CCIE RSv5 Equipment Build

145791020

Comments

  • I misread your question. I think that issue is related to amazon virtual private cloud. It depends on your AWS design because yeah, try don't let you run OSPF on their public Internet link for example. 

    Brian McGahan, 4 x CCIE #8593 (R&S/SP/SC/DC), CCDE #2013::13
    [email protected]
     
    Internetwork Expert, Inc.
    http://www.INE.com

    On May 3, 2014, at 10:46 AM, "rriker" <[email protected]> wrote:

    I was under the impression it was a limitation by aws. You can bring ur own license or do pay per hour, so i could have all features available with my license but aws sets limits as to what u can do, like no ospf routing. Im looking into this with aws. We r migrating an entire DC into aws, mgmt doesnt want buy a million dlrs worth of nexus and emc equipment, aws already has this in place. Plus i dont have to learn nxos while im working v5.


    Sent from my Cricket smartphone


    -------- Original message --------
    From: Ford_Prefix
    Date:05/03/2014 4:58 AM (GMT-06:00)
    To: [email protected]
    Subject: Re: [hardware] CCIE RSv5 Equipment Build

    Brian McGahan:

    It's the same CSR image, you just have to enable the licensing before you use the advances features. It's the same as like an ISR G2 with a universal image.

    Does that imply Evaluation Right to Use licensing will actually work just like on the ISR G2?




    INE - The Industry Leader in CCIE Preparation


    http://www.INE.com






    INE - The Industry Leader in CCIE Preparation


    http://www.INE.com



  • Also if you wanted to you could build your own KVM or QEMU box inside of AWS and then install CSR1000v inside that. I don't know if the instance per hour pricing would make it feasible though, but technically you can still do it this way. 

    Really if you're going that far out of the way though rack rentals are going to save you a bunch of time. 

    Brian McGahan, 4 x CCIE #8593 (R&S/SP/SC/DC), CCDE #2013::13
    [email protected]
     
    Internetwork Expert, Inc.
    http://www.INE.com

    On May 3, 2014, at 10:46 AM, "rriker" <[email protected]> wrote:

    I was under the impression it was a limitation by aws. You can bring ur own license or do pay per hour, so i could have all features available with my license but aws sets limits as to what u can do, like no ospf routing. Im looking into this with aws. We r migrating an entire DC into aws, mgmt doesnt want buy a million dlrs worth of nexus and emc equipment, aws already has this in place. Plus i dont have to learn nxos while im working v5.


    Sent from my Cricket smartphone


    -------- Original message --------
    From: Ford_Prefix
    Date:05/03/2014 4:58 AM (GMT-06:00)
    To: [email protected]
    Subject: Re: [hardware] CCIE RSv5 Equipment Build

    Brian McGahan:

    It's the same CSR image, you just have to enable the licensing before you use the advances features. It's the same as like an ISR G2 with a universal image.

    Does that imply Evaluation Right to Use licensing will actually work just like on the ISR G2?




    INE - The Industry Leader in CCIE Preparation


    http://www.INE.com






    INE - The Industry Leader in CCIE Preparation


    http://www.INE.com



  • So guys, i am  a little confused now about Switches we are going to use, i will build my vitrual lab from scratch and i need to know what are the minimum Switches i should purchase to practice V5 labs and at wich IOS??

  • There is a list wayyyy back on page 6 thanks to ukwill:

     

    3650
    32 MB Flash memory (Cisco Catalyst 3560G-24TS, Catalyst 3560G-24PS, Catalyst 3560G-48TS, Catalyst 3560G-48PS, Catalyst 3560-24TSCatalyst 3560-48TS, and Catalyst 3560-8PC);

    3750
    32 MB Flash memory (Cisco Catalyst 3750G-24TS-1U, 3750G-24WS, 3750G-24PS, 3750G-48TS, 3750G-48PS, and 3750-24FS

  • thanks webman,

     

    but i will need licence to run IOS 15 on them ?

     

    and do you mean 3560 or 3650 ?

  • Sorry, my last post wasnt clear. I didn't even understand completely what a qemu box is. Anywho, I'm using GNS3 running 20 7200s with 15.2. As I go through the workbooks I will keep track of what features GNS3 doesn't support and use rack rentals for the unsupported. 

    I have been following the ESX posts and trying to spin up the CSRs like you have posted,
    some success but mostly failure. I am more interested in hitting the workbooks and getting more familiar with the technologies I don't know.

    Can I get an opinion of firewalls real quick, what is your opinion on ASA/Cisco firewall solutions, Juniper or Palo Alto. I'm not a security engineer so I am looking for ideas and insight.


    On Saturday, May 3, 2014 11:23 AM, Brian McGahan <[email protected]> wrote:
    Also if you wanted to you could build your own KVM or QEMU box inside of AWS and then install CSR1000v inside that. I don't know if the instance per hour pricing would make it feasible though, but technically you can still do it this way. 

