search

GNS3 / gns3-server

GNS3 server
GNU General Public License v3.0
812 stars 263 forks source link

Config import/export for CSR1000v #1749

Open candlerb opened 4 years ago

candlerb commented 4 years ago

(This is a companion issue to https://github.com/GNS3/gns3-server/issues/1315 for IOSv)

I would like to be able to export, import, and edit-in-place the NVRAM config for CSRv.

Unfortunately, CSRv stores its NVRAM in an encrypted partition, but I have found a way which works.

Firstly, create an ISO image containing iosxe_config.txt (or the XML form, ovf-env.xml)

cat <<EOS >iosxe_config.txt
boot config bootflash:config.txt nvbypass
end
EOS
genisoimage -output CSRv_boot_config.iso -joliet -rock iosxe_config.txt

Attach this as a CD-ROM when the device boots.

During first boot, this config is read in. The boot config command tells IOS to store the config as a plain text file on the main (first) partition, which appears as flash: and bootflash: and is not encrypted.

There's just one small problem, which is if you've installed a config.txt prior to the first boot: after running the config from the ISO image, the router does the equivalent of a "write mem" which overwrites the config you had put there. (Subsequent boots are fine; the ISO image is ignored)

I have a workaround for this, and it's to put the following in iosxe_config.txt:

boot config bootflash:config.txt nvbypass
exit
copy bootflash:config.txt running-config

Running do copy .... running-config in config mode is explicitly rejected; and using "end" instead of "exit" ignores the rest of the file. So this is arguably exploiting a bug in the config parsing :-). However it does work: it reads in the initial config you provided, and then writes it back out again. You need to put explicit "no shutdown" under each interface though.

Anyway, once this is done you can extract the text config easily, e.g.

virt-cat -a hda_disk.qcow2 -m /dev/sda1:/ /config.txt

FYI, the CSR1000v image has the following partitions:

1 - (15.4G) base OS
2 - (34M) encrypted LUKS
3 - (34M) not a filesystem - appears to be licence key
4 - extended partition for 5-9
5 - (512M) bootflash - just grub
6 - (5M) encrypted LUKS
7 - (5M) encrypted LUKS
8 - (5M) encrypted LUKS
9 - (5M) encrypted LUKS

I believe the NVRAM is likely partition 2, because there's a log file entry in the base which says

Filesystem nvram:
        Name:[nvram], Type:[nvram]
        Local buffer Size in bytes: 33554432, FreeSize in bytes: 33544615
        Read flag:1, Write flag: 1
1001QAdotNET commented 4 years ago

In my opinion the right way to do this is via ZTP ... GNS3 needs a management network and a DHCP/TFTP server for that Having that allows ZTP for many other classes of devices not just for CSR1000v

spikefishjohn commented 2 years ago

Here is another option. Have the ISO config:iosxe_config.txt generated dynamically and give the user a box to put commands in. These commands would then be put in a registered in a event manger applet that would kick off 10 seconds after boot, deploy initial config then reload. This could do any number of things. Here are the example commands from the OPs initial post (untested).

event manager applet on-boot authorization bypass
 event timer countdown time 10
 action 100 cli command "enable"
 action 110 cli command "conf t"
 action 120 cli command "boot config bootflash:config.txt nvbypass"
 action 130 cli command "end"
 action 140 cli command "copy bootflash:config.txt running-config"
 action 150 cli command "running-config"
 action 160 cli command "reload"