[Cisco Live] SDN controller interview

The original name of this video is “SDN controller DEMO”. I think the “demo” word there is a bit inappropriate used, as actually is more like a Cisco marketing video than demo. Don’t be so surprised, you know how Cisco promote their products.

Just my 2 cents about the SDN/OpenFlow trend that is coming up these days. I don’t mind innovation, I’m glad if and when I can get in contact with new technologies, but what disturb me is that in a lot of presentations that I’ve seen until now, SDN is presented like the magic wand that does everything with point and click.
No knowledge needed, no network understanding, no effort to see where or how the packets travel through network, you just have to point and click, slice the network however you want, plug the toy and you’re ready to go. If this is all true, then someone please explain to me with I’m busting my…head to learn and really understand what’s actually going on in the network. I really hope this kind of presentations implies that this is a new product that needs to be promoted and if they make it sound too complex, nobody will buy it.

Disclaimer: This video is not mine and I don’t claim any rights on it. My thanks go to Jimmy Ray Purse, TechWiseTV, Networking 101 Show, Cisco and last but not least to YouTube for hosting it and let us embed this video.

How to connect Vyatta to Cisco using VirtualBox and GNS3

Vyatta is  a software-based, open-source, network operating system that is portable to standard x86 hardware as well as common virtualization and cloud computing platforms. By deploying Vyatta, users benefit from a flexible enterprise-class routing and security feature set capable of scaling from DSL to 20Gbps performance at a fraction of the cost of proprietary solutions.”

Shortly, you take this piece of software, install it on a x86 machine (any decent PC with quality network card will do) and have yourself a network device capable to support dynamic routing protocol, policy routing, QoS and many more features. The best part (at least for guys like me) is that Vyatta is offering a free package that you can download on their website. This free version is without the commercial support, but you can find plenty support in the Vyatta community.



Why I would be interested in Vyatta when I can have Cisco devices and can emulate Cisco IOS with GNS3? I don’t have an evolved response to this question, but
mainly because I was bored and wanted to try something new, but still related to Cisco. I arrived to the conclusion that I should test how Cisco can interact with 3rd party devices. I choose Vyatta as 3rd party device, because it is a turn key network solution. Of course, you can take all the included software in Vyatta and build your own box based on whatever Linux distribution you want, but why to do this if you have a free solution which already works?

I plan to test more about Vyatta and Cisco integration, but for today,  I want show you how to install Vyatta and connect it with GNS3. First you need to download the image from Vyatta and build yourself a working box. You can download the Live CD image which allow you to boot from it and then install, or an image for your virtualization system (VMware of Citrix).

1. Create a Virtual Machine where to install Vyatta system

From my test environment I chose to create a Virtual Machine using VirtualBox with the following settings:

Minimum settings are Memory 512MB and Storage 2GB. The rest of the settings are optional, but if you would like to test some network stuff, then I recommend at leas 1 Network Adapter. I have 2 in this image, because one will be connected to the virtual network cloud (tap0 inteface) and the other one to the physical network, so I can access remotely this system.

2. Install Vyatta system

Download your copy of Vyatta, add the ISO image to the IDE Secondary Master (CD/DVD) and boot your virtual machine. It should read the image and boot until to arrive to a Linux style prompt that ask for username and password (vyatta / vyatta by default).

Login and install Vyatta from LiveCD. You can also work directly from LiveCD, but then the changes will not be permanent. The persistent installation can be image-based or system-based:

– Image-based install. The simplest, most flexible, and most powerful way to install a Vyatta system is using a binary system image. With this method, you can install multiple versions of the Vyatta system as images and switch between the images simply and easily. You install the image from a LiveCD, reboot your system and it runs the image.

At the command prompt type:

install-image

– Disk-based install. Installation from a LiveCD onto a persistent device such as a hard disk partition. However, unlike an image-based install, a disk-based install uses a traditional layout of files on the disk. Additional system images may be added at a later time to a system created using a disk-based install.

At the command prompt type:

install-system

To be honest, in the test environment, it doesn’t make much of a difference if you use the image or system installation. I used image as it’s the simplest one, as Vyatta recommend.

3. Connect Vyatta with GNS3

Then you need a system with GNS3 installed. I’m using the same system on which VirtualBox is installed.  The scenario for today is pretty straightforward, as I just want to demonstrate how to connect Vyatta to a Cisco device (well, an emulated one in my case):

If you don’t know how to achieve the connection above in GNS3, please read this tutorial about connection of GNS3 to VirtualBox Machines. I that post I used an Ubuntu system, instead of Vyatta, but the principle is the same.

