Jump to content


1

UNL Networking Issue


10 replies to this topic

#1 blatz

blatz

    Advanced Member

  • Members
  • PipPipPip
  • 79 posts
  • 1130 thanks

Posted 08 February 2016 - 11:07 PM

I am having an issue with UNL with networking between my IOU routers '(I86BI_LINUX-ADVENTERPRISEK9-M), Version 15.5(2)T' and ASAs '8.4(2)'. I can't get RIP or NTP to work and OSPF is unstable and pings are pausing and timing out. I am running UNL on ESXi Anyone else seen this?

I am also having the hardest time getting 8.02 ASA to talk to anything. The interfaces come up and I can see the mac address in the switch table, but no pings. I have VT-X enabled too. I just wonder if there is something I am missing...

Feb  8 23:39:36.388: %OSPF-5-ADJCHG: Process 1, Nbr 11.45.45.11 on Ethernet0/1.415 from LOADING to FULL, Loading Done
Feb  8 23:42:49.203: %OSPF-5-ADJCHG: Process 1, Nbr 11.45.45.11 on Ethernet0/1.415 from FULL to DOWN, Neighbor Down: Dead timer expired
Feb  8 23:44:45.897: %OSPF-5-ADJCHG: Process 1, Nbr 11.45.45.11 on Ethernet0/1.415 from LOADING to FULL, Loading Done
Feb  8 23:45:59.327: %OSPF-5-ADJCHG: Process 1, Nbr 11.45.45.11 on Ethernet0/1.415 from FULL to DOWN, Neighbor Down: Dead timer expired
Feb  8 23:46:58.226: %OSPF-5-ADJCHG: Process 1, Nbr 11.45.45.11 on Ethernet0/1.415 from LOADING to FULL, Loading Done
Feb  8 23:47:46.603: %OSPF-5-ADJCHG: Process 1, Nbr 11.45.45.11 on Ethernet0/1.415 from FULL to DOWN, Neighbor Down: Dead timer expired
Feb  8 23:48:45.553: %OSPF-5-ADJCHG: Process 1, Nbr 11.45.45.11 on Ethernet0/1.415 from LOADING to FULL, Loading Done

Thanked by 1 Member:
soum48

#2 ccienow2014

ccienow2014

    Advanced Member

  • Members
  • PipPipPip
  • 73 posts
  • 12 thanks

Posted 09 February 2016 - 03:18 AM

Can you share the hda.qcow2 file for the ASA802, I'm not event able to get it start.........
I have similar installation UNL on ESXi6

#3 blatz

blatz

    Advanced Member

  • Members
  • PipPipPip
  • 79 posts
  • 1130 thanks

Posted 09 February 2016 - 02:41 PM

Get ASA 8.02 Vmware image from here http://certcollection.org/forum/topic/217818-cisco-emulation-collection-in-this-site/

I used ASA-m.7z

Then convert the vmdk's to qcows
  221  /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 ~/ASA-m/asahd.vmdk hda.qcow2
  222  /opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 ~/ASA-m/Other\ Linux\ 2.6.x\ kernel.vmdk hdb.qcow2

And place them in the unetlab addons. Remember only works with 256M of ram. Otherwise you get the issue about not finding the root partition.

/opt/unetlab/addons/qemu/asa-8.0m/
/opt/unetlab/addons/qemu/asa-8.0m/hda.qcow2
/opt/unetlab/addons/qemu/asa-8.0m/hdb.qcow2


This image is multi-context originally. If you want single context you need for the issue with saving the configuration first..
http://7200emu.hacki.at/viewtopic.php?p=34550&sid=400d9ebdbbb4e7eceedc345903dd0faa

You need to do the format disk0: part.


Anyone else seeing packet loss between their ASA's and IOU's? This is without having a switch between them. Just the bridge Net even!

Edited by blatz, 09 February 2016 - 02:42 PM.


Thanked by 4 Members:
RobKensou99 , lopwal , ccienow2014 , zemma

#4 blatz

blatz

    Advanced Member

  • Members
  • PipPipPip
  • 79 posts
  • 1130 thanks

Posted 09 February 2016 - 05:25 PM

So I rebuilt my UNL VM and 8.02 networking worked there, so I went back to my old UNL VM and it worked there. So I restarted the firewalls and then it stopped working... the only thing I can see if that if I don't use the ASA immediately after booting. Like if I watch it boot, then configure it... no networking on 8.02. But If I start the ASA's then wait about 5 minutes before configure it.. it seems to work. This is only with 8.02. No issues like this with 8.42.

