RRTC Live Stream - EVE-NG install, configuration and lab building!

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello hello hello everybody happy sunday hopefully all's well sorry for the delay in getting started this afternoon i wasn't exactly feeling the greatest so but uh we're in good shape so it's making sure the connections look good um looks like we are live all that good stuff good cool okay so i'm starting to get some analytics back awesome hello hello hello hello why is my this is weird like my green screen is acting weird what's going on everybody how goes it hope everybody's doing well on sunday and those are a little bit of a delay there's a little too much the uh let me change this up a little make a quick adjustment real quick let me turn this light on and another light off see if that helps with the the flicker oh now my green screen's acting up on me i can't win today that's okay though well i appreciate the uh appreciate that eduardo it's good stuff i'm trying man i am trying let me adjust something real quick there we go hopefully that'll fix that problem there we go cool well thanks everybody for stopping by and hanging out with me this afternoon um where we have some cool stuff planned i'm going to be going through and doing a quick little lab on eve ng it's one of the most common things that i get questions about regarding how to work with it and you know build labs and things like that so we're gonna be taking a look at how all that stuff comes into play so yeah good stuff good stuff so we're gonna go and i'm gonna deploy eve and i'm gonna go through the process of getting it all set up and show you guys how to work with some of the documentation with it because it seems like one of the most common questions i get is how what are you using how do you use it and um it's definitely a strong replacement for gns3 i don't like using genus 3 anymore i have been with eve now for oh a long time so um cool if you guys have any questions at any point in time go ahead and drop it into the chat hello hello hello i will do my best to answer those questions as they come in and supply that and we will get get to it so uh if you have not already done so you'll need to download eve and i've already got it downloaded and saved but i'll show you where to go basically go i'm going to go ahead and flip over to the green screen so um if you don't know where to go you would come in here and do eve dash ng.net and go here give that there we go and when you're on this website let me go ahead and i have to adjust the bring this over just a touch so i can see the chat does these support l3 switches yes it does and i'll talk a little bit about how that process comes into play here in just a minute so um when it comes down to working with eve specifically you're going to need to download the download it so you would go to the website go to download and then you have a couple of different options you have the option of downloading the pro version which means you need to buy a license the other is the community version which is what i personally run what would be the best hardware uh it depends on what you want to run uh you're in your security lab um anything with an intel xeon processor with i don't know uh six core or an eight core processor if you get two of them that'll be more than sufficient for just about anything you can need and 64 gigs of ram so i use the free version of eve you can download it from whatever um if you want to download the from the google mirror or the installation iso i prefer the ovf which is basically the virtual machine i've already got it downloaded but the other thing you're going to want to do is look at the documentation documentation is going to be big when it comes to getting the platform online and working and all type of stuff there's a lot of how to's huh they've added knocks in here that's that's kind of cool so we're going to go to how to's here and if you wanted to get a particular os working this is how you would do that now speaking towards the operating systems that you'll work with and stuff like that you'll need to have access to the images already so in other words you want to go over here to say viral.cisco.com and that will redirect you to the cisco learning network where you'll be able to purchase the access that you need it's two hundred dollars so you buy you buy this 200 license and after you've purchased access to it you will be able to download all the images that you'll need in order to run inside of eve so this will give you asa this will give you ios ios v l2 so your layer 2 image that supports layer 3 switching it'll give you your ios router it'll give you the csr1000v the nexus 9k the xrv 9k uh it gives you a bunch of different stuff what it doesn't give you is the viptela images so if you're interested in running sd-wan and front-end eve you will need to have access through a service account in order to do that so unfortunately it doesn't support you can't purchase access through viral to get or cml cisco modeling labs to do that so just keep those things in mind when you're doing your research so that's basically where that comes into play so you buy your uh buy the license download the the images that you need and you'll be in good shape novice on routing why run bgp and osb at the same time i don't know what you mean is there a specific use case you're talking about um i mean i could if you're if you have a specific use case you'll have to explain what you mean but um in order to if you're going to run ib gp so bgp internally inside of your network then you'll need ospf or some other igp eagrp rip or whatever it might be in order to allow internal bgp to work effectively so oh you must be talking about the sd-wan stuff so um it was more to so if you're referring to doing ospf and then running internal bgp with route reflector um i did that to demonstrate that you could do it with sd-wan not saying that you it's the the goal of the videos was to demonstrate the capability and the option of doing that it's up to you to make the determination of which way you go you know i'm just showing you what's possible and how you would work with it and stuff like that i'm not saying that you know you would run if you're going to run into your internal bgp you would need an igp like ospf and because ospf is supported on the v edges that's what i ran with you could do any other protocol you want but if you're looking to just run it as um if you've got a large-scale deployment and you want to to peer with maybe you've got vxlan running on your nexus 9ks and you need to peer via bgp from the