4. Basic network configuration of Vyatta system

If you work more with Cisco, like I do, then you’ll find the configuration mode a little bit different that Cisco’s standard IOS CLI. If you work with Juniper, than this might look familliar as the configuration commands and the config files look pretty much like the Juniper ones.

By default no remote access is enabled, so you’ll have to access this device over console. In VirtualBox case, you’ll have a tab there with Console. If you access it, you’ll be able to login  to Vyatta system and configure it.

4.a) Check the config file to have an idea about what you have already configured by default:

@vyatta:~$ show configuration

and you’ll see something like this:

Please ignore the user “yotis”. This is not in the default config, but I have changed something there to secure my Vyatta installation. Now you know how the config look.

4.b) Enter the configuration mode:

@vyatta:~$ configure
[edit]
[email protected]#

4.c) Configure the external interface (the one bridged to your physical network).

We want to do this to be able to remote access Vyatta device. Depending of your own IP address subnet, you’ll need to customize the command below to meet your requirements:

set interfaces ethernet eth0 address 1.1.1.1/24

Now, you might wonder, how in the name of God I suppose to know that command. The answer is read the documentation, or do what I did. Press key TAB at the command prompt to check your options. All configuration command start with set and then press TAB key:

@vyatta# set
cluster             firewall            load-balancing      protocols           service             vpn
content-inspection  interfaces          policy              qos-policy          system              zone-policy

we are interested in interfaces here, so:

@vyatta# set interfaces
adsl             bridge           loopback         openvpn          serial           wireless
bonding          ethernet         multilink        pseudo-ethernet  tunnel           wirelessmodem

And then ethernet, interface name, address keyword and the IP address. In the middle of a command keyword, if you press TAB key it will autocomplete the word, exactly like in Cisco CLI.

It’s preety simple. If you get stuck somewhere, get back to documentation or ask in the comments here.

4.d) Add a default gateway if you want to be able to access your system from anywhere (optional)

@vyatta# set protocols static route 0.0.0.0/0 next-hop 1.1.1.100

4.e) Configure the second interface (LAN)

Configure the second interface (bridged to tap0, in my case). This one will be connected to your Cisco router in GNS3. You’ll need to have the same IP subnet on both ends (Vyatta and Cisco), but I believe you already know this. Follow the same steps like in 4.c)

4.f) Commit your changes

No matter what configuration you set, it will not become active until you commit:

@vyatta# commit

4.f) Save your configuration

@vyatta# save
Saving configuration to ‘/opt/vyatta/etc/config/config.boot’…
Done

Almost done. You have configured Vyatta basic network system. Now configure the Cisco router in GNS3. I believe you know how to do that.

5. Test connection between Vyatta and Cisco router

I have 10.86.0.1 on Vyatta eth1 adapter and 10.86.0.2 on Cisco router

@vyatta:~$ ping  10.86.0.2
PING 10.86.0.2 (10.86.0.2) 56(84) bytes of data.
64 bytes from 10.86.0.2: icmp_seq=1 ttl=255 time=3.73 ms
64 bytes from 10.86.0.2: icmp_seq=2 ttl=255 time=1.90 ms
64 bytes from 10.86.0.2: icmp_seq=3 ttl=255 time=5.23 ms
64 bytes from 10.86.0.2: icmp_seq=4 ttl=255 time=4.43 ms
^C
— 10.86.0.2 ping statistics —
4 packets transmitted, 4 received, 0% packet loss, time 3012ms
rtt min/avg/max/mdev = 1.905/3.826/5.230/1.230 ms

This is it for today. In  next posts I will go a little bit deeper in the Vyatta configuration and establish some IGP and BGP connection to see how Cisco behave under different scenarios.

Manage VirtualBox over Web Interface

A while ago, I wrote an article about How to integrate GNS3 with VirtualBox in which I have shown how you can easily create a guest machine with its own Operating System and attach it with GNS3.  Everything is working fine when you have the system in front of you, and if you have a graphical interface, but what if you have a powerful server somewhere and you want to use it for virtualization with VirtualBox? Of course, you can use CLI to manage VirtualBox, create new machines, tune settings and so on, but it’s more likely to you would like to see something graphic and use the point and click method to achieve results.


One of the differences between VMware and VirtualBox, is that VMware is including a Web Interface for remote management and VirtualBox is, in fact, a desktop application. This keep me for using sometimes VMware instead of VirtualBox on remote machines. As you probably observed I’m not a big fan of VMware due to the fact the it’s integration with Ubuntu (my favourite Linux flavour) is not running all the time as expected. For example, in case of a kernel upgrade  you’ll have to patch again the source to obtain working VMware modules.

