Skip to content
the broadcast

networking, computing, virtualization, automation

CSR1000v

Provision a Cisco CSR1000V-Router as Virtual-Box-VM with sliptreamed Configuration, wait until it’s up and open an Putty-SSH-Connection

2018-11-15
By: ron
On: 2018-11-15
In: automation, Scripting
With: 0 Comments

The existing Windows-Comman-Script has been enhanced so it now waits until the Router-VM is up got an IP-Address assigned using DHCP. For Demonstration-Purposes an SSH-Connection will be established. The public-key of my laptop-ssh-client is part of the slipstreamed Router-Configuration. Deploy a Router-VM with hostname „CSY“. Establish an SSH-Connection to the discovered Router-IP: Have a look to the startup-config used: This is the „CMD“-Script used:Read More →

WaitForCDPNeighbor.py enhanced: Wait for CDP Hostname with usable connected IP-Address.

2018-11-14
By: ron
On: 2018-11-14
In: automation, Scripting
With: 0 Comments

The following version adds a „-c“ option: „Connected IP-Address“-Check. the script exits, when the Router-VM is up and running and has an usable IP-Address The Script still checks all CDP-Packets received at the specified Interface: If the Sender has the correct „Hostname“ it reads the CDP-Management-IP-Address announced. This IP-Address has to be within the IP-Range of any connected IP-Network at the specified Interface. So it’ll be possible to establish a SSH-Session to the router-VM.Read More →

Python Scapy: Wait for CDP-Neighbor

2018-11-02
By: ron
On: 2018-11-02
In: automation, Scripting, Windows
With: 0 Comments

After provisioning a new Cisco CSR1000V-Router this script waits until the router is fully deployed got it’s Management-IP-Address assigned via DHCP. and returns this Management IP-Address. Prepare First, install „netaddr“-package. needed to check, if the management-IP of the CDP-Neighbor is in the correct IP-Subnet the „wait-for-CDP“-Script Obviously far to much hard-coded stuff, just as an example 😉 waiting for a CDP-Neighbor to appear with the following properties: hostname „CSR-A“ an IP-Address within the network „192.168.56.0 /24“ at the interface VirtualBox Host-Only-Network Provision a new CSR1000V Router named „CSR-A“ Run the „wait-for-CDP-Neighbor“-Script In a second CMD-Box, and… Be patient, of course. Or store the returned IP-AddressRead More →

Python Scapy: CDP-Monitor

2018-11-01
By: ron
On: 2018-11-01
In: Scripting
With: 0 Comments

Watch and decode Cisco Discovery Protocol Packetes. CDP Monitor-Script Inspired by the Scapy ARP-Monitor i created an CDP-Monitor displaying hostname and an optional Management-IP-Address. Real-Life Example Run this script: Open another CMD-Window to spin up a new CSR1000V-Router: Go back to the „python“-Screen and wait: It works, the IOS-XE CSR1000V-Router is installed and it got it’s baseline-config applied: Hostname Interface set to „ip address dhcp“ CDP enabled takes some time, but these first CDP-Packets captured were not sent in 60s interval, so don’t be scared 😉Read More →

Python Scapy: Capturing „Cisco Discovery Protocol (CDP)“

2018-10-31
By: ron
On: 2018-10-31
In: Scripting
With: 0 Comments

It’s hard to believe, how easy it is to capture (and to craft) LAN-Data using Python Scapy. I need to capture CDP-Packets and to extract information like the hostname of the sender and it’s IP-Address. As an modification of the „ARP-Monitor“-example taken from the manual Using scapy in your tools. Scapy Installation nothing special: pip install Python: Install Scapy Example: List all Interfaces of my Laptop Capture 10 Packets on a specific interface Capture CDP-Packets Decode CDP (with inactive dissector) Activate the CDP-Parser Capture again and display CDP-Information as cleartext Decode CDP-Hostname Decode CDP-Management-IP-AddressRead More →

Scripted provisioning of a Cisco CSR1000V as VirtualBox-Guest

2018-10-23
By: ron
On: 2018-10-23
In: automation
With: 0 Comments

In a lab environment it might be handy to quickly rollout new (virtual) routers without much manual intervention. The following script creates a VirtualBox-VM and boots it up. Prepare Install VirtualBox and have a CSR1000V-ISO-File ready. Execute The Inventory populates: Use it After another reboot the serial console can be accessed by a windows pipe: The pipe provides access to the serial-console:Read More →

