GNS3
什么是GNS?
GNS Graphical Network Simulator
Simulator or Emulator?
尽管GNS全拼包含simulator,但实际上是emulator。我们说其是emulator,指的是GNS运行的是真实的网络操作系统。而simulator是从程序角度模拟某种行为,并不是真实的。Simulator只能模拟有限的命令,而使用真实IOS的emulator却可以使用全部命令,和操作真实设备没区别。
我该用哪个平台的IOS?
思科IOS众多。GNS工作原理是让IOS以为他真的运行在一个路由器上,也就是说GNS模拟了硬件。GNS不可能模拟思科所有的硬件平台,GNS只模拟了特定的路由器平台。那么我怎么知道GNS支持那些IOS呢?
http://docs.gns3.com/1-kBrTplBltp9P3P-AigoMzlDO-ISyL1h3bYpOl5Q8mQ/index.html#h.bi4322gmx9yl
GNS官方推荐使用 c3640, c3660, c3725, c3745 and c7200 IOS images
如果你是小白,不懂这些系列的区别,直接使用 c3725, c3745 就好了,因为这两个系列包含交换模块,可以应付99%的学习场景。
也可以去Cisco Feature Navigator去寻找支持某些特性的版本
我应该给IOS分配多大内存?
Cisco Feature Navigator 给出的DRAM实际上是最大内存需求,实际做实验时不需要这么大内存,可以适当调小。我们在GNS中添加路由器时默认内存一般选Cisco Feature Navigator给出的DRAM大小。
不同IOS要占用多大磁盘空间?
GNS默认将Project保存到 C:\Users\XXX\GNS3\projects 此时该文件夹下还没有项目
创建一个新项目,但不导入任何设备
各文件夹及其子文件夹都是空的
导入c7200 IOS,导入后默认是关闭状态
开启c7200 IOS,注意看磁盘占用变化
再拖入一个c7200 IOS
关闭一个
IO Mem文件并不是所有系列都有,c3600就没有
下载GNS3
If you download buttons here, what you're doing to be downloading gns3 and running it as what we call the local server option. So really what that means is that you're going to be running gns3 directly on top of your operating system, it's no different than when you're opening up your web browser whether it be Google Chrome or Internet Explorer or you're opening up your email application or your instant messaging chat application, all of those samples of software that opens up and runs directly on top of your operating system whether your operating system is windows or mac or linux or whatever it may be.
So what's the other option, well, downloading gns3 virtual machine, what's that refering to, if you're going to use that, one additional dependency in order to use that is to have some sort of vm software like either virtual box or wmware. OK, why would I download the gns3 vm? If you sole intention of using gns3 is simply to build cisco router and switch topologies, you just want to practice cisco routing and switching, you probably run it as local server. Where the gns3 vm, really comes into play where it's really useful to you is once you start getting into more advanced technologies we're going to be using other operating system like maybe june OS or something else like that, or maybe you want to integrate other things into your topology, maybe you want to integrate some sort of firewalls or adaptive security appliances or some network monitoring software applications. Most of the time you're doing that kind of fancy extra advanced stuff, you need to run that alongside the gns3 vm, it doesn't reallly works when gns3 is running an the local server option directly on top of your operating system.
我应该选安装哪些插件?
