Cisco on the Amazon EC2 cloud

I’ve been working on virtualizing a cisco router on the cloud so that I can tunnel vpn traffic from one network to the other. The initial goal was to get a virtual Cisco router working on the cloud.

To get this going, I have the Cisco IOS 12.4 and was planning on running it off of GNS3, which is a front-end UI to Dynamips. I have most of my servers with Rackspace, but for this project, I was working with a server on the Amazon EC2. Below is a snapshot of what I was trying to accomplish.

Cisco Router on a Virtualized Environment

cisco-network

For this to work, you’d have to bridge the ethernet interface of the Cisco router to the ethernet interface of the Windows machine. GNS3 will help you in creating a TAP interface (similar to Linux) to get this going.

With Amazon, you get a public dns address for your machine, however, they install a private address on your server instance. I tried to remove it and only have the instance use the public address, which resulted in a disconnect. So, I started from scratch and kept the private and public address in tact. The way Amazon handles this is by natting your public address to the private address.

Having both virtualized private addresses hold hands as they pass on vpn traffic to the cloud didn’t seem to work. After using Dynamips on a Unix environment (Mac), I’ve gotten comfortable with text configuration. At the time, GNS3 wasn’t ported for Mac. To my luck, I figured I can replicate the same setup on a Fedora and ditch the GUI.

Setting up Dynamips on Fedora was a breeze and loading up configurations was just as simple. However, the virtualized router had intermittent failures and was unreliable. Dynamips would start up the Hypervisor on port 7200. If loading the IOS failed (and it did off and on), I would restart Hypervisor on an alternate port and it just seemed to not want to work from there. Going back to the default port seemed to be the main requirement. I ensured that all processes using the default port were killed, but just kept coming across binding issues, which would get fixed with a reboot.

In the end, I found that virtualizing a corporate router, which essentially is an OS, running on emulated hardware, on top of another OS which is already virtualized on another OS… just didn’t make sense. The fight isn’t over. I’ll be switching gears and working with Vyatta.

2 Comments

  1. Rahul

    Did you finally able to run GNS3 on EC2.
    I was trying the same with Windows and Ubutnu, but its not working.

  2. ahmeddirie

    Hi Rahul,

    I was able to get this working with Vyatta and not Cisco. This was many years ago and now this exists without many of the workarounds I went through. Take a look at those in my other networking articles.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>