integrate vmware fusion with gns3 on your mac

22nd September 2013

[https://dl.dropboxusercontent.com/u/1030586/blog/img/mac-gns3-vmf.png]

At long last, we can finally integrate VMware Fusion with GNS3. VMware Workstation for Windows and Linux has had this capability for quitesome time, but Mac users were limited to VirtualBox, QEMU and Parallels for GNS3 integration. Not to take anything away from thosevirtualization products, but VMware is the virtualization standard in regards to broad industry support and compatibility.

The following components were used for this tutorial:

Mac OS X 10.8 [http://www.apple.com/osx] (also tested with Mac OS X 10.9)VMware Fusion 6.0 Professional [http://www.vmware.com/products/fusion]

GNS3 [http://www.gns3.net]

TunTap [http://tuntaposx.sourceforge.net]

This tutorial assumes you have, at the very least, a basic amount of experience with each of the listed components. You can refer to my previouspost Install and configure GNS3 with TunTap on the Mac [http://binarynature.blogspot.com/2010/07/mac-install-and-configure-gns3-with.html] for theGNS3 and TunTap elements. Another prerequisite is that all components are installed and set with a base configuration.

11.. VVMMwwaarree FFuussiioonnVMware Fusion 66 is a hard requirement for this tutorial. VMware has made modifications to the VMnet virtual switches (in version 6) to allowEthernet bridging with other virtual network interfaces (e.g. TAP [http://en.wikipedia.org/wiki/TUN/TAP] ). If you use this tutorial with version 5 orbelow, you may encounter kernel panics [https://communities.vmware.com/message/2208054] on your Mac. I'm also using VMware Fusion 6.0PPrrooffeessssiioonnaall in my setup. The non-Professional [http://www.vmware.com/products/fusion-professional/compare.html] edition does not include theGUI Network Editor.

## 11..11 VViirrttuuaall NNeettwwoorrkk SSwwiittcchheessOur network configuration will use two host-only network switches. A host-only network (switch) is a network that is completely containedwithin the host computer. Host-only networking provides a network connection between the virtual machine and the host system by using avirtual network adapter that is visible on the host operating system. vvmmnneett11 is available by default and is listed as PPrriivvaattee ttoo mmyy MMaacc in theGUI. Lets now add the other one.

Open the PPrreeffeerreenncceess window for VMware Fusion Professional.1.Select NNeettwwoorrkk.2.Click the ++ symbol to add a new virtual switch. In my example, vvmmnneett55 is added. As the following screenshot shows, we will leave theAAllllooww vviirrttuuaall mmaacchhiinneess oonn tthhiiss nneettwwoorrkk ttoo ccoonnnneecctt ttoo eexxtteerrnnaall nneettwwoorrkkss ((uussiinngg NNAATT)) and PPrroovviiddee aaddddrreesssseess oonn tthhiiss nneettwwoorrkk vviiaaDDHHCCPP options unchecked.

3.

Click the AAppppllyy button to save the setting, then close the PPrreeffeerreenncceess window.4.

Integrate VMware Fusion with GNS3 on your Mac

Integrate VMware Fusion with GNS3 on your Mac http://binarynature.blogspot.sg/2013/09/integrate-vmware-fus...

1 of 14 9/2/14 10:18 pm

[https://dl.dropboxusercontent.com/u/1030586/blog/img/vmware-networks.png]

FYI: vvmmnneett11 and vvmmnneett88 are the default hhoosstt--oonnllyy and NNAATT virtual switches, respectively. vvmmnneett88 is listed as SShhaarree wwiitthh mmyy MMaacc in the GUI.

We can list all network interfaces (physical and virtual) with the iiffccoonnfifigg command from the terminal.

$ ifconfig

## 11..22 VViirrttuuaall MMaacchhiinneessThis section will assume you've already installed the operating system in each of your virtual machines, or you have opted to import a virtualappliance. Just verify a vNIC is connected to the correct virtual network (switch). In my example, I have both a Windows and Linux virtualmachine. The Windows VM is linked to the vvmmnneett11 switch and the Linux VM will use vvmmnneett55.