WINPCAP is a driver that you instal in your laptop and what it allows your laptop to do is if you've been studying networking at all whether you're preparing CCNA or anything else. You konw that when your ethernet cable is plugin to your laptop yet that ethernet nic on your laptop is seeing all kinds of ethernet frames not necessarily just frames for you, frames for lots of other people connected to your broadcast domain, now the default behavior of your nic card is as every single frame comes in the nic card, says is this for me, is this somthing I need to pay attention to or is this not for me. If it's not for me, I just deletes it, I ignore it and so the CPU within my laptop never even sees that frame, because it's not for me. But when you doing your network training and learning these protocals a lot of time, one of the best ways to learn protocals is open up something called a packet sniffer, for example Wireshark is a classic example of a free packet capture tool and the intent behind software like that is that you do want to see everything, you want to see every single frame every single packet that you nic card saw, even stuff that isn't necessarily meant for you. For example, if you want to connect to two routes and see routers doing EIGRP or OSPF, that's not for you, that's not for your laptop. So even if your nic card saw those packets it would never dispaly in you packet capture tool in your Wireshark tool, because it would never get to your CPU, that's where Winpcap comes into play. When you have Winpcap installed, it can put your network interface card into something called promiscuous(混杂的)mode which is simply a fancy way of saying hey nic card every single thing you see send it to the processor, everything! So basically the way all this works hand in hand is that when you open up your packet capture tool like Wireshark. For example Wireshark invokes the services of winpcap, and wireshark says "hey winpcap, I'm a processor running here, please put the nic card into promiscuous mode and foward to me every single packet, every frame you see". So without winpcap your packet capture tools would be pretty much useless, because all they would be able to dispaly for you, our packets leaving from your laptop or packets destined to your laptop, you wouldn't be able to see all that other stuff you want to see like CDP and BGP and VTP and all that other stuff. So that why we need winpcap.
SolarWinds response time viewer is really cool tool basically what this dose, it's sort of like a high-level tool that sorts and categorizes and classifies your traffic. Beacuse if you're ever worked with wireshark where it's capturing everything, you know within just like a minute you can have thousands and thousands of packets just depending on how busy your network is, as you're scrolling through all that stuff it can be kind of hard to see, you konw if your overall question is what's going on in my network, you konw what are the typical types of protocals and applications are running right now and what's the response time, you konw when a packet comes out, how fast is a reply coming back. I just want a sort of overview of what's going on in my network and with wireshark kind of hard to get that information. Now of course there's all sorts of filters and stuff build into Wireshark to give you that information, but with the SolarWinds response time viewer, it work in hand-in-hand with wireshark, so you've got Wireshark running and you stop, and you've got all these miscellaneous(混杂的) packets that you've captured, you can save that wireshark capture file to your laptop your hard drive or something, then you can open up the SolarWinds response time viewer to view that capture file and it gives you a real high-level like you know TCP conversations HTTP conversations, it gives you ad good snapshot of what's really going on in your network, so this is a really usefull toll have.
Dynamips got to have that. If we're running gns3 is a local server just like other software application, the Dynamips is a critical componet that is the emulator, that's the thing taking cisco software image you're using belive that's really sitting inside of a router. Dynamips is the emulation engine that emulates the router, without it the software image wouldn't do anything. Cisco's software just running on your laptop, you can't open it you can't run it, because your laptop isn't a router, Dynamips makes the software belive its operating within a router.
QEMU a very useful thing. If you're using an Adaptive Security appliance(自适应安全设备), if you're studying for like CCNA security or CCNP security you're gonna have to know about Adaptive Security appliance and firewall stuff, and that doesn't come with gns3 by default. So tto get those sort of security appliances, those firewalls, you have to run them with QEMU
VPCS is a virtual pc simulator, a lot of useful things you can do. You can build gns3 topology of routers and switches, and then drag and drop these virtual pcs in there, and they're not running like a full-blown versionof windows or anything like that. This matter fact there's no GUI in these virtual psc at all, but what you can do is you can have them start up like TCP streams and UDP streams and ping back and forth and do all kinds of really sort of cool stuff, with them to test out your network to see if your network is operating the way you thought it would operate.
CPULIMIT
启动GNS3
If your primary reason for using gns3 is that you just want to create Cisco topologies, you want to practice cisco IOS command-line routers, you want to connect them together. Then really, all you have to do is select the local server option, which is not selected bu default. And what local server simply means is that gns3 will be running on your laptop just like a normal program,just like Microsoft Outlook or Google Chrome or anything else you've got running, you'll just run directly on there and quite frankly if you're just doing basic Cisco topologies, that's probably the prefered way to go.
If you're a more advanced user, then probably want to select the local gns3 virtual machine. Now this will also require that you've already download and installed either virtual box or some flavor of vmware. Because the virtual will use virtual box or vmware as soar like the engine that's running everything.