leaf switches up to your v edges bgp would be the more appropriate protocol to use then so what's up zig my buddy ziggs in here that's awesome glad to see you zig so osp probably in private numbers well you so since you're a novice in writing you can run um you can run ospf and bgp in both right so it's one of those things where um one thing that i would definitely recommend you do is you have to you'll have to level up your routing because right now you're asking a lot of ccna level questions and i can definitely see where your that's coming those questions are coming into play so you need to really just need to buck up on the ospf and the bgp understanding and a lot of the things that i'm talking about in those videos will definitely make more sense because the purpose of the sd-wan video is where i showed you how to run ospf and i showed you how to run bgp was sure that you would know how to do both wasn't but the goal wasn't to say this is the use case that i'm running with and this is why we're going to be doing this particular protocol the the purpose of the video is to demonstrate that you could you know do you how you use them in production or in your proof of concept lab that's completely up to you so just the more or less this is what's possible and this is how you would do it you make the determination of which way you go but you don't have to bgp is commonly used on the service writer side of the world if you're going to have a mpls service that you're going to appear to then you can totally use mpls or bgp from your mpls router to peer with the service provider or you can use bgp to appear with the internet so um it's it's up to you and how you want to go about doing it but bgp isn't specific to public the public side you can use bgp throughout your entire network if you want to i have multiple times where i've ran dmvpn over the internet and over mpls because it makes more sense to do that and we've used bgp over both so it's completely possible to do it's just you have to get down to brass tacks of how each protocol works and how to integrate them and stuff like that but you really need to spend some time in those areas because if you don't understand ospf and bgp to the level that you need to then some of the things that i talk about won't make a lot of sense but as zig mentioned there you definitely need to understand how the protocols work independently and then how you can overlap them and then build your environment out as you go along so for example when i was studying for my ccie it took a long time for me to understand how everything glued themselves together but once i understood all that it was like oh yeah and then you start tearing stuff together and you've got like multiple layers and it begins it gets a little complicated but the more time you spend in it the then you understand all the independent layers and how the layer kit comes together it's like a seven layer taco you know it gets it can get complicated but the point is once you've spent your time in the writing protocols you'll be that much better off down the road so but yeah good stuff man cool so i'm going to go ahead i've already like i mentioned i've already got eve downloaded and i'm going to go ahead and walk you guys through how to um get it up and running and stuff like that i was thinking more along with trying to mimic a public connection well i mean you can do that with bgp but going back to what i just mentioned a moment ago you still have to understand like if you're if you want to give me a specific use case i can give you specific responses but right now i'm gonna i'm gonna talk in generalities because you're talking in generalities i can't answer a specific question give you specific details on a general uh on a generally stated question if you give me a specific use case i'll give you a specific answer let's go with that way because i'll end up talking in circles so um we're gonna go ahead and register a vm so we're gonna actually go through the deploy process here yeah i'm gonna i'm gonna help i'm gonna let zig help me out a little bit on this because ziggs also a ccie and actually zay got his cca before i did and he was in the study group um and he was one of the core people that helped me pass my ccie well if you have questions man that's why we're on a live stream i'll do my best to answer the questions and since i've got zig here i'll help i'll let him you know maybe answer some of those too maybe give a different perspective from the design side of it but if i can answer the question i will but um you know we'll we'll figure it out so i'm going to go ahead and pull up the the file i'm going to go ahead and say eve and we'll just do test and then we'll go ahead and grab the selection so i've actually already opened it up so i'm just going to go ahead and select it and click on open and we're going to go ahead and click on next and i'm going to choose the data source it's going to sit down it's going to be my qnap storage array and click on next and then we're going to choose where it's going to go sit i'm going to say is going to set in vm network because i'm going to have i'm going to want to connect to it and be able to work with it that way i'm going to do a thin provision disk and click on finish so this will take a couple of seconds to go ahead and get deployed you can see that down here in the lower right hand corner it's in the process of being rolled out so after a couple minutes we'll see eve test and we'll be able to get that guy squared away so good stuff all right that'll take a couple of minutes to get rolled out because it is such a large file but other than that hopefully everybody's doing well take a look at the quick chat real quick everything looks good well i really appreciate the uh was that a lot of i somebody just i don't know was that a lot was that a uh is that a super chat i think i got my first super chat ever cool man hey i appreciate that really appreciate that glenn good seeing you on here man all right cool so so yeah we're good to go there this will take a few minutes all right cool so we're now live with this guy he's going to start booting up this will take some time but once we get started we'll be okay so this takes about 10 minutes or so so what i'm going to do is i'm going to take a short break i'm going to place i'm going to let this roll for a few minutes while it goes to the install process and i will be right back i don't know if i can pause this but i'll be right back all right well sorry for running away from you guys but um good stuff hey i appreciate it glenn i really do man cool so