2 of 14 9/2/14 10:18 pm

[https://dl.dropboxusercontent.com/u/1030586/blog/img/vmware-vnic.png]

After each virtual machine's hardware profile is set, we can go ahead and start the VMs.

Set the network configuration in each operating system:

Static IP AddressSubnet MaskGatewayDNS Server(s)

My configuration for each VM:


3 of 14 9/2/14 10:18 pm

[https://dl.dropboxusercontent.com/u/1030586/blog/img/netconf-stack.png]

22.. GGNNSS33With the VMware Fusion section complete, we can now focus on GNS3. The remainder of the tutorial will be referencing this network diagram:


4 of 14 9/2/14 10:18 pm

[https://dl.dropboxusercontent.com/u/1030586

/blog/img/gns3-vmware-nettop.png]

Go ahead and add the GNS3 objects to a new project. My configuration has R1 using a Cisco 3725 IOS image but feel free to use anyGNS3-compatible IOS image for your virtual router. SW1 and SW2 are simple GNS3 Ethernet switches. The VMs are Host objects (not VirtualBoxguest), and the object that looks like a cloud is ... wait for it ... a Cloud object.

## 22..11 CClloouudd aanndd HHoossttssWe need to configure each of the Cloud and Host objects before we wire them to the switches. Each object will be using a TTAAPP virtual networkinterface. Lets start with the Cloud object.

Right-click the Cloud object.1.Select CCoonnfifigguurree.2.Select the subnode (ex. C1).3.Select NNIIOO TTAAPP.4.Enter //ddeevv//ttaapp00 into the top field.5.Click the AAdddd button to add the interface.6.Click the AAppppllyy button to save the setting.7.Then click the OOKK button to close the window.8.


5 of 14 9/2/14 10:18 pm

[https://dl.dropboxusercontent.com/u/1030586/blog/img/gns3-cloudconf.png]

Repeat the steps for each of the Host objects. Just substitute the ttaappXX value. The Windows VM will use //ddeevv//ttaapp11 and the Linux VM will use//ddeevv//ttaapp22. These are labeled in the network diagram screenshot.

Connect all the objects with Fast Ethernet links.

By linking the Cloud and Host objects with the switches, it should have brought up the TTAAPP network interfaces on the physical Mac host. Letscheck. Run the following commands from the terminal:

$ ifconfig tap0tap0: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 ether 02:e9:2d:82:4d:f8 open (pid 5333)$ ifconfig tap1tap1: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 ether ee:47:b5:07:63:ea open (pid 5333)$ ifconfig tap2tap2: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 ether 0e:6d:9b:0e:f9:cf open (pid 5333)

## 22..22 RR11 RRoouutteerrStart the R1 router. Emulate a console connection by establishing a telnet session to the virtual device. In my configuration, R1 (Dynamips) islistening on port 2101, so I run the following command in the terminal:


6 of 14 9/2/14 10:18 pm

$ telnet 127.0.0.1 2101

We now need to set the network configuration for the Fast Ethernet interfaces in IOS. In my example:

R1# conf tR1(config)# int f0/0R1(config-‐if)# ip addr 10.11.1.254 255.255.255.0R1(config-‐if)# no shutR1(config-‐if)# int f0/1R1(config-‐if)# ip addr 172.16.195.254 255.255.255.0R1(config-‐if)# no shutR1(config-‐if)# endR1# copy run start

Verify the configuration and state of the Fast Ethernet interfaces.

R1# sh run | sec intinterface FastEthernet0/0 ip address 10.11.1.254 255.255.255.0 duplex auto speed autointerface FastEthernet0/1 ip address 172.16.195.254 255.255.255.0 duplex auto speed autoR1# sh ip int brInterface IP-‐Address OK? Method Status ProtocolFastEthernet0/0 10.11.1.254 YES manual up up FastEthernet0/1 172.16.195.254 YES manual up up

33.. EEtthheerrnneett BBrriiddggeeNow, the big question is: How do we integrate our Windows and Linux VMs with the GNS3 environment? The answer is by creating an Ethernetbridge. An Ethernet bridge represents the software analog to a physical ethernet switch. For our purposes, this will bind two separate virtualnetwork segments (vmnetX and tapX) into a single virtual network interface attached to the Mac host. We will be creating two bridgeinterfaces. One for the Windows VM and the other for the Linux VM.

