MPLS VPN QoS with GNS3 and Virtualbox

The integration of Virtualbox with GNS3 has driven me crazy as simulations you can do with it are limitless. When QoS over MPLS is concerned, not many websites are available explaining it in simple terms. The vast majority of results you might get on google would refer to Cisco documentations. It gives me chills to refer to Cisco documentations as it is just too vast and the thought of it overwhelms me. So in this blog, we will see how QoS works in an MPLS environment and the various types and options available with it. We will make a vanilla MPLS setup so that we can concentrate more on QoS. Continue reading

QOS with GNS3 and Virtualbox

With the addition of Virtualbox to GNS3, you can do all sorts of simulations (except full switching) involving routers, firewalls, servers (windows or linux), applications, etc. It used to bother me a lot to run a network topology and rely on ping and tftp as test traffic for QOS. Now you do not have to rely on boring traffic to test QOS. You can use actual user traffic and classify and mark it on your routers to give it preferential treatment. You can set bandwidth caps on certain protocols, you can prioritise certain protocols, you can remark certain protocols, etc. The options for QOS testing are limited by your imagination.

In this blog, we will cover basic user traffic like web, ftp and windows sharing and classifying them to mark for QOS treatment. We will rate limit some, prioritise some and remark some on our network and see its effects on the destination end. We can also use the relevant show commands to verify proper operations. Continue reading

GNS3 and Virtualbox for Certified Ethical Hacking

With the addition of Virtualbox support to GNS3, the possibilities are endless as to what can be achieved from it. The whole Internet can be simulated if your system has the horse power. Those who want to learn CEH and those who want to test certain requirements, it is best to not do it on a live network or live server because if anything goes wrong, the one who is responsible for giving 99.9% uptime will have unfortunately caused a downtime. There are many Pen Test tools which are so harmful that it could destroy the Kernel of an operating system and which is absolutely not something you want. In a less severe case, a test can cause a system to reboot causing downtime.

For some while now, Ethical hackers have been using Virtual Machines to do Pen-testing in an offline environment. The problem with this is that the actual network cannot be simulated i.e. how the server interacts in a routed network and behind a firewall could not be simulated. The vulnerabilities of end hosts could only be tested. The responsibility of an Ethical Hacker is not only to check vulnerabilities in a server but every element of the network which gives 99.9% uptime to the server. An example of this would be that you have absolutely secured your server but the hacker compromises your router and shuts your internet links down. This would cause the same effect as when your server were to go down.

With GNS3 Virtualbox edition, you can use simulate your whole network with servers, routers, firewalls, etc. so that you can see a bigger picture and thus will be able to better protect your network. One thing I will point out now is that the whole network might be impossible for a single person to simulate as it requires expertise in Networks, security, systems, applications, etc. If a person were able to simulate all these himself, then this blog might not be suited for him as his skill set is much beyond the average IT guy. In order to successfully deploy this simulation, you might require help from the network, security and even the system guys depending upon what you are not an expert in. There are resources on the Internet for configuring all of these like using a Virtual-machine on virtualbox, etc. Continue reading

Multicasting with GNS3 and Virtualbox

There were many times during my CCIE Lab preparation that I wanted to have an actual Multicast server to lab up multicasting but I had always been left with ping to test and troubleshoot multicasting. There were 2 problems to it. The first is that it is a dull and boring multicast source which can be easily switched from one router to the other which if you think, is not a good thing because multicast sources are servers which remain steady in one place. When you shift your multicast source, clarity is lost about where the source is and where the destinations could be. The second is that a receiver is simulated using an IGMP join group which again is a simulation and not an actual receiver. It could be useful in testing but not perfect. With the release of GNS3 with Virtualbox, we can simulate the whole Internet over it, if we wished (and obviously if we had resources for it). By using GNS3 and Virtualbox, we are going to send Multicast Traffic from multicast source to any multicast receiver who intends to listen to it. In this blog, we will see how to send and receive actual multicast traffic through a routed network. I could have just put a multicast source and receiver on the same router to show that multicasting works on GNS3 and Virtualbox but it wouldn’t help anyone of us gaining knowledge. So I decided to run multicasting on a 6 Router topology so that we could run multicast routing, pim sparse mode and maybe look into some issues which multicasting can give us. Continue reading