Connecting GNS3 to the internet is just another step to bring your emulated network lab closer to real gear. There are many ways to do this based on what internet connection you are using. If you just have an ADSL modem/router connected to the ethernet port of your physical machine having a private IP address it is very simple to get your lab to the internet. But if you are using a WiFi connection/Data card/a device that requires you to assign a public IP on the physical interface getting your lab to access the internet requires a few more commands in Linux or a few more clicks in Windows. Apart from making configuration changes to your operating system NAT has to be configured on the emulated router that connects to the internet.
Connecting GNS3 to the Internet – Scenario 1
(Physical interface has a private IP address)
In this scenario your physical machine is connected to a modem/router using a RJ45 cable and the ethernet port of your computer has a private IP address assigned manually or via DHCP.
This is the simplest means of connecting GNS3 to the internet. Open GNS3 as an administrator (Windows) by right clicking it and selecting “Run as administrator” or as a root user (Linux) by using the sudo command.
jesin@ubuntu:~$ sudo gns3
Place a cloud node in your topology, right-click select configure and from the drop down list under the ethernet tab select “Local Area Connection” on Windows or “eth0” on Linux and click OK.
Connect a router to this cloud using an ethernet link, open the console of the router and navigate to the interface which is connected to the cloud node.
R1>enable R1#configure terminal R1(config)#interface FastEthernet 0/0
Now if the modem/router connected to the physical computer has a built in DHCP server use the following command to configure the router port to recieve IP address via DHCP.
R1(config-if)#ip address dhcp
else assign the a static IP address
R1(config-if)#ip address 192.168.1.3 255.255.255.0
Bring this interface “up”
If you had choose the DHCP way of assigning IP address you will see the following line
*Mar 1 01:24:31.751: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0/0 assigned DHCP address 192.168.1.101, mask 255.255.255.0, hostname R1
If you assigned the IP address manually a default route has to be added to ensure internet connectivity.
R1(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1
Try pinging a public IP address such as 126.96.36.199, if you ping a domain name such as websistent.com you’ll receive an “Unrecognized host or address, or protocol not running” error as we have not yet configured DNS. That’s all, now scroll down to the last part of configuring NAT and DNS servers.
Connecting GNS3 to the Internet – Scenario 2
(WiFi or physical interface has a public IP address)
Your setup comes under this scenario if your physical machine uses WiFi to communicate with your modem or you are using a modem which assigns a public IP address directly to the physical interface of your computer.
In this case directly connecting the router to the physical computer’s ethernet port shown in the previous step does not make it work because the GNS3 router will also be needing a public IP address to communicate. In case the physical computer is using WiFi the problem will arise because a secured WLAN uses WPA/WEP hence the GNS3 router will fail to communicate with your WiFi router itself.
In Linux we will be creating a loopback (TAP) interface, connect the GNS3 router to it and configure NAT using IPTables to forward packets from the loopback interface to the physical network port of the computer. A package is needed which can be installed using the following commands.
In RHEL/CentOS variants:
yum install uml-utilities
In Debian/Ubuntu variants:
apt-get install uml-utilities
Once the package is installed run the following commands as root to create a loopback interface and assign an IP address to it.
tunctl -t tap0 ifconfig tap0 10.200.200.1 netmask 255.255.255.252 up
You can assign any IP address to the tap0 interface just make sure it does not overlap with any other interface. I have used a prefix length of /30 because only two IP addresses will be required – one that we assigned here to the tap0 interface and another which we will assign to the GNS3 router. Enter the following commands to create IPTables firewall rules to perform NAT and forward the packets from the interface specified after “-i” through the interface specified after “-o”.
iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE iptables -A FORWARD -i tap0 -j ACCEPT
Replace wlan0 with the interface on the physical computer which connects to the internet it could be ppp0 or br0 or something else. Ensure the IPTables rules persist, if you want to ensure the tap0 interface persists a reboot create a cron job to add it when Linux starts up.
add the following lines
@reboot /usr/sbin/tunctl -t tap0 && /sbin/ifconfig tap0 10.200.200.1 netmask 255.255.255.252 up
IPv4 forwarding has to be enabled at kernel level so use the following command.
echo 1 > /proc/sys/net/ipv4/ip_forward
If you execute the command above as a non root used you’ll get an error “bash: /proc/sys/net/ipv4/ip_forward: Permission denied” in that case use the following command.
