How to setup Router based on Linux Core 4.x as Qemu Image in Fedora Linux - part1

GNS3 0.7 version and above implements lightweight GUI for Qemu virtualizer and emulator. The GUI allows to start/stop Qemu Virtual machines and configure Qemu Virtual machine parameters from GNS3 desktop. Adding Qemu support into GNS3 enable users to run various Qemu appliances.  One of them is a Linux router based on Core Linux.

In fact, many people are using Linux Core to simulate endpoint devices in a GNS3 lab. But as any other Linux, Core can also switch packets between its interfaces and act as a router. Of course, it cannot compete with Cisco or any other  vendor router in any way but  could be considered as a tool for those who want to learn networking in Linux.

Despite the lack of performance and available features, Linux Core with installed Quagga routing software has one major benefit comparing to top network routers. It’s absolutely free, Linux based, running on x86 architecture and can profit from the fact that it is open source software. New features and protocols can be easily implemented from the Linux world.

My goal was to install  Quagga in to Linux Core and to add some networking protocols available for Linux. (VRRP, Etherchannel, CDP)

The part one  shows Linux Core installation on Qemu image in Fedora Linux. Reading this part can be helpful if you plan to build your own Core Qemu image and install  basic extensions (applications)  such as ssh, iptables, ip route, mtr, etc.

Please, notice the Qemu installation (patched for UDP tunnels and multicast) on Fedora Linux is not shown in this tutorial.  For detailed steps visit the GNS3 blog.

http://blog.gns3.net/2009/10/olive-juniper/2/

Part two  shows the steps of creating a router based on Linux Core. After installation additional extensions  the  Linux host is to a Linux router. Thanks to Quagga the router supports dynamic routing protocols such as RIP, OSPF, BGP, IS-IS and offers features such as VRRP, CDP that can be found in  commercial  Linux network OS.

http://brezular.wordpress.com/2011/01/20/how-to-setup-linux-microcore-3-x-router-qemu-image-in-fedora-linux-part2/

1) Core Linux Installation with console support

1.1  Download current core image (live CD iso version 4.x)

wget http://distro.ibiblio.org/tinycorelinux/4.x/x86/release/Core-current.iso

1.2  Create virtual  qemu disk  (we use qcow2 format to reduce size of image)

Assuming that Qemu has been installed.

/usr/local/bin/qemu-img create -f qcow2 ./linux-core-4.6.2.img 200M

1.3  Start qemu virtual disk “linux-core-4.6.2.img”  with Core-current.iso mounted to cdrom

/usr/local/bin/qemu-system-i386 -boot d -cdrom ./Core-current.iso -hda linux-core-4.6.2.img

1.4  Install “cfdisk.tcz” and “grub-0.97-splash.tcz”  on qemu disk (image)

Assuming the Fedora Linux is connected to the Internet.

tce-load -w -i cfdisk.tcz grub-0.97-splash.tcz

1.5  Run cfdisk command to create partition on /dev/hda

sudo su

cfdisk /dev/sda

Now the cfdisk Menu is opened. Use arrow keys and ENTER for navigate through Menu.

Navigate and select NEW -> Primary

Leave default size 98.71 MB for partition.

Select Bootable for new Primary partition. Select Write - partiton will be written on disk Select Quit – you leave Menu.

1.6  Format new partition for ext4 file system

mkfs.ext4 /dev/sda1

1.7  Rebuild fstab file

rebuildfstab

1.8  Mount the new installed partition

Edit /etc/fstab and add  line to the end of file (in Microcore version 3.4 line is already added).

/dev/sda1/  /mnt/sda1/ ext4  noauto,users,exec  0 0

Now re-mount content of /etc/fstab

mount -av

Check if /dev/sda1 is mounted with df.

df -h

If not, try to mount it:

mount /mnt/sda1

1.9  Create directories /mnt/hda1/boot/grub/

sudo mkdir -p /mnt/sda1/boot/grub/

1.10  Mount CD with Microcore Live CD

mount /mnt/sr0

1.11  Copy content of /mnt/hdc/boot/ from CD to /mnt/hda1/boot/

cp -p /mnt/sr0/boot/* /mnt/sda1/boot

files vmlinuz and core.gz  are copied to /mnt/sda1/boot/ directory.

1.12  Create tce directory for extension

sudo mkdir -p /mnt/sda1/tce

Change owner and group for ./tce directory

sudo chown tc /mnt/sda1/tce  &&  sudo chgrp staff /mnt/sda1/tce/

1.13  Prepare file for backup and restore (create empty file mydata.tgz)

touch /mnt/sda1/tce/mydata.tgz

1.14  Check if directory /usr/lib/grub/ exist

If does not exist, reboot qemu image, else go to step 1.15.

reboot

Run image.

