EVE-NG: Provide License-key for Nokia VSR Node via FTP

-
In this document we will learn how to provide license-key to Nokia VSR router via FTP, instead of "burned-in" into the hda.qcow2 file.
 
Software used:
 
In this documentation, We are using:
- EVE-NG version 2.0.3-110.
It is the most recent version as of the time of writing this doc.
 
- Linux Ubuntu 16.04.
Because EVE-NG currently run on this version. 
 
- Nokia VSR TiMOS version 14 or later. 

Assumptions:

It is assumed that:
- You already have Timos image, being "TiMOS-SR-14.0.R7-vm.zip" file or other file, as stated in EVE-NG documentation.
- You already have a valid TiMOS license file, which is match with TiMOS version you already have.
- Your Nokia VSR router is able to be up and running by modify hda.qcow2 file.

Description:

Based on https://www.eve-ng.net/index.php/documentation/howtos/howto-add-nokia-vsr/, we must put our license file into hda.qcow2 in order Nokia VSR to run. 

Without valid license, Nokia VSR router will not working properly.

Here screenshot from the Eve website:


Advantages:

Using this method,  we don't need any external dependencies. It will just works.

Screenshot of 2 Nodes using edited hda.qcow2:


 

 

 

 

Problem:

The problem is the license key has an expiry date.

Before it expired, you must replace license key with newer one.

Once it is expired:

1. We must edit template / master hda.qcow2 file, insert new valid license key.

2. Create another Nokia VSR Node which will based on the new license key in hda.qcow2 file.

3. Start the nodes.

4. Keep using it until license expires.

What happen to existing nodes which the licenses are already expired ? 

We don't know, but maybe it will stop working.

 

Can we edit individual nodes qcow2 files ? 

We don't know, It might be possible. But until now, we don't read any documentation for this in the Cookbook file https://www.eve-ng.net/index.php/documentation/community-cookbook/ 

Solutions:

We can provide license key via FTP. Every time Nokia VSR boots, it will ask ftp server for license key. If the license key is correct, it will boot and function normally.

Requirements:

In order to provide License Key via FTP, we need to:

At EVE server:

1. set EVE-NG server / host as FTP server.

2. set Internal IP Address in one of EVE pnet network interfaces.

3. Upload license file to EVE server.

4. Modify timos.yml file to read license from FTP server.


During Node Creation:

1. Create New Network Object.

2. Add Nokia VSR Node

3. Create link from first ethernet port at Nokia VSR to Network Object.

4. Start the Node.


After Booting Completed

1. Verify the license.

 

Detailed Steps:

1. set EVE-NG server / host as FTP server.

For FTP server, we will utilize EVE server itself, not using additional linux guest, to minimize CPU / memory requirements. 

root@eve-ng:~# apt install vsftpd
Reading package lists... Done
Building dependency tree
Reading state information... Done
vsftpd is already the newest version (3.0.3-3ubuntu2).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@eve-ng:~#

Edit vsftpd.conf

vi /etc/vsftpd.conf 

anonymous_enable=NO
local_enable=YES
write_enable=YES
chroot_local_user=YES
ascii_upload_enable=YES
ascii_download_enable=YES
Optional : We add user "admin" and password "admin". This user/password will match with default Nokia VSR user and password.

We also specify shell to be used : /bin/false.

root@eve-ng:~# useradd admin -s /bin/false
root@eve-ng:~# passwd admin
Enter new UNIX password: admin
Retype new UNIX password: admin
passwd: password updated successfully
root@eve-ng:~#
Lets check if our new user is successfully created: 
root@eve-ng:~# grep ^admin /etc/passwd
admin:x:32770:32770::/home/admin:/bin/false 
Then, we create home directory for user admin: 
root@eve-ng:~# mkdir /home/admin
root@eve-ng:~# chmod a-w /home/admin
Lets try ftp localhost:
 
root@eve-ng:~# ftp localhost
Connected to localhost.
220 (vsFTPd 3.0.3)
Name (localhost:root): admin
331 Please specify the password.
Password: admin
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> bye
221 Goodbye.
root@eve-ng:~#

Ok, its succeed.

2. Set internal IP Address in one of EVE pnet network interfaces.

Next, we will find unused pnet interfaces, and assign new IP Address.

pnet0 interface usually already assigned.

Sometimes pnet1 interface is also already assigned (it happen when we assign 2 virtual ethernet card to EVE-NG server). 

So, lets try using pnet7 interface.

Lets check pnet0 interface, for output comparison with pnet7 later. 

root@eve-ng:~# ifconfig pnet0
pnet0     Link encap:Ethernet  HWaddr 08:00:27:45:82:8f
          inet addr:192.168.56.2  Bcast:192.168.56.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe45:828f/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13912 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8821 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1848893 (1.8 MB)  TX bytes:4673161 (4.6 MB)

root@eve-ng:~#
As we can see, pnet0 has address of 192.168.56.2.

Lets check pnet7:
 

root@eve-ng:~# ifconfig pnet7
pnet7     Link encap:Ethernet  HWaddr 76:be:09:84:2f:ac
          inet6 addr: fe80::74be:9ff:fe84:2fac/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:1356 (1.3 KB)

root@eve-ng:~#

pnet7 interface is unused, we dont see "inet addr" in above output. We will utilize this pnet7 interface. 

Find IP address range for pnet7.