this does take a while i don't know on average how long um sometimes it takes 10 minutes or so that's why it's like well hurry up and wait so i guess how how uh oh here we go finally okay how is everybody else doing okay now i can't actually pretty good timing on my part okay so glenn you'll have to explain to me what an apiary is i've never heard of that can you can you help me out with that one i'm i'm curiosity on that so uh now that we're at the even g login we're going to go ahead and type in uh root and then eve is the password and then we're brought into this right here so the next thing we need to go do is type in the password i'm gonna because it's in a private network and i'm not terribly concerned with security in this particular setup now if you're working with this elsewhere obviously you want to beef up the security so i just type in eve as the password and then type it in again so it's some very something very very simple i'm going to go ahead and uh even g is good for a host name uh dns name is good for that i'm gonna go down here to static ip hit the space bar to select that and hit the ok in order to go through that process and then the ip address that i'm going to use for management so what i do is i like to grab an ip address from my home network that isn't in use so i'm going to grab say let's say 30. can i ping 1055.1.30 and that is not responding so that's a real easy one to go through and leverage so i'm going to go ahead back over here in 10.255.1.30 and click on ok i've been a fan of your you and brian i think you met uh mcgann from ine hey man uh i really appreciate that i really do it means a lot when you guys jump on here and hang out we're going to go ahead and give this a slash 24 subnet mask so 24 bits in the subnet mask and the default gateway is going to be 10.255.1.1 and do i have an ip address for the dns server i actually do i'm going to use google and i don't have a secondary dns server hit okay no ntp here and we are directly connected to the internet and we're going to go ahead and it's going to reboot eve it'll come back up pretty quick it won't take as much time to install so we'll be good to go there so good stuff all right once it boots up we'll be able to actually web ui into it and all that good stuff but we have to wait for that to boot up the cool thing about this is once you've been through it it's actually pretty easy to work with it as you're going forward so now that we have it booted up and we're in really good shape i'm going to go ahead and i'm going to plus on this guy here and i'm going to do 10.255.1.30 and then we should be redirected to the eve ui so we're on the eby i'm going to type in admin and eve sign in and voila we have an eve instance running right i mean how cool is that all right so the next thing for us to go do is to dive into getting some images uploaded to it and working with the file system so there's two things that i recommend we do the first of which is going to be open up filezilla and i'm going to open up filezilla and i'm going to show you how basically what i've built over the period of i'll say you know a year or so i've downloaded a lot of different images and stuff like that i've built a pretty robust library of cute count images that i can use with inside of eve or just basically drag a file uh drag a folder of files from my server up to my eve instance and boom i'm up and running in a couple of minutes now that doesn't always work for everybody so i'm going to recommend we go back to the documentation and the reason why the documentation is such a big deal is because there's a number of things that you can get running inside of eve that you need to spend a fair amount of time going through the documentation and i'll be honest with you they're not always easy so for example if you're going to be using the images for um where are they at uh v ios from viral for example and you want to log in here and work with these guys you can go through mr bomble's videos on how to install eve which we're doing right now so hopefully this will take care of two kill two birds with one stone um but you're also gonna have to go through and work with the uh the documentation here and basically apiary is a beekeeper's farm yeah i will uh i i'm pretty sure you and i are connected on linkedin i'll uh i'll dm you some information i appreciate that i really do um but when you get the when you're in it would you in order to navigate through all the um the directories and the file system inside of the linux server you actually have to connect to the linux server how do you do that you open up putty and you come in here 10.255.1.30 port 22 ssh in you get your little security alert to accept the the thumb the fingerprint and then here we are we're going to type in root and eve bam we're on the cli of our eve server which is what we want to have the next thing we get to go do is we can go through and navigate to where we've got to go now the thing with this is right now there hasn't been any images uploaded to it right um there's nothing uploaded so that's the second thing we need to go do so i'm going to go ahead and open up filezilla and filezilla is right here so we will sftp and get that up and running yes the broadcast is saved it is network dvr'd so yes it is saved you'll be able to watch the replay at a certain point in the future probably within a couple of hours of this guy going live okay so can i minimize this no i can't sorry i'm checking something out before i show you my entire home lab bring this down there we go all right so here i have let me go actually go into the directory cool that's better all right so here we are so in the directory i have filezilla let me go ahead and get it out of the way and i have filezilla pulled up right and i have a bunch of images that i've downloaded and been able to gain access to and a lot of this stuff is stuff that i've gotten through a variety of different methods most of it's been you know talk to the vendor or work with the customer that's got it running and i get the images through service accounts and service contracts and stuff like that so or i go through like if they have the option to pay for the access i go through that way as well so what we end up doing is on here i have obviously a bunch of cisco images downloaded because i have pretty wide access to cisco accounts um so i've got a bunch of stuff in here that i can work with so um the cool thing about it is it gives me a lot of a lot of leeway in terms of what i can play with right so this basically makes eve extremely powerful for someone like myself to to use and to