Cannot connect GNS3 v2.2.5 to the Windows

[v74863]

I can connect GNS3 to the Internet when using a local GNS3 server. My topology is exactly as http://docs.gns3.com/1vFs-KENh2uUFfb47Q2oeSersmEK4WahzWX-HrMIMd00/

The router R1 works via dynamips. IPv4 and IPv6 addresses are correctly allocated to the interface f0/0 of R1 by the external DHCP server. Then R1 can ping the default gateway as well as public IP addresses in the Internet. Either IPv4 or IPv6.

GNS3 has installed on physical PC with Windows OS (firewall is disabled). PC can ping the same default gateway and public IP addresses. Either IPv4 or IPv6.

However R1 cannot ping PC itself, despite they both are in the same subnet. Neither IPv4 nor IPv6. For example, currently you cannot copy files from R1 to TFTP-server on host PC.

I have tried GNS3 v2.2.5 with win7, win8 and win10, but got the same result. Please fix it.

Just for reference, configuration of int f0/0 of R1 ! interface FastEthernet0/0 ip address dhcp ipv6 address dhcp ipv6 enable no shutdown !

[grossmj]

Please try the following:

• Uninstall winpcap and npcap if installed
• Install npcap https://nmap.org/npcap/dist/npcap-0.9987.exe with winpcap mode disabled
• Install winpcap https://www.winpcap.org/install/bin/WinPcap_4_1_3.exe

Let me know if this works.

[v74863]

No, it still doesn't work. Despite the Windows and R1 both know mac-address of each other. They has resolved each other via ARP. Has tested on win7 and win8.1

[v74863]

I managed to connect GNS3 v2.2.5 to the Windows. Now I can copy files from R1 to TFTP-server of host PC (and back, from TFTP-server to R1). Via either IPv4 or IPv6. It is possible with Microsoft Loopback or Npcap Loopback as Cloud's interface. It seems, Winpcap must be installed. It doesn't work with Npcap. Has tested on

• 64-bit win10, win8.1, win7
• c7200-adventerprisek9-mz.152-4.M11.bin
• tftpd64.464
• WinPcap_4_1_3
• npcap-0.9987 or npcap-0.9988

However, Ethernet interface of host PC as Cloud's interface still doesn't work.

[grossmj]

@v74863 looks like npcap has fixed the issue on their side. Can you confirm please? Thanks :+1:

https://github.com/nmap/npcap/releases/tag/v0.9990

[v74863]

Hi Unfortunately, cannot confirm... Has tested GNS3 v2.2.6 on two different physical PCs, one with 64-bit windows7 sp1, another with 64-bit windows8.1

Still the same.

with WinPcap_4_1_3

• Microsoft Loopback ip address has been resolved by ARP, reachable via PING and TFTP
• Ethernet adapter ip address has been resolved by ARP, but not reachable via PING and TFTP

with Npcap-0.9990 ip addresses of both adapters have not been resolved by ARP, not reachable via PING and TFTP

Besides, Npcap-0.9990 prevents receiving ip address by host PC via DHCP. This PC is actually Asus notebook with 64-bit windows7 sp1 and Atheros AR8131 PCI-E Gigabit Ethernet. Another PC with windows8.1 works normally.

[dmiller-nmap]

Hi, Npcap developer here. Are you choosing "Legacy loopback support" at installation? Does the situation improve if you reinstall without legacy loopback support? Our loopback capture/injection does not use the same code path and probably does not cooperate with this kind of usage, and legacy loopback support forces that code path over the Npcap Loopback Adapter when it is installed. Removing it should enable a more WinPcap-like behavior, while still allowing local loopback capture and injection using the NPF_Loopback capture device.

[v74863]

Npcap had been installed "by default", without any tweaking, please see attachment. Pcap had been installed "by default" also.

I had tested them separately. It means

• install Npcap
• test
• uninstall Npcap
• reboot of PC
• install Pcap
• test
• uninstall Pcap
• reboot of PC
• etc.

By the way, I have tested WinPcap_4_1_3 and Npcap-0.9990 on 64-bit windows10 as well. I have got the same result.

