VIRL Personal Edition March 2015 Webinar Cisco VIRL Engineering Team March 24, 2015 Cisco Products based on VIRL • • • • • Individual Users, Developers, Students Community Support Forum Only 15 Cisco VM (node) Limit Single User Annual Subscription License Purchased on virl.cisco.com Cisco Modeling Labs Corporate Edition /dev/innovate VIRL Personal Edition • Multi-purpose platform to innovate for SDN / NFV / Cloud paradigms • • • • Corporate Users TAC Support 15 Cisco VMs (nodes) to start; expansion packs available Multi-user Annual Subscription License AGENDA Topic Presenter 20 min IOSvL2 Introduction to L2 Switching in VIRL in VIRL Personal Edition Joel Obstfeld 10 min ASAv: Installation, Configuration and Operation in VIRL Personal Edition Ralph Schmieder 10 min Packet Capture and Interface State Brian Daugherty 15 min NxOSv Deep Dive Subhav Mittal Prashant Jhingran 5 min Q&A IOSvL2: L2 Switching in VIRL Joel Obstfeld Layer-2 Switching in VIRL • Next VIRL release will include the IOSvL2 virtual machine image • Users will have the choice of using ‘Unmanaged-switch’ or ‘IOSvL2’ to provide switching service How do you get the IOSvL2 image? • VIRL system upgrade will be required • Once completed, IOSvL2 image will be available for download via the ‘VIRL Software’ Panel in the User Workspace Management Interface • Click to select the IOSvL2 image and press the ‘start installation’ button Unmanaged Switch • Icon represents a LinuxBridge multipoint switch instance in your topology • Switch is just another LinuxBridge process running under Openstack control with more than 2 devices connected • No configuration required for the Switch • Switch is transparent – will pass .1q packets between routers IOSvL2 • Image counts against the 15-node limit in VIRL Personal Edition • Runs just like any other Virtual Machine in VIRL • Requires configuration to be applied IOSvL2 • IOSvL2 requires 768Mb Ram, 1vCPU • Image based on IOS 15.2 Switch (DSGS branch) • Provides 16 GigE interfaces, Gi0/0 reserved for OOB management • • Ports run Gi0/[0-3], Gi1/[0-3], Gi2/[0-3], Gi3/[0-3] Configured using ‘Build Initial Configurations’ function or manually, just like other Cisco VMs IOSvL2 • Interfaces operate in Layer-2 (switchport) or Layer-3 • • System default is Layer-3 mode, must specifically be configured for Layer-2 (switchport) operation VM supports Switched Virtual Interface (SVI) SVI is used for OOB management using Vlan1 interface • OOB used for configuration extraction • IOSvL2 – Build Initial configurations • Base configuration will set up all interfaces in Layer-2 mode • Ports are put into ‘access mode’ if a host or router is connected – defaults to Vlan2 • User can specify which Vlan to place a port in by setting Vlan attribute on the router/host interface • IOSvL2 to IOSvL2 connection defaults to 802.1q Trunk mode • You can connect IOSvL2 to Unmanaged switches • • Default configuration will put interface on IOSvL2 into Vlan2 Connecting IOSvL2 or Unmanaged Switches to a Flat ‘Cloud’ is not supported L2 Switching in VIRL High Level Walk Through IOSvL2 - Features • Layer-2 forwarding (auto-config’d) • DHCP Snooping • Switchport (auto-config’d) • IP device tracking • 802.1q trunk, 802.1q vlans (auto-config’d) • Switched Virtual Interfaces • Spanning Tree (auto-config’d) • Layer-3 forwarding • Port-Channel • Routing protocol support – be careful! • 802.1x passthrough • Port mirroring (SPAN) is NOT supported • Port-ACLs • Private Vlans are NOT supported • Dynamic Arp Inspection ASAv: Intro, Configuration and Operation Ralph Schmieder ASAv Demo Interface Control and Capture Managing Interface States and Packet Capture in VIRL Brian Daugherty VIRL Interface Control and Capture • The next VIRL Personal Edition release (after v0.9.17) will include two new capabilities: o Interface State Toggling o Interface Packet Capture Interface State Control – Two Down States Soft Hard x Interface State Control – Soft Down o Interface PHY state stays up o Routing protocols will react after hold timers expire o Applies to IOS XRv and ASAv Node is isolated Interface State Control – Hard Down o Interface PHY state goes down x o Routing protocols and others that track state react immediately. o Applies to IOSv, CSR1000v, NXOSv Connection is lost. Packet Capture – Two Modes Remote PCAP TCP Port @ VIRL IP PCAP Application (WireShark) Persistent File @ UWM Packet Capture - Flexibility o Limit on time, packets, and size o Filter using PCAP syntax o TCP Port is user- or autoselected o Capture files are persistent until deleted or session is ended Live Demo Demo Setup Seattle Boston Pings West 10.0.0.10 East (XRv) 0/1 192.168.0.3 0/0/0/1 South Dallas 192.168.0.2 10.0.0.26 0/0/0/2 192.168.0.7 10.0.0.13 NX-OSv Deep Dive Accelerating Nexus feature adoption with NX-OSv & VIRL Prashant Jhingran [email protected] – Technical Marketing Engineer Subhav Mital [email protected] – Product Manager March 2014 Abstract Unleash the power of NX-OSv (Nexus OS virtual) for accomplishing tasks like configuration validation, Network simulation, network programming (NX-API) and hands on learning. The objective of this session is to introduce