Cisco SD-WAN EVE-NG Lab Installation

Understood. But my EVE-NG vm only pulls an IP from the dhcp server of my modem/router, when i change the vlan from 90 to 0. When i leave the vlan 90 associated with port group “LAB”, it doesn’t pull an IP.

Also, when port group “LAB” on vlan 0 and pulls an ip, my eve-ng initial boot doesn’t show me the root as username and eve as password. It also doesn’t show me the ip ( http://x.x.x.x) as shown here. It just shows the ubuntu version installed and login prompt. When i use the above credentials to log in, and type the linux cli commands, that is when i see the ip it pulled from my modem/router dhcp.

When i browse to that ip, it doesn’t open the GUI of eve-ng.

I also noticed this new eve-ng version installation process doesn’t show the virtual NICs as eth0; it shows them as eth160, eth161 etc

What am i doing wrong?

Hello @bansah29 ,

I understand the confusion. Take a look at this picture:

In my network, I have a switch (SW1) that is connected to my ESX server with a trunk. On the switch, I have these SVIs:

SW1#

interface Vlan90
 description LAB
 ip address 10.65.90.254 255.255.255.0

interface Vlan91
 description LAB1
 ip address 10.65.91.254 255.255.255.0

interface Vlan92
 description LAB2
 ip address 10.65.92.254 255.255.255.0

interface Vlan93
 description LAB3
 ip address 10.65.93.254 255.255.255.0

I also have a DHCP pool for each of these VLANs:

SW1#
ip dhcp pool LAB
 network 10.65.90.0 255.255.255.0
 default-router 10.65.90.254 
 dns-server 1.1.1.1 

ip dhcp pool LAB1
 network 10.65.91.0 255.255.255.0
 default-router 10.65.91.254 
 dns-server 1.1.1.1 
!
ip dhcp pool LAB2
 network 10.65.92.0 255.255.255.0
 default-router 10.65.92.254 
 dns-server 1.1.1.1 
!
ip dhcp pool LAB3
 network 10.65.93.0 255.255.255.0
 default-router 10.65.93.254 
 dns-server 1.1.1.1 

Is this really needed? It allows me to connect the port groups on the ESX server to the outside world. When using EVE-NG, the “clouds” are connected to the ESX port groups so they can access the outside world:

Lab ↔ VLAN 90
Cloud1 ↔ Lab1 ↔ VLAN 91
Cloud2 ↔ Lab2 ↔ VLAN 92
Cloud3 ↔ Lab3 ↔ VLAN 93

In your case, you only have a single router, no VLANs, and only one subnet. Take a look at this picture:

Your eve-NG server is connected to port group “LAB” with VLAN 0. In other words, no VLAN. This way, it is connected to the outside world and can get an IP address from your router.

You can now access the GUI or SSH of the EVE-NG server. You do have VLAN 91, 92, and 93 because of your port groups, and those are connected to the “Clouds” in EVE-NG. These are isolated, though. They can’t reach the outside world because you don’t have any VLANs on your local network. They end at your ESX vSwitch.

Is this a problem?

Not really, until you try to reach the GUI of your vManage controller. There is no way to get from your computer to one of the port groups in ESX.

To work around this, you could also use port group LAB for Cloud1. It’ll look like this:

Your vEdge routers and controllers will communicate within VLAN 0 (your local subnet). This will work. You could forget about port group LAB1 and use port group LAB. It doesn’t matter. If you want to add a switch with VLAN support in your network, you’ll only have to add the VLAN tags.

The only downside to this solution is that everything communicates in your local network. There is no separation between your lab and “production” traffic. I like to keep things separated, but it won’t matter too much if this is your home network.

I hope this helps you.

Rene

This helps. Thanks Rene.

Hi Rene
Would you please share eve-ng topology file?

Hello Asif

I’ll let Rene know about your question and have him get back to you. Thanks!

Laz

Hello @asif.naveed ,

This is the topology file I used for 19.03.

_Exports_eve-ng_export-20230113-153746.zip (3.2 KB)

Rene

Thank you, greatly appreciated.
Waiting for DNA or any other upcoming

Hello Asif

Concerning DNA, take a look at these posts Rene shared:

Unfortunately, DNA is a difficult thing to emulate, and in most cases you need to have the real thing. But keep in mind that Cisco knows that, so it’s not necessarily obligatory to have hands-on experience to obtain the certifications.

I hope this has been helpful!