Please clarify exactly how Npcap should be installed. May be I did something wrong?

[dmiller-nmap]

Ok, I think I see the problem. There is a subtle difference in how Npcap and WinPcap accomplish the loopback of injected packets.

Because of its position in the stack as a Protocol driver, WinPcap must set the NDIS_PACKET_TYPE_ALL_LOCAL packet filter in order to see traffic from other protocols (TCP, UDP, etc.). To avoid seeing its own injected traffic, it must further apply a flag, NDIS_FLAGS_DONT_LOOPBACK, to each outgoing packet. This flag is controlled in WinPcap by the PCAP_OPENFLAG_NOCAPTURE_LOCAL option to pcap_open(). Other protocols on the system will still see it because the bottom of the stack sees the NDIS_PACKET_TYPE_ALL_LOCAL filter and sends everything back up.

As a filter driver, Npcap doesn't need to tell the stack to loop everything back with NDIS_PACKET_TYPE_ALL_LOCAL, so we explicitly filter that out at the pcap/Packet.dll interface. Instead, we set a NDIS 6 flag to loop back injected packets. We capture all injected packets before injecting them, so we ignore the looped-back packets. When the user uses the PCAP_OPENFLAG_NOCAPTURE_LOCAL flag, we don't deliver the captured packet to the originating pcap_t, and we leave off the loopback flag when sending it. This last bit is the problem; we figured that leaving off the loopback flag for NDIS 6 was the same as including the "don't loopback" flag for NDIS 5, but it's not.

The fix for GNS3 is to avoid using PCAP_OPENFLAG_NOCAPTURE_LOCAL for Npcap 0.9990. Additionally, we will probably (pending research) change this in the next release so that injected packets are always looped back.

Caveat: NDIS will choose not to loop back the packets if no protocol will see it based on configured addresses and/or promiscuous mode. In other words, packets that ought to route out of the system will do so without looping back unless someone's trying to sniff for them.

[grossmj]

I will compile uBridge without the PCAP_OPENFLAG_NOCAPTURE_LOCAL flag: https://github.com/GNS3/ubridge/blob/master/src/nio_ethernet.c#L59 and share the binary here.

However, I understand this could be unnecessary in the next npcap release, is this right? My goal is also to have uBridge work both Npcap and with Wincpap on older Windows versions. (We install Npcap by default for Windows 10 and Winpcap for Windows 7/8).

[grossmj]

@v74863 here is the modified uBridge version without the PCAP_OPENFLAG_NOCAPTURE_LOCAL flag. Please replace ubridge.exe in the GNS3 installation directory and then test again with Npcap 0.9990 installed.

https://drive.google.com/file/d/1YI-MDlVsHzSgHQnh1tiqjD4SghdRDJEq/view?usp=sharing

Thanks :+1:

[dmiller-nmap]

Yes, I think more than likely we'll change the behavior in next release, but if someone can confirm your rebuilt uBridge has the correct behavior it will validate my hypothesis so I don't have to go hunting for a different explanation.

[grossmj]

@dmiller-nmap thanks, I will also test on my side and confirm.

[v74863]

I have got different results on different versions of Windows. Full story is a quite long, sorry :)

With Npcap-0.9990 and new Ubridge

on win7 MS Loopback resolved by ARP, reachable via PING Ethernet Adapter not resolved by ARP, not reachable via PING

on win8.1 MS Loopback resolved by ARP, reachable via PING Ethernet Adapter resolved by ARP, not reachable via PING

on win7 and win8.1 with new Ubridge I saw these messages on R1 console %IPV6_ND-4-DUPLICATE: Duplicate address FE80::C200:FF:FE00:0 on FastEthernet0/0 %IPV6_ND-4-DUPLICATE: Duplicate address FE80::C200:FF:FE00:1C on FastEthernet1/0

I have tested Npcap-0.9990 on another PC with Windows 7 sp1, 64-bit. Sony Vaio notebook, Ethernet Adapter: Intel 82567LM Gigabit Network Connection. Npcap prevents receiving ip address via DHCP. If set up static ip, still no external connectivity. Quick look into Wireshark dump shows that notebook sends ARP requests to default gateway, but without any replies.