learn from so actually lately well i don't know if you guys have been following how closely everyone's been following me but i've actually piro edited out of the cisco world for a little bit and i've actually been focusing on microsoft server and vmware because those are two areas that i wanted to to learn and and yes they did i definitely will give you uh i'll definitely agree with you on that when it comes to um doing what they've done with the eve instance and stuff like that yeah i'm definitely kudos to uh ud and uh i forgot the other gentleman's name that run i can't remember his name off top my head but elaine i think it might or maybe i'm saying that wrong but i know you're referring to but uh yes i agree so if we wanted to build a simple lab like let's say for instance we wanted to build a couple of routers a couple of switches maybe a firewall how would we do that well fortunately for me i have the instances let's let's build a lab that somebody would maybe need in order to start doing some basic routing um basically basically switching some basic asa firewall so i'm gonna come down here to the ios router portion here and i'm to grab this guy right here now before i can do anything with it i've actually got it connected to the server so i'm going to come up here to 10.255.1.30. the root the username is going to be root and the password is going to be eve and i'm going to ssh into it so it's going to be a secure ftp or an sftp connection click on connect and then i'm i'm logged in and as you can see over here if i click on the question mark i come down here i'm going to have to navigate to the opt then we come down to unit lab then add-ons then qemu right and right at this point in time i have nothing in qemu so if i was come over here and do the same thing just copy and paste this file path right here go cd and then paste this guy in and type in ls to list what i've got you'll see that there's nothing here right so what i'll do is i'm going to go ahead and upload some images to to this let me go ahead and jump out of the way i'm going to grab this router right here i'm going to go ahead and copy and paste it over so i'm just going to grab this guy and hover over this and it's going to go ahead and upload there so i have my first transfer finished so if i hit ls now i'll have something in there right i'm gonna do the same thing for the the switch so the switch is right uh right here i'm gonna go ahead and do the same thing there copy to qemu it's going to go ahead and upload and we're good to go there so now we go back over here ls bam now i have two images uploaded i'm going to go scroll to the asa because i'm going to throw an asa in here i'll grab asav 991 and i'll do the same thing i'll just copy this to drag and drop over you could do more or do it in other methods or whatever but this is probably one of the easiest ways to do it so we're good to go there the the next thing for us to go do would be come back over here and do an ls and there we have more we have it uh all added up now if you go out and you download this stuff from cisco's website through like cml and you've got everything downloaded and you're like okay well how do i get the stuff to work you're going to need to follow the documentation in each one of these so you'd want to go for example back on to our putty session here and you'd want to navigate to the individual file so what i recommend you do no i do not want to ah bugger i hit the wrong button one second please while i get logged back in um what's up norman from bermuda that's that's awesome man thanks for joining uh we're going to come over here port 22 ssh i'm going to go ahead and log back in real quick because i was a dork and close it out and we're going to type in cd opt unit lab add-ons qm emu and then we're doing ls and i have my files that i've uploaded so the thing that you would want to do when you're going through this is you can literally just copy and paste these in right here you can just copy this and then paste it into your putty terminal and that will allow you to get everything squared away that you need to in order to get the to create the directory and in the right area and stuff like that so let's see what's eve take it easy glenn thanks for stopping by and hanging out with me man um eve is a uh for if you're hopefully you're familiar with gns3 or packet tracer it's it's a it's an emulation software essentially it allows you to take virtual devices and run them in a single um workspace and work with them and learn the technologies that's basically what it's done it stands for the emulated virtual environment there's a scroll to the top here maybe it says it here but that's basically essentially what it is it's a replacement for gns3 for someone like myself so yeah good stuff so i would recommend when you've downloaded your images from cisco or wherever you've gotten them from follow the documentation for all the things that are here and this will get you up and running so for example if you downloaded the ios routers from cisco's website from cml for example um you would have to go through all these steps where you have to uh basically convert the vmdk to a cubecal2 file right here that's what you're doing is converting the file right there and then you're going to rename v ios advanced enterprise k9 blah blah blah blah dot bmdk to vertioa.qcal2 so in other words you're going to be trans renaming the file to something that eve can actually understand and go through all that stuff and it'll make it usable from the eve side so that's basically what's happening there so that's basically what you want to do and if you do that as you're going along it makes it really really easy to work with in terms of getting everything up and running and the cool thing is once you've got that built for example once you've got all those things in place i actually will take anything that i've built inside of eve and in the directories and i'll actually just download it back to my image my server and i've got a bunch of images that i've gotten built out so if you're ever wondering why i've got so many cool looking labs on youtube this is why because i spent a bunch of time building them all out and i'm like well that took a long time to to get up and running so let's go ahead and just copy all that back down so that i can just you know get it up and running really really quick good stuff there so we have all of our images uploaded at this point well somebody tried to say something but that's okay i will uh i'll let you post when you're comfortable posting whatever it is you're going to post so that's