/usr/local/bin/qemu-system-i386 -boot d -cdrom ./Core-current.iso -hda linux-core-4.6.2.img

You need to install grub-0.97-splash again.

tce-load -w -i grub-0.97-splash.tcz

1.15  Install grub

sudo cp -p /usr/lib/grub/i386-pc/* /mnt/sda1/boot/grub/

1.16  Create file /mnt/hda1/boot/grub/menu.lst

sudo vi /mnt/sda1/boot/grub/menu.lst

default 0
timeout 0
title core-4.6.2
kernel /boot/vmlinuz quiet console=ttyS0,9600n8 home=sda1
initrd /boot/core.gz

1.17  Run grub

grub

Write following lines to grub prompt:

root (hd0,0)
setup (hd0)
quit

1.18 Umount  Live CD and reboot

umout /dev/sr0

poweroff

1.19  Start qemu disk

/usr/local/bin/qemu-system-i386 -boot c -hda linux-core-4.6.2.img

Your new image should boot now and you might configure Core for redirecting VGA output to the serial port.

1.20  Remaster Core for VGA output to the serial port

In this step you need extract file  core.gz, make changes in /etc/inittab and pack extracted  system back to core.gz.

a)  Extract core.gz to /home/tc/temp/extract/

Create an extract directory and copy core.gz to this directory:

mkdir -p /home/tc/temp/extract

sudo cp /mnt/sda1/boot/core.gz  /home/tc/temp/

cd /home/tc/temp/extract/

zcat ../core.gz | sudo cpio -i -H newc -d

Now, the full filesystem is extracted in /home/tc/temp/extract/

tc@box:~/temp/extract$ ls

bin  dev  etc  home  init  lib  mnt  opt  proc  root  sbin  sys  tmp  usr  var

b)  Configure /etc/inittab to support serial console logins (getty daemon will be listen on serial port ttyS0)

sudo vi ./etc/inittab

ttyS0::respawn:/sbin/getty -nl /sbin/autologin 9600 ttyS0

c)  Edit /etc/securetty to allow user root login to serial port ttyS0

Uncomment the line # ttyS0. If you plan to setup a telnet server, add terminals pts/0, pts/1, pts/2, pts/3   superuser login.

sudo vi ./etc/securetty

ttyS0
pts/0
pts/1
pts/2
pts/3

d)  Pack filesystem back to the file core.gz

sudo su

mv /home/tc/temp/core.gz /home/tc/temp/core.gz-backup

cd /home/tc/temp/extract/

find | cpio -o  -H newc | gzip -2 > /mnt/sda1/boot/core.gz

rm -rf /home/tc/temp/
rm /home/tc/temp/core.gz-backup

1.21  Test telnet to serial Core serial port

Run Qemu image:

/usr/local/bin/qemu -m 128 -hda ./linux-core-4.6.2.img  -serial telnet:0.0.0.0:3000,server,nowait

During the boot, telnet to Core from Fedora:

telnet localhost 3000

You should see whole boot process on console. After boot, hit Enter and  for login to box.

1.22  Set password for superuser

Core comes with two users -  tc and root.  Password for user tc is not set.

Change for root account  password to “root”

sudo su

passwd root

Exit from superuser account: exit

Make  superuser’s password permanent after Core reboot:

echo “/etc/shadow” >> /opt/.filetool.lst

/usr/bin/filetool.sh  -b

1.23  Delete command history

sudo su

echo  > /home/tc/.ash_history

2. Basic extensions installation and configuration

2.1  IPv6 support in Microcore Linux

a)  Download and install ipv6-3.0.3-tinycore.tcz  to add IPv6 support to Microcore

tce-load -w -i ipv6-3.0.3-tinycore.tcz

b)  Load IPv6 module to kernel and make it persistent

echo “modprobe ipv6″ >> /opt/bootlocal.sh

sudo modprobe ipv6

/usr/bin/filestool.sh -b

2.2  Basic network extensions installation -  iptables, tcpdump, iperf, iproute2, mtr, d-itg

tce-load -w -i iptables tcpdump iperf openssh iproute2 mtr d-itg

Iptables is the userspace tool to control the linux kernel firewall.

Tcpdump is a tool for network monitoring and data acquisition.

Iperf is a tool for measuring Internet bandwidth performance.

Iproute2 is a collection of utilities for controlling TCP/IP networking and traffic control.

Mtr combines the functionality of the traceroute and ping  programs in a single network diagnostic tool.

D-ITG is a distributed traffic generator and it is capable to generate traffic at network, transport, and application layer. It supports both IPv4 and IPv6 traffic generation.

Note: netfilter-2.6.33.3-tinycore is automatically installed  with ipv6-2.6.33.3-tinycore extension. It enables fire-walling and IPv6 support.

