Juniper --- Qemu - sockets - need input please

NullZer0

Hey,

I have an Olive running jinstall-8.3R2.8-export-signed.tgz with qemu.

Now, I'm starting the olive and associating it with a win32tap interface named "tap1" ip address 10.1.1.2/8

I use to following command to initiate the router -

jqemu.exe -L . -m 256 -hda Olive.img -serial telnet::1001,server -localtime -net nic,vlan=1,macaddr=00:aa:00:00:01:01,model=i82559er -net tap,vlan=1,ifname=TAP1

The router works fine once I telnet to the guest at 10.1.1.1/8.

I can modify configs on the router etc... but now I would like to use multiple instances to build a topology with six routers. This is where the problem comes in.

Do I create an individual TAP for each qemu image and then bridge it, give it the IP address 10.1.1.2/8 and telnet to ports I specify (1001-1006) ?

If so, can anyone tell me how in the name of God do I do this?

If not, my other suggestion was to copy the qemu folder so I have qemu1, qemu2 etc and start each router linked to a different tap interface in the 10.0.0.0/8 subnet but this doesn't seem to provide direct communication between devices.

Here is the current configuration that I have on the first router connected back to 10.1.1.2/8 - pretty basic -

root> show configuration
## Last commit: 2009-08-14 17:49:06 UTC by root
version 8.3R2.8;
system {
    root-authentication {
        encrypted-password "$1$c.SpQqW2$SlgebuY7sozdOzJswgHrc."; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
interfaces {
    fxp0 {
        unit 0 {
            family inet {
                address 10.1.1.2/8;
            }
        }
    }
}

Its not rocket science to figure out that the fxp0 int is connected to the host but how is this traffic restricted? It doesn't seem to go across that subnet.


Anyone got any suggestions on how I can get the two linked for a start?
All six would be great!


Much appreciated,



iRock

NullZer0

Almost resolved -

Just for future reference. Here is the qemu config.
I'm currently using 2 images based of an orignal image that I created with FreeBSD 4.X and Junos 8.x


Create the 2 images:

qemu-img create -b olive.img -f qcow2 R1.img
qemu-img create -b olive.img -f qcow2 R2.img

Launching each instance (both contained in different folders on root of C:\)

jqemu.exe -L . -m 128 -hda R1.img -serial telnet::1001,server -localtime -net nic,vlan=1,macaddr=00:aa:00:00:01:01,model=i82559er -net tap,vlan=1,ifname=TAP1

jqemu.exe -L . -m 128 -hda R2.img -serial telnet::1002,server -localtime -net nic,vlan=2,macaddr=00:aa:00:00:01:02,model=i82559er -net tap,vlan=2,ifname=TAP2

Both of these are connected using a socket - one as server, one as client -

jqemu.exe -L . -m 128 -hda R1.img -serial telnet::1001,server -localtime -net nic,vlan=1,macaddr=00:aa:00:00:01:01,model=i82559er -net socket,vlan=1,listen=:6000

jqemu.exe -L . -m 128 -hda R2.img -serial telnet::1002,server -localtime -net nic,vlan=1,macaddr=00:aa:00:00:01:02,model=i82559er -net socket,vlan=1,connect=127.0.0.1:6000

So far I can ping between the two but I'm getting no replies while pinging the broadcast address. I'll keep experimenting.

Dardania

i'd never heard of this juniper malarky until your post - looks pretty interesting though!

would Ibe crazy to call it smoothwall appliance on steriods?

NullZer0

Dardania wrote: »

i'd never heard of this juniper malarky until your post - looks pretty interesting though!

would Ibe crazy to call it smoothwall appliance on steriods?

Its pretty cool.
Juniper would be (I think) main competitor with Cisco at the Service Provider level.

http://www.juniper.net

Demand for people that know Juniper is growing so its good to know

Check out Juniper Olive:
http://juniper.cluepon.net/index.php/Olive
As a virtual machine with Qemu (Run multiple routers on your desktop):
http://inetpro.org/wiki/IPv6Freely%27s_Juniper_Lab_using_Olive
And on VMware:
http://joost.blogsite.org/wordpress/?p=258

Very cool!

Dardania

must give it a whirl alright so... especially as its the week that i just received a cisco 871w to learn ios!

noclee

You don't needed to create multiple instance of junos, as juniper as logical routers built in, so you can have up to 15 logical routers in 1 instance of qemu inter-connected over two fxp interfaces ingress/egress on different vlan-ids. Cisco only achieved this since IOSxr.

