Setting up a virtual network using GNS3 and VirtualBox

By Shashank Shekhar Tewari

While I'm really interested in networking, it wasn't economically feasible for me to buy routers and switches and multiple hosts to set up a home network. So while studying for my CCNA, I came across GNS3 and slowly realised just how powerful it really was.

This software, along with a virtualisation software, can be used to set up very complex networks, and can be used to simulate many common network scenarios. This tutorial aims to help a person get an idea of how to set up such networks.

If you're studying anything related to networking, you can learn with this.

Doing a Cisco cert? GNS3 has been used for everything from Cisco Voice to CCIE level labs. You can use the virtual hosts to actually see the effect your configuration has done. Sure, you've setup an ACL, but is it really working? Just go to your virtual host and check. If you ping from a Cisco router just after it's setup, why is the first ping never successful? Open up Wireshark and find out.

Learning to be a sys-admin? Both GNU/Linux OSes and Microsoft OSes can be used here. You can setup a server with multiple clients, setup a mail server, etc. and see how everything works out. Setup a simple Apache web server, and see how it looks like from a host's point of view.

Interested in security and pen-testing? What better combination than having Backtrack on one end, and Damn Vulnerable Linux on the other? You can play around as much as you want, completely destroy the victim's PC, and you'll be able to go back to the original state by just opening up a saved state in Virtual Box. You can then check the Apache web server you just setup for open ports and vulnerabilities.

Since nearly every GNU/Linux OS comes with as a live version now, you don't even have to install them to a virtual hard disk to use them. Just boot it in any virtual hard disk you've created, and start using it.

Although my preferred virtualisation software is VirtualBox, you can use any you want. The settings will obviously differ. My host and guest OSes will nearly all be GNU/Linux, but both, GNS3 and VirtualBox, are available for Windows as well, and the instructions will pretty much be the same. So if you're a Windows user, give the tutorial a try, and just use a little geek-sense to figure out where things might differ.

While this has many, many applications, and the idea definitely isn't new, I did not find a decent tutorial on it, and had to figure out a lot of things myself. Hence, now that I'm free, I decided to write a tutorial myself.

Part 1 – Basic VirtualBox Setup

Things required:• Installation image of the OS being installed on the virtual machine. (In .iso format)• Adequate free space for selected guest.• Knowledge of basic networking. (know what ifconfig/ipconfig do)

What is VirtualBox?VirtualBox is a free virtualisation software, which can be used on a variety of host operating systems to run other operating systems in a virtual environment.

To download it, go here:http://www.virtualbox.org/wiki/Downloads

For a list of supported guest OSes, go here:http://www.virtualbox.org/wiki/Guest_OSes

Setting up a simple client-server network using VirtualBox

Open VirtualBox.

Click on the blue 'New' button.

This will start a wizard to create a new virtual machine on your host OS. (Your host OS is obviously the one on which Virtual Box is installed.)

Give any name you want, and choose the OS you want installed. You can choose any OS you want to, although I'll be installing RHEL 5.3. (This is simply a label for the user's benefit and can be changed later on.)

Choose the amount of memory you want. This depends entirely on the OS and the amount of memory you have on your physical machine. I've chosen 512 MB, and I think that's quite safe for most OSes.

Choose 'Create new hard disk'. Make sure the 'Boot hard disk' option is checked.

Another window pops-up, and this is the 'Create new virtual disk' wizard. This will create a file on your host which will act like a virtual hard disk.

At the next screen, it explains quite well what kind of storage type it will create. I prefer 'fixed-size', since I have the space and I don't have to worry about an ever-expanding file, but it's up to you and doesn't matter either way. Click 'Next'.

Choose the size you want. 8-10 GB is sufficient if you aren't going to use the virtual OS for anything other than learning networking.

Finally, click 'Next' and then 'Finish' to create the virtual hard disk.

Now the newly created hard disk will be automatically chosen as your hard disk in the 'Create new virtual machine' wizard, so just click 'Next', after which you can review your settings at the next screen, and finally finish to confirm.

