VPCs Tutorial


[2014-08-17: I have completely re-written this tutorial for better compatibility with GNS3 v0.8.6/7 and VPCS v0.5b. You may find much of the following out of date. Click on this link to be taken to the new tutorial]

Many people are not aware of how to make the best use of the features the the Virtual PCs (VPCs) program, so I thought I’d run a small tutorial.

Technical note: This tutorial was written using VPCs version 0.21 – and some of the functions described here will not work exactly the same on 0.20a, and for version 0.16 – you will have to use echo instead of TCP and UDP ping options.

To get started, I’ll assume you are working with the GNS3 Workbench, and have access to some working configurations. [If you are simply using GNS3, you may wish to read this first, to find out how to set up VPCS in GNS3]  To keep things simple, I’m going to start with the nice triangular network that is found in Wendell Odom’s CCNA books. (If you are not working with the GNS3 Workbench, then download the topology, config and startup.vpc files here [Edit - updated these files to be more compatible with GNS3 v0.8.6+ 2014-07-22]).  Or of course, you could just build your own network based on the diagram below.

To get to the working example, start by double-clicking the GNS3 Files-More exercises here icon.  This will open up a folder of exercises, and from there open the exercise 3Router-ICND_Book_Example.  In this folder you will see several files whose name begin with startup… Find the file called startup.2 (eigrp configured) and double click on it.  You will be prompted with:
Do you want to run “startup.2 (eigrp configured)”, or display its contents?”
Click on Run and the lab will load.

In the GNS3 application, from the menu select Control->Start/Resume all devices to start your routers, and once the routers have started, from the menu select Control->Console to all devices icon. After all the routers have started, and the routing protocol converged, you are ready to start learning about VPCs.

Start by activating the VPCs Konsole window. You should see:

Executing the startup file

PC1 : 10.1.1.1 255.255.255.0 gateway 10.1.1.251

PC2 : 10.1.2.1 255.255.255.0 gateway 10.1.2.252

PC3 : 10.1.3.1 255.255.255.0 gateway 10.1.3.253

NAME   IP/CIDR              GATEWAY           MAC                LPORT  RPORT
VPCS1  10.1.1.1/24          10.1.1.251        00:50:79:66:68:00  20000  30000
fe80::2050:79ff:fe66:6800/64
VPCS2  10.1.2.1/24          10.1.2.252        00:50:79:66:68:01  20001  30001
fe80::2050:79ff:fe66:6801/64
VPCS3  10.1.3.1/24          10.1.3.253        00:50:79:66:68:02  20002  30002
fe80::2050:79ff:fe66:6802/64
VPCS4  0.0.0.0/0            0.0.0.0           00:50:79:66:68:03  20003  30003
fe80::2050:79ff:fe66:6803/64
VPCS5  0.0.0.0/0            0.0.0.0           00:50:79:66:68:04  20004  30004
fe80::2050:79ff:fe66:6804/64
VPCS6  0.0.0.0/0            0.0.0.0           00:50:79:66:68:05  20005  30005
fe80::2050:79ff:fe66:6805/64
VPCS7  0.0.0.0/0            0.0.0.0           00:50:79:66:68:06  20006  30006
fe80::2050:79ff:fe66:6806/64
VPCS8  0.0.0.0/0            0.0.0.0           00:50:79:66:68:07  20007  30007
fe80::2050:79ff:fe66:6807/64
VPCS9  0.0.0.0/0            0.0.0.0           00:50:79:66:68:08  20008  30008
fe80::2050:79ff:fe66:6808/64
VPCS[1]>

The [1] shows that your focus is Virtual PC #1. From the output above, you can see that VPCS1‘s IP address is 10.1.1.1 and its default gateway is 10.1.1.251. In the GNS3 topology, it is marked as PC1Bugs.

Lesson #1 – Successful pings

In this lesson, you will see:

  • the purpose of the startup.vpc file
  • how to check your configuration
  • a successful ping to a local address (PC1Bugs’ default gateway – 10.1.1.251)
  • how to check the arp cache using the arp command
  • a successful ping to a remote address (PC2Sam – 10.1.2.1)
  • command abbreviation

It helps if you understand that the reason that your VPCs have any configuration is because there is a startup file that serves as a script file when you run vpcs.  You will learn more about script fiels in Lesson #7, but for now, I want you to understand that your startup.vpc script ended with the show command, and that you can use the show command any time you want to check your configuraiton, so begin by practicing that command.

VPCS[1]> show

NAME   IP/CIDR              GATEWAY           MAC                LPORT  RPORT
VPCS1  10.1.1.1/24          10.1.1.251        00:50:79:66:68:00  20000  30000
       fe80::2050:79ff:fe66:6800/64
VPCS2  10.1.2.1/24          10.1.2.252        00:50:79:66:68:01  20001  30001
       fe80::2050:79ff:fe66:6801/64
VPCS3  10.1.3.1/24          10.1.3.253        00:50:79:66:68:02  20002  30002
       fe80::2050:79ff:fe66:6802/64
VPCS4  0.0.0.0/0            0.0.0.0           00:50:79:66:68:03  20003  30003
       fe80::2050:79ff:fe66:6803/64
VPCS5  0.0.0.0/0            0.0.0.0           00:50:79:66:68:04  20004  30004
       fe80::2050:79ff:fe66:6804/64
VPCS6  0.0.0.0/0            0.0.0.0           00:50:79:66:68:05  20005  30005
       fe80::2050:79ff:fe66:6805/64
VPCS7  0.0.0.0/0            0.0.0.0           00:50:79:66:68:06  20006  30006
       fe80::2050:79ff:fe66:6806/64
VPCS8  0.0.0.0/0            0.0.0.0           00:50:79:66:68:07  20007  30007
       fe80::2050:79ff:fe66:6807/64
VPCS9  0.0.0.0/0            0.0.0.0           00:50:79:66:68:08  20008  30008
       fe80::2050:79ff:fe66:6808/64

Now continue by pinging the default gateway (10.1.1.251), check the arp cache using the arp command, then pinging PC2Sam, (VPCS2) whose IP address you can see from above is 10.1.2.1

VPCS[1]> ping 10.1.1.251
10.1.1.251 icmp_seq=1 ttl=255 time=8.741 ms
10.1.1.251 icmp_seq=2 ttl=255 time=3.502 ms
10.1.1.251 icmp_seq=3 ttl=255 time=1.943 ms
10.1.1.251 icmp_seq=4 ttl=255 time=3.289 ms
10.1.1.251 icmp_seq=5 ttl=255 time=2.909 ms

That worked, so there should be an arp entry for 10.1.1.251.

VPCS[1]> arp
c2:00:10:03:00:00  10.1.1.251

The arp entry is OK. When you ping a remote device, often the first ping times out if a router along the way has go through an arp request.

VPCS[1]> p 10.1.2.1
10.1.2.1 icmp_seq=1 timeout
10.1.2.1 icmp_seq=2 ttl=62 time=8.220 ms
10.1.2.1 icmp_seq=3 ttl=62 time=5.116 ms
10.1.2.1 icmp_seq=4 ttl=62 time=5.171 ms
10.1.2.1 icmp_seq=5 ttl=62 time=6.130 ms

Tip

Notice that in the second ping, I didn’t type the whole word ping, I abbreviated “ping” to “p“. This can be done with any command, so long as you type enough to identify the command.