    Really if you're going that far out of the way though rack rentals are going to save you a bunch of time. 

    Brian McGahan, 4 x CCIE #8593 (R&S/SP/SC/DC), CCDE #2013::13
    [email protected]
     
    Internetwork Expert, Inc.
    http://www.INE.com

    On May 3, 2014, at 10:46 AM, "rriker" <[email protected]>
    wrote:

    I was under the impression it was a limitation by aws. You can bring ur own license or do pay per hour, so i could have all features available with my license but aws sets limits as to what u can do, like no ospf routing. Im looking into this with aws. We r migrating an entire DC into aws, mgmt doesnt want buy a million dlrs worth of nexus and emc equipment, aws already has this in place. Plus i dont have to learn nxos while im working v5.


    Sent from my Cricket smartphone


    -------- Original message --------
    From: Ford_Prefix
    Date:05/03/2014 4:58 AM (GMT-06:00)
    To: [email protected]
    Subject: Re: [hardware] CCIE RSv5 Equipment Build
    Brian McGahan:

    It's the same CSR image, you just have to enable the licensing before you use the advances features. It's the same as like an ISR G2 with a universal image.


    Does that imply Evaluation Right to Use licensing will actually work just like on the ISR G2?



    INE - The Industry Leader in CCIE Preparation


    http://www.INE.com






    INE - The Industry Leader in CCIE Preparation


    http://www.INE.com






    INE - The Industry Leader in CCIE Preparation


    http://www.INE.com





  • You do need 15.0 code on the switches, so you need a switch that supports it.  The list of switches are ones with enough memory.

     

    Yes, that should be 3560.

     

    As for licenses, i'm not sure.

  • There is a CCIE RSv5 Bootcamp that Dave Smith is running right now and I upgraded his physical boxes to it yesterday.  It appears to be a stable release, and has some additional features that the 15.1T release does not, for example OSPFv3 VRF Lite.

    It still doesn't have all features of IOS XE 3.11S (15.4S), but it's a pretty good start.

    Thanks Brian. It is now clear.

  • Brian

    Would you please post the wire connection diag? I did see the logical diag and not include the switch.

    Thanks

     

  • Bryan, with the 60 day limit for the eval on CSR100v, does that mean you'll need to re-install the VM's after the 60 days to continue labbing?

  • After the 60-day eval period, the feature license is invalidated and the
    throughput is lowered to 2.5Mbps.  Along with the CSR1000v eval
    license, I'm also using the eval license of ESX which is also a 60-day
    period.  Rebuilding the lab is extremely simple though.  I have a
    csr1000v that I use as a base template.  All I need to do is reinstall
    ESX, copy the csr1000v template files to their respective folders that I create (R01, R02, etc), and
    add the vm's back into ESX inventory.  At that point I can spin up the VM's and
    enable licensing on the csr1000v's.  It's very simple and doesn't take
    much time to run through the rebuild process.

  • I did the exact same thing. Are you putting all the CSR VMs in the all vlans vlan, not sure what it is really called. And are you allowing promiscuous mode? I'm jealous all of you can get it to work and I can't, i'll keep trying.
    On Saturday, May 3, 2014 5:24 PM, dan. devlin <[email protected]> wrote:
    After the 60-day eval period, the feature license is invalidated and the
    throughput is lowered to 2.5Mbps.  Along with the CSR1000v eval
    license, I'm also using the eval license of ESX which is also a 60-day
    period.  Rebuilding the lab is extremely simple though.  I have a
    csr1000v that I use as a base template.  All I need to do is reinstall
    ESX, copy the csr1000v template files to their respective folders that I create (R01, R02, etc), and
    add the vm's back into ESX inventory.  At that point I can spin up the VM's and
    enable licensing on the csr1000v's.  It's very simple and doesn't take
    much time to run through the rebuild process.



    INE - The Industry Leader in CCIE Preparation


    http://www.INE.com





  • I am.  I have 2 NIC's for each named "csr g1" and "csr g2" but technically they could be in the same port.  I'll probably change that so it's just using one for all my virtual router interfaces.  Those are off my second vSwitch which the physical NIC included is a trunk to the external switch.  Here's the port I have for "csr g1" which I have assigned to each g1 interface of all csr1000v instances.  My vSwitch is setup for Promiscous mode.

     

    image

    image

  • You probably already saw this but this is the link I followed in setting this up.

    http://blog.ine.com/2013/04/15/installing-the-cloud-services-router-1000v-in-esxi-5-1/

  • Tried to reply with screenshots but doesn't appear to have worked so will reply without the images this time.  Yes, I am placing the CSR VM interfaces (G1 and G2) into one network connection/port group in vSphere which is set to trunk "All (4095)".  That network connection/port group is off my vSwitch2 which the physical NIC is connected to one my switches as a trunk port.  Also, yes, my vSwitch is set to Promiscuous mode which then gets applied to the port group.