## 33..11 BBrriiddggee ffoorr WWiinnddoowwss VVMMWe first need to clear the IP configuration for the vvmmnneett11 virtual network interface before adding it as a member to the first bridge interface.Run the following from the terminal:

$ sudo ifconfig vmnet1 down$ sudo ifconfig vmnet1 inet delete

Create the first bridge interface for the Windows VM.

$ sudo ifconfig bridge0 create

Add the member network interfaces (vvmmnneett11 and ttaapp11) to the bridge.

$ sudo ifconfig bridge0 addm vmnet1$ sudo ifconfig bridge0 addm tap1

Bring the bridge interface up.

$ sudo ifconfig bridge0 up

Verify the bbrriiddggee00 configuration.

$ ifconfig bridge0bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500


7 of 14 9/2/14 10:18 pm

ether ac:de:48:ed:da:5a Configuration: priority 0 hellotime 0 fwddelay 0 maxage 0 ipfilter disabled flags 0x2 member: vmnet1 flags=3<LEARNING,DISCOVER> port 7 priority 0 path cost 0 member: tap1 flags=3<LEARNING,DISCOVER> port 14 priority 0 path cost 0 Address cache (max cache: 100, timeout: 1200):

## 33..22 BBrriiddggee ffoorr LLiinnuuxx VVMMJust like with vvmmnneett11, we need to clear the IP configuration for the vvmmnneett55 virtual network interface before adding it as a member to thesecond bridge interface. Run the following from the terminal:

$ sudo ifconfig vmnet5 down$ sudo ifconfig vmnet5 inet delete

Create the second bridge interface for the Linux VM.

$ sudo ifconfig bridge1 create

Add the member network interfaces (vvmmnneett55 and ttaapp22) to the bridge.

$ sudo ifconfig bridge1 addm vmnet5$ sudo ifconfig bridge1 addm tap2

Bring the bridge interface up.

$ sudo ifconfig bridge1 up

Verify the bbrriiddggee11 configuration.

$ ifconfig bridge1bridge1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500 ether ac:de:48:6d:28:37 Configuration: priority 0 hellotime 0 fwddelay 0 maxage 0 ipfilter disabled flags 0x2 member: vmnet5 flags=3<LEARNING,DISCOVER> port 9 priority 0 path cost 0 member: tap2 flags=3<LEARNING,DISCOVER> port 15 priority 0 path cost 0 Address cache (max cache: 100, timeout: 1200): c2:0:14:d5:0:1 tap2 1158 flags=0<>

44.. TTaapp00 IInntteerrffaacceeThe ttaapp00 interface will not be part of a bridge interface, but we still need to set the IP configuration for it as it will be a node interface on the1100..1111..11..00//2244 network.

$ sudo ifconfig tap0 inet 10.11.1.1/24 up

55.. TTeessttiinngg aanndd VVeerriifificcaattiioonnAt this stage, we should be ready to do some basic connectivity testing.

Ping the Linux VM from the Windows VM.

C:\> ping 172.16.195.11

Pinging 172.16.195.11 with 32 bytes of data:Reply from 172.16.195.11: bytes=32 time=1ms TTL=64


8 of 14 9/2/14 10:18 pm

Reply from 172.16.195.11: bytes=32 time<1ms TTL=64Reply from 172.16.195.11: bytes=32 time<1ms TTL=64Reply from 172.16.195.11: bytes=32 time<1ms TTL=64

Ping statistics for 172.16.195.11: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),Approximate round trip times in milli-‐seconds: Minimum = 0ms, Maximum = 1ms, Average = 0ms

Ping the R1 f0/1 interface (default gateway) from the Windows VM.

C:\> ping 172.16.195.254

Pinging 172.16.195.254 with 32 bytes of data:Reply from 172.16.195.254: bytes=32 time=16ms TTL=255Reply from 172.16.195.254: bytes=32 time=9ms TTL=255Reply from 172.16.195.254: bytes=32 time=6ms TTL=255Reply from 172.16.195.254: bytes=32 time=5ms TTL=255


Ping the R1 f0/0 interface from the Windows VM.