OK, enough with talking, the news is that now you can easily manage VirtualBox over Web Interface due to phpVirtualBox. What is phpVirtualBox? According to it’s developers phpVirtualBox, “is an open source, AJAX implementation of the VirtualBox user interface written in PHP with a modern web interface that allows you to access and control remote VirtualBox instances.”

phpVirtualBox interface, open in a browser, looks something like this:

Almost like the VirtualBox application on your desktop.

Installation is very simple and you can do it following the steps below (for Ubuntu 9.10).

As any web interface, phpVirtualBox require some mandatory software to be installed on your machine. In this case is Apache + PHP >= 5.2.0. I assume that you have them already installed. If not, please check this tutorial.

1. Add in your /etc/apt/source.list

deb http://download.virtualbox.org/virtualbox/debian karmic non-free

2. Update your repository

apt-get update

3. Install VirtualBox

apt-get install virtualbox-3.2

if you have problems finding it, then try to search for virtualbox:

apt-cache search virtualbox

4.phpVirtualBox requires you to start vboxwebsrv (a program distributed with VirtualBox).

Optional step – Create a user that will run vboxwebsrv or you may run it with your existing user

Then start vboxwebsrv

su vbox -c ‘/usr/bin/vboxwebsrv -b –logfile /home/vbox/vb.log –host 1.1.1.1 –port 18083’

vbox – user that I have created to run vboxwebsrc
-b – run in background
–logfile – where you want to keep your log file
–host – IP address where the process to listen; useful if you keep your VirtualBox on one machine and the phpVirtualBox web interface on another one;  if you don’t specify this paramter it will default to 127.0.0.1 and you can access it over web interface only if the phpVirtualBox script is on the same machine with VirtualBox software
–port – on which port this daemon will listen

5. Download phpVirtualBox

wget http://phpvirtualbox.googlecode.com/files/phpvirtualbox-0.5.zip

This is the last release now, but in the future it may be deprecated, so please check phpVirtualBox downloads for the latest version

6. Unpack the phpVirtualBox archive in a directory that is accessible from Web and edit config.php file

unzip phpvirtualbox-0.5.zip

cd phpvirtualbox-0.5

nano config.php

You’ll need to edit the following mandatory parameters:

/* Username / Password for system user that runs VirutalBox */
var $username = ‘vbox’;
var $password = ‘your-password’;
var $location = ‘http://1.1.1.1:18083/’;

Now you should be able to access phpVirtualBox using your customized URL in web browser.

Below you have some screen shots, just to get an idea about this excellent piece of software. The rest I’ll let you discover by your own.

Add new machine. Easy as that:

Fine tune machine settings:

Import VirtualBox appliance:

Cisco makes its Nexus 1000v virtual switch less virtual

Cisco Nexus 1000vCisco Systems is making its virtual switch, the Nexus 1000v, a little less virtual.

The Nexus 1000v virtual switch replaces the vSwitch embedded in VMware hypervisor software and aims to give network administrators more control and visibility into the switching that takes place between virtual machines on a virtual host server. To date, however, the Nexus 1000v has existed as a virtual machine — a turn-off for network administrators who are accustomed to being able to see and touch their physical network devices.

“I think a lot of network administrators were leery about having [Nexus 1000v] as a virtual appliance because it’s something that’s beyond their control,” said Eric Siebert, senior system administrator with restaurant chain Boston Market and a TechTarget contributor. “Traditionally, the virtual administrators have control over [any virtual machines on a host server].… I think the Nexus 1010 gives them the option to have that type of control in a physical chassis.”

Read more on TechTarget.com…

New XenServer (Midnight Ride beta) is here!

Citrix launched today the new XenServer with code name Midnight Ride. This version is still a beta one and Citrix decided to make it available for download and testing through it’s Beta Program.  As a participant in the Beta Program, you’ll play a critical role in helping the XenServer product team develop and deliver the next edition of the product and provide valuable insight for enhancements in future releases.
This new version of XenServer—the industry’s only fully capable, free virtual infrastructure solution—and Essentials for XenServer boasts many significant enhancements, including:

  • Granular role-based access controls within XenCenter
  • Dynamic memory control and overcommit
  • Enhanced snapshots, including full system state and one-click revert
  • Administrative logging and audit reports
  • Automation for workload balancing
  • Host power management
  • StorageLink site recovery for business continuity
  • Enhanced CPU compatibility for XenMotion

You can download the Midnight Ride beta now or if you feel that you need to know more about the Citrix’s newest product please register for the On-demand webcast

You can also evaluate the advanced management capabilities in Essentials for XenServer by downloading the Evaluation Virtual Appliance to enable Dynamic Workload Balancing, Provisioning Services and StorageLink in a single, pre-configured environment and utilize all the added features include in Essentials for XenServer, Enterprise Edition.