We can review the settings of the newly created hard disk by clicking on it, and then clicking on the 'Settings' button. We will go here to ensure the image file starts on boot, and to confirm the network settings.

First let's put the image of the OS we want to install in the virtual machine's CD/DVD drive. For this, click on 'Storage.' Notice under 'IDE Controller' your newly created virtual disk and an empty CD/DVD ROM drive are listed. Click on the latter, and on the screen that comes up next to it, click on the yellow folder with the green arrow, which is next to 'CD/DVD Device.'

Add the image file of your guest OS at this screen.

Now under the main window of 'Settings', select 'System'. Change the boot order, which comes up under the tab 'Motherboard', to make sure the CD/DVD drive boots up first.

The setting that we will check now is for the 'Network'. Click on it, and you'll see a screen that lists a number of adapters, and the setting for each. Let's enable network 'Adapter 1', and under the 'Attached to' field, we shall choose 'Host-only' adapter for now. The name 'vboxnet0' will automatically come in the box below that. Leave that as it is. Click 'OK' to confirm changes.

Now start the machine.

If all goes well, the machine will boot up like a normal machine, and you can now proceed to install your guest OS.

While the installation takes place, you can check the host OS's network settings, using ifconfig/ipconfig. You should see a new adapter called 'vboxnet0'. Note the IP address. For me, it is 192.168.56.1, but it may differ for you.

After installation, set up the network settings of your guest OS: (Change accordingly if your IP address differs on the host OS)

IP address : 192.168.56.101/24Default Gateway : 192.168.56.1

If necessary, restart your network service.

You should now be able to ping the host from the guest and vice versa.

Voilà! You now have a very simple client-server network setup. Play around with it, explore Virtual Box, and when you feel you're comfortable with it, move on to the next tutorial.

ProtipIf you notice your PC is hanging/slowing down while using Virtual Box, check your CPU usage. If it's constantly at 100%, then do this:Create another Virtual Machine, with a say 50 MB hard disk, and as little ram as possible, (4MB is fine) and boot it till it halts at a black screen that says “FATAL: No bootable medium found! System halted.”

Minimize this machine (DO NOT CLOSE IT) and run your normal guest OS. You'll now notice that the CPU usage has dropped down dramatically, and will hover around 10-20%.

This is due to a weird bug in Virtual Box, wherein one machine causes excessive load, but if you have another machine running simultaneously with the first one, Virtual Box manages to load balance both of them.

Protip 2Install 'Guest Additions' for your guest OSes, to make life much easier. Among the many advantages, your mouse won't get captured each time you go to a virtual machine. It'll seamlessly move from host to guest.

For a Windows guest, after starting the virtual machine, go to Devices > Install Guest Additions.

For a GNU/Linux guest, see this tutorial by Sasquatch: http://forums.virtualbox.org/viewtopic.php?t=15679

Part 2 – Setting up the Network

Things required:• Everything needed GNS3 to run. (The program itself and a Cisco IOS image)• Knowing how to use GNS3 and how to do a basic configuration of a Cisco router• VirtualBox

What is GNS3?GNS3 is a very powerful graphical network simulator, that is normally used for preparation of Cisco exams, like CCNA, CCNP, etc. While other simulators try to recreate the environment of using a Cisco IOS, GNS3 uses the actual operating system itself. While there are many advantages to this, the biggest is that you aren't limited to a certain set of commands. You can use any command that would normally work on a router.

Of course, the downside is that you need to get a Cisco IOS image. Although there are many sites that provide it, remember that it is illegal to download it, and Cisco does not give out the IOS for free. If you can take an image of a router you own, that would be the best thing to do.

To download GNS3, go here:http://www.gns3.net/download

Windows users should probably get the 'all-in-one' pack.

If you're using a GNU/Linux OS that has a repository, it's probably available over there as well.

