GNS3是一個圖形化介面的工具軟體,用來模擬真實的複雜的CISCO網路設備。

GNS3

• GNS3是一個圖形化網絡，模擬真實的複雜的網絡設備。為了讓他能夠完整的模擬，GNS3使用了底下的軟體共同來完成：

1. dynamips 的核心程序，允許模擬 Cisco IOS。
2. Dynagen 前端的dynamips文字模式,他需要 wincap 4.0 的軟體。
3. Pemu，Cisco PIX防火牆基於QEMU的模擬器。

• GNS3是一個很好的輔助工具，可以協助你快速的瞭解與習慣 CISCO 的網路環境。
• 它也可以用來試驗新功能的Cisco IOS或檢查的配置需要部署以後真正的路由器。 該項目是一個開放原始碼的免費程序，可用於多種作業系統，包括Windows，Linux和MacOS X上面。

Dynamips

• Dynamips, an IOS emulator which allows users to run IOS binary images from Cisco Systems.
• Cisco_7200_Simulator http://www.ipflow.utc.fr/index.php/Cisco_7200_Simulator
• Cisco IOS Configurations http://www.ipflow.utc.fr/index.php/Cisco_IOS_Configurations
• 下載：http://www.ipflow.utc.fr/dynamips/

Dynagen

• Dynagen, a text-based front-end for Dynamips.
• http://sourceforge.net/projects/dyna-gen/
• Dynagen Tutorial http://dynagen.org/tutorial.htm#_Toc165530747

安裝及使用 GNS3

• 下載 http://www.gns3.net/ 主程式基本上他是由三套軟體搭配而成的，你可以透過抓 All-in-one的那個直接一次裝到好。
• 直接下載 http://www.gns3.net/download
• 設定 IOS 檔案，IOS是CISCO的作業系統。
• IOS 檔案取得 例如：c3660-is-mz.121-5.T4.bin
• 請打開 GNS3 設定 IOS 和相對硬的模擬機型

1. Edit -> IOS image and Hypervisors -> IOS image
2. 指定 ios 檔案和相對應的機型

• 教學影片：http://www.blindhog.net/tutorials/gns3.htm

使用範例-console更改

• 將 console 的 telnet 程式更換為 putty 程式,可以得到比較好得顯示效果。(當然也可不用換)

1. 先將 putty 程式放到 c:\putty.exe 以方便指定路徑。
2. 點選 gns3 選單的 edit -> Preferences -> General Settings -> Terminal command: 將此欄位修改為底下內容

start c:\putty.exe -telnet %h %p

• 教學影片 http://www.blindhog.net/gns3-how-to-use-putty-for-console-access/

使用範例-簡單連線到網路的設定

• 簡單的 GNS3 使用範例影片：http://www.blindhog.net/tutorials/gns3-loopback/gns3-loopback.html

• 需要先新增一片網卡，虛擬網卡 Microsoft Adapter

• 設定此網卡 ip 為 192.168.123.100 而他的 gateway 為 192.168.123.30 (GNS3中的路由IP)

• 拓樸圖面如下：

• 開機畫面-IOS解壓縮到RAM中

Connected to Dynamips VM "R1" (ID 1, type c7200) - Console port

Self decompressing the image : #############################
              Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706

• 處理器、記憶體及網路介面的相關資訊

Cisco Internetwork Operating System Software
IOS (tm) 7200 Software (C7200-JS-M), Version 12.3(5), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Mon 27-Oct-03 15:10 by kellythw
Image text-base: 0x60008AF4, data-base: 0x61FAE000

cisco 7206VXR (NPE400) processor (revision A) with 245760K/16384K bytes of memory.
Processor board ID 4294967295
R7000 CPU at 150MHz, Implementation 39, Rev 2.1, 256KB L2, 512KB L3 Cache
6 slot VXR midplane, Version 2.1

Last reset from power-on
Bridging software.
X.25 software, Version 3.0.0.
SuperLAT software (copyright 1990 by Meridian Technology Corp).
TN3270 Emulation software.