Next, we must find unused IP address range to be used for pnet7 interfaces. Make sure there is no IP conflict !

If unsure, consult your Network Administrator.

for this sample, we will use 10.255.255.1/24 at pnet7 interface. 

root@eve-ng:~# ifconfig pnet7 10.255.255.1/24
Ok, lets see if our interfaces is set. 
root@eve-ng:~# ifconfig pnet7
pnet7     Link encap:Ethernet  HWaddr 06:99:04:a2:f9:06
          inet addr:10.255.255.1  Bcast:10.255.255.255  Mask:255.255.255.0
          inet6 addr: fe80::499:4ff:fea2:f906/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:1006 (1.0 KB)

root@eve-ng:~#

Using ifconfig command, our IP Address will not survive when eve is restarted. To make persistent, we edit /etc/network/interfaces, and modify pnet7 section with similar like below: 

iface eth7 inet manual
auto pnet7
iface pnet7 inet static
    address 10.255.255.1
    netmask 255.255.255.0
    bridge_ports eth7
    bridge_stp off

To make sure, it is advised to reboot eve server and check interface pnet7 IP Address afterward. 

After IP Address is set, we can try ftp one more time to this new address: 

root@eve-ng:~# ftp 10.255.255.1
Connected to 10.255.255.1.
220 (vsFTPd 3.0.3)
Name (10.255.255.1:root): admin
331 Please specify the password.
Password: admin
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> bye
221 Goodbye.
root@eve-ng:~#

3. Upload license file to EVE server.

Next, upload license file to EVE server. Put it at /home/admin folder.
File naming is not important, but make it simple, easy to understand and better not use any space.
For TiMOS 14, we can name our file as "timos14.license".

4. Modify timos.yml file to read license from FTP server.

Next, we will modify timos.yml to scpecify license-key being used.

lets edit our timos.yml file.

root@eve-ng:~# cd /opt/unetlab/html/templates/intel/
root@eve-ng:/opt/unetlab/html/templates/intel# vi timos.yml
Make change to the following 3 lines: 
eth_name:
  - Mgmt 
management_address: 10.255.255.100/24 
timos_license: ftp://admin:admin@10.255.255.1/timos14.license

Explanation:

eth_name:
  - Mgmt
The original value is "Not Used" for eth_name. As "Not Used" might make confusion, we better change to other meaningful value. You can use "management", "license" or whatever value you want. 
management_address: 10.255.255.100/24
Original value is "1.1.1.1/24". We need to change this to match value with pnet7 IP Address. Make this address in the same subnet with pnet7. 
timos_license: ftp://admin:admin@10.255.255.1/timos14.license
timos_license is new addition.
admin:admin is user and password to connect to FTP server. If you create other user, change this.
10.255.255.1 is IP Address we assigned to pnet7 interface. Change this if you set pnet7 other address.
timos14.license is License file name.

Save timos.yml.

Create New Network Object.

Next step is creating network object.

- Open your lab.

- Add a new object - Network.

- in the "type", choose "Cloud7". Cloud7 is connected to pnet7 interface. Cloud0 is for pnet0 and so on. If you use other pnet interface, change this accordingly.

- for "Name/Prefix", fill any name. For this sampe, we give name "Cloud7".

Create Nokia VSR Node

Create Nokia Router as usual.

Create link from Nokia VSR to Network Object.

 Create link from Nokia VSR router to Network Object.

Nokia VSR: choose Mgmt port (first port).

If you give other name when edit timos.yml, use that name.

Do this for all Nokia router.

Resulted picture after Nokia VSR connected to cloud7 and to other routers as follow:


Now, we have additional connection from each Nokia VSR router to cloud7 network. For comparison, please see picture 2 router connected above when using "burned-in" license at hda.qcow2 file.

Start the Node and check the license

Last step, start the node and check their license.

Look for any license related message during boot like this one below: 
Hit a key within 1 second to change boot parameters...

TiMOS license-file location: ftp://*:*@10.255.255.1/timos14.license
Initializing management port em0 using IP addr 10.255.255.100.
Initial DNS resolving preference is ipv4-only
Loading license file: ftp://*:*@10.255.255.1/timos14.license [fd:1067]

Primary image location: cf3:\timos\i386-both.tim
Loading license record for 'TiMOS-.........'
Loading image cf3:\timos\i386-both.tim
After Nokia VSR is booted, we can login and check the license: 
A:vRR# show system license

===============================================================================
Current License
===============================================================================
License status : monitoring, valid license record
Time remaining : ... days ... hours
-------------------------------------------------------------------------------
License name   : ...
License uuid   : ...
Machine uuid   : ...
License desc   : ...
License prod   : ...
License sros   : ...
Current date   : ...
Issue   date   : ...
Start   date   : ...
End     date   : ...
===============================================================================
A:vRR#

Ok, license is active.

Mission accomplished.

Thanks.


Comments

  1. Anonymous20 April 2022 at 12:41

    Eve-Ng: Provide License-Key For Nokia Vsr Node Via Ftp >>>>> Download Now

    >>>>> Download Full

    Eve-Ng: Provide License-Key For Nokia Vsr Node Via Ftp >>>>> Download LINK

    >>>>> Download Now

    Eve-Ng: Provide License-Key For Nokia Vsr Node Via Ftp >>>>> Download Full

    >>>>> Download LINK QJ

    ReplyDelete

Post a Comment

Popular posts from this blog