Lesson #2 – Command history, basic navigation and help

This lesson takes you through:

  • The use of the up, down, left & right arrow keys
  • The help key (?)
  • The hist (history) command
  • Changing from one VPC to another
  • Aborting output by pressing CTRL+c

If you press the up-arrow then down-arrow keys, you will see that you can recall your previous commands. You can further edit these commands using the left-arrow and right-arrow keys. The command ? will give you a page of help, and from that help you can see there is a command hist which shows a list of the last 50 commands you have used – and hist can be abbreviated to h.

VPCS[1]> ?

show                       Print the net configuration of PCs
d                          Switch to the PC[d], d is digit, range 1 to 9
history                    List the command history
ip [arguments]             Configure PC's IP settings
dhcp                       Configure host/gateway address using DHCP
arp                        Show arp table
ping address [options]     Ping the network host
tracert address [maxhops]  Print the route packets take to network host
echo [text]                Display text in output
clear [arguments]          Clear ip/ipv6, arp/neighbor cache
set [arguments]            Set hostname, connection port and echo on or off
load filename              Load the configuration/script from the file 'filename'
save filename              Save the configuration to the file 'filename'
ver                        Show version
?                          Print help
quit                       Quit program


VPCS[1]> h
 1     show
2     ping 10.1.1.251
3     arp
4     p 10.1.2.1
5     ?
6     h

Tip

Your history is kept from session to session. If you quit a VPCs session, it saves the current command history in a file called vpcs.hist, so even when you run this lab next time, your command history will be preserved from last time!

To access one of the other VPCs, type a digit on a line by itself. In the example below, notice how I enter 2 to move to PC2, and then use the up-arrow to retrieve the ping command.

VPCS[1]> 2
VPCS[2]> ping 10.1.1.251

10.1.1.251 icmp_seq=1 ttl=254 time=4.113 ms
10.1.1.251 icmp_seq=2 ttl=254 time=7.437 ms
^C

Tip

You can stop a ping (or tracert) command by pressing CTRL+c. Notice how the last ping shows only two ping replies, then ^C on the last line, indicating that the ping was interrupted

Lesson #3 – Unsuccessful pings

This lesson will illustrate:

  • An arp request failure trying to reach a non-existant local address
  • A ping timeout trying to reach a non-existant remote address
  • An ICMP type:3, code:1 (Destination Host Unreachable) reply

This time you will ping three non-existant addresses, one on PC1Bugs’ local subnet, one to another subnet off the Yosemite router in the scenario, and the other to an address that is not part of this network at all.

VPCS[2]> 1
VPCS[1]> ping 10.1.1.2
host (10.1.1.2) not reachable

VPCS[1]> ping 10.1.2.2
10.1.2.2 icmp_seq=1 timeout
10.1.2.2 icmp_seq=2 timeout
10.1.2.2 icmp_seq=3 timeout
10.1.2.2 icmp_seq=4 timeout
10.1.2.2 icmp_seq=5 timeout

VPCS[1]> ping 4.4.4.4
*10.1.1.251 icmp_seq=1 ttl=255 time=4.660 ms (ICMP type:3, code:1, Destination host unreachable)
*10.1.1.251 icmp_seq=2 ttl=255 time=2.389 ms (ICMP type:3, code:1, Destination host unreachable)
*10.1.1.251 icmp_seq=3 ttl=255 time=2.793 ms (ICMP type:3, code:1, Destination host unreachable)
*10.1.1.251 icmp_seq=4 ttl=255 time=3.353 ms (ICMP type:3, code:1, Destination host unreachable)
*10.1.1.251 icmp_seq=5 ttl=255 time=3.166 ms (ICMP type:3, code:1, Destination host unreachable)

Notice that the first ping says that the local IP (10.1.1.2) was not reachable – in other words, VPCs sent an ARP request, but did not receive a reply. See how this is different to the second ping, which would have been sent all the way to Yosemite router, and of course Yosemite would not have been able to reach the non-existant 10.1.2.2, so the pings timeout.
For the third ping to 4.4.4.4, the ICMP packet was sent to the default gateway as well, but this time the gateway did not have a path to 4.4..4.4, so the gateway sent back an ICMP message, type:3, code:1, which equates to Destination Unreachable (type=3), Host Unreachable (code=1). (See http://www.iana.org/assignments/icmp-parameters
for a list of ICMP code/type numbers)

Configuration Update

To explore the many other ICMP replies you might get, you will first have to change some of the routing tables on these routers to make them think the network is different to what it physically is. In summary, you will:

  • Tell router Albuquerque that the 2.0.0.0/8 network is reachable via the Seville router (so the Seville router will send back Destination Unreachable messages)
  • Tell router Albuquerque that the 3.0.0.0/8 network is reachable via the Seville router, AND tell the Seville router that 3.0.0.0/8 is reachable via Albuquerque (setting up a routing loop, so packets sent to a 3.x.x.x address will loop until the TTL expires)
  • Apply an access list on Seville to stop any TCP/UDP packets on port 80 reaching PC3Elmer (so the Seville router will send ICMP Destination Administratively Prohibited messages back to the sender)
  • Make sure Albuquerque is NOT an http server, so when you send a TCP ping to its port 80, it will reply with a TCP RST
  • Make sure Albuquerque is both a tcp small server, so when you send a TCP ping to the TCP echo port (port 7) it will reply
  • Make sure Seville is an http server, so when you send a TCP ping to its port 80, it will reply

To do this, cut and paste the following lines into the configuration of Albuquerque router:

enable
configure terminal
ip route 2.0.0.0 255.0.0.0 10.1.130.253
ip route 3.0.0.0 255.0.0.0 10.1.130.253
no ip http server
service tcp-small-servers
end

And cut and paste the following lines into the configuration of Seville router:

enable
configure terminal
ip route 3.0.0.0 255.0.0.0 10.1.130.251
access-list 101 deny tcp any host 10.1.3.1 eq 80
access-list 101 deny udp any host 10.1.3.1 eq 80
access-list 101 permit ip any any
interface fa0/0
ip access-group 101 out
exit
ip http server
end

Lesson #4 – Explore ICMP replies and options

This lesson shows you how to interpret a variety of ICMP replies and options.  In particular you will explore:

  • an ICMP type:3, code:1 (Destination Host Unreachable) reply from a remote router
  • an ICMP type:11, code:0 (TTL expired) reply
  • viewing the options of the ping command
  • controlling the TTL of the ping packets you send

To achieve this you will need to:

  • send a ping from PC1Bugs to something on the 2.0.0.0 network.  Albuquerque should now send it on to Seville, and Seville reply with an ICMP Destination Unreachable.
  • send a ping from PC1Bugs to something on the 3.0.0.0 network.  Albuquerque should now send it on to Seville, and Seville return it to Albuquerque and so on.
  • issue the ping command without an ip address to see the help about the ping options.
  • issue the ping command with the -T option to control the TTL values.

