Wednesday, 14 September 2011

Cisco Switching Lab on GNS3

Finished conducting an internal training on Cisco CCNP Switching Exam 642-813.  Rather than getting physical Switches and Routers for this internal training, I decided to run the lab virtually on GNS3 in my ESX lab.

It took me one week (5 nights and two full days over weekend) to get the lab up and running on Windows 7 as a guest OS in ESX 4.1.  Reasons for spending such a long time is because of the IOS images problem with 3745, 3725 images.  You can't save 3745 and 3725 configuration.  Have also tried to use 1821 images for emulation of PC (because of the 64MB footprint), but hit into CPU utilisation problem.  I just can't bring down the high CPU utilisation.

After many nights and testing, I have finally found the sweet spot of the IOS images for my lab.  Running 3660 IOS image c3660-jk9o3s-mz.124-15.T13.bin.unpacked and 7200 IOS image c7200-adventerprisek9-mz.124-15.T13.bin.unpacked.

3660 is running NM-16ESW (16 port Switch Module) and 7200 running PA-FETX and PA-2FETX.  All the PCs and Servers are emulated by 3660.

As for the ESX 4.1 setup, each Windows 7 is allocated with 8GB memory and 4 vCPU each.

The purpose of this lab is to demonstrate Cisco Switching Design Concept on Core, Distribution and Access Layer.  Access and Distribution Layer is using 3660 with NM-16ESW and the Core is using 7200 with lots of PA-2FETX. 

A brief description of the lab as below,
  • Core Switch to Core Switch running Layer 3 IP with EIGRP
  • Core Switch to Distribution Switch running Layer 3  IP with EIGRP. (There are some limitation on running NM-16ESW as a Layer 3 Interface.  The 3660 default 2FE Interface cannot do Port-Channel.  Hence, using NM-16ESW to perform Port-Channel to Core Switch but assigned a VLAN IP to the Port-Channel.)
  • Distribution Switch to Access Switch running Layer 2 with STP and VTP Domain.
  • Enable HRSP for Distribution Switches.

Below is the digram capture from GNS3.
Design Concepts

Core Layer
All interfaces in Core Switch is running on Layer 3 IP.  This is to stop the complication of running Layer 2 STP below Layer 3 IP.  As Spanning Tree will takes longer to converge when a link failed as compare to Layer 3 (EIGRP or OSPF).  Hence, running EIGRP/OSPF is enough to build and able redundancy on this layer. 

If we add STP into this layer, failure of links will casue STP to converge first while putting Layer 3 routing protocols in an unstable stage. STP may takes 50 seconds (Classic STP) or 15 seconds (RSTP) to settle down.  Hence, the network may be down for 15 to 50 seconds (if the STP root is down, 50 seconds worst case). 

Using OSPF or EIGRP, there will be no network downtime should any router or link failed.  OSPF or EIGRP may takes 3 to 5 seconds to stabilise the network routing topology, it may drop some packets during this stage due to wrong routes but TCP packets will still be alive as long as we keep within the 20 seconds of TCP session timeout.

Routing Speed of the devices in this layer is citrical.

Distribution Layer
Switches in this Layers runs the most protocols. As this layer links between the Core Layer and Access Layer, it runs both Routing Protocols (EIGRP/OSPF) facing the Core, and runs STP as a Root or Secondanry Root facing the Access Layer. It will also be the VTP Domain Server for creating and managing of VLANs.  As these switches have IP addresses for VLAN interfaces, it will also be the best place to implement HRSP/VRRP for hosts. Security between VLAN can also be implemented in this layer.

Layer 3 Switching Speed of the devices in this layer is citrical.

Access Layer
Switches in this Layers runs VLANs and STP.  Port security and QoS marking is done here.  Port density and supporting of different devices (such as PoE for Acess Point and IP Phone) is citrical in this Layer.

The rest of the "normal" design concept can be found in Cisco Website.


  1. Wow this is great!! I am looking into building something like this for preparing for the CCIP and CCIE.

  2. Thank you for sharing!!

  3. hello friend, i use 3660 IOS image c3660-jk9o3s-mz.124-15.T13.bin but when i start my equipement and launch console i receive the wundow of console and in it " press enter to get prompt" and when i press enter it not work at all!!!! why?

  4. i use GNS3 in Mac os snow leopard

  5. Can you please describe the hardware used for this setup. I would like to build a lab like this so that I create networks.

  6. Do you have any freely downloadable links to these IOS mentioned by you.

  7. Do you have any freely downloadable links to these IOS mentioned by you.

    I badly need to learn using GNS3 only as I am short of funds and need to learn quickly. If you will provide me these ios's it would be of great help. Really appreciate it.

  8. good afternoon
    Thank you very much for sharing this information, Might abusing your support sharing topology as you implemented in ESX?

  9. Queries in the PgMP examination usually are typically situational inside character requiring the particular examination taker to learn the program management construction particular in the program PgMP common publication and a great functioning information about program management rules. A large skew inside possibly you could end up unfavourable final results.

  10. awsome, can i have the gns3 download?

  11. Hello admin,
    This is Ayesha Saleem. I have read this article and i have seen that you are doing a great job. I have bookmarked it. Well i am searching for some pregnancy blogs to get to know about 6 weeks pregnant.

  12. Hey admin,
    I read your blog and this is awesome. That post is well composed and the information in this article is good.
    As you mentioned in your heading this blog is for my personal use like habits and may be you like that and I am also trying to build my blog of kitten pictures because I also like to write blog.
    Thanks for sharing this information with us.

  13. I read the post about Cisco Switching Lab on GNS3 and i really like the information for two reasons. One is that it is short and simple to read and the second thing is which you use pictures to describe what you have said and keep sharing. Games

  14. I also have the almost hobby like you writing the content and sharing with other peoples who need it.
    Thank you so much for sharing that information with us.
    web design services

  15. hello admin i read your post about Cisco Switching Lab on GNS3.
    I really like the information you share and the content you're putting in fact it is difficult to read but you're making it simple.
    Thanks for sharing this information.

  16. Searching for approaches to get free examples via mail? Visit us at the present time. Get free examples teddy bear wallpaper hd
    online today. Our complimentary gifts refreshed every day. Absolutely free stuff for you.

  17. Looking for systems to get free examples by way of mail? Seek advice from us at the reward time. watch online movies
    Get free examples teddy bear wallpaper hd
    on-line at present. Our complimentary items refreshed every day. Certainly free stuff for you.

  18. I read this first time and there is no doubt if i said that this is very effective source of information for me and i never heard all these concepts before reading this article. newspaper today in urdu is also unique source of news.