C:\> ping 10.11.1.254



Everything looks good so far. Lets now try to ping the ttaapp00 network interface.

C:\> ping 10.11.1.1

Pinging 10.11.1.1 with 32 bytes of data:Request timed out.Request timed out.Request timed out.Request timed out.

Ping statistics for 10.11.1.1: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Now, why did it fail? Lets break it down logically. The Windows VM can ping each interface on its own subnet and also the R1 f0/0 interface onthe remote 1100..1111..11..00//2244 subnet, but for some reason it doesn't receive an ICMP Echo reply from ttaapp00. Remember that routing is a "two-waystreet". The packets may get to the destination, but do they know how to get back? R1 knows about both subnets as they are direct (connected)routes in the routing table, so let us think from the viewpoint of the ttaapp00 interface on the Mac. Does it know how to get to the remote subnet?Lets check the routing table, on the Mac, for the 172.16.195.0 network entry. Run the following command from the terminal:

$ netstat -‐rn | grep 172.16.195


9 of 14 9/2/14 10:18 pm

Nothing. Therein lies the problem. The Mac needs a route for the remote 117722..1166..119955..00 subnet. Create the static route by running the followingcommand from the terminal:

$ sudo route -‐nv add -‐net 172.16.195.0 10.11.1.254u: inet 172.16.195.0; u: inet 10.11.1.254; RTM_ADD: Add Route: len 132, pid: 0, seq 1, errno 0, flags:<UP,GATEWAY,STATIC>locks: inits: sockaddrs: <DST,GATEWAY,NETMASK> 172.16.195.0 10.11.1.254 (0) 0 ffff ffadd net 172.16.195.0: gateway 10.11.1.254

Verify.

$ netstat -‐rn | egrep 'Use|172.16.195'Destination Gateway Flags Refs Use Netif Expire172.16.195/24 10.11.1.254 UGSc 0 0 tap0

Lets ping the ttaapp00 interface again from the Windows VM.

C:\> ping 10.11.1.1



We should now have full connectivity among all devices in our virtual network.

66.. NNoo MMaann IIss AAnn IIssllaannddLets take this a step further. Lets extend the reach of our virtual network to the Internet. We have at least two different methods ofimplementing this. We can either configure NAT on the R1 router (and also have the physical Mac host perform routing) or have our physicalMac host perform both the NAT and IP routing process. We will use the latter method.

NNoottee: A wwiirreedd (i.e., no Wi-Fi) Ethernet connection is required. As newer Mac laptops don't have a physical Ethernet port, the StarTechUSB31000S (Black) | USB31000SW (White) [http://forum.gns3.net/topic6143-30.html] is a viable solution.

## 66..11 IIPP RRoouuttiinnggYou may be thinking: How can my Mac route packets with only a single, active, physical network interface with a single IP address? Thinkvirtual. The ttaapp00 network interface is the link to our virtual network. It is the "other arm", so to speak. Get the current IP Routing configurationby running the following command in the terminal:

$ sysctl -‐a | grep ip.forwardingnet.inet.ip.forwarding: 0

If the value is 0, enable IP forwarding. When IP forwarding is enabled, the operating system kernel will act as a router.

$ sudo sysctl -‐w net.inet.ip.forwarding=1net.inet.ip.forwarding: 0 -‐> 1

## 66..22 NNAATTStart the Network Address Translation (NAT) daemon with these options. The iinntteerrffaaccee parameter value being the wired Ethernet networkinterface that accesses the Internet.

$ sudo natd -‐interface en0 -‐use_sockets -‐same_ports -‐unregistered_only -‐dynamic -‐clamp_mss


10 of 14 9/2/14 10:18 pm

Verify the NAT daemon status.

$ ps aux | grep natd | grep en0root 7424 0.0 0.0 2432924 416 ?? Ss 4:31PM 0:00.48 natd -‐interface en0 -‐use_sockets -‐same_ports -‐unregistered_only -‐dynamic -‐clamp_mss

## 66..33 FFiirreewwaallllThe IP firewall will also need to be enabled. Is the firewall already enabled?

$ sysctl -‐a | grep ip.fw.ennet.inet.ip.fw.enable: 1

If the value is 0, we can enable it with the ssyyssccttll utility.

