VIRL Personal Edition March 2015 Webinar
Transcription
VIRL Personal Edition March 2015 Webinar
VIRL Personal Edition March 2015 Webinar Cisco VIRL Engineering Team March 24, 2015 Cisco Products based on VIRL • • • • • Individual Users, Developers, Students Community Support Forum Only 15 Cisco VM (node) Limit Single User Annual Subscription License Purchased on virl.cisco.com Cisco Modeling Labs Corporate Edition /dev/innovate VIRL Personal Edition • Multi-purpose platform to innovate for SDN / NFV / Cloud paradigms • • • • Corporate Users TAC Support 15 Cisco VMs (nodes) to start; expansion packs available Multi-user Annual Subscription License AGENDA Topic Presenter 20 min IOSvL2 Introduction to L2 Switching in VIRL in VIRL Personal Edition Joel Obstfeld 10 min ASAv: Installation, Configuration and Operation in VIRL Personal Edition Ralph Schmieder 10 min Packet Capture and Interface State Brian Daugherty 15 min NxOSv Deep Dive Subhav Mittal Prashant Jhingran 5 min Q&A IOSvL2: L2 Switching in VIRL Joel Obstfeld Layer-2 Switching in VIRL • Next VIRL release will include the IOSvL2 virtual machine image • Users will have the choice of using ‘Unmanaged-switch’ or ‘IOSvL2’ to provide switching service How do you get the IOSvL2 image? • VIRL system upgrade will be required • Once completed, IOSvL2 image will be available for download via the ‘VIRL Software’ Panel in the User Workspace Management Interface • Click to select the IOSvL2 image and press the ‘start installation’ button Unmanaged Switch • Icon represents a LinuxBridge multipoint switch instance in your topology • Switch is just another LinuxBridge process running under Openstack control with more than 2 devices connected • No configuration required for the Switch • Switch is transparent – will pass .1q packets between routers IOSvL2 • Image counts against the 15-node limit in VIRL Personal Edition • Runs just like any other Virtual Machine in VIRL • Requires configuration to be applied IOSvL2 • IOSvL2 requires 768Mb Ram, 1vCPU • Image based on IOS 15.2 Switch (DSGS branch) • Provides 16 GigE interfaces, Gi0/0 reserved for OOB management • • Ports run Gi0/[0-3], Gi1/[0-3], Gi2/[0-3], Gi3/[0-3] Configured using ‘Build Initial Configurations’ function or manually, just like other Cisco VMs IOSvL2 • Interfaces operate in Layer-2 (switchport) or Layer-3 • • System default is Layer-3 mode, must specifically be configured for Layer-2 (switchport) operation VM supports Switched Virtual Interface (SVI) SVI is used for OOB management using Vlan1 interface • OOB used for configuration extraction • IOSvL2 – Build Initial configurations • Base configuration will set up all interfaces in Layer-2 mode • Ports are put into ‘access mode’ if a host or router is connected – defaults to Vlan2 • User can specify which Vlan to place a port in by setting Vlan attribute on the router/host interface • IOSvL2 to IOSvL2 connection defaults to 802.1q Trunk mode • You can connect IOSvL2 to Unmanaged switches • • Default configuration will put interface on IOSvL2 into Vlan2 Connecting IOSvL2 or Unmanaged Switches to a Flat ‘Cloud’ is not supported L2 Switching in VIRL High Level Walk Through IOSvL2 - Features • Layer-2 forwarding (auto-config’d) • DHCP Snooping • Switchport (auto-config’d) • IP device tracking • 802.1q trunk, 802.1q vlans (auto-config’d) • Switched Virtual Interfaces • Spanning Tree (auto-config’d) • Layer-3 forwarding • Port-Channel • Routing protocol support – be careful! • 802.1x passthrough • Port mirroring (SPAN) is NOT supported • Port-ACLs • Private Vlans are NOT supported • Dynamic Arp Inspection ASAv: Intro, Configuration and Operation Ralph Schmieder ASAv Demo Interface Control and Capture Managing Interface States and Packet Capture in VIRL Brian Daugherty VIRL Interface Control and Capture • The next VIRL Personal Edition release (after v0.9.17) will include two new capabilities: o Interface State Toggling o Interface Packet Capture Interface State Control – Two Down States Soft Hard x Interface State Control – Soft Down o Interface PHY state stays up o Routing protocols will react after hold timers expire o Applies to IOS XRv and ASAv Node is isolated Interface State Control – Hard Down o Interface PHY state goes down x o Routing protocols and others that track state react immediately. o Applies to IOSv, CSR1000v, NXOSv Connection is lost. Packet Capture – Two Modes Remote PCAP TCP Port @ VIRL IP PCAP Application (WireShark) Persistent File @ UWM Packet Capture - Flexibility o Limit on time, packets, and size o Filter using PCAP syntax o TCP Port is user- or autoselected o Capture files are persistent until deleted or session is ended Live Demo Demo Setup Seattle Boston Pings West 10.0.0.10 East (XRv) 0/1 192.168.0.3 0/0/0/1 South Dallas 192.168.0.2 10.0.0.26 0/0/0/2 192.168.0.7 10.0.0.13 NX-OSv Deep Dive Accelerating Nexus feature adoption with NX-OSv & VIRL Prashant Jhingran pjhingra@cisco.com – Technical Marketing Engineer Subhav Mital smital@cisco.com – Product Manager March 2014 Abstract Unleash the power of NX-OSv (Nexus OS virtual) for accomplishing tasks like configuration validation, Network simulation, network programming (NX-API) and hands on