basically how you would work with the images and stuff like that if you follow the documentation line by line i have had really really good success getting things up and running and rolled out so now if i go back to my main menu here of eve so i haven't actually gone in and created a lab if you go to here and you click on add new lab we're gonna it's gonna call this test lab something very simple right click on save and then that's going to bring us into our um workspace i wanted to know how your experience has been running firepower devices and eve yes fmc specifically it seems to be even with the proper hardware okay great question um so when it comes down to running the fmc specifically i don't run that inside of eve i actually run my voice is a little low oh i'm sorry to hear that when you've got the fmc i always run it as a virtual machine inside of esxi and then i set up a connection from eve to the outside world and then i manage the ftd and the ips devices i only deploy those inside of eve i don't run fmc inside of eve because i also have noticed that it's slow inside of because it's like one too many layers of virtualization so it seems like it works better when you just have it as a dedicated device uh i've been running yeah i mean that's a that's a good thing to start off with is learning um bgp that way i definitely said it's a good start for you to go with tom for sure cool so what i'm going to do is uh now that i've got my images uploaded to eve i'm going to go in here and click on node and you'll notice that asav and then the router and switches here are um they're highlighted in blue meaning that i can actually work with them so i'm gonna go ahead and i'm gonna click on the router real quick i'm going to rename this to be ios and i'm going to drag out let's say we drag out four okay we drag out four and i'm gonna go ahead and do two switches and i'm going to go ahead and call this sw and i'm going to go two of them and click on save even a pc i am running eve on a server it's a virtual machine running inside of esxi right there but it really doesn't matter um i've actually ran eve inside a vm or workstation on a server but or a really beefy pc if you have the means to do it in a pc you can do it there too it's up to you how you want to do that so now i've got my my switches set up i can go through and uh do some connectivity to my fire my my firewalls so let's go ahead and pull out a couple of asas and we'll grab two asavs and save that cool so now i've got my my routers and my switches so i'm going to go ahead and start organizing them however i see fit and you can play around with this there's no like wrong way to do a lab it's you know the beautiful thing is you can play around with it and see what you need to do in order to get stuff working and stuff like that so it's up to you and what you want to go do so i'm going to go something like that so what i'll do is i'll run a connection from here to here and click on save because that's going to build that connection and then i'll do one from here to here save and then i'm going to drag a line down between these two click on save and then i will grab connection to here and save it and let me go ahead and get out of the way so you guys can see things a little bit better and then come down here save that and then i'm gonna go to here and click on save there and oops do something like that so you can do a lot with what i just did and then you can go through and you know let me go ahead and add a couple more routers on the opposite side of the the asas so ios and then we'll grab two of them and something like this can we have servers and eve yes you can 100 if you want to run servers in eve i would recommend you download the evaluation copies for windows 10 or windows server 2016 and then you can go through the documentation right here so if you want to run a windows windows pc run your windows pc this is the documentation you would use in order to get that running if you want to run a windows server you can follow this documentation that will get a server running instead of eve as well so both will work so and now what we would do is we would come up with some sort of ip dressing format or structure and go from there so then i don't know maybe i use 10 nets everywhere for example maybe i use you can use whatever you want really it's up to you and how you want to proceed with that um but for example if i wanted to do have this firewall this asa acting as a internet connection and the router here acting as a web as a telnet server just to test connectivity through the devices i could do that um this is where you have to come up with some sort of um you have to use your imagination a little bit you have to really understand how the protocols work and um the cool thing is is there's no wrong way to approach this right you can build the labs however you see fit sometimes you might have to play around with stuff because you may not realize that something might not work a certain way or what have you but at the end of the day the idea is to construct your labs in such a way that you're understanding uh that you're mimicking what other people are doing so you know that's why i have no control over if you guys copy the labs off the youtube videos i encourage that build your own labs because for those of you that work in engineering jobs day in and day out like i do i have to build labs in order to learn the technologies you know i must have built the sd-wan topology a dozen times because i would watch uh i would read through the documentation documentation would say one thing i watched a youtube video on somebody's setup and it would be a little bit different so i try to take as many resources as i could and determine okay what's going to be a good lap for this to test out and i would build something and i would try to get something to work and it would fail i'd do some research to figure out okay why is it failing and like okay what do i do what do i need to add what do i need to take away and it's trial and error i mean i don't get the topology right the very first time when i do stuff i have to play around with it a number of times in order for it to work and sometimes it's you know on the second or third time i get it or sometimes i've had to go rebuild the topology a dozen times the cool thing about it is the more times you the more times you go through it and the more time and effort you put into it the much better of an understanding you get so for example if i wanted to do high availability on these asas to do active standby failover now i can right i have a link between the