Laz

When the GUI UI is working I am able to login from my local computer to the SDWAN VManager as it’s on my local subnet range. That works great. I have configured and connected it to a virtual switch works great. Oh, I’m on VMWare Workstation 16 Pro Version 16.2.5 build-20904516. The issue that I’m having is how to create multiple networks and bridge them out to the internet. I have a cisco router I’ve configured the additional two Vlan using dot1q, interfaces are up and I’ve added them to the NAT pool. The vlans have been configured on all switches, including the virtual switch in the EVE-NG environment. All the vlans are being trunked to all switches. I looked at an article on https://www.petenetlive.com/KB/Article/0001432 but that just confirmed I had everything configured correctly on the VM.

Can you assist, or anyone who’s doing the SDWAN lab provide any feedback.

Hello Gregory

Thanks for your description. Can you give us more information about what you want to achieve? Can you share a topology with us? Also, can you tell us what role the Cisco router plays in the SD-WAN topology? Is it a vEdge device? Also, please clarify what you mean when you say “The issue that I’m having is how to create multiple networks and bridge them out to the internet.” Can you describe that in more detail?

This information will be useful for us to understand your particular situation and how we can help you troubleshoot the problem.

Looking forward to hearing from you!

Laz

This is my network layout.

I am attaching the Digram the EVE0NG Lab is bridged to my host with IP 10.0.0.20. The SDWABN components are on the 10.0.0.0 subnet and are pingable from the rabalam2020 host. The switch in the EVE-NG lab can ping both 10.654.91.0/24 subnet and the .92 subnets respectfully. That switch can also ping 10.0.0.0 subnets. I have configured dot1q on the router deadzone-rtr01 and configured the vlans on the appropriate switches. I cannot ping from the host on the biz-internet IP 10.65.91.1 to any host on the 10.0.0.0/24 subnet. I have a default route on the EVE-NG switch 0.0.0.0 0.0.0.0 10.0.0.20 ← my interface on rabalam2020. I’m not very strong on the VM side, so I wasn’t for sure there was something I was missing. I hope this explains it well enough. If not, please don’t hesitate to ask me for additional information.

Thanks,

~r

Hello Gregory

From your description, it seems that your SD-WAN lab and your physical infrastructure cannot communicate. Have you been able to get the switch in your EVE-NG topology to communicate with any of the 10.65.91.0 or .92.0 networks? My suspicion is that there is some issue going on with the configuration of your bridging to your “real” network. The rest of your topology also looks correct as well as your description of the addressing.

The only question I have is why is the default route in your EVE-NG switch pointing to 10.0.0.20? Isn’t that your local host? Shouldn’t that be pointing to the default gateway of that particular subnet? Possibly the SVI on your Deadzone switch?

Another troubleshooting task you should perform is to see where along the path are your packets being dropped. Are they making it out of the EVE-NG lab or are they failing at the bridge? Using basic traceroute troubleshooting will help you to reveal that.

I hope this has been helpful!

Laz

Q1. Have you been able to get the switch in your EVE-NG topology to communicate with any of the 10.65.91.0 or .92.0 networks? Yes within the EVE-NG environment but NOT in the real environment.

Q2. The only question I have is why is the default route in your EVE-NG switch pointing to 10.0.0.20? Isn’t that your local host? Yes 10.0.0.20 is the local host that is bridged. I only have one interface on this device. I cannot trunk the interface to the host as the PC does not like trunking.

Q3. Possibly the SVI on your Deadzone switch? I can certainly configure that and I think I had the previously. My issue is I don’t fully understand how the Vlan91 and 92 will communicate through the 10.0.0.20 interface.

Q4. Are they making it out of the EVE-NG lab or are they failing at the bridge? The 10.0.0.0 subnet yet but not the vlan91 and 92.

Hello Gregory

The fundamental problem in your particular topology is the fact that the connection between your host and your switch is not a trunk. You’ve attempted to send tagged traffic to your host, but you can’t use tags. Secondly, you’ve set the default route of your EVE-NG switch to 10.0.0.20, but that is your host, and it is not a router. Any traffic sent there will simply be dropped.

To resolve this you must first change the interface config of the EVE-NG switch to an access port so that your host, which is on the other end of this link, will no longer be receiving tagged frames.

Secondly, you should terminate all of your VLANs at the EVE-NG switch. Don’t send them through the bridged connection since your host can’t interpret tags. From the EVE-NG switch, you can route traffic from these VLANs over the bridged connection to your host.

Ultimately, since there is no way to extend your trunk across the host with your current setup, you cannot have both VLANs 91 and 92 over your bridged connection.

I hope this has been helpful!

Laz

Thanks for the advice I will attempt to make the changes and get back to you.

Hi Rene, just to thank you for the quality and the clarity of the content

Hello Nicolas

Your kind words are much appreciated! I will relay them to Rene as well. We do our best to provide high-quality content as well as a responsive and relevant forum where questions are discussed and resolved. Thanks again for your kind words!!

Laz