In this article I’ll show you how to install and setup EVE-NG to run a small lab using Aruba CX switch and Aruba VMC(Virtual Mobility controller) images. I assume VMware ESXi as a host server and windows PC as a client here.
1. download EVE-NG image
You can download the OVF image of EVE-NG from https://www.eve-ng.net/index.php/download/
Make sure to download ‘Community Edition’ to run EVE-NG without payment required.
2. deploy it on an ESXi host
Select ‘Thick’ option for disk provisioning for better performance. Uncheck ‘Power on automatically’ so you can edit the VM first.
Create a new port group with below options enabled:
1. Promiscuous mode
2. MAC address changes
3. Forged transmits
Edit the VM and increase CPU and Memory. The optimal amount would depend on how many devices you are going to add in your virtual lab.
Also add a vNIC and assign the port group just created. This vNIC will be represented as ‘Cloud1’ in EVE-NG lab and can be used for devices to connect to outside network.
Start the VM and login with root/eve from remote console. Then you will see initial setup UI and it asks new root password, hostname, IP address, etc. Enter all information accordingly. After it reboots, you can login to GUI as admin/eve.
The timezone is set to EEST (UTC+3) by default. You should specify correct timezone or some OS may set its clock incorrectly on boot. You can run timedatectl command as below.
timedatectl set-timezone Asia/SingaporeThe list of valid timezone names is displayed by timedatectl list-timezones command.
At this point no device image is installed yet. We need to convert device images provided by each vendor so EVE-NG is able to load them.
3. upload and convert AOS-CX image
It is explained here.
Copy the OVA file (e.g. ArubaOS-CX_10_04_1000.ova) to EVE-NG using scp client software then convert it to QEMU image format with below steps.
mkdir tmp
cd tmp
tar xvf ../ArubaOS-CX_10_04_1000.ova
/opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 arubaoscx-disk-image-genericx86-p4-20200311173823.vmdk virtioa.qcow2
mkdir /opt/unetlab/addons/qemu/arubacx-10.04
mv virtioa.qcow2 /opt/unetlab/addons/qemu/arubacx-10.04/
cd
rm -rf tmp
/opt/unetlab/wrappers/unl_wrapper -a fixpermissionsPlease note that the folder name for AOS-CX image in /opt/unetlab/addons/qemu must start with ‘arubacx-‘ (all lower case). You can add any suffix to it. For e.g. ‘arubacx-10.04.1000’ and ‘arubacx-10.05’ are both valid names and recognized by EVE-NG.
4. upload and convert Aruba VMC image
It is explained here.
Copy the OVA file (e.g. ArubaOS_VMC_8.6.0.4_74969.ova) to EVE-NG using scp client software then convert it to QEMU image format with below steps.
mkdir tmp
cd tmp
tar xvf ../ArubaOS_VMC_8.6.0.4_74969.ova
/opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 ArubaOS_VMC_8.6.0.4_74969-disk1.vmdk hda.qcow2
/opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 ArubaOS_VMC_8.6.0.4_74969-disk2.vmdk hdb.qcow2
mkdir /opt/unetlab/addons/qemu/aruba-vmc-8.6.0.4
mv hda.qcow2 /opt/unetlab/addons/qemu/aruba-vmc-8.6.0.4
mv hdb.qcow2 /opt/unetlab/addons/qemu/aruba-vmc-8.6.0.4
cd
rm -rf tmp
/opt/unetlab/wrappers/unl_wrapper -a fixpermissionsPlease note that the folder name for Aruba VMC image in /opt/unetlab/addons/qemu must start with ‘aruba-‘ (all lower case). If it’s not EVE-NG does not load the image. You can add any suffix to it. For e.g. ‘aruba-vmc-8.6.0.4’ and ‘aruba-8.6.0.4-74969’ are valid names and recognized by EVE-NG.
5. install wrapper scripts
You need to install some wrapper scripts which are required for packet capture or VNC console.
