EVE-NG FRR MININET CONFIG
[TOC]
EVE-NG FRR与MININET安装
FRR EVE-NG MiniNet关系
eve-ng是一个基于容器(主机)进行虚拟化网络环境的虚拟网络软件,
- 此类软件一般在进行协议模拟的时候,需要其他组件支持具体的路由/主机的虚拟化
- 一般而言这个组件是使用FRRouting实现的
- 也就是说eve-ng负责模拟外部网络,FRRouting负责模拟网络中的具体主机
mininet和eve-ng功能类似,但eve-ng提供了图形界面
- 本实验通过让eve-ng ISIS连接Mininet的R1
- 让用户使用eve-ng的图形化界面配置mininet中使用FRR虚拟化的节点
Mininet安装
mininet一个基于python标准库进行虚拟化网络环境的虚拟网络软件,启动仅需要python环境即可
而老师提供的ubuntu镜像,自带python环境(ubuntu默认自带)
直接导入虚拟机FRR Mininet虚拟机,通过Gitee下载课程资料SRv6_Sandbox2024(git clone xxx)
前置
- python2/python3 interpreter (ubuntu系统内置无需安装)
- FRRouting (前文已经讲述)
环境配置
- python代码项目文件执行
如何使用Mininet?
- 首先进入项目文件
SRv6_Sandbox2024的目录下 - 执行下列代码即可
sudo python3 router-full.py
如果是高版本frr,例如10.1.1,则使用如下命令
sudo python3 router-full.py mgmt此时相关的使用frr虚拟化的节点的配置文件位于/tmp
如何修改frr虚拟化节点的配置文件?
# sudo vtysh --vty_socket /tmp/节点名
# 例如
sudo vtysh --vty_socket /tmp/r1FRRouting安装
在上面那个镜像中安装
https://docs.frrouting.org/projects/dev-guide/en/latest/building-frr-for-ubuntu2004.html
按照官方的教程直接编译按照即可,注意官方有多个版本的教程
对于Ubuntu请遵循此版本的教程,以免发生不可测的编译错误
EVE-NG安装
一般的安装配置的方式是基于镜像的方式
直接导入虚拟机EVE-NG-SRV6即可,导入的镜像包含以下内容
- centos系统
- EVE-NG本体
启动系统即可启动系统
ISIS Networking
虚拟机网络配置
对于该部分IPv6有不理解的地方的可以参考本文的附录:Appendix-VMWare开启IPv6支持配置
(此处不使用IPv6临时地址,此处的IPv6地址未长期地址)
本机虚拟机分配网段
IPv4: 192.168.134.1/24IPv6: fd15:4ba5:5a2b:1008::/64
FRR MiniNet主机网络
IPv4: 192.168.134.128/24IPv6: fd15:4ba5:5a2b:1008:f50e:3744:af3:ab0f/64
EVE-NG主机网络
IPv4: 192.168.134.130IPv6: fd15:4ba5:5a2b:1008:aa3:51da:c6c2:6c9c/64
frr mininet R1 config
R1 ISIS
password: sr
SRv6_Sandbox2024
sudo python3 router-full.py mgmtVtysh(located in Any): xterm need apt install
sudo vtysh --vty_socket /tmp/r1
sh run
config
interface ens33
ipv6 address 2024::2/64
ipv6 address fe80::2024/64
ipv6 router isis DEAD
end
write
# write 之后会立即生效R1 Network by Namespace
本节相关指令
mininet> dump sudo rm -rf /var/run/netns/r1 # 删除frr r1虚拟化的网卡 sudo ln -s /proc/{r1虚拟化的pid--要改}/ns/net /var/run/netns/r1 # 将mininet虚拟化的网卡link到frr r1 sudo ip link set netns r1 ens33 # 将虚拟化的frr r的虚拟网卡link到ubuntu的ens33物理网卡 # sudo ip -n r1 link set ens33 netns 1 # 配置ipv4 非必须 博主测试用 #sudo ip netns exec r1 ip addr add 192.168.134.128/24 dev ens33 # ipv6 config sudo ip netns exec r1 ip -6 addr add fd15:4ba5:5a2b:1008:f50e:3744:af3:ab0f/64 dev ens33 # sudo ip netns exec r1 ip -6 addr add fd15:4ba5:5a2b:1008:2870:d6f9:f8ad:b41f/64 dev ens33 # 接口启用 sudo ip netns exec r1 ip link set ens33 up
回到前面打开的mininet,输入dump寻找r1的进程id即pid=7392