Start with a ping to something on the 2.0.0.0 network.

VPCS[1]> ping 2.2.2.2
**10.1.130.253 icmp_seq=1 ttl=254 time=5.326 ms (ICMP type:3, code:1, Destination host unreachable)
*10.1.130.253 icmp_seq=2 ttl=254 time=9.323 ms (ICMP type:3, code:1, Destination host unreachable)
*10.1.130.253 icmp_seq=3 ttl=254 time=6.267 ms (ICMP type:3, code:1, Destination host unreachable)
*10.1.130.253 icmp_seq=4 ttl=254 time=5.789 ms (ICMP type:3, code:1, Destination host unreachable)

Note how the pings went to Seville, and Seville (10.1.130.253) replied with the ICMP Destination Unreachable messages (type:3, code:1) as expected.

Now test the loop condition you set up.

VPCS[1]> ping 3.3.3.3
*10.1.130.253 icmp_seq=1 ttl=254 time=83.237 ms (ICMP type:11, code:0, TTL expired in transit)
*10.1.130.253 icmp_seq=2 ttl=254 time=60.351 ms (ICMP type:11, code:0, TTL expired in transit)
*10.1.130.253 icmp_seq=3 ttl=254 time=54.258 ms (ICMP type:11, code:0, TTL expired in transit)
*10.1.130.253 icmp_seq=4 ttl=254 time=72.232 ms (ICMP type:11, code:0, TTL expired in transit)
*10.1.130.253 icmp_seq=5 ttl=254 time=74.451 ms (ICMP type:11, code:0, TTL expired in transit)

Note how the pings looped until the TTL expired at Seville, which sent back ICMP TTL Expired messages (type:11).  Try that again, but this time change the TTL of the packets sent so that they start with an odd number rather than the default even number (64).   Issue a ping command by itself to see the ping options.

VPCS[1]> ping

ping address [options], Ping the network host, Ctrl+C to stop the command
    -1             ICMP mode, default
    -2             UDP mode
    -3             TCP mode
    -P [protocol]  Same as above, setting ip protocol
                    1 - icmp, 17 - udp, 6 - tcp
    -c count       packet count
    -l size        data size
    -T ttl         set TTL, default 64
    -p port        source and destination port
    -f flag        tcp head flag, |C|E|U|A|P|R|S|F|
                             bits |7 6 5 4 3 2 1 0|
    -t             send packet until interrupt by Ctrl+C
    -i ms          wait 'ms' milliseconds between sending each packet
    -w ms          wait 'ms' milliseconds to receive the response

Notice that the option to control the starting TTL value is -T. Use it in the following command.

VPCS[1]> ping 3.3.3.3 -T 3
*10.1.130.251 icmp_seq=1 ttl=255 time=6.718 ms (ICMP type:11, code:0)
*10.1.130.251 icmp_seq=2 ttl=255 time=4.172 ms (ICMP type:11, code:0)
^C

Note that this time, the TTL Expired (Type=11) message came from Albuquerque (10.1.130.252), because the TTL expired after 3 hops.

Lesson #5 – TCP & UDP pinging

This lesson shows you how to send packets to TCP and UDP ports, and interpret the results. You will:

  • use the -P and -p options with the ping command
  • see a successful VPCs TCP ping connection
  • learn how VPCs TCP ping works
  • observe an ICMP Administratively Denied (type:3, code:13) reply to a TCP ping
  • observe a TCP RST reply
  • see a successful VPCs UDP ping
  • observe that an unsuccessful UDP ping draws a ICMP Destination Port Unreachable (type:3, code:3)

To test the Access Control List (ACL), you will use one of VPCs most powerful features – the ability to send packets to TCP and UDP ports.  To do this you will:

  • add a -P 6 (protocol=6, TCP) and a -p 23 (TCP port 23, telnet) and a -p 80 (TCP port 80, HTTP) to your “TCP” pings to see what happens when a TCP “ping” gets through, and when a TCP is denied by an ACL.
  • test a TCP “ping” to the Seville router as well, because you made it a HTTP server when you pasted the ip http server command.
  • see what happens when you try to send a “TCP ping” to Albuquerque TCP port 80 (Albuquerque is NOT an HTTP server – you made sure by pasting a no ip http server command)
  • observe the result when you send a TCP ping to the default TCP port (which happens to be port 7) on Albuquerque – that should work because you issued a service tcp-small-servers command on Albuquerque.

So here’s the plan:
From PC1Bugs

  • Ping PC3Elmer’s TCP port 23 – that should work
  • Ping PC3Elmer’s TCP port 80 – that should be denied by the ACL
  • Ping Seville router’s TCP port 80 – that should work, because you issued an ip http server command.
  • Ping Albuquerque router’s TCP port 80 – that should draw a TCP reset, because issued a no ip http server command. It is NOT an http server.
  • Ping Albuquerque router’s default TCP port (TCP port 7 is the TCP echo port) – that should work, because you issued a service tcp-small-servers command.
VPCS[1]> ping 10.1.3.1 -P 6 -p 23
Connect   23@10.1.3.1 seq=1 ttl=62 time=1311.560 ms
SendData  23@10.1.3.1 seq=1 ttl=62 time=12.115 ms
Close     23@10.1.3.1 seq=1 ttl=62 time=10.617 ms
Connect   23@10.1.3.1 seq=2 ttl=62 time=9.944 ms
SendData  23@10.1.3.1 seq=2 ttl=62 time=10.744 ms
Close     23@10.1.3.1 seq=2 ttl=62 time=17.752 ms
Connect   23@10.1.3.1 seq=3 ttl=62 time=8.096 ms
SendData  23@10.1.3.1 seq=3 ttl=62 time=12.436 ms
Close     23@10.1.3.1 seq=3 ttl=62 time=15.322 ms
Connect   23@10.1.3.1 seq=4 ttl=62 time=12.134 ms
SendData  23@10.1.3.1 seq=4 ttl=62 time=20.260 ms
Close     23@10.1.3.1 seq=4 ttl=62 time=17.187 ms
Connect   23@10.1.3.1 seq=5 ttl=62 time=13.777 ms
SendData  23@10.1.3.1 seq=5 ttl=62 time=11.590 ms
Close     23@10.1.3.1 seq=5 ttl=62 time=14.084 ms

A VPCs TCP ping works like this:

  1. A TCP SYN is sent, and if a TCP SYN/ACK is received, the VPC finishes the connection with an ACK and displays Connect, along with the time taken.
  2. A data packet (containing a few CR characters) is sent, and if TCP ACK is received, SendData is displayed, along with the time taken.
  3. A TCP FIN/ACK is sent, and if both an ACK and FIN/ACK are returned, the VPC finishes the termination handshake with an ACK and displays Close, along with the time taken.
    Sometimes the remote system, if it is not another VPC, may respond with a RST rather than a FIN/ACK, in which case VPC will display Close xx@x.x.x.x timeout
VPCS[1]> ping 10.1.3.1 -P 6 -p 80
*10.1.130.253 tcp_seq=1 ttl=254 time=9.455 ms (ICMP type:3, code:13, Communication administratively prohibited)
*10.1.130.253 tcp_seq=3 ttl=254 time=3.924 ms (ICMP type:3, code:13, Communication administratively prohibited)
*10.1.130.253 tcp_seq=5 ttl=254 time=6.600 ms (ICMP type:3, code:13, Communication administratively prohibited)

Note how the Seville router sent an ICMP Destination Unreachable (type:3) Administratively Prohibited (code:13) message for the TCP ping to PC3Elmer’s port 80. What a great tool to test ACLs!!