Download the ‘Windows integration pack’ from here.
Run the installer. You do not need to install Wireshark or UltraVNC if you already installed them.
Even if you chose to install UltraVNC, only Viewer is required. By default 3 components (Server, Viewer, Repeater) are checked for installation. You can uncheck the other two.
Once the installation is completed, the wrapper scripts are installed in C:\Program Files\EVE-NG as shown below.
Go to start menu >> Windows Accessories >> right click on Notepad >> Run as administrator and open ‘wireshark_wrapper.bat‘ file. Change the password in 3rd line to what you configured.
Double click on the .reg files to install into windows registry so the necessary software is invoked from EVE-NG GUI. Choose either of ‘win10_64bit_putty.reg‘ or ‘win10_64bit_sCRT.reg‘ according to the terminal software you are using. If you do not have them, install them.
If you are using TeraTerm Pro, you can install below string to registry then EVE-NG will use it for console access.
[HKEY_CURRENT_USER\Software\Classes\telnet\shell\open\command]
"C:\Program Files (x86)\teraterm\ttermpro.exe" /T=1 %16. create test network with virtual CX switch
Login to GUI and click ‘Add new lab’ icon
Enter lab name and click Save
Right click on the blank area and choose ‘Node’
Select ‘Aruba OS-CX Virtual Switch’ and properly name it, then click Save. Apparently white space or special characters are not allowed for node name.
The switch icon shows up in the lab.
Right click on it and click ‘Start’
If the virtual AOS-CX switch starts properly, the color of the icon changes to blue.
Left click on the icon then putty (or designated terminal client) pops up to access to the console of the switch. You can login to AOS-CX console with user admin with no password.
If you want to suppress the confirmation dialog for opening an external application, please follow the steps described here.
7. connect the virtual CX switch to lab network
Let’s connect the virtual CX switch to your lab network. Please make sure you added a vNIC to EVE-NG VM as described in section 2.
Unfortunately you have to turn off the virtual switch before making a connection. ‘Hot plug’ is only supported on Pro version. So let’s stop the switch first.
Right click on a blank area and choose ‘Network’, then select ‘Cloud1’ and click ‘Save’
Drag the plug icon on the cloud and drop it on the switch.
When a connection details window pops up, choose ‘mgmt’ interface and save.
Turn on the switch again and enter below commands via CLI.
conf t
interface mgmt
ip dhcp
no shutdownCheck if the mgmt interface get DHCP IP.
switch(config)# show interface mgmt
Address Mode : dhcp
Admin State : up
Mac Address : 50:00:00:01:00:00
IPv4 address/subnet-mask : 192.168.1.214/24 <<<<<<<<<<<<<<< GOOD!
Default gateway IPv4 : 192.168.1.1
IPv6 address/prefix :
IPv6 link local address/prefix: fe80::5200:ff:fe01:0/64
Default gateway IPv6 :
Primary Nameserver : 192.168.1.152
Secondary Nameserver :Check ping to the internet works.
switch# ping 8.8.8.8 vrf mgmt
PING 8.8.8.8 (8.8.8.8) 100(128) bytes of data.
76 bytes from 8.8.8.8: icmp_seq=1 ttl=49 (truncated)
76 bytes from 8.8.8.8: icmp_seq=2 ttl=49 (truncated)
76 bytes from 8.8.8.8: icmp_seq=3 ttl=49 (truncated)Let’s get packet capture on the mgmt port. Right click on the switch, Capture >> mgmt.
Wireshark will start and packet capture data is being sent from EVE-NG.
If you see this ‘Connection abandoned’ error, it is because the host key of EVE-NG is not registered in putty’s known hosts list. You can fix this by starting ‘C:\Program Files\EVE-NG\putty.exe’. Connect it to EVE-NG and then click ‘Yes’ to save the host key to registry.
After host key is properly registered, wireshark will start as below.
As the virtual CX switch is properly connected to your lab network, you can also check if GUI is working.