mininet> dump
<Host ha: eth-har1:10.0.10.1 pid=7392>
<Host hb: eth-hbr4:10.0.20.1 pid=6329>
<Host hc: eth-hcr3:10.0.30.1 pid=6331>
<Host hd: eth-hdr7:10.0.70.1 pid=6333>
<LinuxRouter r1: eth-r1ha:10.0.0.5,eth-r1r2:None,eth-r1r4:None,eth-r1r3:None pid=6337>
<LinuxRouter r2: eth-r2r1:10.0.0.6,eth-r2r3:None,eth-r2r9:None pid=6339>
<LinuxRouter r3: eth-r3hc:10.0.0.7,eth-r3r2:None,eth-r3r4:None,eth-r3r1:None,eth-r3r5:None pid=6341>
<LinuxRouter r4: eth-r4hb:10.0.0.8,eth-r4r1:None,eth-r4r3:None pid=6343>
<LinuxRouter r5: eth-r5r3:10.0.0.9,eth-r5r6:None,eth-r5r7:None,eth-r5r8:None pid=6345>
<LinuxRouter r6: eth-r6r5:10.0.0.10,eth-r6r7:None,eth-r6r9:None pid=6347>
<LinuxRouter r7: eth-r7hd:10.0.0.11,eth-r7r5:None,eth-r7r6:None,eth-r7r8:None pid=6349>
<LinuxRouter r8: eth-r8r7:10.0.0.12,eth-r8r5:None pid=6351>
<LinuxRouter r9: eth-r9r6:10.0.0.13,eth-r9r2:None pid=6353>因此ln -s /proc/{r1虚拟化的pid--要改}/ns/net /var/run/netns/r1
应为ln -s /proc/7392/ns/net /var/run/netns/r1
此处pid视情况而定
重新打开一个terminal(bash)
sudo rm -rf /var/run/netns/r1
sudo ln -s /proc/3794/ns/net /var/run/netns/r1
sudo ip link set netns r1 ens33
# 为虚拟网卡分配IPv4和IPv6(这个是默认的IP不同电脑不同)
sudo ip netns exec r1 ip addr add 192.168.134.128/24 dev ens33
sudo ip netns exec r1 ip -6 addr add fd15:4ba5:5a2b:1008:f50e:3744:af3:ab0f/64 dev ens33
# 接口启用
sudo ip netns exec r1 ip link set ens33 upeve-ng R3 config
http server config
如果发现启动EVE-NG服务器的时候,发现无法虚拟化的错误
请参考本文的附录:Appendix-支持EVE-NG的虚拟化
EVE-NG镜像
- user: root
- password: eve
EVE-NG WEB后台
- user: admin
- password: eve
启动EVE-NG的镜像则自动开启WEB服务,可以看出web服务地址http://192.168.134.130
网页配置文件修复
cd /opt/unetlab/html/templates
cp ./intel/h3cvsr.yml ./amd/h3cvsr.yml 查看cloud对应的虚拟化网卡的网络信息
eve-ng中的虚拟网卡pnet0-9对应cloud0-9
其中只有pnet0可以通过NAT走外部网络本机中就是虚拟机的192.168.134.1/24网段
ifconfig | head -n 50R3 Networking by cloud0
需要EVE-NG-Win-Client-Pack-2.0 连接到虚拟节点
需要预先安装
选择full的配置文件
add an object -> network -> cloud1(pnet0)
从新增的cloud1连线到VSR3然后选择接口为em3
R3 ISIS
双击VSR3进入SSH
# 进入配置模式GigabitEthernet4/0对应em3接口
# 缩写G4/0
sys
interface GigabitEthernet4/0
port link-mode route
isis ipv6 enable 1
ipv6 address fd15:4ba5:5a2b:1008:aa3:51da:c6c2:6c9c/64
end
save查看配置情况
display ipv6 interface GigabitEthernet4/0返回结果Receives已经有数值说明网络已通畅
<R3>display ipv6 interface GigabitEthernet4/0
GigabitEthernet4/0 current state: UP
Line protocol current state: UP
IPv6 is enabled, link-local address is FE80::5200:FF:FE03:3