Ohh yeah my post eariler about switching from multi context to single.... I can't seem to reproduce it... and because I copied the qcows after it was single, I have both ASA-8.0M and ASA-8.0S devices on UNL. But I will try it again later today and document what I do!

Thanked by 1 Member:
ccienow2014

#5 ccienow2014

ccienow2014

    Advanced Member

  • Members
  • PipPipPip
  • 73 posts
  • 12 thanks

Posted 13 February 2016 - 02:16 AM

Great share, thank you very much.
It's working now.
But how to access linux to do :
# cd /mnt/disk0
# /mnt/disk0/lina_monitor


I'm still getting error when I try to swtich from multi to single mode :
ASA4(config)# mode single
WARNING: This command will change the behavior of the device
WARNING: This command will initiate a Reboot
Proceed with change mode? [confirm]
ERROR: The requested mode was not saved because the flash update failed.

#6 blatz

blatz

    Advanced Member

  • Members
  • PipPipPip
  • 79 posts
  • 1130 thanks

Posted 17 February 2016 - 03:05 AM

Ok. I remembered how I did it. You need to know a little linux, but it goes pretty quick.


#Go into your ASA-m directory where you just converted the files
cd ~/ASA-m


#Mount the hda.qcow2
modprobe nbd max_part=63
/opt/qemu/bin/qemu-nbd -c /dev/nbd0 hda.qcow2
sleep 1 # wait for qemu-nbd to finish before mounting
mount /dev/nbd0p2 /mnt/usb4


#Get the asa.gz initrd
cp /mnt/usb4/boot/asa.gz /tmp/asa_orig.gz


#Extract the initrd
cd /tmp
gunzip asa_orig.gz
mkdir /tmp/asa_initrd
cd /tmp/asa_initrd
cpio -idv < ../asa_orig


#Edit startup file.. i used vi
#On the last line remove "-m" so change "/asa/bin/lina -m" to "/asa/bin/lina"
vi /tmp/asa_initrd/etc/init.d/rcS


# Rebuild new initrd
cd /tmp/asa_initrd
find . | cpio -o -H newc  | gzip -c > ../asa_single.gz
 

# Overwrite initrd on mounted drive
cp /tmp/asa_single.gz /mnt/usb4/boot/asa.gz


#umount drive
umount /mnt/usb4/
sleep 1
killall qemu-nbd


#Then copy these new qcow2 files to a new directory
cd ~/ASA-m
mkdir /opt/unetlab/addons/qemu/asa-8.0-s
cp hd*.qcow2 /opt/unetlab/addons/qemu/asa-8.0-s/
/opt/unetlab/wrappers/unl_wrapper -a fixpermissions
 



Thanked by 2 Members:
lopwal , zemma

#7 shohag45

shohag45

    Member

  • Members
  • PipPip
  • 11 posts
  • 2 thanks

Posted 27 October 2016 - 04:00 AM

Hi blatz,

Would you please help to run ASA 8.0.2 in signel mode. i am using ASA-m.7z. and able to run multimode. but not able to run after changing signle mode.
After changing  mode from multi to signle its asking for restart and did same then its going to # mode. Puting # cd /mnt/disk0
# /mnt/disk0/lina_monitor
command and then its stuck with below output


# cd /mnt/disk0
# /mnt/disk0/lina_monitor

Processor memory 22999040, Reserved memory: 20971520 (DSOs: 0 + kernel: 20971520)
Failed to reserve hugepages.
        Requested 0
        Reserved 30
physical area, size 65536 kB
                       free list:             used list


# cd /mnt/disk0
# /mnt/disk0/lina_monitor

Processor memory 22999040, Reserved memory: 20971520 (DSOs: 0 + kernel: 20971520)
Failed to reserve hugepages.
        Requested 0
        Reserved 30
physical area, size 65536 kB
                       free list:             used list

Thanks

#8 skovalen

skovalen

    Junior Member

  • Members
  • PipPip
  • 2 posts
  • 0 thanks

Posted 07 November 2016 - 10:01 PM

Hello,

Many thanks for helping with single mode image! However, I have an issue with saving config in single and multi context modes. The following error appears:
ciscoasa# wr
Building configuration...
Cryptochecksum: 75a1ab8d 67a3d116 2bd87367 7942168c

%Error opening disk0:/.private/startup-config ()
Error executing command
[FAILED]

I noticed that in the boot log:
INFO: Unable to read firewall mode from flash
       Writing default firewall mode (single) to flash
WARNING: Unable to write firewall mode to flash, this is normal if flash is
         not formatted.