VPCS[1]> ping 10.1.3.253 -P 6 -p 80
Connect   80@10.1.3.253 seq=1 ttl=254 time=12.448 ms
SendData  80@10.1.3.253 seq=1 ttl=254 time=215.492 ms
Close     80@10.1.3.253 seq=1 ttl=254 time=16.636 ms
Connect   80@10.1.3.253 seq=2 ttl=254 time=5.434 ms
SendData  80@10.1.3.253 seq=2 ttl=254 time=234.653 ms
Close     80@10.1.3.253 seq=2 ttl=254 time=13.759 ms
Connect   80@10.1.3.253 seq=3 ttl=254 time=6.927 ms
SendData  80@10.1.3.253 seq=3 ttl=254 time=232.419 ms
Close     80@10.1.3.253 seq=3 ttl=254 time=10.550 ms
Connect   80@10.1.3.253 seq=4 ttl=254 time=6.130 ms
SendData  80@10.1.3.253 seq=4 ttl=254 time=235.334 ms
Close     80@10.1.3.253 seq=4 ttl=254 time=11.846 ms
Connect   80@10.1.3.253 seq=5 ttl=254 time=5.188 ms
SendData  80@10.1.3.253 seq=5 ttl=254 time=202.523 ms
Close     80@10.1.3.253 seq=5 ttl=254 time=12.864 ms

That proves that Seville is indeed listening on port 80!

VPCS[1]> ping 10.1.1.251 -P 6 -p 80
Connect   80@10.1.1.251 RST returned
Connect   80@10.1.1.251 RST returned
Connect   80@10.1.1.251 RST returned
Connect   80@10.1.1.251 RST returned
Connect   80@10.1.1.251 RST returned

As expected, Albuquerque is NOT listening on port 80, and says so!

VPCS[1]> ping 10.1.1.251 -P 6 
Connect   7@10.1.1.251 seq=1 ttl=255 time=8.001 ms
SendData  7@10.1.1.251 seq=1 ttl=255 time=6.384 ms
Close     7@10.1.1.251 seq=1 ttl=255 time=9.536 ms
Connect   7@10.1.1.251 seq=2 ttl=255 time=4.909 ms
SendData  7@10.1.1.251 seq=2 ttl=255 time=4.741 ms
Close     7@10.1.1.251 seq=2 ttl=255 time=6.241 ms
Connect   7@10.1.1.251 seq=3 ttl=255 time=3.352 ms
SendData  7@10.1.1.251 seq=3 ttl=255 time=4.962 ms
Close     7@10.1.1.251 seq=3 ttl=255 time=9.370 ms
Connect   7@10.1.1.251 seq=4 ttl=255 time=4.476 ms
SendData  7@10.1.1.251 seq=4 ttl=255 time=5.269 ms
Close     7@10.1.1.251 seq=4 ttl=255 time=7.219 ms
Connect   7@10.1.1.251 seq=5 ttl=255 time=4.735 ms
SendData  7@10.1.1.251 seq=5 ttl=255 time=7.637 ms
Close     7@10.1.1.251 seq=5 ttl=255 time=7.043 ms

Note that the last ping didn’t specify a port number – I just specified the protocol,  (-P 6) and the VPC sent it to TCP port 7, which is the well-known TCP echo port.

Tip

VPCs has some shortcuts for IP protocols 1, 6, & 17 – see the output of the ping help above. I could have said ping 10.1.1.251 -3 instead of ping 10.1.1.251 -P 6. Personally I prefer -P 6, because it makes me remember that TCP is IP protocol #6, which may be handy information in an exam one day!

And as you can see from the output above, all predictions were correct. That is:

  • The Ping to PC3Elmer’s TCP port 23 worked
  • The Ping to PC3Elmer’s TCP port 80 was denied by the ACL
  • The Ping to Seville router’s TCP port 80 worked.
  • The Ping to Albuquerque router’s TCP port 80 returned a TCP reset, because it is NOT an http server.
  • The Ping to Albuquerque router’s default TCP port worked, because you issued a service tcp-small-servers command.

Now let’s try some UDP pings. This time you will see some new ICMP replies – specifically ICMP Destination Port unreachable. When you send a TCP SYN packet to a device that is not listening on a particular port, the target device sends back a TCP RST (reset) segment. However, if you send a UDP packet to a device that is not listening on a particular port, the target device sends back am ICMP type:3, code:3 – Destination Port unreachable.
So here’s the plan:
From PC1Bugs

  • Ping PC3Elmer’s UDP port 99 – that should work – VPCs respond to all UDP packets from other VPCs
  • Ping PC3Elmer’s UDP port 80 – that should be denied by the ACL
  • Ping Seville router’s UDP port 99 – that should see an ICMP Destination Port Unreachable reply (type:3, code:3)
VPCS[1]> ping 10.1.3.1 -P 17 -p 99
10.1.3.1 udp_seq=1 ttl=62 time=7.920 ms
10.1.3.1 udp_seq=2 ttl=62 time=5.623 ms
10.1.3.1 udp_seq=3 ttl=62 time=4.979 ms
10.1.3.1 udp_seq=4 ttl=62 time=8.003 ms
10.1.3.1 udp_seq=5 ttl=62 time=6.732 ms

VPCS[1]> ping 10.1.3.1 -P 17 -p 80
**10.1.130.253 udp_seq=1 ttl=254 time=6.053 ms (ICMP type:3, code:13, Communication administratively prohibited)
*10.1.130.253 udp_seq=2 ttl=254 time=4.337 ms (ICMP type:3, code:13, Communication administratively prohibited)
^C

VPCS[1]> ping 10.1.3.253 -P 17 -p 99
*10.1.3.253 udp_seq=1 ttl=254 time=12.187 ms (ICMP type:3, code:3, Destination port unreachable)
*10.1.3.253 udp_seq=2 ttl=254 time=6.813 ms (ICMP type:3, code:3, Destination port unreachable)
^C

And as you can see from the output, all predictions were correct. That is:

  • The Ping to PC3Elmer’s UDP port 99 worked
  • The Ping to PC3Elmer’s UDP port 80 was denied by the ACL
  • The Ping to Seville router’s TCP port 99 caused an ICMP Destination Port Unreachable reply (type:3, code:3) reply.