Global unicast address(es):
FD15:4BA5:5A2B:1008:AA3:51DA:C6C2:6C9C, subnet is FD15:4BA5:5A2B:1008::/64 [ DUPLICATE]
Joined group address(es):
FF02::1
FF02::2
FF02::1:FF03:3
FF02::1:FFC2:6C9C
MTU is 1500 bytes
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds
ND retransmit interval is 1000 milliseconds
Hosts use stateless autoconfig for addresses
IPv6 Packet statistics:
InReceives: 94
InTooShorts: 0
InTruncatedPkts: 0
InHopLimitExceeds: 0
InBadHeaders: 0
InBadOptions: 0
ReasmReqds: 0ICMP
R3 ICMP
测试ISIS,通过在R3(EVE-NG)发送ICMP报文给R1(FRR MiniNet)测试
ping ipv6 fd15:4ba5:5a2b:1008:f50e:3744:af3:ab0f source GigabitEthernet 4/0返回结果表明连通性测试成功
<R3>ping ipv6 fd15:4ba5:5a2b:1008:f50e:3744:af3:ab0f
Ping6(56 data bytes) 1::2 --> FD15:4BA5:5A2B:1008:F50E:3744:AF3:AB0F, press CTRL_C to break
56 bytes from FD15:4BA5:5A2B:1008:F50E:3744:AF3:AB0F, icmp_seq=0 hlim=64 time=0.787 ms
56 bytes from FD15:4BA5:5A2B:1008:F50E:3744:AF3:AB0F, icmp_seq=1 hlim=64 time=0.357 ms
56 bytes from FD15:4BA5:5A2B:1008:F50E:3744:AF3:AB0F, icmp_seq=2 hlim=64 time=0.325 ms
56 bytes from FD15:4BA5:5A2B:1008:F50E:3744:AF3:AB0F, icmp_seq=3 hlim=64 time=0.419 ms
56 bytes from FD15:4BA5:5A2B:1008:F50E:3744:AF3:AB0F, icmp_seq=4 hlim=64 time=0.442 ms
--- Ping6 statistics for fd15:4ba5:5a2b:1008:f50e:3744:af3:ab0f ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.325/0.466/0.787/0.166 msfrr mininet R1 ICMP
# in mininet
xterm r1
ping -6 fd15:4ba5:5a2b:1008:aa3:51da:c6c2:6c9c返回
Appendix
VMWare开启IPv6支持配置
原始分配IP
protocol@protocol-virtual-machine:~/Desktop$ ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.134.128 netmask 255.255.255.0 broadcast 192.168.134.255
inet6 fd15:4ba5:5a2b:1008:f50e:3744:af3:ab0f prefixlen 64 scopeid 0x0<global>
inet6 fd15:4ba5:5a2b:1008:2870:d6f9:f8ad:b41f prefixlen 64 scopeid 0x0<global>
inet6 fe80::d2bc:da5e:4334:72b8 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:a6:0f:fd txqueuelen 1000 (Ethernet)
RX packets 590 bytes 586878 (586.8 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 356 bytes 36437 (36.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 139 bytes 12878 (12.8 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 139 bytes 12878 (12.8 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0支持EVE-NG的虚拟化
详细可以搜索csdn 关键词 “彻底关闭HyperV”
- 关闭高级组件中的HyperV、虚拟化x2以及wsl
- 关闭HV主机服务
- bcd配置
配置说明
FRR Mininet R1
protocol-virtual-machine# sh run
Building configuration...