-Noclee

logical-systems {
ce1 {
interfaces {
fxp1 {
unit 1 {
vlan-id 10;
family inet {
address 1.1.1.1/30;
}
}
}
lo0 {
unit 0 {
family inet {
address 10.10.10.1/32;
}
}
}
}
protocols {
ospf {
export export-static;
area 0.0.0.0 {
interface fxp1.1;
}
}
}
policy-options {
policy-statement export-static {
from protocol static;
then accept;
}
}
routing-options {
static {
route 100.100.100.0/24 {
discard;
install;
}
}
router-id 10.10.10.1;
}
}
pe1 {
interfaces {
fxp1 {
unit 2 {
vlan-id 11;
family inet {
address 1.1.1.5/30;
}
family mpls;
}
}
fxp2 {
unit 1 {
encapsulation vlan-ccc;
vlan-id 10;
family ccc;
}
}
lo0 {
unit 1 {
family inet {
address 10.10.10.2/32;
}
}
}
}
protocols {
mpls {
interface all;
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface fxp2.1;
interface all;
}
}
ldp {
interface all;
session 1.1.1.5 {
authentication-key "xxxxxxxxxxxxxxx"; ## SECRET-DATA
}
}
l2circuit {
neighbor 10.10.10.5 {
interface fxp2.1 {
virtual-circuit-id 100;
mtu 1400;
ignore-encapsulation-mismatch;
}
}
}
}
routing-options {
router-id 10.10.10.2;
}
}
interfaces {
fxp0 {
unit 0 {
family inet {
address 192.168.2.100/24;
}
}
}
fxp1 {
vlan-tagging;
}
fxp2 {
vlan-tagging;
}
fxp3 {
vlan-tagging;
}
fxp4 {
vlan-tagging;
}
}

NullZer0

Dardania - if your anything like me you'll love IOS!

I feel somewhat lost at the Junos CLI, I find myself trying to use "run" and space for autocomplete when I switch back to IOS. Its very irritating!

noclee - thanks for the response. Yes I am aware of being able to run multiple logical routers but I wasn't certain on how to configure them on a Junos router.

In my case, I require connecting multiple olives to build a number of different topologies.
I've managed to build some in vmware too and network them using VMware virtual networking (even running 9.4) runs like a dream!


Thanks,

iRock

aydos

Hello iRock, I am in the same shoe as you. I have setup olive and now connected the two router using Tap and socket. I noticed that with socket when i ping from one router to another i get a lot of Duplicate packets.

With Tap, i have two tap (one for each router instance) and bridge them in windows, This work fine with pinging. And i was able to set up ospf and rip.

The problem now is that this interfaces are fxp, fxp interface is a non-transisting interface and would not allow services like NAT.

How can i create other interface types and/or serial interfaces on olive?

Regards//

Aydos

NullZer0

aydos wrote: »

Hello iRock, I am in the same shoe as you. I have setup olive and now connected the two router using Tap and socket. I noticed that with socket when i ping from one router to another i get a lot of Duplicate packets.

With Tap, i have two tap (one for each router instance) and bridge them in windows, This work fine with pinging. And i was able to set up ospf and rip.

The problem now is that this interfaces are fxp, fxp interface is a non-transisting interface and would not allow services like NAT.

How can i create other interface types and/or serial interfaces on olive?

Regards//

Aydos

I've been working on configuring this in VMware as (to the best of my knowledge) you can run 9.4 without the need for a patch to enable multicast.

I think all round, its the best option - its also easier to manage!

I'm pretty limited at the moment though due to a poor internet connection. I'm using FreeBSD 4.1 but some of the guys on the Juniper IRC channel recommend using version 7 so I'm going to give that a go (although I can't see how it could make a difference).

You can configure FreeBSD 4.1 to run 7.4 by modifying the JINSTALL and then do a direct upgrade to 9.x. Seems like the best option!

You can then connect to the VMware Olive via Serial port using a named tcp socket

HTH,

iRock

noclee

You can't create state-full services on the olive m-series, need a services pic for this. If you use the j-series olive this can probably be done, but haven't tested it, as the j-series is just a pc in a box, olive.

tks,
noclee.