Lesson #6 – Trying Tracert (traceroute)

Tracert actually uses the fact that routers send ICMP destination unreachable messages to trace the path through a network.  In this lesson, you will:

  • watch a tracert succeed
  • watch a tracert strike a ICMP Destination Unreachable reply along the path
  • watch a tracert detect a loop
  • control the number of hops that tracert will trace for

Using the existing topology, trace the path from PC1Bugs to

  • PC2Sam (10.1.2.1) – this should succeed
  • unknown remote address, 4.4.4.4 and 2.2.2.2 – you can expect that PC1Bugs’ default gateway (Albuquerque) will reply with a Destination Unreachable for the 4.4.4.4 address, and since you added a route to Albuquerque directing traffic to the 2.0.0.0 network to Seville, you can expect that Seville will reply with a Destination Unreachable for the trace to 2.2.2.2
  • unknown remote address, 3.3.3.3 – you can expect that Albuquerque will forward this to Seville, and Seville pass it back to Albuquerque and so on because I have engineered the loop with the route statements you added earlier.
VPCS[1]> trace 4.4.4.4
traceroute to 4.4.4.4, 64 hops max, press Ctrl+C to stop
 1   10.1.1.251   3.669 ms  1.977 ms  3.064 ms
 2   *10.1.1.251   2.238 ms (ICMP type:3, code:1, Destination host unreachable)

The ICMP type:3, code:1 is an ICMP Destination Host Unreachable, as was predicted.
Note that the default gateway router (Albuquerque) did actually reply to the first round of packets sent with a TTL of 1, proving that routers actually make the routing decision before they decrement the TTL.
Note that reply 2 has a * character at the beginning of the line to indicate that this reply indicates a failure of some kind.

VPCS[1]> trace 2.2.2.2
traceroute to 2.2.2.2, 64 hops max, press Ctrl+C to stop
 1   10.1.1.251   2.579 ms  3.204 ms  3.462 ms
 2   10.1.130.253   7.917 ms  4.209 ms  4.673 ms
 3   *10.1.130.253   12.890 ms (ICMP type:3, code:1, Destination host unreachable)

This time the trace got to Seville, but Seville has no route to the 2.0.0.0 network, so replied with the ICMP Destination Host Unreachable (type:3, code:1)

VPCS[1]> trace 3.3.3.3
traceroute to 3.3.3.3, 64 hops max, press Ctrl+C to stop
 1   10.1.1.251   2.979 ms  1.700 ms  2.143 ms
 2   10.1.130.253   6.280 ms  4.980 ms  5.108 ms
 3   10.1.130.251   9.438 ms  9.512 ms  4.398 ms
 4   10.1.130.253   4.758 ms  6.241 ms  6.453 ms
 5   10.1.130.251   6.460 ms  10.098 ms  7.811 ms
 6   10.1.130.253   8.771 ms  9.053 ms  8.533 ms
 7   10.1.130.251   11.545 ms  13.584 ms  9.932 ms
 8   10.1.130.253   10.501 ms  11.806 ms  12.095 ms
 9   10.1.130.251   55.977 ms  60.101 ms^C  *

As expected, the trace ran back and forth between Albuquerque and Seville.
Note I had to stop the trace by hitting CTRL+c, but I could have limited the number of replies by specifying the maxhops option.

VPCS[1]> trace 3.3.3.3 4
traceroute to 3.3.3.3, 4 hops max, press Ctrl+C to stop
 1   10.1.1.251   3.577 ms  2.185 ms  1.404 ms
 2   10.1.130.253   5.021 ms  3.862 ms  5.262 ms
 3   10.1.130.251   4.358 ms  4.557 ms  4.890 ms
 4   10.1.130.253   9.543 ms  9.636 ms  5.829 ms

By specifying the number 4 at the end of the tracert command, I didn’t need to hit CTRL+c to stop the trace this time.

Lesson #7 – Fun Stuff

There are a few other features that haven’t been explored yet, but can be very useful especially for documentation and test scripts.  You are about to explore:

  • Changing the VPCs display name
  • Changing a VPCs IP address
  • Creating a VPCs script file
  • Running a VPCs script file
  • Editing a VPCs script
  • How to use the echo command
  • How to control the output of scripts the set echo on and set echo off commands

In this lesson you will:

  • Change VPCs 1 -3 to names to match the diagram – ie PC1=Bugs, PC2=Sam and PC3=Elmer using the set pcname command.
  • Change the IP address of PC2Sam to 10.1.2.2/24
  • Save your configuration to a file called script1 using the save command
  • Execute a series of commands to load them into your history buffer
  • Quit VPCs to save your history buffer
  • Use a text editor to combine parts of your history buffer (vpcs.hist) with your script file (script1) to create a test script called script2
  • Document your script with comments and echo commands
  • load the text script2 into VPCs using the load command
  • change the behaviour of your script by using the set echo on and set eco off commands

Start with the name changing as shown below.  Note that you can get help about the set command by typing set, and that the first attempt to set the pcname to PC1Bugs shows you that the maximum length of a pcname is 6 characters

VPCS[1]> set   

set [lport|rport|pcname|echo], Set connection port, hostname or echo setting
    lport port     local port, listen by VPCS
    rport port     remote port, listen by dynamips
    pcname name    rename the current pc
    echo [on|off]  set echoing on or off

VPCS[1]> set pcname PC1Bugs
Hostname is too long. (should be less than 6)

VPCS[1]> set pcname Bugs   

Bugs[1]> 2
VPCS[2]> set pcname Sam 

Sam[2]> 3
VPCS[3]> set pcname Elmer

Elmer[3]>

So far, the PC IP addresses have stayed constant, so for practice, change Sam’s IP address to 10.1.2.2, leave the gateway as 10.1.2.252 and set the mask to 24 bits

Elmer[3]> 2
Sam[2]> ip          

ip [dhcp|auto|address], Configure PC's IP settings
    dhcp         Configure host/gateway address using DHCP, only ipv4
    auto         Stateless address autoconfiguration, only ipv6
                 PC will try to get the ipv6 address from the router at startup
    address [gateway] [CIDR]
                 set the PC's ip, gateway's ip and network mask
                 Default IPv4 CIDR is 24, IPv6 is 64. In the ether mode,
                 the ip of the tapx is the maximum host ID of the subnet.

                 'ip 10.1.1.70 10.1.1.65 26', set the host ip to 10.1.1.70,
                 the gateway ip to 10.1.1.65, the netmask to 255.255.255.192,
                 the tapx ip to 10.1.1.126 in the ether mode.

Sam[2]> ip 10.1.2.2 10.1.2.252 24
PC2 : 10.1.2.2 255.255.255.0 gateway 10.1.2.252

Note that since the default mask is 24 bits, I could have just issued the command, ip 10.1.2.2 10.1.2.152

Now that you have changed the hostnames and one of the IP addresses, it is a good time to save your configuration, and quit VPCs, which will force VPCs to save the history file, which you will need in the next step.

Sam[2]> save script1
.........  done

Sam[2]> quit

Of course, if you are running VPCs from within the GNS3 Workbench environment, VPCs will actually automatically restart, because I have run this instance of VPCs from within a script which saves people from accidentally quitting.  However that doesn’t matter, because you saved your configuration remember?

So now reload your configuration, and check it with the show command.  You should see all your pcnames restored, and the ip address for Sam has changed.

