flokinet-002 - Introduction to the Arista CLI, continued
Connecting to the lab server
- Open your favourite Terminal Emulator
- SSH to the netlab server:
$ ssh-keygen -R netlab.nanocat.net <- delete the cached fingerprint (lab server rebuilt frequently) $ ssh email@example.com Password: (generated fresh each week)
- List the running containerlab devices:
$ sudo containerlab inspect --all
- Connect to an Arista device:
$ sudo docker exec -it clab-device–name Cli
- .. or connect to a Linux device:
$ sudo docker exec -it clab-pcXX-name bash
The Final Goal
- All PCs (pc1 through pc5) should be able to ping one another.
- Work step by step!
- Ask questions
- Experiment! You can’t break anything.
Step 0.5 - connect to your router
$ sudo containerlab inspect --all <- show all running devices $ sudo docker exec -it DEVICE-NAME Cli <- connect to your device
Step 1 - configure eth1
The first step is to configure the IP address on your router’s
Configure as follows:
rX#config <- enter configuration mode rX(config)#interface eth1 <- enter the interface configuration context rX(config-if-eth1)#show active <- shows the configuration just for this context rX(config-if-eth1)#description to Switch <- create a human-readable description for this interface rX(config-if-eth1)#no switchport <- make this a routed (L3) port (default is switched (L2) port) rX(config-if-eth1)#ip address 10.0.0.x/24 <- refer to the diagram rX(config-if-eth1)#show active rX(config-if-eth1)#end <- exit configuration mode rX#show ip interface brief <- print a list of all interfaces with an IPv4 (L3) address
Step 1.5 - testing
Test by seeing if you can ping another router’s IP address. You might need to ask your lab-mates whether they have already configured their devices.
rX#ping 10.0.0.X ...
Step 2 - configure eth2
This is the interface that connects to the PC.
This interface will serve as the default gateway or gateway of last resort for the PC.
Configure as follows:
rX#config rX(config)#interface eth2 rX(config-if-eth2)#show active rX(config-if-eth2)#description to PC rX(config-if-eth2)#no switchport rX(config-if-eth2)#ip address 192.168.X.1/24 <- refer to the diagram rX(config-if-eth2)#show active rX(config-if-eth2)#end <- fully exit configuration mode rX#show ip interface brief <- print a list of all interfaces with a IPv4 (L3) address ...
Step 2.5 - testing
Test to see if you can ping your PC (
Step 3 - static routes
- The when the (layer 3) router receives a (layer 3) packet, it checks the destination IP address of the packet to decide which interface to forward it out of
- The router uses a routing table to make this decision.
- There are different ways for a routing table to become populated with data.
- Static routes
- Dynamic routes
Step 3.1 - configure the static routes
Configure a static route:
rX#show ip route <- look at the routing table ... rX#configure rX(config)#ip route 192.168.X.0/24 10.0.0.X <- when I have a packet that is destined for 192.168.X.X, forward it on to 10.0.0.x rX(config)#end rX#show ip route <- take another look at the routing table ...
Repeat this for all of the remote networks.
Step 3.5 - testing
Test by pinging a remote PC from your own PC. You might have to check with the other lab members to make sure they’re up and running.
pcX$ ping 192.168.X.2
You can also try a traceroute:
pcX$ traceroute -n 192.168.X.2 <- the -n tells traceroute not to try to resolve the IP addresses into names ...
Things to try
- Run a tcpdump on your router:
rX#bash $ tcpdump -i eth1 icmp <- listen for traffic on eth1, and only print ICMP (ping) packets ... (press ctrl-c to terminate tcpdump)
- Watch what happens when you send a successful ping
- .. or an unsuccessful ping
- .. or a ping to an unknown network
- Are the routers in the same network, or different networks?
- Which devices are in the same network as the PCs?