two or if i wanted to do active active standby or i'm sorry active standby now there's no such thing as active active standby um i could do that right i could easily deploy active standby communication and have the failover work if i wanted to so it gives me a lot of flexibility in terms of what i wanted to accomplish so as long as the software supports the capability and you can look up the documentation or watch a youtube video or look at somebody's content and you know uh mimic what they're doing that's that's the bigger win right so that's basically how you would do that so let me go ahead and pull up um i'm gonna go grab secure crt here real quick and let's go ahead and power some of these guys on i'm gonna grab ios one here i'm gonna power him on and i can see that he's gonna start booting up now this will take some time because the server was down for a while and it's going to take some time for it to boot up can you show us how to bring in the vm already on the server so a vm so vm external to eve oh yeah so i know what you mean so for example if i wanted to manage the asa here from the outside i would come in here and do a network click on the network and then in the type where it says bridge select management cloud 0 from there and just rename that to be management and click save and then you can drag this down to the management zero interface so click the little drop down here and go to management zero click on save and that will give me an outside connection that's what i do so whether you connect this link to a switch or connect that thing to something else it's up to you and how you want to do that what is your test environment oh uh [Music] what do i have on this box this is an older server too um i have this is an ibm 3650 m2 i've got um what does this thing go have is it four is a quad core two quad-core cpus i think and then um i've got 128 gigs of ram all of my servers except for one have 128 gigs of ram this one's got uh four cpus i think it's a quad core two quad-core cpus um let's see where's my other server uh this server right here is another one this guy here is this is this a ucsc 220 m3 this is uh two six core cpus 128 gigs of ram this gives me 24 gigahertz of compute um i have a hard time making this thing sweat and then my other one is uh i have another c220 m3 and it's got and uh two eight core cpus go bring this guy up real quick let me minimize this uh this guy's got um it's a eight core cpu two of them which gives me 32 logical processors and then 256 gigs of ram is what this guy's got that's my virtual labs essentially and i've i've got windows server 2016 installed on this guy and i run vmware workstation so i can do a bunch of um a bunch of microsoft labs as you can see right here i've got like a domain controller deployed so i'm learning basically going down the windows server path at the moment pretty cool stuff so let me go ahead and minimize that one go back over to here so let me go ahead and power the asa on real quick and bring him online so after you go through some of this stuff it does take a little bit of time to bring it to come online the router should be there okay so we're going to type in no and let me go ahead and get out of the way and you have esxi you have so how do i connect to an external server running inside of inside of eve i think it's you have vm srv2016 oh you want okay i see what you're saying so here on this guy or at least on my other my other uh host this guy you're saying you've got this server right here server 2016 bring that into eve is that what you're talking about if that's what you mean you would do the same thing that i just did over here um so on the topology i added a management connection and this connects to the the same network as this server right here because they're on the same subnet all i just need to have is an ip address so i connected they're on the same subnet so i just have them connected that way or they can be remote subnets as long as you have a pointer to where we yeah exactly so as long as you can point it to that ip you'll be able to reach it is essentially what i'm doing so so yeah that's basically all i'm doing nothing fancy it's just you need to have network connectivity i i keep it simple i keep everything in the same subnet it makes it really really easy to work with i don't have to sit there and worry about routing or you know anything like that how much ram and cores will be required if you want to run sd-wan sd access i couldn't tell you on the sd access piece because i've never worked with it i can tell you from the sd-wan side um when you're running the edges i ran 5v edges and all the controllers i was able to get that one going with 16 cpus and 48 gigs of ram oh my goodness yeah so yeah the 16 cpus and 48 gigs of ram so you don't get a node so boom data if you're talking about running server 2016 inside of here is if i mean you can also run the server in here as well if you want to but if you want to get access you need the management connection so at least that's how i do it and maybe there's another way that i'm not aware of but that's that's how i know how to do it what type of appliance is a v edge uh a v-edge the appliances of the edge windows service stuff i have no idea what you mean by that tom so yeah if we go to so let's see hold on a second so to muhammad um go check out the first video in the sd-wan series it should be in the description for the the initial config for the sd-wan lab i have that listed there that's it that's the eve topology file if you want to get the access to the um the actual config files for like the router and the routers and stuff like that um if you become a member for 10 bucks then i upload everything to uh there's a link that you get you click on that and you get access to everything and i'm actually going to be adding labs to that here in the very very near future so you'll be paying 10 bucks for the initial configs as well as labs that i write and that'll be that'll correlate to to the videos you guys watch can i use a rudder to simulate a b edge no you can't use a router to do a v edge because a v edge in itself is a v edge if you want to run routers and you can go and run the c edge which is a csr 1000v that's been rewritten to do ios ios xe sd-wan uh so any question would be regarding where to get the image files i got my image files from uh from cisco's website i download them as i've actually i have a service account and i was able to access them through through there i don't know where else you'd be able to get them how can you register um great question let's see one second while i