Ubuntu users can run this:

$ sudo apt-get install gns3

For Fedora you can refer to this guide:http://blog.ccielogs.com/step-install-gns3-linux/

In this tutorial, I'm going to jump right into configuration, and will not be talking about the basics of how to use GNS3. Why? Simply because there's a lot of resources already out there. If you're new to GNS3, then please read this fantastic tutorial:http://downloads.sourceforge.net/gns-3/GNS3-0.5-tutorial.pdf

The latest version of GNS3 is .7x, and even though the tutorial is for .5x, it's still relevant. So read it. Don't skim. Read the entire thing. I mean it.

You could also visit blindhog's site for lots of video tutorials:http://www.blindhog.net/category/gns3/

Setting up a second network adapter in VirtualBoxBefore moving on to GNS3, let's pay a short visit to VirtualBox. For this part, I have already set up two virtual machines, both of them having RHEL. Again, you can choose whatever OS you want, but make sure you have two virtual machines.

In the VirtualBox main window, go to File > Preferences.In the new window that pops up, choose 'Network'.

You'll now see the settings for 'Host-only' networks. It'll list the 'vboxnet0' adapter. We are now going to add another adapter. Click on the little network card icon with the green plus sign, that's next to the network listings.

It'll add 'vboxnet1'. Click on 'vboxnet1 network', and then click on the screwdriver.

You'll see a window pop-up that shows the default settings for this adapter. You can change it if you want, but for now we'll go with the defaults. Click 'OK.'

Now back in the main VirtualBox window, choose any one of your virtual hard disks, click on 'Settings' and highlight 'Network'. Here, enable 'Adapter 1', and attach it to 'Host-only Adapter', just like we did last time. Only this time, under the 'Name' drop down, choose 'vboxnet1', which is the adapter we just created. Click 'OK', and that's it. We are done with the VirtualBox settings for now.

Now on to GNS3.

Configuring GNS3Start GNS3.

IMPORTANT: If you're using a GNU/Linux OS, then make sure you start GNS3 while signed in as root, or through sudo by typing 'sudo gns3 &' in a terminal. This is important because if you don't do so, you will not be able to access any network interface, including the ones we just created in VirtualBox.

Also, definitely make sure you have applied idle pc values. If you don't know how to do this, read the GNS tutorial I linked to earlier.

The router I'll be using is Cisco's 3640, mainly because it has some switching capabilities, but since that's not needed for this, you can use any you want.

Drag the router, a couple of switches and a couple of clouds onto the workspace.

Right-click on cloud 'C0' and choose 'Configure'. Click on 'C0', and under the tab 'NIO Ethernet', you'll see 'Generic Ethernet NIO' and 'Linux Ethernet NIO'. Do the following steps under whichever OS your host is. Since mine is Ubuntu, I chose the Linux one. Choose 'vboxnet0' in the drop down menu, and then click on 'Add'.

You'll know see a listing for 'vboxnet0'. Click 'OK'.

Follow the same steps for 'C1', only this time choose 'vboxnet1'.

Let's move on to the router now.

I added four Ethernet interfaces to the router, by right clicking on it, choosing 'Configure', highlighting 'R0' at the next window, clicking on the 'Slots' tab, and choosing 'NM-4E'. The name may be different for your router, but choose anything. We'll only need two interfaces for this tutorial.

Now let's configure the router via the console. Long story short, these are the commands I ran:

Router>en Router#conf t Router(config)#hostname R0 R0(config)#int e0/0 R0(config-if)#ip add 192.168.56.254 255.255.255.0 R0(config-if)#no shut R0(config-if)#int e0/1 R0(config-if)#ip add 192.168.57.254 255.255.255.0 R0(config-if)#no shut R0(config-if)#do wr

Nothing too complicated. The networks 192.168.56 and 192.168.57 were chosen because of the corresponding settings of vboxnet0 and vboxnet1.

Finally, we connect the clouds to the switches, and the switches to the corresponding interfaces on the router.

Start the two virtual machines in VirtualBox. Setup static IPs on both hosts. The addresses I'll be using are:

For C0IP address : 192.168.56.10/24Default Gateway : 192.168.56.254

For C1 IP address : 192.168.57.10/24Default Gateway : 192.168.57.254

Restart your network interfaces, and that's it! You should now be able to successfully ping C0 and C1. Now you have your own simple network to play around with!