VPCS[1]> load script1

Executing the startup file

PC1 : 10.1.1.1 255.255.255.0 gateway 10.1.1.251

PC2 : 10.1.2.2 255.255.255.0 gateway 10.1.2.252

PC3 : 10.1.3.1 255.255.255.0 gateway 10.1.3.253

VPCS[9]> showNAME   IP/CIDR              GATEWAY           MAC                LPORT  RPORT
Bugs   10.1.1.1/24          10.1.1.251        00:50:79:66:68:00  20000  30000
       fe80::2050:79ff:fe66:6800/64
Sam    10.1.2.2/24          10.1.2.252        00:50:79:66:68:01  20001  30001
       fe80::2050:79ff:fe66:6801/64
Elmer  10.1.3.1/24          10.1.3.253        00:50:79:66:68:02  20002  30002
       fe80::2050:79ff:fe66:6802/64
VPCS4  0.0.0.0/0            0.0.0.0           00:50:79:66:68:03  20003  30003
       fe80::2050:79ff:fe66:6803/64
VPCS5  0.0.0.0/0            0.0.0.0           00:50:79:66:68:04  20004  30004
       fe80::2050:79ff:fe66:6804/64
VPCS6  0.0.0.0/0            0.0.0.0           00:50:79:66:68:05  20005  30005
       fe80::2050:79ff:fe66:6805/64
VPCS7  0.0.0.0/0            0.0.0.0           00:50:79:66:68:06  20006  30006
       fe80::2050:79ff:fe66:6806/64
VPCS8  0.0.0.0/0            0.0.0.0           00:50:79:66:68:07  20007  30007
       fe80::2050:79ff:fe66:6807/64
VPCS9  0.0.0.0/0            0.0.0.0           00:50:79:66:68:08  20008  30008
       fe80::2050:79ff:fe66:6808/64

VPCS[9]> 2
Sam[2]>

The next task is to create a new file which will become our second script file, and you will use the contents of the script1 you saved in VPCs and the contents of vpcs.hist to create this script. In a file browser, navigate to the folder /opt/GNS3/Project/3Router_ICND_Book_Example – it is the same folder where you fond the startup.2 (eigrp configured) file when you started in Lesson #1.

Create a blank file called script2 in this folder – you can do this by clicking File->Create Document -> Empty file, and giving it the name script2.

Double click on this file to open it in gedit.  Put a comment right at the top something like this:

#Script file created for testing vpcs

Tip

Comments can be placed in script files by starting the comment with the # character.

Now locate the file called script1 in the same directory and double-click on it to open it also in gedit. It should look like this:

1
set pcname Bugs
ip 10.1.1.1 10.1.1.251 24
2
set pcname Sam
ip 10.1.2.2 10.1.2.252 24
3
set pcname Elmer
ip 10.1.3.1 10.1.3.253 24
4
set pcname VPCS
5
set pcname VPCS
6
set pcname VPCS
7
set pcname VPCS
8
set pcname VPCS
9
set pcname VPCS

Copy and paste the first 9 lines into your script2 file. It should now look like:

#Script file created for testing vpcs
1
set pcname Bugs
ip 10.1.1.1 10.1.1.251 24
2
set pcname Sam
ip 10.1.2.2 10.1.2.252 24
3
set pcname Elmer
ip 10.1.3.1 10.1.3.253 24

Now open (in the same directory) the file called vpcs.hist. In it you will find all the commands you have entered so far. If you have followed this tutorial to the letter, it should look like this:

show
ping 10.1.1.251
arp
p 10.1.2.1
?
h
2
p 10.1.2.1
1
ping 10.1.1.2
ping 10.1.2.2
ping 4.4.4.4
ping 2.2.2.2
ping 3.3.3.3
ping
ping 3.3.3.3 -T 3
ping 10.1.3.1 -P 6 -p 23
ping 10.1.3.1 -P 6 -p 80
ping 10.1.3.253 -P 6 -p 80
ping 10.1.1.251 -P 6 -p 80
ping 10.1.3.1 -P 17 -p 99
ping 10.1.3.1 -P 17 -p 80
ping 10.1.3.253 -P 17 -p 99
trace 4.4.4.4
trace 2.2.2.2
trace 3.3.3.3
trace 3.3.3.3 4
set
set pcname Bugs
2
set pcname Sam
3
set pcname Elmer
2
ip
ip 10.1.2.2 10.1.2.252 24
save script1
quit

Now I want you to copy all of the lines from vpcs.hist EXCEPT the last 2 lines – the save command and the quit command at the end. You are about to paste them in script2, but there is one more task before we do that!

Back in the script2 file, go to the end of the file and add these commands:

1
echo Here is the beginning of the history file

The command 1 on a line by itself is to ensure that we start at the correct PC. The echo command will display a message as our script is executing. Now, immediately after these lines, paste the contents of vpcs.hist that you just copied, and save the file. Don’t close it, you have more to do yet.

And now let’s see this script run! Back in VPCs, load this updated script.

load script2

And watch all those commands being executed – did you see the message “Here is the beginning of the history file” appear?
But if you look closely, you will see there is a problem – you can’t see exactly which commands are producing which output. Never fear there is an answer for that.

Go back to your script2 file in the editor, and add the single command at the top of the file (after your comment)

set echo on

Save the file again, and load it one more time. If you get sick of waiting for it to complete, hit CTRL+c

Tip

Script files can be aborted by hitting CTRL+c

Now notice that while the script is executing, the command that produces the output is displayed before the command. This is the effect of the set echo on command. However, there is a catch.

Enter a command like ping 10.1.1.251

Bugs[1]> ping 10.1.1.251
ping 10.1.1.251
10.1.1.251 icmp_seq=1 ttl=255 time=2.756 ms
10.1.1.251 icmp_seq=2 ttl=255 time=2.895 ms
10.1.1.251 icmp_seq=3 ttl=255 time=3.437 ms
10.1.1.251 icmp_seq=4 ttl=255 time=3.104 ms
10.1.1.251 icmp_seq=5 ttl=255 time=4.335 ms

See how the command is echoed on the output after you type it? This can be corrected by reversing the set echo on command we put at the beginning of the file by putting a set echo off at the end of the file – but of course you will have to let the whole script run without interruption for it to take effect. Of course you could just type: set echo off at the vpcs command line to turn it off yourself.

That completes this lesson and the tutorial.  I hope you can now use this powerful tool more effectively.

Chris Welsh

http://rednectar.net

@rednectarchris

Footnote: What VPCs DOESN’T do

VPCs is a VERY useful troubleshooting tool when used in your GNS3 environment, and does everything you’d want it to do almost 100% of the time. There are some minor features not implemented that you might want to be aware of:

  1. VPCs has no concept of MTU or IP fragmentation.  If you ask it to send a ping of 2000 bytes, it will.  All in one packet!  This makes it impossible to use to test IP fragmentation.
  2. Still on the fragmentation, if you send a VPCs host a ping that arrives in fragments, it can’t put the fragments back together, so the pings will fail.
  3. The DF (Don’t Fragment) bit on your pings is set by default, so you can test links with MTUs less than 1500 OK – however, if you want to set fragmentation across that link, you can’t turn the DF bit off.
  4. Similarly, other fancy IP options, like record route can’t be set either.
  5. VPCs don’t have any layer 3 routing capability beyond a default gateway.  Therefore VPCs can’t act upon ICMP re-directs if it ever receives one.