go here and then click join that's how you can it might even be a way i don't know if you can do it inside the live stream but yeah go there and then you'll be able to click join no worries what you mean by access to everything i don't know what you're asking you'll have to be a bit more specific on that the subscription you were referring to uh so yeah just follow the link i just posted in the chat and then you'll be able to go and go there that'll get you to the to the registration link so to join 10 bucks a month and then you get access to everything i do and then i upload everything you'll get access to a drive link and then you'll be able to download whatever you want and then if you guys stay subscribed right so you keep paying the 10 bucks a month the cool thing about it is um as time goes on i will be uh going through and uploading labs so i'll actually write labs for um and i'll be uploading them so it'll be like it'll be like a google drive document you'll see pop up it'll be like sdwan lab x you know go do this or it might be i'm actually working on a ccnp enterprise so encore and an rc i'm working on a course for that as we speak and i'll be uh like building labs it'll be like okay go do xyz on these two devices and then there will be a video solution for that so for anybody that wants labs and stuff like that that's how i'm gonna be delivering them um so yeah good stuff there uh see system administrator stuff for working with the dod world the stig is a checklist of required settings specifics to a server oh okay i did not know that that's cool i'll check that out starting to set it for ccaei would you recommend a server or a supercomputer uh a server would be more than sufficient but um so it's up to you and how you want to go about doing that i personally would be um i'd get a server look at like intel xeon processors uh six or eight cores uh 64 to 128 gigs of ram would be more than sufficient although because sd access is on the exam i have no idea how you're going to demonstrate that or lab it up other than going through like cisco d-cloud but eve is very base in cisco um i think you might be saying basic um maybe i don't know you don't have to elaborate on what you mean there by that hanan so what i'm going to do is i'm going to get this firewall set up so i can use the asdm to connect into it so the first thing i'm going to do in the on the asa is i'm going to go and give it a hostname hostname asa 7 and i'm going to go to interface management 0 0 give it an ip address i need to give it an ip address that is on my home network so i'm going to go paying so 10 255 1 30 will work now because oh he was bad okay eve is very bad in cisco oh okay yeah so you're referring to running things like ice and fmc inside of eve and i agree with you on that um sorry i don't didn't understand what you meant by that but yes i agree ice and fmc if you're going to run those run those inside of vmware download the ovf deploy them in vmware and then just provide external connections into them like i have for the asa here do that that's what i recommend and uh ftd i've actually have pretty good success in eve but maybe you have not and you know hopefully you know you can get a maybe a little better of a platform to work with and you'll have a better results does the v edge images come with the cisco cml not that i know of as far as i know the evid uh the v edges are a download from cisco and you can't just go through cml so let me go ahead and make sure the 31 is not being used and if it's not i'll use this as my ip address and that looks pretty good should have arpegged by now and it's not going to come back so i'll be able to type in 10.255.1.31 24. we'll type in no shut and then name if is going to be mgmt and then i will type in host or uh i'm going to type in a username is going to be rob prible our password is going to be cisco privilege level 15. i'm going to type in that the ssh or we'll type in http will come in from 10.255.0.0.16. we'll be allowed to come in through management and oh uh http server enable i forgot about that so you have to turn the http server on in order to work how much is it to get sd-wan images legally i have no idea so i have no idea what you would how that would work cisco is not that great when it comes to apps i agree with you on that one edward i agree with you 100 so we're going to type in aaa authentication for http we'll use the uh console for local access so now what i should be able to do is uh i'll actually let me set up a route management to 10.255.1.0.24 sorry 10.0 uh i can't condone what you're trying to say they're erratic i wouldn't know how to do that route management is going to be 10.255.10.0.24 to 10.255.1.1 so i should be able to pull this back up now that i've grabbed that ip that guy should respond now so i could ping the management zero interface of the asa so i'm going to come over here and type in 10.255.1.31 you know what i might have to do is stop that and plug in https https there we go we're going to click on advanced accept the risk and boom we're on the asdm asdm pops up i'm not going to download it because i already have it running or i should say i already have it downloaded i think yes right here let me go ahead and pull this up real quick this will take a minute or two to bring up so i'm going to go ahead and let me go bring this over real quick so i'm going to type in in the device ip 10.255.1.31 we'll type in rob and cisco and i'm going to get a prompt yep i want to continue and we should be able to pull up the asdm on the asa which we can which is right here so now i'm on the asdm and if i go to the configuration and i go to say interface settings and interfaces only the only thing that's configured right now is the management interface so and i did that by clicking by setting up external access to the asa so if i want to control an asa through the asdm that's how i would go through and do it and so i can manage things through that and that allows me to provide access in so pretty cool stuff in that regards and that's basically how you would build these labs and um and get them up and running and just do some basic stuff um there are other areas of stuff that you can do um do you know if i can use watchguard um watchguard i don't know maybe as far as i know that is not supported but i could be wrong normally it would be down here at the bottom on the uh if you go to the documentation and go to how to's card will be in here somewhere if it's anything that's supported will be on here that i've seen but i don't see watch guard here um yeah maybe you can get if you can get the