On PC with Windows 8.1 Npcap-0.9990 doesn't prevent receiving ip address via DHCP by host PC. But dynamips router cannot receive ip address via DHCP from external DHCP-server (actually it is a home router). So I set up static ip.

For tests I use topology with one router and two clouds. Cloud1 for Microsoft Loopback Adapter of host PC. Cloud2 for Ethernet Adapter of host PC.

Router R1 has two Ethernet Adapters slot 0: C7200-IO-FE slot 1: PA-FE-TX Base MAC: c000.0000.0000 idle-pc: 0x6062dd84 ios: c7200-adventerprisek9-mz.152-4.M11.image

! no ip routing no ipv6 unicast-routing ! interface FastEthernet0/0 description --- to MS Loopback ip address 10.1.0.2 255.255.255.0 ipv6 address FD01::2/64 no shutdown ! interface FastEthernet1/0 description --- to home router and Internet ip address dhcp ipv6 address dhcp ipv6 address autoconfig ipv6 enable no shutdown !

R1#show interfaces FastEthernet0/0 is up, line protocol is up Hardware is DEC21140, address is c000.0000.0000 (bia c000.0000.0000) ... FastEthernet1/0 is up, line protocol is up Hardware is DEC21140, address is c000.0000.001c (bia c000.0000.001c)

R1#show ipv6 interface brief FastEthernet0/0 [up/up] FE80::C200:FF:FE00:0 FD01::2 FastEthernet1/0 [up/up] FE80::C200:FF:FE00:1C

[rayep]

Hi @grossmj,

Used my physical machine, OS - Windows 10 Home 1909, GNS3 -v2.2.5 (rollbacked to 2.2.5 due to #2955 ) installed NPCAP 0.9990 (default selection - enable WinPcap API mode and it uninstalled WinP 4.1.3 from my machine), replaced the DLL and ubridge under the GNS3 directory.

Tested with VPCS, Cisco 7200 router directly connected to separate cloud instances hosting MS KM-TEST loopback and VMware VMnet8 interfaces respectively. Initated a ping request and noticed ARP requests sent to loopback and VMnet is not resolved i.e. ARP requests were reaching the interfaces however no reply was sent back.

To test further, I have re-installed the NPCAP driver by unchecking the default winpcap API compatible option and then installed Winpcap 4.1.3 after that, which I believe would make the whole setup to work i.e. should be able to ping both VMnet and loopback interfaces, however one weird thing that i have noticed is that the setup was working with both original and new version of ubridge if I connect the cloud instance either directly to nodes (R1 >> Cloud or VPCS >> Cloud) BUT it fails with new ubridge installed when the topology is R1 >> Ethernet Switch >> Cloud and the ARP responses from the VMnet and Loopback interfaces were visible at the Ethernet switch >> Cloud link but not between the Ethernet switch >> Router. It seems the ethernet switch is blocking the responses from reaching the Router only from a Cloud instance because it is not blocking ARP responses between 2 Routers.

Please let me know if you would like me to test any other scenarios.

Thank you, Ray.

[grossmj]

I tested with one IOS router connected to an MS Loopback on Windows 10.

Npcap-0.9990 and uBridge without PCAP_OPENFLAG_NOCAPTURE_LOCAL flag allows me to ping the loopback interface from the router, this was previously not possible without Winpcap.

[v74863]

I also tested with Windows 10, GNS3 v2.2.6, Npcap-0.9990 and new Ubridge Results are similar to my previous results with Windows 8.1

MS Loopback Adapter resolved by ARP, reachable via PING Ethernet Adapter resolved by ARP, not reachable via PING

%IPV6_ND-4-DUPLICATE: Duplicate address FE80::C200:FF:FE00:0 on FastEthernet0/0 %IPV6_ND-4-DUPLICATE: Duplicate address FE80::C200:FF:FE00:1C on FastEthernet1/0

[grossmj]

For Windows 10 at least the situation with Npcap-0.9990 and new Ubridge is similar to Winpcap expecting I am not sure I like the duplicate address messages...