2.3  SSH server configuration

Assuming openssh and openssl extensions have been installed.

a)  Check if openssh extension is installed

ls /mnt/hda1/tce/optional/openssh*

/mnt/hda1/tce/optional/openssh.tcz /mnt/hda1/tce/optional/openssh.tcz.dep /mnt/hda1/tce/optional/openssh.tcz.md5.txt

If there is not openssh.tcz in the list install it.  Openssl is automatically installed with openssh extesnion.

tc-load -w -i openssh

Openssh extension should be added to the list of loaded extensions during the boot of Microcore Linux. Check it with command:

cat /mnt/hda1/tce/onboot.lst

If there is not openssh in the list of onboot extensions, add it:

echo “openssh.tcz” >> /mnt/hda1/tce/onboot.lst

/usr/bin/filetool.sh -b

b)  Create openssh config file

sudo mv /usr/local/etc/ssh/sshd_config.example /usr/local/etc/ssh/sshd_config

c)  Start openssh daemon

sudo /usr/local/etc/init.d/openssh start

The public/private rsa key pair and public/private dsa key are generated.

d)  Make openssh deamon started during the boot

echo “/usr/local/etc/init.d/openssh start” >> /opt/bootlocal.sh

e)  Backup keys in ssh configuration directory

echo “/usr/local/etc/ssh” >> /opt/.filetool.lst

/usr/bin/filetool.sh – b

f)  Test ssh server

Password is root.

ssh root@localhost

2.4  Telnet server configuration on Microcore

You can skip the steps b) and c) if you modified /etc/securetty for pts in part 1.20 e ) (Remastering Microcore)

a)  Add telnet deamon to the list of running application after  boot

sudo /usr/sbin/telnetd

echo “/usr/sbin/telnetd” >> /opt/bootlocal.sh

b)  Configure terminals on which root is allowed to login

sudo vi /etc/securetty

pts/0 pts/1 pts/2 pts/3 pts/4

It allows  5 telnet sessions.

c)  Make /etc/securetty being on the list of saved files

echo “/etc/securetty” >> /opt/.filetool.lst

d)  Save configuration

/usr/bin/filetool.sh -b

2.5  Script for using dhclient

Microcore uses udhcpc instead of ISC dhclient by default. This script calls udhcpc when command dhclient is invoked.

sudo su

echo “udhcpc” > /sbin/dhclient

chmod 744 /sbin/dhclient

echo “/sbin/dhclient” >> /opt/.filetool.lst

/usr/bin/filetool.sh -b

2.6  Load basic iptables modules to Microcore

vi /opt/bootlocal.sh

modprobe iptable_mangle
modprobe iptable_nat
modprobe ipt_limit
modprobe ipt_multiport
modprobe ipt_tos
modprobe ipt_TOS
modprobe ipt_REJECT
modprobe ipt_TCPMSS
modprobe ipt_tcpmss
modprobe ipt_ttl
modprobe ipt_LOG
modprobe ipt_length
modprobe ip_conntrack
modprobe ip_conntrack_ftp
modprobe ip_conntrack_irc
modprobe ipt_conntrack
modprobe ipt_state
modprobe ipt_helper
modprobe ip_nat_ftp
modprobe ip_nat_irc

Save /opt/bootlocal.sh configuration.

/usr/bin/filetool.sh -b

2.7  Secure locate – slocate installation and configuration

Secure Locate provides a secure way to index and quickly search for  files on system. It also stores file permissions and ownership so that users will not see files they do not have access to.

tce-load -w -i slocate

echo “/usr/local/bin/slocate -u” >> /opt/bootlocal.sh

/usr/bin/filetool.sh -b

End.

Microcore 3.4.1 host Qemu image is available for download here.

http://www.4shared.com/file/vy0CTqce/linux-microcore-341.html

Microcore 3.8.2 host Qemu image is available for download here.

http://www.4shared.com/file/OJLoHTAn/linux-microcore-382.html

Used Links

How to setup Linux Microcore 3.x Router Qemu Image in Fedora Linux – part2
http://brezular.wordpress.com/2011/01/20/how-to-setup-linux-microcore-3-x-router-qemu-image-in-fedora-linux-part2/

How to install Tinycore (Microcore + GUI)
http://tinycorelinux.com/install.htmlhttp://wiki.tinycorelinux.com/tiki-index.php

Console part of  the tutorial
http://theanand.info/
http://wiki.tinycorelinux.com/tiki-index.php?page=Remastering
http://www.vanemery.com/Linux/Serial/serial-console.html

Boot codes
http://wiki.tinycorelinux.net/wiki:persistence_for_dummies
http://wiki.tinycorelinux.net/wiki:boot_codes_explained
http://wiki.tinycorelinux.net/wiki:boot_options

About these ads