qcaw 2 image um maybe that'll work but honestly i have no idea um if you go to supported name images and q emu image namings so if you come down here doesn't look like it and then if you have a qcal2 image i don't think watch guard supported if they have a cute cow2 image for whatever instance you're trying to work on maybe that'll kick in and maybe that'll work but um you'd have to play around with it because there's no like direct support at least on their website so keep that keep that type of stuff in mind when you're working with it so but yeah that's basically how that comes into play um do i have any recommendations for nexus or xr um anything 9 dot x and nexus on the nexus 9 case works out really really well i've got some experience working with that with vxlan and then i've got pretty good xr i've got some images downloaded for it but i found xr9 case when you start running those those things are just beasts they just take up so much resources it's ridiculous so um yeah that might be true with with watchguard i don't know i've no i've only used watchguard once and i had no clue what i was doing what to do i had to i remember what i had to do i had to work with it once i had to go look up the documentation i had no idea how to work with it i wasn't very intuitive for what i remember so all right ladies and gentlemen i don't know if there's any ladies watching but if there are i want to give a nod to the ladies um so that's pretty much it in terms of how you would get stuff working inside of eve and that type of stuff so um beyond that guys that's what i wanted to cover in today's live stream unless somebody else has a specific question regarding uh hp i have no idea i honestly have no idea with hp like i said you can go check their supported images here uh hp vsr apparently is supported but the the thing that you have to remember when it comes to support inside of eve is that there's a you need a virtual image number one and number two that image needs to be able to run qcal2 or some very very cute cow 2 is the image because that's um that's kvm because it's you're basically running kbm on linux so basically the same thing as running what do you call it vmdk on esxi right you have the vmdk uh qcal2 it's a it's a virtual image so um with that being said if there's support for great but i mean i honestly don't know any recommendation where to get hosted resources to run labs environment hosted to me like google cloud platform or um aws that i couldn't tell you um i've nev i'd i steer i stay away from stuff like hosted platforms because they cost lots of money and stuff like that so good stuff hey man i appreciate that uh ali i really do man i was uh i really um uh to chall you're gonna have to watch the the replay man we're pretty much done at this point i've been on for about an hour now so um it was getting eve set up and working with uh getting up and running for for labs so that's basically what i wanted to cover so i think you guys enjoyed this so i'll probably do more of it um yeah you might have some good luck with eve or with some google cloud or aws but honestly i the money that you would spend month after month inside of google cloud if you were to figure out what that would cost you over the period of time you can go out and get a decent-sized server i mean if it works out for you and go that go that direction to me i'd rather go buy a um yeah i had a good stream you can go buy a physical server and then run it in your home i mean that's what i do i run everything on-prem are you familiar with the sd-wan uh that compass i have no idea i don't know anything about that um the only one i know a little bit would be cisco sd-wan i say a little bit because there's some things that i haven't tested out yet so hopefully i'll get to test those out in the near future but i am going down the microsoft route and i'm actually i think next week what i'll do is a live stream on how to get a windows server uh up and running or build a windows server environment inside of eve i think that'd be kind of a cool thing to talk about cool man i'm glad that uh hopefully that's working out for you janu i hope i'm saying your name right i don't like the butcher's people's names but cool guys i appreciate everybody coming out and hanging out with me tonight today in the live stream i will uh try to do this on a consistent basis on sunday afternoon seems to to work out better than saturday afternoon or saturday evening um until next time guys i do definitely do appreciate you guys coming out and hanging out uh we'll do at the same time two o'clock central standard time for those of you that are um maybe abroad that's the time we're gonna do it uh you mentioned coming out with mp minute yes uh that will be coming out in the next couple of weeks i'll start releasing that it'll be like a one day a week type thing so as i get stuff recorded i'll go through and i'll get that stuff released it'll be a like one video a day or maybe a couple of videos a day depending on what the topic is but yeah that's basically what's gonna be coming out so mpls traffic engineering well that in and of itself is a huge topic so um but because of the new ccmp service provider material that's out there i might do some stuff around that so yeah good good stuff going going on there yeah time frame hopefully in the next um i have another week or so of releases to do with a cisco sd-wan and then i'm going to start releasing the uh the mp material i've got a bunch of it recorded i'm actually going to spend the rest of today going through and um or get some other videos recorded i'm actually learning a bunch about active directory which i i knew about that much in active directory and i've learned this much more in the days since then so i'll be spending quite a bit of time going through that and then recording some videos on getting the sd or the ccnp material done so cool guys well hey i appreciate everybody coming out and hanging out with me in the live stream and i will see all of you next week unless something pops up um plan on being here at two o'clock central standard time i will be talking about building stuff out in windows windows server and stuff like that and working with that so alrighty good stuff well thanks everybody for hanging out and i will see all of you next week stay safe out there and uh happy studies until next week

Info

Channel: Rob Riker's Tech Channel

Views: 2,250

Rating: 5 out of 5

Keywords: cisco, eve-ng, eve, network, setup, ftp, images, upload

Id: gq93jn-5Kpo

Channel Id: undefined

Length: 73min 10sec (4390 seconds)

Published: Mon Oct 19 2020