[ghost]

A simple test: Connect an IOS router to the cloud and see if your router is seen as a CDP neighbor. If yes, the packets sent are looped back. If that's the case it's a critical bug, as then you can't connect a switch to the cloud.

[grossmj]

Good idea, result below:

R1#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
R1               Fas 0/0            156         R S I     3725      Fas 0/0

[v74863]

Looks like one sent packet looped and received as two packets.

R1#debug cdp packets

*Apr  8 14:22:13.719: CDP-PA: version 2 packet sent out on FastEthernet0/0
*Apr  8 14:22:13.747: CDP-PA: Packet received from R1 on interface FastEthernet0/0
*Apr  8 14:22:13.751: **Entry  found in cache**
*Apr  8 14:22:13.755: CDP-PA: Packet received from R1 on interface FastEthernet0/0
*Apr  8 14:22:13.759: **Entry  found in cache**

*Apr  8 14:22:18.759: CDP-PA: version 2 packet sent out on FastEthernet1/0
*Apr  8 14:22:18.791: CDP-PA: Packet received from R1 on interface FastEthernet1/0
*Apr  8 14:22:18.795: **Entry  found in cache**
*Apr  8 14:22:18.799: CDP-PA: Packet received from R1 on interface FastEthernet1/0
*Apr  8 14:22:18.803: **Entry  found in cache**

R1#show cdp neighbors

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
                  D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
R1               Fas 1/0            173                   7206VXR   Fas 1/0
R1               Fas 0/0            168                   7206VXR   Fas 0/0

[grossmj]

Indeed, this doesn't look good :/

[v74863]

Hi Have tested GNS3 v2.2.10 with latest Npcap-0.9994 on Windows 7 SP1 64-bit. Still don't work. But it perfectly works with WinPcap_4_1_3. It seems, main problem is Npcap itself, not GNS3.

[v74863]

Hi I tested GNS3 v2.2.15 with the latest Npcap-1.00 on Win7 SP1 and Win10 (both 64-bit). For tests I used topology with one router and two clouds, please see configuration above, in post of April 7. Result is the same. So, if you use Dynamips, currently the only way to connect GNS3 to the Windows on host PC is using WinPcap with MS Loopback. WinPcap with Ethernet adapter doesn't work. Npcap doesn't work neither with MS Loopback nor with Ethernet adapter.

Npcap-1.00

R1#ping 10.1.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.0.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

R1#ping 192.168.1.71
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.71, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

R1#show arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  10.1.0.1                0   Incomplete      ARPA
Internet  10.1.0.2                -   c000.0000.0000  ARPA   FastEthernet0/0
Internet  192.168.1.71            0   Incomplete      ARPA
Internet  192.168.1.72            -   c000.0000.001c  ARPA   FastEthernet0/1

WinPcap_4_1_3

R1#ping 10.1.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/40/48 ms

R1#ping 192.168.1.71
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.71, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

R1#show arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  10.1.0.1                0   0200.0000.0001  ARPA   FastEthernet0/0
Internet  10.1.0.2                -   c000.0000.0000  ARPA   FastEthernet0/0
Internet  192.168.1.71            0   0200.0000.0071  ARPA   FastEthernet1/0
Internet  192.168.1.72            -   c000.0000.001c  ARPA   FastEthernet1/0

By the way, the link that open this topic (Connect GNS3 to the Internet) has been changed to https://docs.gns3.com/docs/using-gns3/advanced/connect-gns3-internet/

[v74863]

The only reason why I using GNS3 with Dynamips is simplicity. Probably, this is the simplest way to run the real Cisco IOS on inexpensive low-end PCs. Because issue still open and milestone modified, there is some hope on resolving. I kindly ask developers of GNS3 to shed some light on issue.

[grossmj]

@v74863 unfortunately this doesn't depend on us, we rely on npcap/winpcap for external connections on Windows. One alternative would be to run the GNS3 VM running with VMware or VirtualBox, external connections are working well out of the box.

[v74863]

@grossmj Could you clarify whether GNS3 is compiled with the Npcap SDK and, if so, what version? This is the question from https://github.com/nmap/npcap/issues/254