接下来导入IOS镜像
之前说到过gns3仅支持了有限的Cisco IOS, 如果所选的的IOS是gns不支持的会怎么样呢?我提前已经知道下面系列IOS是gns不支持的
没有报错信息,继续
如果是gns支持的IOS就不会有该提示,继续,注意红框
Once we get into the world of switching with gns3, will see that we've got two sort of high-level choices for the basic world of switching. The two choices are gns3 comes with sort of like a build-in very simple switch. Like I talked about the virtual pc simulator that comes build in, well that's not a full-fledged(彻底的; 充分发展的) pc, that's not running windows or anything like that. It's basically a real stripped-down(无装饰的;简装的) pc that allows you to do like TCP and UDP streams and ICMP and stuff like that, well similarly there's something called a build-in node which is a switch node and if you select that you can select vlans on there, you can select 802.1 trunking and that's about it. So it's there's no command line, it's all GUI with little drop-down(下拉) boxes and stuff. So for simple switching if you just want to connetc some routers with switch, you don't really care about actually configuring switches, that's your easiest option. Now if you want to get a little bit more experience which you probably will, actually configuring the command line for switching, commands like configuring a VLAN in the command line, like configuring vtp, modifying some of your spaning tree parameters. Well, then your next choice is to use something called an ether switch module.I'll talk about it in detail, but of all the cisco routers that gns3 supports some of them, like the c3745 that supprot particular module, and it's a module that a real router you would slip in. It acttually has 16 ports om it and it's like a little mini switch, these sort of slide into an empty slot in your router. So in this particular case, if taht's I wanted I would click that "This is an EtherSwitch router"
If I fully load this thing, if I populate every slot with something, is that going to hurt things, is that going to slow it down in some way. Actually it doesn't. You can do that, there is no harm in doing that.
Alright the idle PC, this is definitely bears a little bit of discussion. Not going to go into the gory details of how this works at the low-level mechanics of everything, but here's what's I'll say about this is that cisco IOS is massively large,if you were actually to take a look at all the lines of code in a particular IOS software image, there will be thousands of lines of code, and what some of those lines of code do is they instruce the CPU to go intto an idle state, because it's waiting for some sort of event or trigger to happen like an incoming date packet or an incoming BGP update or a TCP keep alive or something like that. Well that's all well and good at that IOS is working on a real physical cisco chassis, the problem is it's not in this particular case it's working on an emulated router provided bu dynamips and the whole virtualization behind this. And so when it goes into that idle state, it ends up staying in that idle state and sort of going into like infinite loop which can actually cause your CPU on your laptop to skyrocket and go to like a hundred percent. By clicking this button it's going to sort of go through the code int the background and look for those particular points in the code where that would normally happen. Where it would go into this idle state and instead of telling the CPU to go into this idle infinite loop, instead it's simply going to instruct that virtual router to go to sleep. It tells it to go to sleep for a few microseconds or o few milliseconds and then it wakes up again and continues on to the next task it was going to do. So it prevents your CPU from going to that skyrocketing a hundred percent.And rember this is unique to this particular software image, even if I had another software image for this exact same router nut it was a different version or a different feature set, it would compute a different idle pc value.
GNS3 terminology
Projects are default stored at C:\Users\ziqiang\GNS3\projects.
Then I open the project file test.gns3
But how dis that project file create all of this? In other words what's in that project file that remembered all this when I created it. So let me go ahead and you'll see that in the very high level you've got three things. You've got a screenshot which just a PNG image and shows it actually took be right after I save the project, it took a screenshot of what the topology currently was. So this is nice, you can send an email attachment to somebody if you want to show that what you've created.
project-files then go into dynamips, and this is all the stuff that dynamips is using. We don't have to go into a lot of detail of what all this stuff is
but you'll also see in here there are some config files and so when you issue a right memory or a copy run start command on your router. You've created a project and you've working with it for an hour or so, and you've ready to leave it behind, you have to go off and do something else. But you might want to come back to this in the future, so on every single router and device you've got in the future you do copy run start or right mem, well what that does is in this folder is called startup config file and you can sctually open those with a text editor.
This is the last known state of your saved configuration. So next time you open this project within gns3, it will go right back to the state where it was