Cisco IOS – Public-Key User-Authentication

2018-10-20
By: ron
On: 2018-10-20
In: client, linux
With: 0 Comments

It’s a two step process to get rid of insecure username/password-authentication. Generate a RSA keypair at your SSH-client btw. Cisco-IOS doesn’t support DSA-keys Configure your network device(s) to assign the (public-)key of this keypair to an user-account This user-account could get privileges from a Radius/TACACS+-Server which could provide access-logs, too. Generate RSA-Key: Windows as SSH-Client I prefer Putty, usually in form of „mRemoteNG“, so i use PuttyGen to generate the RSA keypair. Windows.Start => PuttyGen (x) RSA, 4096-bits are supported, use it [Generate] move the mouse to improve the randomgenerator change the „comment“ – for example replace it by an username add a passphrase –Read More →

Cisco IOS Service-Containers: Run an x86-VM inside a Router (Part 5: Install the Service-VM)

2018-02-12
By: ron
On: 2018-02-12
In: automation, linux
With: 0 Comments

The CSR1000V-Router has already been prepared (Create a CSR1000V-Instance with nested Virtualiation support) and in (Part 4: Package the Service-VM into an OVA) we copied the OVA-Image of our „ubuntu-server“-VM to this Router. Add the internal Network-Interface between Router and Service-VM Install the Service-VM Activate the installed Service-VM Access the VM using the (virtual) Serial-Console Logout: 3x [CTRL]+ Access the VM using SSH via the internal Network Check the local python/NAPALM-Setup to get facts about the containing routerRead More →

Cisco IOS Service-Containers: Run an x86-VM inside a Router (Part 2: Create a CSR1000v-Instance with nested Virtualization support)

2018-02-06
By: ron
On: 2018-02-06
In: automation, linux
With: 0 Comments

In real life an hardware-ISR/ASR-Router might be the correct choice. Create a CSR1000v-Instance with nested Virtualization support But since the CSR1000v-Router supports Service-Containers, too – this is the chance to prove the setup in a lab environment: IOS-XE 3.17 is the first supported release, i’ll go with IOS-XE 16.7.1 Option to enable unsigned containers any 3rd party KVM Libvirt based format / YAML manifest file Requires 4GB+ dedicated RAM ASR1000, ISR4000, CSR1000 5 Minutes to deploy the virtual CSR1000v-Router using COT I’ll use COT (Common OVF Tool (COT) – Automated Lab-Router Deployment) to deploy my CSR1000v-Router: Boot the Router Check the Virtualization-Environment: fail 🙁 MachineRead More →

Cisco IOS Service-Containers: Run an x86-VM inside a Router (Part 1: KVM Development Environment)

2018-02-05
By: ron
On: 2018-02-05
In: automation, linux
With: 0 Comments

Network Hosted Kernel Virtual Machine (KVM) Many Cisco Routers allow you to host your own virtual machine directly inside a router. DevNet: Cisco IOS KVM Service-Containers CSR 1000v ISR 4000 ASR 1000 I went through the documentation, especially Service-Containers-Tutorial.pdf and Ubuntu – Building a Service Container.pdf where very helpful. But i didn’t want to go the „Ubuntu-Desktop-14.04-LTS“-way which was described. „My“ Service-Container-VM should be: Ubuntu 16.04 LTS provides longer support (April 2021) Releases – Ubuntu Wiki Ubuntu Server save some compute/cpu/dram/harddisk-ressources by not installing an Ubuntu-Desktop-Environment inside the Router. Just network services, please! The whole deployment process can be accomplished in five steps: build aRead More →

Beitrags-Navigation

1 2 Nächste

Kategorien

  • AI
  • automation
  • awayfromevernote
  • AWS
  • Azure
  • client
  • Cloud
  • linux
  • pub
  • Scripting
  • Uncategorized
  • wan
  • Windows

Neueste Beiträge

  • Annoying Firefox-Defaults to be changed
  • Scope of this Blog
  • Terraform: Enable persistent Debugging
  • OVF/OVA-Properties
  • *** System restart required ***

Schlagwörter

ACU AI Ansible API Automation AWS Azure bash bestpractice chrome Cisco Compute Unit Controller cot CSR1000v Ethernet hsts Hyperconverged KVM Lab Linux Monitoring MTU NAPALM Nested netplan networking nexus nxos Proactive productivity Python QoS REST Scapy Scripting Security SKU todo UCSD Virtualization VMware WAN Windows Wordpress

Impressum

Impressum

Designed using Dispatch. Powered by WordPress.