NX-OSv (Nexus OS virtual), a software simulating Nexus switch running as a VM. This session would also talk about NX-OSv running in a VIRL (Virtual Internet Routing Lab) environment. Finally this session would showcase how to simulate network topologies comprising of various NX-OS features. Panelist Introduction & Acknowledgements • Arkadiy Shapiro (arshapir) • Kaoru Yamashita (kyamashi) • Subhav Mital (smital) • Joerg Reinecke (joreinec) • Nathan Sowatskey (nsowatsk) • Andhi Indarto (aindarto) • Ralph Schmieder (rschmied) • Joel Obstfeld (jobstfel) • Patrick Tate (ptate) • Sonu Khandelwal (sokhande) • Ray Romney (romney) • Abhinav Modi (abmodi) Agenda Introduction to NX-OSv (Nexus OS virtual) • NX-OSv - a powerful tool • Different ways of exploring NX-OSv Simulating Real World Use Cases & Success Stories • L3, L2, programmability NX-OSv Data Center Deployment Challenges • Configuration Validation, testing and prototyping new features • Troubleshooting complex networking problems • Training and familiarity of NX-OS Operating system without spending $$ • Customer Demos/Training – Capex intensive Solution: Cloud-ify NX-OS • Easily evaluate new features before it hits production – self, customer & partner education • Create highly accurate models – simulate real world & future networks • Ability to easily spawn switches on a convenient orchestration tool – flexibility & agility • Ability to scale multiple nodes within seconds – zero or lower capex Introducing NX-OSv • • Nexus OS virtual NS-OSv is a software simulating Nexus switches running as NX-OSv stands for a VM NOT an emulator • NX-OSv is because the software data plane does not emulate the Nexus hardware • It doesn’t simulate differences between N6K, N5k, N7k, N3k & N9k. It’s a reference platform for NX-OS NX-OSv – Benefits – Why NX-OSv ? • Conveniently build, test and deploy networks • Rapid prototyping of new deployments • Validate/verify network designs and configurations • Reduction in expenditure on lab equipment • Decrease time for deployment of new services • Availability and ease of scaling resources • Reducing risks due to configuration errors NX-OSv - Endless Possibilities! Configuration & Validation Hands on Learning NX-OSv Network Simulation Programmatic API NX-OSv – Data Center Fabric Simulation Features Verified on NX-OSv Layer-3 Routing Protocols: o BGP (MP-BGP) o EIGRP (IPv4 & IPv6) o ISIS o OSPF and OSPFv3 o RIPv2 o Static Routing (IPv4 & IPv6) Management/Security Protocols: o AAA (LDAP, RADIUS, TACACS+) o CDP and LLDP o NTP o SNMP o Syslog Multicast Routing Protocols: o IGMP / MLD o MSDP o PIM / PIM6 First Hop Redundancy Protocols o GLBP o HSRP (IPv4 & IPv6) o VRRP Pre-Release Features may be available: o AMT o LISP Programming o Python o NXAPI Disclaimer: Some features such as NAC, Netflow and Policy Based Routing (PBR) are configurable, but may not work. This may be useful for CLI verification. Unsupported Features on NX-OSv Bi-Directional Forwarding (BFD) Cisco TrustSec (Encryption) HA – ISSU Software Upgrades Layer-2 Switching (OTV is an exception) Hardware (TCAM) Related Features: Access Control Lists (ACL’s) Control Plane Policing (CoPP) Quality of Service (QoS) Interface Counters Port-Channel Interfaces (including vPC) Port Security Uni-Directional Link Detection (UDLD) Virtual Device Context (VDC) Q-in-Q Tunneling 802.1x (dot.1x) Creating Topologies using VIRL - Simulating Real World Use Cases & Success Stories Simulating Real World Use Cases & Success Stories Programming using NX-API 2. L2 – Fabric Path 3. L3 – DCI using BGP, MPLS 1. Use Case #1 - Programming using NX-API Programming using NX-API #Your python code #!/usr/env python JSONRPC/JSON/XML Request/response format import json import requests url = "http://172.25.91.139/ins" HTTP/S HTTP/S payload = [{'jsonrpc': '2.0', 'method': 'cli', 'params': ['show version',1], 'id': '1'}] ……… jsonrpc request/ response NXAPI web server NXAPI – Providing programmatic access to Nexus switches over HTTP/S (returns output in easy to read JSON format) Nexus 9K/7K/6K/5K/NX-OSv Programming using NX-API • Key Ask in a DC fabric - monitoring / periodic health check CRC error monitoring • Monitoring memory usage, interface stats etc. • consistency check for parameters like vlan etc. • • Python & NX-API solve this requirement Use NXAPI to call various show commands • Compare the vlans on all the switches or vPC pairs • Configure the missing vlans, alert the user and add the vlan if needed • NX-API Developer Sandbox A tool to convert NX-OS show commands into consumable Python format nx-osv-1# show run nxapi version 7.2(0)D1(1) feature nxapi nxapi sandbox nx-osv-1# Show Commands Input in Python Response in json-rpc NX-API Developer Sandbox http://<mgmt0_IP> Programming using NX-API Demo using Python scripts involving NX-API Use Case #2 – Fabric Path Fabric Path – Simulating Leaf & Spine Nodes Use Case #3 – DCI using BGP, MPLS DCI using BGP, MPLS DC-1 DCI DC-2 NX-OSv Demo Q&A Community Support Forum: http://community.dev-innovate.com/c/virl Cisco VIRL YouTube Channel: https://www.youtube.com/channel/UC41WuzXlJCGY5qLsuZ8aHkQ Or http://tinyurl.com/ok3rbje
© Copyright 2024