Connecting Dynamips to your local network (OSX)
- Tony Mattke
- MAC
- April 5, 2010
Ever wanted direct network access to your Dynamips lab? Have you ever needed to lab something that used the SDM, but you run Dynamips under OSX? You may have noticed using NIO_gen_eth is broken under OS X, communication between the Dynamips IOS and the local Mac box itself is not working properly. There is a solution using a tun / tap interface in OS X.
Required Software
Since OS X does not include the tun/tap devices by default, we need to download a bit of software to create them. Luckily tuntaposx from SourceForge does just that for us. Go ahead and download it and install it. Once you do you should see the following. (Yes, this is on my Hackintosh)
hackpro:~ amattke$ ls /dev/tap* /dev/tap0 /dev/tap10 /dev/tap12 /dev/tap14 /dev/tap2 /dev/tap4 /dev/tap6 /dev/tap8 /dev/tap1 /dev/tap11 /dev/tap13 /dev/tap15 /dev/tap3 /dev/tap5 /dev/tap7 /dev/tap9
Configuration
First, we need to create the tap interface, then we can bridge the router interface to this tap device. To create the tap, open the terminal and execute the following command. You will be prompted for your password to gain root privileges.
hackpro:~ amattke$ sudo ifconfig tap0 198.19.10.1 netmask 255.255.255.0
Now we can edit our Dynamips topology file and bridge the IOS interface to tap0.
[[Router R1]] model = 2611XM console = 2001 autostart = False WIC0/0 = WIC-2T F0/0 = SW1 F1/1 F0/1 = nio_tap:/dev/tap0 S0/0 = FRSW 1
Finally, we can start the virutal router up and test the connection.
R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#int f0/1 R1(config-if)#ip address 198.19.10.11 255.255.255.0 R1(config-if)#no shut R1(config-if)#end R1#ping 198.19.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 198.19.10.1, timeout is 2 seconds: .!!!!
Further thoughts
Since this tap interface is a local point-to-point connection between your local machine and the dynamips router, you will not be able to access it from your Virtual Machines, or your laptop. Obviously this could be a problem… So, in order to enable packet routing on your Mac you will need to issue the following command.
sudo sysctl -w net.inet.ip.forwarding=1
Now, if your local virtual machine is using NAT it should find your dynamips router just fine. But, for anything non local, you will need to add a route somewhere. Either on the local machine, or on your core router, which is where I did it. I simply added a route to the internal IP of my mac for the 198.19.10.0/24 network. Simple enough, works great!
If you were looking for a method to allow your dynamips router to access the internet, we can enable nat on your mac for that network as well. The following will enable the firewall, setup natd, and finally add an ipfw rule…
sudo sysctl -w net.inet.ip.fw.enable=1
sudo natd -alias_address ${YOUR_MACs_IP} -interface ${MACs_INTERFACE} -use_sockets -same_ports -unregistered_only -dynamic -clamp_mss
sudo ipfw add divert natd ip from any to any via ${MACs_INTERFACE}
If you have any questions, as always, feel free to leave a comment and I’ll try to help out the best I can. Thanks!