     

  • I think i may have to reinstall ESXi on my server. I have had hardware issues which didnt get resolved with installing win 7 baremetal. Funny part is i cant pin point the actual issue. I will follow urs and Brians setup and give it another go. I followed brian dennis's vmware install steps but it didnt work. Ill revisit. Thanks


    Sent from my Cricket smartphone


    -------- Original message --------
    From: "dan.devlin"
    Date:05/03/2014 6:13 PM (GMT-06:00)
    To: [email protected]
    Subject: Re: [hardware] CCIE RSv5 Equipment Build

    Tried to reply with screenshots but doesn't appear to have worked so will reply without the images this time.  Yes, I am placing the CSR VM interfaces (G1 and G2) into one network connection/port group in vSphere which is set to trunk "All (4095)".  That network connection/port group is off my vSwitch2 which the physical NIC is connected to one my switches as a trunk port.  Also, yes, my vSwitch is set to Promiscuous mode which then gets applied to the port group.

     




    INE - The Industry Leader in CCIE Preparation


    http://www.INE.com



  • Unfortunately v15 isn't going to work on those switches. 3560G or 3560V2's would work.  I haven't been following the discussions around the switches but you might just want to pick up those 3650's you found and just do rack rentals for items that require v15 code. 

  • As long as they have 32MB flash they should run IOS 15

  • what about the post which says that these switches are supported : [:(][:(]

    3650
    32 MB Flash memory (Cisco Catalyst 3560G-24TS, Catalyst 3560G-24PS, Catalyst 3560G-48TS, Catalyst 3560G-48PS, Catalyst 3560-24TSCatalyst 3560-48TS, and Catalyst 3560-8PC);

    3750
    32 MB Flash memory (Cisco Catalyst 3750G-24TS-1U, 3750G-24WS, 3750G-24PS, 3750G-48TS, 3750G-48PS, and 3750-24FS

     

    i think Catalyst 3560-24TS should work fine with image c3560-ipservicesk9-mz.150-2.se2.bin

  • that's the minimum ( cheapest ) way to run IOS 15.

     

    From: [email protected] [mailto:[email protected]] On Behalf Of FrozenEyes
    Sent: Sunday, May 04, 2014 1:02 AM
    To: [email protected]
    Subject: Re: [hardware] CCIE RSv5 Equipment Build

     

    what about the post which says that these switches are supported : SadSad

    3650
    32 MB Flash memory (Cisco Catalyst 3560G-24TS, Catalyst 3560G-24PS, Catalyst 3560G-48TS, Catalyst 3560G-48PS, Catalyst 3560-24TSCatalyst 3560-48TS, and Catalyst 3560-8PC);

    3750
    32 MB Flash memory (Cisco Catalyst 3750G-24TS-1U, 3750G-24WS, 3750G-24PS, 3750G-48TS, 3750G-48PS, and 3750-24FS




    INE - The Industry Leader in CCIE Preparation
    http://www.INE.com

  • The v5 lab exam will be 100% on a virtual environment using 15.3T. So most likely they will use L2/L3IOU not CSR1000v.

  • Hi, I have a couple of vSphere servers with CSR 1000v up and running but I am not sure how to setup the vSwitch network that will associate CSR 1000v interfaces. Can you let me know how to configure this? Many thanks, Ken.

  • Brian posted pictures on pages 4 and 8 of this thread. Basically all CSR VMs are in the same VM network with a VLAN ID of 4095 (ALL VLANs). Configuring the VM network as promsicous will allow you to sniff the traffic on a VM running wireshark.

     

  • I'm sure Bryan will create an excellent tutorial on how to setup the lab with CSR1000 but not until he finishes up with the workbook updates.

    Meanwhile, if you can't wait and are new to virtualization, I found this walkthrough quite helpful on how to setup the virtual swtiches with the NICS for a basic setup using CSR1000.

    http://www.fryguy.net/2013/12/27/cisco-csr1000v-for-home-labs/

  • Thanks for your replies, I will have a go at it next weekend. I also found this link, may be helpful to others..... http://rednectar.net/2011/07/20/vmware-interfaces-tutorial/

  • I'm going to start putting the write up together today on options of building the topology. Rack rentals will be posted likely tomorrow. 

    Brian McGahan, 4 x CCIE #8593 (R&S/SP/SC/DC), CCDE #2013::13
    [email protected]
     
    Internetwork Expert, Inc.
    http://www.INE.com

    On May 4, 2014, at 11:12 AM, "GoGoBoss" <[email protected]> wrote:

    Thanks for your replies, I will have a go at it next weekend. I also found this link, may be helpful to others..... http://rednectar.net/2011/07/20/vmware-interfaces-tutorial/




    INE - The Industry Leader in CCIE Preparation


    http://www.INE.com



  • thanks brian, you're the best. i can't wait :)

     

    but please can you confirm my licence question?

  • Frozeneyes- if you can download the image, you can install it in exactly the same manner that you did with 12.x

    i upgraded my 3560 about 3mths ago.

Sign In or Register to comment.