadvantage is - you need to allocate an IP in the same subnet as Gi1. (this shouldn't be a problem in home lab though).  This option is illustrated in the diagram below:

Enable IOX:

Configure VirtualPortGroup0:
interface VirtualPortGroup0
 ip unnumbered GigabitEthernet1

Check the VPG IP:

Configure Guest Shell parameters.  In the example below, 192.168.28.130 is the VPG IP.  192.168.28.127 is an arbitrary (available) IP in the same subnet.  8.8.8.8 is a DNS server.
app-hosting appid guestshell
 app-vnic gateway0 virtualportgroup 0 guest-interface 0
  guest-ipaddress 192.168.28.127 netmask 255.255.255.0
 app-default-gateway 192.168.28.130 guest-interface 0
 app-resource profile custom
  cpu 1500
  memory 512
 name-server0 8.8.8.8
end

VERY IMPORTANT: the router needs to know how to send the traffic to guest shell:
ip route 192.168.28.127 255.255.255.255 VirtualPortGroup 0

Enable Guest Shell:

Enter Guest Shell.  Optionally, sudo:
CSR1#guestshell
[guestshell@guestshell ~]$ 
[guestshell@guestshell ~]$ sudo su -
Last login: Fri Dec 25 20:45:49 UTC 2020 on pts/4
[root@guestshell ~]# 

DNS resolution within Guest Shell is independent of host platform itself. The name-server configured in "Guest Shell parameters" will automatically get injected into the /etc/resolv.conf file on the CSR1000v. For NX-OS you must explicitly configure the /etc/resolv.conf entry.

[root@guestshell ~]# cat /etc/resolv.conf
nameserver 8.8.8.8

Verify Guest Shell can ping Internet host by DNS name.

Check versions:
[root@guestshell ~]# cat /etc/*-release
CentOS Linux release 8.1.1911 (Core) 
NAME="CentOS Linux"
VERSION="8 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="8"
PLATFORM_ID="platform:el8"
PRETTY_NAME="CentOS Linux 8 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:8"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"

CENTOS_MANTISBT_PROJECT="CentOS-8"
CENTOS_MANTISBT_PROJECT_VERSION="8"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="8"

CentOS Linux release 8.1.1911 (Core) 
CentOS Linux release 8.1.1911 (Core) 
[root@guestshell ~]#             
[root@guestshell ~]# hostnamectl
   Static hostname: guestshell
         Icon name: computer-container
           Chassis: container
        Machine ID: d1eabe2de31449ccbbc0bae3567b0b83
           Boot ID: 222a6b054eda4e3f8bb93705a9bb7a44
    Virtualization: lxc-libvirt
  Operating System: CentOS Linux 8 (Core)
       CPE OS Name: cpe:/o:centos:centos:8
            Kernel: Linux 4.19.106
      Architecture: x86-64
[root@guestshell ~]# 
[root@guestshell ~]# uname -a
Linux guestshell 4.19.106 #1 SMP Fri Oct 2 17:55:01 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
[root@guestshell ~]# 
[root@guestshell ~]# uname -mrs
Linux 4.19.106 x86_64
[root@guestshell ~]# 
[root@guestshell ~]# cat /proc/version
Linux version 4.19.106 (oe-user@oe-host) (gcc version 8.2.0 (GCC)) #1 SMP Fri Oct 2 17:55:01 UTC 2020
[root@guestshell ~]# 

Python3:
[root@guestshell ~]# python3
Python 3.6.8 (default, Nov 21 2019, 19:31:34) 
[GCC 8.3.1 20190507 (Red Hat 8.3.1-4)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> 


References:

No comments:

Post a Comment