GNS3
http://forum.gns3.net/

Connecting GNS3 to real networks without root using OpenVPN
http://forum.gns3.net/topic8680.html
Page 1 of 1

Author:  alx [ Thu Mar 06, 2014 8:09 pm ]
Post subject:  Connecting GNS3 to real networks without root using OpenVPN

Hi, I've just come up with an interesting setup I'd like to share. Maybe it's described somewhere else or there might be a better way, but it seems to be working well. The purpose is to connect GNS3 to real networks without running the simulator with administrative privileges. The idea is to terminate a cloud NIO UDP link using OpenVPN, a tap device and a bridge. The example below shows the steps assuming a Linux (remote) host.

Configure the host to terminate your NIO UDP link. We will use a tap device named tapR1

ip tuntap add dev tapR1 mode tap
ip link set dev tapR1 up

and an OpenVPN daemon without any cipher configured

vi /etc/openvpn/R1.ovpn
proto udp
port 20001
cipher none
dev tapR1

Although we would already be able to capture ethernet packets in tapR1 (e.g. via "tshark -i tapR1"), this device is not yet "connected" to the host. For that we need a bridge:

brctl addbr br0
brctl addif br0 tapR1

brctl show
bridge name bridge id STP enabled interfaces
br0 8000.16d7ccd907dd no tapR1

Note that there is no need to attach eth0 to br0, as you can forward packets to and from the bridge:

ip addr add 10.0.0.1/24 dev br0
ip link set dev br0 up

echo 1 > /proc/sys/net/ipv4/conf/eth0/forwarding
echo 1 > /proc/sys/net/ipv4/conf/br0/forwarding

Finally, start the OpenVPN daemon using R1.ovpn and in GNS3 configure a NIO UDP link to point to the remote host port at port 20001. Now you should be able to use 10.0.0.1 as a gateway to the physical network. HTH

Author:  claydon_dan [ Fri Mar 07, 2014 11:45 am ]
Post subject:  Re: Connecting GNS3 to real networks without root using Open

If your running GNS3 on linux, there's no need to run as root... You can just give dynamips the required permissons using setcap, which is what is done with the .deb packages.

Details are here: topic6251.html

Author:  alx [ Sun Mar 09, 2014 9:31 am ]
Post subject:  Re: Connecting GNS3 to real networks without root using Open

Hello Daniel,

yes, I'm running GNS3 on Linux too and I was unaware of setcap.

Thank you, it works now without the vpn setup.

Regards

Author:  claydon_dan [ Sun Mar 09, 2014 12:40 pm ]
Post subject:  Re: Connecting GNS3 to real networks without root using Open

Glad that sorted the problem for you!

On another note... if your using a Debian/Ubuntu distro, i'd recommend using the deb packages, which take care of the setcap.

For Ubuntu: either use the PPA (topic6666.html) or from 14.04 (Trusty Tahr) the multiverse repository
For Debian: the latest package is available in Testing/Unstable, but this would need to be recompiled for Wheezy (Stable)... (When I get around to it, I shall try and get a backport uploaded... and my standalone packages updated too!)

Page 1 of 1 All times are UTC
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/