$ sudo sysctl -‐w net.inet.ip.fw.enable=1

Add a firewall rule for the NAT daemon. Remember to modify the network interface value following the vviiaa token if need be.

$ sudo ipfw add divert natd ip from any to any via en000100 divert 8668 ip from any to any via en0

Verify the firewall rule has been added.

$ sudo ipfw show00100 10 622 divert 8668 ip from any to any via en065535 10390254 10716213934 allow ip from any to any

## 66..44 RR11 RRoouutteerrIOS for R1 will also need to be configured before R1 and the VMs can access the Internet.

Emulate a console connection by establishing a telnet session to the virtual device. In my configuration, R1 is listening on port 2101, so I runthe following command in the terminal:

$ telnet 127.0.0.1 2101

Enable DNS translation and set to the Google Public DNS.

R1# conf tR1(config)# ip domain-‐lookupR1(config)# ip name-‐server 8.8.8.8

And finally, add a static default route for any unknown destination. Use the ttaapp00 IP address for the next-hop IP address value. Also, save theconfiguration.

R1(config)# ip route 0.0.0.0 0.0.0.0 10.11.1.1R1(config)# endR1# copy run start

## 66..55 OOnnee MMoorree TTeessttThe moment of truth.

# mtr www.google.com


11 of 14 9/2/14 10:18 pm

[https://dl.dropboxusercontent.com/u/1030586/blog/img/gns3vm-test.png]

Posted 22nd September 2013 by Marc Weisel

Labels: Cisco, GNS3, Linux, Mac, VMware, Windows

11 View comments


12 of 14 9/2/14 10:18 pm

11 comments

Top comments

Marc Weisel 4 months ago - IT Professionals (Career Advice\Training)

Create the ultimate virtual network with the latest #VMware Fusion and #GNS3 on your #Mac.

+56

Marc really wanted to thank you for your GNS3 info on using with Fusion and MAC to build labs!! I set it up last nightwith Cisco call manager and have already registered IPcommunicator and placed calls!! Very helpful!! I will be using thisto learn VOIP over the next few months! YOU ROCK!Read more

Todd Roy 2 months ago

+Todd Roy You're welcome, Todd! Thanks for the complimentary feedback.Marc Weisel 2 months ago

Marisol Glover via Google+ 4 months ago - Shared publicly

Marc Weisel originally shared thisCreate the ultimate virtual network with the latest #VMware Fusion and #GNS3 on your #Mac.

·

Reply

Chris Redding 2 weeks ago - Shared publicly

Is this type of integration not possible over the wifi connection?

Awesome article BTW...

·

Reply

Only the integration of the virtual network with the physical world (Step 6) may not work. I don't have the hardware (MacPro w/ no wireless network adapter) to test this, but I've read from multiple sources the wireless network adapter doesn'twork with this type of configuration. I encourage you to test it and reply with your results. Thanks.

Marc Weisel 2 weeks ago

Yassine el 1 month ago (edited) - Shared publicly

Thank you for your interesting tutoriel, but i still have some problem, like ping from windows -> router ( all the too interface) ,but ping from router -> windows dont work, do you have any idea ???

·

Is the Windows Firewall on for the Windows VM? If so, you will need to verify the 'File and Printer Sharing (Echo Request- ICMPv4-In)' rule is enabled.

Marc Weisel 1 month ago

Sherief El Hamalawy 4 months ago - Shared publicly

i know that this is more of a linux question, but everytime i try to setup an IP address on a linux host ( mostly debian based)either from GUI or from terminal, the IP wouldn't be configured. in other words, when i type ifconfig eth0 add 10.0.0.1

Add a comment

Reply


13 of 14 9/2/14 10:18 pm


14 of 14 9/2/14 10:18 pm

integrate vmware fusion with gns3 on your mac

Documents

mac http

vmware fusion professional

macintegrate vmware

vmware workstation

network switches

virtual network interfaces

tap http

nonprofessional http