Current configuration:
!
frr version 10.3-dev-MyOwnFRRVersion
frr defaults traditional
hostname protocol-virtual-machine
service integrated-vtysh-config
!
interface ens33 # 配置物理接口ens33的ipv6
ipv6 address 2024::2/64
ipv6 address fe80::2024/64
ipv6 router isis DEAD # 走isis路由DEAD
exit
!
interface eth-r1ha
ipv6 address 2001:1a::1/64
ipv6 router isis DEAD
exit
!
interface eth-r1r2
ipv6 address 2001:12::1/64
ipv6 router isis DEAD
exit
!
interface eth-r1r3
ipv6 router isis DEAD
exit
!
interface eth-r1r4
ipv6 address 2001:14::1/64
ipv6 router isis DEAD
exit
!
interface lo
ipv6 address fc00:1::1/64
ipv6 router isis DEAD
exit
!
router isis DEAD # 配置isis路由
# area address 10
# system id 0101.0101.0101
# NSEL 00
net 10.0101.0101.0101.00
exit
!
segment-routing
srv6
encapsulation
source-address fc00:1::1
exit
!
endEVE-NG R3
<R3>display current-configuration
#
version 7.1.064, Release 1340P1201
#
sysname R3
#
isis 1
is-level level-1
cost-style wide
distribute bgp-ls
# area address 10
# system id 0000.0000.0003
# NSEL 00
network-entity 10.0000.0000.0003.00
#
address-family ipv6 unicast
fast-reroute lfa
fast-reroute ti-lfa
segment-routing ipv6 locator 333
#
ip unreachables enable
ip ttl-expires enable
#
password-recovery enable
#
vlan 1
#
irf-port
#
interface NULL0
#
interface GigabitEthernet1/0
port link-mode route
isis ipv6 enable 1
isis cost 20
ipv6 address 3::2/64
#
interface GigabitEthernet2/0
port link-mode route
isis ipv6 enable 1
isis cost 40
ipv6 address 1::2/64
#
interface GigabitEthernet3/0
port link-mode route
isis ipv6 enable 1
ipv6 address 39::3/64
#
interface GigabitEthernet4/0 # 绑定R3端口4的IP到EVE-NG的物理IP
port link-mode route
isis ipv6 enable 1
ipv6 address FD15:4BA5:5A2B:1008:AA3:51DA:C6C2:6C9C/64
#
bgp 100
router-id 3.3.3.3
peer 39::9 as-number 300
#
address-family link-state
peer 39::9 enable
#
address-family ipv6 unicast
import-route-append direct
import-route-append static
import-route-append isisv6 1
peer 39::9 enable
#
segment-routing ipv6
locator 333 ipv6-prefix 33:: 64 static 32
#
scheduler logfile size 16
#
line class aux
user-role network-operator
#
line class console
user-role network-admin
#
line class vty
user-role network-operator
#
line aux 0
authentication-mode none
user-role network-admin
idle-timeout 0 0
#
line con 0
user-role network-admin
idle-timeout 0 0
#
line vty 0 63
user-role network-operator
#
performance-management
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
return
[1] http://poilzero.cn/usr/uploads/2024/12/321207283.png
[2] http://poilzero.cn/usr/uploads/2024/12/793649925.png
[3] http://poilzero.cn/usr/uploads/2024/11/3394337190.png
[4] http://poilzero.cn/usr/uploads/2025/01/2899797659.jpg