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
Open GNS3 as root user by using the “sudo” command. Add a cloud node to the topology, right-click it select configure navigate to the NIO TAP tab and in the textbox enter tap0, click add and click OK.
The cloud is now ready, add a router to the topology and connect it to the cloud, power on the router and configure its interface with an IP address in the same range as the IP assigned to the tap0 interface.
R1>enable R1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. R1(config)#interface FastEthernet 1/0 R1(config-if)#ip address 10.200.200.2 255.255.255.252 R1(config-if)#no shutdown
Add a default route so that the router knows where to forward the internet traffic.
R1(config)#ip route 0.0.0.0 0.0.0.0 10.200.200.1
Try pinging a public IP address and you should get a reply. Pinging a domain name will fail as DNS is not yet configured.
Moving on to Windows to do the same thing, the first task is to create a loopback interface. Open run and type hdwwiz.exe to open the “Add New Hardware Wizard”
Select to add your hardware manually and click next.
Under common hardware types select Network Adapter and click next.
Under Manufacturer select Microsoft and under Network Adapter choose Microsoft Loopback Adapter and click next.
An IP address has to be assigned to the loopback interface now. Go to Start -> Control Panel -> Network and Internet -> Network Sharing Center, from the left pane click “Network Connections”, right-click your internet connection (it can be a WLAN connection, dialup connection, PPPoE connection etc) select properties and go to the sharing tab.
Select options as shown in the screenshot above, the “Local Area Connection 3” I have selected is the name of the newly created loopback interface which should be replaced by the name displayed in your system. Click OK twice, at this point your loopback interface will be assigned an IP address (192.168.37.1/24), it is your choice to use it or change it. In this article I will be changing it. Right-click the Loopback connection, select properties, select “Internet Protocol Version 4”, click properties and enter an IP address, subnet mask.
You may have to restart your computer for this loopback interface to show up in GNS3. Open GNS3 by right clicking it and choosing “Run as administrator”, insert a cloud node into the topology, right-click select configure
Add a router to the topology, connect one of its ethernet ports to the cloud and start the router. It is time to assign an IP address to this interface.
R1>enable R1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. R1(config)#interface FastEthernet 1/0 R1(config-if)#ip address 10.255.255.2 255.255.255.252 R1(config-if)#no shutdown
Add a default route on this router.
R1(config)#ip route 0.0.0.0 0.0.0.0 10.255.255.1
Try pinging a public IP address and you should get a reply. Pinging domain names will result in an error as DNS has not yet been configured.
Configuring DNS on Cisco IOS
Now that routers in GNS3 are able to connect to the internet won’t it be nice if you could use friendly domain names instead of IP addresses. DNS can be configure in two easy commands given below.
R1(config)#ip domain-lookup R1(config)#ip name-server 188.8.131.52 184.108.40.206
The first command enables domain lookup and the second command specifies DNS servers to use.
Configuring NAT for connecting to the internet
By now we have configured one GNS3 router to connect to the internet, if you connect more routers to this router connected to the cloud you will find that they are not able to communicate with the internet. This is because the physical machine does not know how to route the packets generated by the other routers of GNS3. The best solution for this is to perform Source NAT on the router connecting to the cloud. Take a look at the topology below which I will be using.
For R2 and R3 to connect to the internet we will be configuring NAT on R1 i.e. the router connected to the cloud.
R1(config)#access-list 10 permit any R1(config)#ip nat inside source list 10 interface FastEthernet 1/0 overload R1(config)#interface FastEthernet1/0 R1(config-if)#ip nat outside R1(config)#interface FastEthernet0/0 R1(config-if)#ip nat inside R1(config)#interface FastEthernet0/1 R1(config-if)#ip nat inside
The interface fastethernet 1/0 is the one c0nnected to the Cloud hence it is the outside NAT interface. The “overload” keyword is used as we are doing Port Address Translation. Both R2 and R3 must have default routes pointing to R1 else it will not work.