In this blog entry, I want to discuss how to use the open source tool UBridge to directly bridge the Windows PC to the VXLAN without using any VXLAN gateway.

UBridge is like the vSwitch inside the ESX, but UBridge is open source and can directly execute under the Windows command prompt. It’s now available inside the IPtools package, click here to download.You don’t need to even install it, all you need is to install the Winpcap.

To setup the VXLAN testing environment, you need to have at least one ESX server, vCenter server (while I use the Linux version) and vCenter client software.
I use the Cisco Nexus 1000v to configure the vDS for the VXLAN. Yes, I use Nexus instead of NSX. Honestly, I’m not a VMware guy, I am more familiar with the Cisco technology, also I’ve already have the N1K environment for testing.

The followings are software versions that being used:

•     ESXi: 5.5.0 (VMkernel release build 1623387)
•     vCenter: Server Appliance 5.5.0.10000-1624811
•     VSM:nexus-1000v.4.2.1.SV2.2.2.bin
•     VEM: Cisco_bootbank_cisco-vem-v160-esx_4.2.1.2.2.2.0-3.2.1.vib

For the minimal hardware requirement, I used VMware workstation in my local PC, and install the ESX as a guest VM, bridge the ESX NIC as my local PC’s NIC. Likewise, the vCenter server is also a guest VM of the VMware workstation.
I created 2 smallest VMs inside the ESX by using the DSL linux image.
Then setup the Nexus 1000v into the VMware infrastructure, which is a long journey and not the focus of this blog, please refer to the corresponding documentation (or can hire me!).
Following figures shows the ESX configuration:

You don't actutally needs the VSG which is for my other testing.

Now, to setup the VXLAN in the Nexus 1000v, please following this next blog entry.

Recently, I have tested the F5 (Big IP) LTM v11.4 SNMP configuration and my snmpscan tools. Here is the steps. 

1. In the F5 LTM admin webpage, select the SNMP->Agent->Configuration

2. In the configuration page, need to add your SNMP management software subnet (or starting octets).

3. Then go to the "access (v1,v2c)" screen (of course can use v3). Create a new access.

4. In the access creation screen, you define the community string. Yet, what I want to point out is that if you want to restrict the OID branch that this community allows, first the OID syntax begins with a dot. E.g. for MIB-2, enter ".1.3.6.1.2.1". Secondly, need to select the source IP  that allow access.

5. Now, you can download my free snmpscan tools under IPtools. Enter the IP of your F5, comunity and OID. Click the start scan, now you get the values of the MIB tree branch as below:

When teaching the H3CNE class, one of the questions is about the compatibility of the HDLC encapsulation of H3C router with Cisco router. As Cisco HDLC is well known to be a propriety implementation, while H3C doesn’t state clearly about its implementation.
So what’s the answer? Maybe you want to try it out by yourself. You don’t need to have the actual device, you can use the H3C simulator (LITO) and Cisco simulator (GNS3) to test it out. If you don’t know where to download it, please visit my other Blog entry.
Now, how to emulate the serial connection between GNS3 and LITO, as both of them support the using of UDP session to emulate the serial connection, however the underlying implementation is different, so you can’t directly connect them together. Instead you can use the UBridge tool to bridge them. Following diagram illustrates the connection.

You need to create 2 different UDP sessions:  one session between the Cisco Router to the UDP Bridge, the other between the H3C Router to the UDP Bridge.
So you require2 pairs of UDP port numbers, e.g. Cisco serial interface use 2012, UBridge to Cisco use 5212, H3C interface use 3012, UBridge to H3C use 5312.

LITO configuration under the “hardcfg.tcl”:
AddSerial  -slot 1 -local 127.0.0.1 -lport 3012 -dest 10.1.1.2 -dport 5312

GNS3 configuration (please consult the GNS document): udp:"2011:10.1.1.2:5211"

While for the UBridge, you need to create 2 legs and put them into a group, you can choose any group number. E.g. group 3. Now you can start the UBridge as follows:
c:\iptools>ubdg 3#C:S@5212:127.0.0.1:2012 3#H:S@5312:127.0.0.1:3012

In the H3C router console, configure the serial link use hdlc encapsulation. E.g.:

[R1]interface Serial0/1/2
[R1-Serial0/1/2]link-protocol hdlc

In the Cisco end, just “no shutdown” the interface, (as Cisco by default use) . then both H3C and Cisco’s interface will become up.
Now, you get the answer.

Once again, if for some reason you cannot bring up the LITO GUI (like my new laptop running Windows 8 – another garb**** after vista!!!), or if you don’t want to use the GUI. There is another way to connect the H3C simulator to the VPC.
What you need to do is to use the UBridge tools to bridge the LITO and the VPC as shown in the diagram below:

You need 2 pairs of UDP port #, 1 pair between LITO and UBridge, the other between VPC and UBridge.
H3C configuration under the “hardcfg.tcl”:

AddEthNew -speed 1000 Level3 -canswitch -slot 0 -subslot 0 -local 127.0.0.1 -lport 19002 -dest 127.0.0.1 -dport 30001

VPC configuration:

VPCS[1]> set lport 20000
VPCS[1]> set rport 30000

While for the UBridge, you need to create 2 legs and put into one group (e.g. use group # 1),

VPC leg: 1#C:E@30000:127.0.0.1:20000
H3C Leg: 1#H:E@30001:10.1.1.3:19002

so execute:

C:\iptools>ubdg.bat 1#H:E@30001:127.0.0.1:19002 1#C:E@30000:127.0.0.1:20000

Now your H3C router should be able to reach the VPC.

- Kepler

As discussed in my other Blog entry that the H3C simulator LITO/CEN is not compatible with Winpcap 4.0 (though LITO actually can run without Winpcap, yet it cannot bridge to physical interface). Now with the new release of my open source tool UBridge, you can bridge LITO’s Ethernet interface with the Windows local interface (you still need Winpcap 4.x). Like the following diagram:

Please refer to the iptools project page for free download.
 

With the new release of my open source tool UBridge (inside the iptools 0.3.0 package), it supports a new feature Ethernet over UDP (EoUDP). What’s the usage of it? There can be many applications, one of them is to use it as a light weight VPN tunnel to bridge the loopback interfaces of your Windows PC to form layer 2 adjacency.
For example. if you have two Windows machine in 2 different subnet, but for some recent, you need to put them into same subnet to do some testing. However, you are not able to change your network setting. Then the UBridge program can help you. You can bridge the MS loopback interfaces of the 2 PCs and put them in same subnet, as shown in the diagram below.

If you are using VMware workstation, another usage is to bridge the VMs inside your Windows PC to the VMs of another PC, like the diagram below:
Please visit the project website for detail configuration and download information.

If you want to test the Cisco router, a well known simulator GNS3 is available. While for the H3C router, another simulator CEN (GUI version is LITO) is available.

However, the CEN requires Winzip 3.0, its not compatible with Winpcap 4.0 (though Lito improve to be able to run without Winpcap 3.0, yet it cannot bridge to physical interface without winpcap 3.0). But dynamips use Winpcap 4.0. i.e. it means you can't connect both together using the physical interface.

So I've created a program that can connect the Router Interface (either serial or Ethernet) of GNS and CEN together.

It’s under the iptools package, click here for detail.

Author: Kepler Lam

 Certified Cisco System Instructor

 Certified H3C Instructor

 Certified Juniper Instructor

 Certified F5 Instructor

 Certified EC-council Instructor

 Servant of the Lord