PCI bus mb0_mb1 has 200 bandwidth points
PCI bus mb2 has 0 bandwidth points

1 FastEthernet/IEEE 802.3 interface(s)
125K bytes of non-volatile configuration memory.

65536K bytes of ATA PCMCIA card at slot 0 (Sector size 512 bytes).
8192K bytes of Flash internal SIMM (Sector size 256K).

• 第一次登入會提示你系統設定的對話

--- System Configuration Dialog ---

Would you like to enter the initial configuration dialog? [yes/no]: no

Press RETURN to get started!

• 你可以不理會他，按下 no 然後 Enter 繼續

*Nov 30 13:00:43.243: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Nov 30 13:00:44.243: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
*Nov 30 13:01:05.023: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down
*Nov 30 13:01:06.023: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down
*Nov 30 13:01:12.211: %SYS-5-RESTART: System restarted --
Cisco Internetwork Operating System Software
IOS (tm) 7200 Software (C7200-JS-M), Version 12.3(5), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Mon 27-Oct-03 15:10 by kellythw
*Nov 30 13:01:12.219: %SNMP-5-COLDSTART: SNMP agent on host Router is undergoing a cold start
Router>

• 切換到特權模式, Router> 指的是使用者exec模式,大多只是用來檢視統計資訊。
  
  • enable 為進入特權模式
  • disable 為離開特權模式
  • logout 為離開此管理介面
  
  

Router>enable
Router#
Router#disable
Router>logout

• 設定連線網卡的 ip

Router>enable
Router#configure
Configuring from terminal, memory, or network [terminal]?
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#interface fastethernet 0/0
Router(config-if)#ip address 192.168.123.30 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#
*Mar  1 00:03:50.051: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar  1 00:03:51.051: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
Router(config-if)#^Z
Router#
*Mar  1 00:04:01.191: %SYS-5-CONFIG_I: Configured from console by console

# 本地端的 ping , 成功連結
Router#ping 192.168.123.100

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.123.100, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 4/11/28 ms
Router#

• 使用 192.168.123.100 的 windows 的 ping 檢查

C:\Documents and Settings\mtchang>ipconfig
Windows IP Configuration
Ethernet adapter MS-loopback:

        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : 192.168.123.100
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.123.30

C:\Documents and Settings\mtchang>ping 192.168.123.30

Pinging 192.168.123.30 with 32 bytes of data:

Reply from 192.168.123.30: bytes=32 time=25ms TTL=255
Reply from 192.168.123.30: bytes=32 time=9ms TTL=255
Reply from 192.168.123.30: bytes=32 time=1ms TTL=255
Reply from 192.168.123.30: bytes=32 time=3ms TTL=255

Ping statistics for 192.168.123.30:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 25ms, Average = 9ms

• 確認可以後，但是發現不能登入系統所以要設定 telnet 遠端可以登入，並且賦予 route enable 密碼。

Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#enable secret 123456

• 針對 vty(telnet) 的連入加上密碼,這樣遠端才可以登入

Router(config)#line ?
  <0-6>    First Line number
  aux      Auxiliary line
  console  Primary terminal line
  vty      Virtual terminal

Router(config)#line vty 0 ?
  <1-1869>  Last Line number
  

Router(config)#line vty 0 1186
Router(config-line)#password 654321
Router(config-line)#login
Router(config-line)#^Z
Router#
*Nov 30 13:12:59.327: %SYS-5-CONFIG_I: Configured from console by console

• 從 192.168.123.30 機器測試,用telnet 連入機器

Xshell:\> telnet 192.168.123.30

Connecting to 192.168.123.30:23...
Connection established.
Escape character is '^@]'.


User Access Verification

Password: 654321
Router>enable
Password: 123456
Router#

• 儲存設定檔

Router#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
Router#