8. setup Aruba VMC device
Let’s add ArubaVMC and connect it to the CX switch. Right click on blank area and choose Node. Then select ‘Aruba WiFi Controller’ and Save.
Power it on and left click on the icon once it turns blue. VNC viewer is spawned. This is because Aruba VMC does not support console redirect by default.
If you get a path error as below, you should edit ‘C:\Program Files\EVE-NG\ultravnc_wrapper.bat‘ and fix the path to vncviewer.exe.
If you want to use putty for VMC console access, you need to apply a couple of configuration changes both on VMC itself and VMC node:
1. login to VMC CLI and enter ‘serial console redirect enable‘
2. edit the VMC node on EVE-NG and change the QEMU custom options from ‘-serial none‘ to ‘-serial mon:stdio‘
3. also change the Console from ‘vnc‘ to ‘telnet‘
After applying above changes, you can access to VMC console using putty instead of VNC by left clicking on the icon.
Let’s connect 2 devices with a topology shown below.
Apply configurations and check connectivity.
AOS-CX config
interface lag 1
no shutdown
no routing
vlan access 1
lacp mode active
interface 1/1/1
no shutdown
lag 1
interface 1/1/2
no shutdown
lag 1
interface vlan1
ip address 10.1.1.1/24VMC config
interface port-channel 1
switchport access vlan 1
trusted
trusted vlan 1-4094
!
interface gigabitethernet 0/0/0
no shutdown
lacp group 1 mode active
!
interface gigabitethernet 0/0/1
no shutdown
lacp group 1 mode active
!
no spanning-tree
interface vlan 1
ip address 10.1.1.2 255.255.255.0
!Let’s check connectivity by pinging each other.
ArubaCX-1# ping 10.1.1.2
PING 10.1.1.2 (10.1.1.2) 100(128) bytes of data.
108 bytes from 10.1.1.2: icmp_seq=1 ttl=64 time=3.54 ms
108 bytes from 10.1.1.2: icmp_seq=2 ttl=64 time=2.47 ms
108 bytes from 10.1.1.2: icmp_seq=3 ttl=64 time=3.55 ms
108 bytes from 10.1.1.2: icmp_seq=4 ttl=64 time=2.57 ms
108 bytes from 10.1.1.2: icmp_seq=5 ttl=64 time=54.4 ms
--- 10.1.1.2 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4005ms
rtt min/avg/max/mdev = 2.478/13.332/54.498/20.588 ms
ArubaCX-1#
ArubaCX-1# show lacp interfaces
State abbreviations :
A - Active P - Passive F - Aggregable I - Individual
S - Short-timeout L - Long-timeout N - InSync O - OutofSync
C - Collecting D - Distributing
X - State m/c expired E - Default neighbor state
Actor details of all interfaces:
------------------------------------------------------------------------------
Intf Aggr Port Port State System-ID System Aggr Forwarding
Name Id Pri Pri Key State
------------------------------------------------------------------------------
1/1/1 lag1 2 1 ALFNCD 08:00:09:9f:dd:eb 65534 1 up
1/1/2 lag1 3 1 ALFNCD 08:00:09:9f:dd:eb 65534 1 up(ArubaVMC-1) [mynode] #ping 10.1.1.1
Press 'q' to abort.
Sending 5, 92-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2.748/3.1564/3.551 ms
(ArubaVMC-1) [mynode] #show lacp 1 neighbor
Flags: S - Device is requesting slow LACPDUs
F - Device is requesting fast LACPDUs
A - Device is in Active mode P - Device is in Passive mode
LACP Neighbor Table
-------------------
Port Flags Pri OperKey State Num Dev Id
---- ----- --- ------- ----- --- ------
GE 0/0/0 SA 1 0x1 0x3d 0x2 08:00:09:9F:DD:EB
GE 0/0/1 SA 1 0x1 0x3d 0x3 08:00:09:9F:DD:EBIt works!