learning. The objective of this session is to introduce NX-OSv (Nexus OS virtual), a software simulating Nexus switch running as a VM. This session would also talk about NX-OSv running in a VIRL (Virtual Internet Routing Lab) environment. Finally this session would showcase how to simulate network topologies comprising of various NX-OS features. Panelist Introduction & Acknowledgements • Arkadiy Shapiro (arshapir) • Kaoru Yamashita (kyamashi) • Subhav Mital (smital) • Joerg Reinecke (joreinec) • Nathan Sowatskey (nsowatsk) • Andhi Indarto (aindarto) • Ralph Schmieder (rschmied) • Joel Obstfeld (jobstfel) • Patrick Tate (ptate) • Sonu Khandelwal (sokhande) • Ray Romney (romney) • Abhinav Modi (abmodi) Agenda Introduction to NX-OSv (Nexus OS virtual) • NX-OSv - a powerful tool • Different ways of exploring NX-OSv Simulating Real World Use Cases & Success Stories • L3, L2, programmability NX-OSv Data Center Deployment Challenges • Configuration Validation, testing and prototyping new features • Troubleshooting complex networking problems • Training and familiarity of NX-OS Operating system without spending $$ • Customer Demos/Training – Capex intensive Solution: Cloud-ify NX-OS • Easily evaluate new features before it hits production – self, customer & partner education • Create highly accurate models – simulate real world & future networks • Ability to easily spawn switches on a convenient orchestration tool – flexibility & agility • Ability to scale multiple nodes within seconds – zero or lower capex Introducing NX-OSv • • Nexus OS virtual NS-OSv is a software simulating Nexus switches running as NX-OSv stands for a VM NOT an emulator • NX-OSv is because the software data plane does not emulate the Nexus hardware • It doesn’t simulate differences between N6K, N5k, N7k, N3k & N9k. It’s a reference platform for NX-OS NX-OSv – Benefits – Why NX-OSv ? • Conveniently build, test and deploy networks • Rapid prototyping of new deployments • Validate/verify network designs and configurations • Reduction in expenditure on lab equipment • Decrease time for deployment of new services • Availability and ease of scaling resources • Reducing risks due to configuration errors NX-OSv - Endless Possibilities! Configuration & Validation Hands on Learning NX-OSv Network Simulation Programmatic API NX-OSv – Data Center Fabric Simulation Features Verified on NX-OSv Layer-3 Routing Protocols: o BGP (MP-BGP) o EIGRP (IPv4 & IPv6) o ISIS o OSPF and OSPFv3 o RIPv2 o Static Routing (IPv4 & IPv6) Management/Security Protocols: o AAA (LDAP, RADIUS, TACACS+) o CDP and LLDP o NTP o SNMP o Syslog Multicast Routing Protocols: o IGMP / MLD o MSDP o PIM / PIM6 First Hop Redundancy Protocols o GLBP o HSRP (IPv4 & IPv6) o VRRP Pre-Release Features may be available: o AMT o LISP Programming o Python o NXAPI Disclaimer: Some features such as NAC, Netflow and Policy Based Routing (PBR) are configurable, but may not work. This may be useful for CLI verification. Unsupported Features on NX-OSv Bi-Directional Forwarding (BFD) Cisco TrustSec (Encryption) HA – ISSU Software Upgrades Layer-2 Switching (OTV is an exception) Hardware (TCAM) Related Features: Access Control Lists (ACL’s) Control Plane Policing (CoPP) Quality of Service (QoS) Interface Counters Port-Channel Interfaces (including vPC) Port Security Uni-Directional Link Detection (UDLD) Virtual Device Context (VDC) Q-in-Q Tunneling 802.1x (dot.1x) Creating Topologies using VIRL - Simulating Real World Use Cases & Success Stories Simulating Real World Use Cases & Success Stories Programming using NX-API 2. L2 – Fabric Path 3. L3 – DCI using BGP, MPLS 1. Use Case #1 - Programming using NX-API Programming using NX-API #Your python code #!/usr/env python JSONRPC/JSON/XML Request/response format import json import requests url = "http://172.25.91.139/ins" HTTP/S HTTP/S payload = [{'jsonrpc': '2.0', 'method': 'cli', 'params': ['show version',1], 'id': '1'}] ……… jsonrpc request/ response NXAPI web server NXAPI – Providing programmatic access to Nexus switches over HTTP/S (returns output in easy to read JSON format) Nexus 9K/7K/6K/5K/NX-OSv Programming using NX-API • Key Ask in a DC fabric - monitoring / periodic health check CRC error monitoring • Monitoring memory usage, interface stats etc. • consistency check for parameters like vlan etc. • • Python & NX-API solve this requirement Use NXAPI to call various show commands • Compare the vlans on all the switches or vPC pairs • Configure the missing vlans, alert the user and add the vlan if needed • NX-API Developer Sandbox A tool to convert NX-OS show commands into consumable Python format nx-osv-1# show run nxapi version 7.2(0)D1(1) feature nxapi nxapi sandbox nx-osv-1# Show Commands Input in Python Response in json-rpc NX-API Developer Sandbox http://<mgmt0_IP> Programming using NX-API Demo using Python scripts involving NX-API Use Case #2 – Fabric Path Fabric Path – Simulating Leaf & Spine Nodes Use Case #3 – DCI using BGP, MPLS DCI using BGP, MPLS DC-1 DCI DC-2 NX-OSv Demo Q&A Community Support Forum: http://community.dev-innovate.com/c/virl Cisco VIRL YouTube Channel: https://www.youtube.com/channel/UC41WuzXlJCGY5qLsuZ8aHkQ Or http://tinyurl.com/ok3rbje