So I tried to format flash & disk0, unfortunately, it didn't help:
ciscoasa# format disk0:
WARNING: Saving activation key file failed. Proceed with operation? [confirm]

Format operation may take a while. Continue? [confirm]

Format operation will destroy all data in "disk0:".  Continue? [confirm]
Initializing partition - done!
mkdosfs: /dev/hda1 contains a mounted file system.

System tables written to disk
mount: Mounting /dev/hda1 on /mnt/disk0 failed: Device or resource busy

Format of disk0 complete
WARNING: Restoring security context mode failed.
ciscoasa# dir disk0:

Directory of disk0:/

4      drwx  4096        23:02:40 Nov 07 2016  .private
10     drwx  4096        21:22:38 Feb 18 2008  boot
7      drwx  4096        20:57:10 Feb 18 2008  csco_config
68     -rwx  1623        13:48:36 Sep 17 2008  y
69     -rwx  6889764     05:49:58 Feb 15 2010  asdm-602.bin
70     -rwx  2154944     15:57:10 Feb 15 2010  anyconnect-win-2.2.0140-k9.pkg

255320064 bytes total (246038528 bytes free)
ciscoasa# wr
Building configuration...
Cryptochecksum: 75a1ab8d 67a3d116 2bd87367 7942168c

%Error opening disk0:/.private/startup-config ()
Error executing command
[FAILED]

Is there a way to solve the problem with saving running configuration?

#9 lopwal

lopwal

    Junior Member

  • Members
  • PipPip
  • 1 posts
  • 3 thanks

Posted 27 February 2017 - 02:19 AM

View Postblatz, on 17 February 2016 - 03:05 AM, said:

Ok. I remembered how I did it. You need to know a little linux, but it goes pretty quick.


#Go into your ASA-m directory where you just converted the files
cd ~/ASA-m


#Mount the hda.qcow2
modprobe nbd max_part=63
/opt/qemu/bin/qemu-nbd -c /dev/nbd0 hda.qcow2
sleep 1 # wait for qemu-nbd to finish before mounting
mount /dev/nbd0p2 /mnt/usb4


#Get the asa.gz initrd
cp /mnt/usb4/boot/asa.gz /tmp/asa_orig.gz


#Extract the initrd
cd /tmp
gunzip asa_orig.gz
mkdir /tmp/asa_initrd
cd /tmp/asa_initrd
cpio -idv < ../asa_orig


#Edit startup file.. i used vi
#On the last line remove "-m" so change "/asa/bin/lina -m" to "/asa/bin/lina"
vi /tmp/asa_initrd/etc/init.d/rcS


# Rebuild new initrd
cd /tmp/asa_initrd
find . | cpio -o -H newc | gzip -c > ../asa_single.gz


# Overwrite initrd on mounted drive
cp /tmp/asa_single.gz /mnt/usb4/boot/asa.gz


#umount drive
umount /mnt/usb4/
sleep 1
killall qemu-nbd


#Then copy these new qcow2 files to a new directory
cd ~/ASA-m
mkdir /opt/unetlab/addons/qemu/asa-8.0-s
cp hd*.qcow2 /opt/unetlab/addons/qemu/asa-8.0-s/
/opt/unetlab/wrappers/unl_wrapper -a fixpermissions



I created the HDA and HDB following Blatz instructions, I want to share them in case anyone needs, I created one for single-mode and one for multiple-context:

https://www.4shared.com/archive/MWFwYb7Dce/ASA802qcow2_SingleMode.html
https://www.4shared.com/archive/TvoWsKXfce/ASA802qcow2_MultiMode.html

Edited by lopwal, 28 February 2017 - 02:51 AM.


Thanked by 2 Members:
NasserAbdelghani , RobKensou99

#10 dosic

dosic

    Advanced Member

  • Members
  • PipPipPip
  • 138 posts
  • 6153 thanks
  • LocationJNCIE personal training

Posted 31 October 2019 - 07:11 AM

Gents,
Can you share image for asa802, please

#11 blatz

blatz

    Advanced Member

  • Members
  • PipPipPip
  • 79 posts
  • 1130 thanks

Posted 31 October 2019 - 02:19 PM

View Postdosic, on 31 October 2019 - 07:11 AM, said:

Gents,
Can you share image for asa802, please

It is in this torrent. Remember only works with 256M of ram. Otherwise you get the issue about not finding the root partition.

Hidden Content
You'll be able to see the hidden content once you press the thanks button.

Use hide tags.
Usage: [ hide ] link [ /hide ] (without spaces)

Edited by mavis, 31 October 2019 - 07:00 PM.
Hide tag added.


Thanked by 5 Members:
mh12345 , nguyenvnghi60 , nsreenath , hrdina130 , akochanov



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Organization

Community

Downloads

Test Providers

Site Info


Go to top