About these ads

41 Responses to VPCs Tutorial

  1. dinesh says:

    How use rlogin command to telnet the remote router from VPCs?

    • @dinesh – if you are running VPCS and GNS3 at the same time, check out the port number that the router uses for the console port (usually 2101 for R1, 2102 for R2 ….).

      From VPCS, you can do a rlogin 2101:

      Welcome to Virtual PC Simulator, version 0.5b2
      Dedicated to Daling.
      Build time: Nov 15 2013 08:39:02
      Copyright (c) 2007-2013, Paul Meng (mirnshi@gmail.com)
      All rights reserved.
      
      VPCS is free software, distributed under the terms of the "BSD" licence.
      Source code and license can be found at vpcs.sf.net.
      For more information, please visit wiki.freecode.com.cn.
      
      Press '?' to get help.
      
      VPCS[1]> rlogin 2101
      
      Connect 127.0.0.1:2101, press Ctrl+X to quit
      NOTES: you will be back to the starting point, NOT THE LAST, 
             if using Ctrl+X to quit.
      Connected to Dynamips VM "R1" (ID 0, type c3725) - Console port
      Press ENTER to get the prompt.
      
      R1#
      
    • dinesh says:

      Please explain the use of the below command
      rlogin 10.1.1.1 2004

      • @Dinesh. Assume your PC was say 10.1.1.2. And you were running VPCS on your PC. On another PC (10.1.1.1) you are running GNS3 – one of the routers on 10.1.1.1 has its console listening on port 2004. You could then use the command

        rlogin 10.1.1.1 2004

        from within VPCS to start a console session to this router.

        In fact, you could also achieve the same result by opening a telnet session to 10.1.1.1 on port 2004.

        The rlogin command is simply a way of getting to a router’s console without leaving the VPCS interface. I never use it because I’d prefer to have separate sessions for VPCS and router consoles.

  2. blue says:

    Hi,
    I have downloaded the GNS3 0.8.7, I can run 1 VPCS. However the TCP/UDP ports I need to only use 1 per VPCS so I can reuse the TCP 20001 and UDP 30001 on another VPCS that I will connect to to another router on a different network. I would like to know how can I edit and where to find it the VPCS.vpc file (equivalent to windows) so it’s only 1 tcp/udp port in VPCS that is being used on my 1st VPCS host… and I can reuse the other tcp/udp ports.

    I am running my GNS3 in MAC OSX 10.9.4

    Thanks,

    • I’m not quite sure what you are trying to do – but it seems you are trying to run two copies of VPCS (you don’t need to unless you want two independent console windows – and in that case you’ll have to open the second copy from a terminal window)
      If that is the case, and you want to use UDP ports 20001 and 30001 on the second instance, you will have to change the port numbers for VPCS[2]-VPCS[9] on each instance to something unused using the lport and rport commands. Once you have got each instance with port numbers that don’t clash, you can save your configuration to whatever filename you like eg vpcs1.vpc and vpcs2.vpc (they will be saved in the configs directory of your current project – really good idea to name your project before opening vpcs) – but this really sounds like a LOT of trouble. Perhaps I should be asking why do you want to use two different consoles? If you don’t want to run two consoles then just use one! (remember one console supports 9 Virtual PCs)

      Edit: I suspect your confusion comes from the fact that the .zip file that I had linked in the post was designed for an older version of GNS3 – v0.8.6 onwards keeps the startup.vpc file in the configs directory, so I have moved the startup file to there and re-zipped it. If you download the configs again (or simply move the startup.vpc file to the configs directory) you may have better luck at following the tutorial the way it was written. CW

  3. shady says:

    I need my virtual machines to accept dhcp ip addresses from a dhcp server. How do i do this?

    • On the latest version of VPCS, you can specify the command:
      ip dhcp
      So long as the VPC is connected to a DHCP server, you should get an address immediately. The VPC will display the letters
      DORA
      as it goes through the process of Discover, Offer, Reply, Acknowledge.

      Note that there are some good debug options too for dhcp.
      ip dhcp -d
      will show you packet details as the process porgresses.

  4. Pingback: vpcs – simple virtual pc simulator for gns3 | njetwork.si

  5. Pingback: VPCS – with new hypervisor function | RedNectar's Blog

  6. victor2013 says:

    I have a question. I want to let 2 vpcs host running ping to some other host. naturally I would execute the command: ping 10.10.10.1 -c 500 on each. the problem here is that I cant actually change from one vpcs to another without canceling the first ping with ctrl + C. Do you know some workaround. I tried to run another vpcs instance but this message pops up.

    Welcome to Virtual PC Simulator for dynamips, v0.21a
    Dedicated to Daling.
    Build time: Feb 2 2011 22:19:30
    All rights reserved.

    NOTICE: MAY NOT use this software for commercial purposes unless
    you get an appropriate commercial license for it.

    Please contact me at mirnshi@gmail.com or http://mirnshi.cublog.cn
    if you have any questions.

    Press ‘?’ to get help.

    Open port 20000 error [Address already in use]
    Open port 20001 error [Address already in use]
    Open port 20002 error [Address already in use]
    Open port 20003 error [Address already in use]
    Open port 20004 error [Address already in use]
    Open port 20005 error [Address already in use]
    Open port 20006 error [Address already in use]
    Open port 20007 error [Address already in use]
    Open port 20008 error [Address already in use]

    Thanks in advance.

    • rednectar says:

      Sorry for the slow reply – somehow missed seeing the notification.

      You are absolutely right – this is one of the shortcomings of VPCS. But I think I could work out a work-around

      1. Open the first copy of VPCS, and configure the first PC with its IP address eg
      ip 10.1.1.10/24 10.1.1.1
      Now free up ports 20001 and 30001 (the ports that PC 2 usually uses) by changing them to something else:
      2
      set lport 40001
      set rport 50001

      2. Now open a second copy of VPCS – this time you will see:

      Open port 20000 error [Address already in use]
      Open port 20002 error [Address already in use]
      Open port 20003 error [Address already in use]
      Open port 20004 error [Address already in use]
      Open port 20005 error [Address already in use]
      Open port 20006 error [Address already in use]
      Open port 20007 error [Address already in use]
      Open port 20008 error [Address already in use]

      NOTICE that there is no error for port 20001
      Now configure PC2
      2
      ip 10.1.1.11/24 10.1.1.1
      ping 10.10.10.1 -c 500

      3. Back to the first instance

      1
      ping 10.10.10.1 -c 500

      Good luck

  7. bogdan says:

    Hello,

    Can you please let me know how to configure the default gateway in VPCS for IPv6?
    I tried but I cannot access other IPv6 subnets from VPCS.

    Thank you

    • rednectar says:

      You don’t. IPv6 learns it default gateway using Router Solicitations.
      If you want to play with IPv6 beyond something VERY simple, use something other than VPCS – it doesn’t have all the features you would want to really study IPv6 (yet)
      CW

  8. JB says:

    Thanks. All files now in the zip and running in gns3

  9. JB says:

    Hi there,
    just found this site while testing gns3 and VPCs on OSX. In your download link I can only find the startup.vpc file but no gns3 topology and config. Where can I get the rest?
    Greetings from Germany
    JB

  10. Jonathon says:

    Forget above question. Everything is now working as expected. Thanks.