ProtipIf you're using a GNU/Linux OS, chances are that your terminal in GNS3 is an ugly-looking xterm. To change it to gnome-terminal, go to Edit > Preferences. In that, below the terminal command, just type this:

gnome-terminal --command='telnet %h %p' >/dev/null 2>&1 &

For any other terminal, just replace 'gnome-terminal' with your favourite terminal.

Protip 2Instead of the cloud icon, you can choose a normal desktop icon in GNS3. To do this, go to Edit > Symbol Manager. In the new window that pops up, highlight the 'computer' symbol in the left column, and click on the '>' to the add it to the right column, under 'Customized nodes.'Then highlight this, and under 'Customized node settings' put 'Host' under 'Name', and in the drop down menu choose it as type 'Cloud.' Then click and 'Apply', and 'OK'.

You now have a nice looking PC icon. And I'm sure you knew about this tip, since you read the GNS3 tutorial, didn't you?

Part 3 – Introduction to Wireshark

Things required:• The previous network we created, with the same settings• Wireshark

What is Wireshark?Wireshark is a free, and one of the best, packet analysers available. It is very useful in seeing what packets are going through your network, and therefore helps in learning networking as well as troubleshooting your network.

To download Wireshark, go here:http://www.wireshark.org/download.html

Like most awesome things, even this is available in your favourite GNU/Linux repository.

Ubuntu users can run this:

$ sudo apt-get install wireshark

For Fedora:

# yum install wireshark

I would strongly suggest you use Wireshark on your current network adapter to get a feel of it. If you're using GNU/Linux, you'll have to start it as root. Due to its immense popularity, a little googling will get you innumerable tutorials.

ObjectiveMost of you would have heard/read strict warnings of never using telnet for remote access. The preferred method nowadays is SSH (Secure Shell). But why is telnet so bad? Let's find out.

ProcedureAs said before, the network we'll be using is the same one we used previously. Set everything up exactly the same if you hadn't saved it. (You don't have to set up C1. We'll only be using one host this time.) After this, let's configure the router for telnet access. The commands I entered were:

R0#conf t R0(config)#line vty 0 4 R0(config-line)#password Shanx123 R0(config-line)#login

Now try telnetting to the router from C0. Since a telnet client is present on most operating systems, you don't need to download anything. Just open up a console and type 'telnet 192.168.56.254', and enter the password.

After you've verified that it's working fine, exit from telnet, and let's use Wireshark now.

In GNS3, each node is visible as a green or red dot, depending on whether it's active or not. Right -click on the node next to the route, and choose 'Capture'. Select the source. Wireshark will open automatically.

In some cases, you may get an error that says 'No packets available for capture.' In this case just right-click on the node again, and you'll see an option that says 'Start Wireshark.' Keep selecting that until it starts.

Although while capturing packets in a real network, Wireshark updates itself automatically, while capturing with GNS3 we have to periodically reload it ourselves. This is easily done by clicking on the blue circular arrow.

If you keep reloading and scrolling down, you'll see the various packets being captured. This includes the occasional CDP (Cisco Discovery Protocol) packet, maybe an ARP if you've just connected a host, etc.

Let's see what happens when you telnet. Again, telnet to the router from the host, but do not type the password just yet. Leave it at the login prompt. Go back to Wireshark, and reload the file.

You'll see a bunch of telnet related packets. Note the number of the last packet, and now quickly go back to the telnet login prompt and type the password, and press 'Enter'.

Go back to Wireshark, reload, and start analysing the telnet packets from the last packet that you noted. If you look under 'Telnet' in the description window, you'll see a field called 'Data', which has a single letter. That letter is the first letter of your password. Look at the packets below it, and you'll see your entire password being sent in clear text. Not only this, any subsequent data you send will also be in clear text.

Now try doing the same with SSH and see what its packets look like. I'll leave that as an exercise for you. The preference, nay, insistence on using SSH over telnet will be instantly obvious.

EOF