  11. Jonathon says:

    It’s OK now. Everything in DHCP working. Is it possibe to ping another VPC from a VPC?

  12. Jonathon says:

    Great tutorial! can you tell me how to configure DHCP?

    • rednectar says:

      You will need to make sure your VPC is connected to a router that has been configured for DHCP. Eg

      ip dhcp pool 10.1.1.0/24
         network 10.1.1.0 255.255.255.0
         default-router 10.1.1.1 
      interface FastEthernet 0/0
         ip address 10.1.1.1 255.255.255.0

      Then, so long as your Virtual PC is connected to FastEthernet 0/0, issue the command (inside VPCS)

      ip dhcp

      Tip: If you want to see the dhcp decode, use the command

      ip dhcp -d
      • Jonathon says:

        Thanks for your prompt response. I had understood the code above. But I want to tell the VPC to use HSRP default gateway of 10.1.10.254. Can I do that?

  13. Farid Pangos says:

    Hola RedNectar,

    I’m preparing for my CCNA Exam here in Peru and i came across with this wonderfull appliance. Thanks a lot for such awesome tutorial. : ) I have a couple of question about VPCS.
    Is it possible to run VPCS without having GNS3 ( which engine is dinamips )? Let’s say i have VPCS on one computer that is not running dynamips and i want to connect the virtuals pcs to a lab topology over the same real network. Is it possible ?.
    My real host os : Windows with an ip address of 192.168.1.10/24 has GNS3 up and running
    Over the same real network there’s another host with an ip addresss of 192.168.1.11/24. This host ( 192.168.1.11) has VPCs but not GNS3 or Dynamips, So is it possible to connect the virtuals pcs to the host running GNS3 ? Thanks in advance and greating from Peru

    Cheers Farid

    • rednectar says:

      Hi Farid,

      Thanks for your kind comments.
      Yes, it is possible to run VPCs without GNS3 or dynamips. If GNS3/dynamips is running on 192.168.1.10, and you are running VPCS on 192.168.1.11 you would do this:
      STEP 1
      In GNS3 (on 192.168.1.10) you would create a cloud and configure an interface for that cloud like this:
      [NIO UDP]
      Local Port: 30000
      Remote host: 192.168.1.11
      Remote port: 20000

      STEP 2
      On the 192.168.1.11, you would run vpcs with the -t option (Note: the -t option was only introduced in version 0.4b, so make sure you get the latest copy from http://sourceforge.net/projects/vpcs/files/0.4/beta/)
      vpcs -t 192.168.1.10

      [Note: Prior to v0.4b, you would have to use the set rhost 192.168.1.11 command within vpcs for each of the 9 Virtual PCs to achieve the same result]

      Good luck with your CCNA.
      CW

  14. Pingback: GNS3 tutorial | Industry & Technology

  15. Joe Mendola says:

    ciao rednectar. I know maybe im off otpic, but im wondering if you can make something like workbench for JNCIA ! Im trying to learn it, but actually, olive on gns3 takes so much time before loading…who knows, maybe you are already working on it.
    By the way thanks for your effort: i enjoyed the new version . thanks again.

    • rednectar says:

      I’d love to do this, but it comes in the line of other things I’d also like to do which include 1. Getting some Cisco ASA exercises working 2. Getting Virtual Box integration working 3. Some Juniper exercises. I’m not sure olive will be any faster though.

      CW

  16. Mario says:

    Hey Rednectar,

    Thanks for this tutorial!

    Just one question…I was wondering if there’s a way to tell VPCS which is the remote host to connect to, when you use UDP mode (default)?

    I’m trying to do with VPCS just like “clouds” do in GNS3. As far as I can understand it only allows you to change UDP ports (using -s -c options when you run vpcs) but you are forced to have the remote-end on the same host. What I’m trying to do is running VPCS in a Linux Box and connect VPCS with a virtual machine (qemu) running in the same box but with another IP (guest and host machines are connected via a tap interface).

    If VPCS is not capable, do you know another application like VPCS that allows that?

    Regards,
    Mario.

    • rednectar says:

      The remote connections are actually set up in GNS3 (via dynamips). I’ll try and think a bit more about your problem and see if I can give a good answer. In the meantime, someone else might catch it and give an explanation. (Sorry I wasn’t more help)

      • Mario says:

        Thanks again Rednectar! I look forward to your findings.
        Cheers, Mario.

  17. andri says:

    then download the topology, config and startup.vpc files here…………. the link is dead… can u fix the link please ?

  18. rednectar says:

    The easiest way is to take an existing exercise (say xxxx) as found in /opt/GNS3/Project/xxxx. Copy the whole folder to a new folder. In that folder you will find a startup.vpcs – edit to fit your exercise. Modify the topology.net file to match your topology (create a new one if you like). Edit the Instructions text file to match your instructions.

    Now to run your exercise, execute the startup (continue) script – OR if you want to set up an exercise with pre-configured configurations, put your pre-configurations in configs.1 and they will get copied to configs when the startup.1 script gets run.

    Hope this is enough to get you started – there are some readme files in the READMEs and Scripts folder. Sorry for the rushed reply.

    Chris

  19. Joe Mendola says:

    first of all thanks for this beautiful work! i cant stop saying thanks dude, Im practising and improving in a good way.
    Im wondering how i can configure my personal host, using vpc. I wanna configure my personal topology and put pc as well, in order to simulate ping.
    May you explain me how i can start vpc, putting my address details for my own topology?

    greetings from italy

    • rednectar says:

      Grazie!

      VPCs was written for Dynamips (which is what GNS3 uses) to allow you to create Virtual PCs that can communicate with virtual Dynamips (or GNS3) rotuers/devices.

      You certainly can download VPCs to your PC (http://sourceforge.net/projects/vpcs) and run 9 virtual PCs that can communicate with other emulated routers you are running in GNS3 or Dynamips. The old-but-good GNS3 Tutorial gives you step-by-step instructions.

      • Joe Mendola says:

        hi rednectar. I wish you a good eastern!

        may i use vpc inside your workbench, but when i create my personal topology?
        where do i start it?
        i appreciated that in several exercises, when i open them, the vpc is there, ready you can use. Im wondering how i can start it within workbench with new topology. On windows i usually click on vpc, but before i edit the file where i write the address i wanna use on the hosts.
        what do i have to do inside your workbench, please?

  20. KishoreKannan says:

    Hi Chris Welsh,
    As you said mirnshi had released the new 0.21a VPCS, I hope IPV6 works well in this version. Expecting your valuable comments on this

  21. KishoreKannan says:

    Hi Chris Welsh,
    Thanks for the awesome VPCS tutorial with full explanation, I am happy that this version in tested under linux, Please tell me whether you have tested this 20.1 with IPV6. Please post some tutorial like this for using Qemu in linux (ubuntu)

    • rednectar says:

      Kishore, I’ve only just started testing IPv6 – and have found some problems (VPCs does not create the correct link-local address based on MAC address) and have given mirnshi all the details – he’s working on it! No doubt there will be a 0.22 soon!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s