GNS3 IP SLA Traffic Generator

Hi Folks,

 

I’ve been busy studying/upgrading my QoS knowledge to get to the CCIE R&S level. I’ve been playing around finding a way to generate traffic through my routers to create bottlenecks and to have packets to classify / mark and such.

 

There are a couple of options you have if you want to play with GNS3 / Dynamips:

 

  • Connect your routers to your physical interface (eg internet) and have another one connect to a virtual machine. Download some stuff from your virtual machine through your GNS3 network and you have plenty of traffic to play with.
     
  • Use a traffic generator which you connect to your GNS3 routers.
     
  • Use Cisco IP Sla to generate traffic.

 

I didn’t like option 1 and 2 much since it’s too much work and I prefer having a “router-only” solution. That’s why I’ve been playing with IP SLA. The result is the following configuration that i created which will generate ICMP, DNS, HTTP, HTTPS, Telnet, SSH and RTP (G711 and G729) traffic on a router.

 

! ICMP Echo
ip sla monitor 1
type echo protocol ipIcmpEcho 192.168.23.3
timeout 0
frequency 9
ip sla monitor schedule 1 start-time now life forever

 

! DNS Request
ip sla monitor 2
type dns target-addr www.gns3vault.com name-server 192.168.23.3
timeout 0
frequency 9
ip sla monitor schedule 2 start-time now life forever

 

! G711 conversation
ip sla monitor 3
type jitter dest-ipaddr 192.168.23.3 dest-port 16384 codec g711ulaw codec-numpackets 50 codec-size 160 codec-interval 20
timeout 0
frequency 1
ip sla monitor schedule 3 start-time now life forever

 

! G729 conversation
ip sla monitor 4
type jitter dest-ipaddr 192.168.23.2 dest-port 16385 codec g729a codec-numpackets 50 codec-size 20 codec-interval 20
timeout 0
frequency 1
ip sla monitor schedule 4 start-time now life forever

 

! HTTP GET Traffic
ip sla monitor 5
type http operation get url http://192.168.23.3
frequency 60
ip sla monitor schedule 5 start-time now life forever

 

! TCPConnect to Telnet
ip sla monitor 6
type tcpConnect dest-ipaddr 192.168.23.3 dest-port 23 control disable
timeout 1000
frequency 2
ip sla monitor schedule 6 life forever start-time now

 

! TCPConnect to HTTPS
ip sla monitor 7
type tcpConnect dest-ipaddr 192.168.23.3 dest-port 443 control disable
timeout 1000
frequency 3
ip sla monitor schedule 7 life forever start-time now

 

! TCPConnect to FTP
ip sla monitor 8
type tcpConnect dest-ipaddr 192.168.23.3 dest-port 21 control disable
timeout 1000
frequency 1
ip sla monitor schedule 8 life forever start-time now

 

! TCPConnect to SSH
ip sla monitor 9
type tcpConnect dest-ipaddr 192.168.23.3 dest-port 22 control disable
timeout 1000
frequency 2
ip sla monitor schedule 9 life forever start-time now

 

IP SLA will also allow you to monitor jitter/delay for voice traffic, if you want you need to enable “ip sla responder” on your destination router.

 

If you enable NBAR on a router in your network you can see traffic is actually flowing through the interface:

 

Router#show ip nbar protocol-discovery

 

FastEthernet0/0
Input                    Output                 
—–                    ——                 
Protocol                 Packet Count             Packet Count           
Byte Count               Byte Count             
5min Bit Rate (bps)      5min Bit Rate (bps)    
5min Max Bit Rate (bps)  5min Max Bit Rate (bps)
———————— ———————— ————————
telnet                   70                       28                     
4200                     1974                   
1000                     0                      
1000                     0                      
ssh                      64                       24                     
3840                     1440                   
1000                     0                      
1000                     0                      
secure-http              40                       15                     
2400                     900                    
1000                     0                      
1000                     0                      
icmp                     14                       18                     
1452                     1716                   
0                        0                      
0                        0                      
ftp                      30                       15                     
1800                     900

 

This configuration is what i’ll be using on my upcoming QOS labs, hopefully you find it usefull!

 

If you like this config, please let me know by leaving a comment.

Opt In Image
Do you want your CCNA or CCNP Certificate?

The How to Master series helps you to understand complex topics like spanning-tree, VLANs, trunks, OSPF, EIGRP, BGP and more.

Written by René Molenaar - CCIE #41726

Comments

  1. says

    Rene…

    Awesome man! I can didn’t know IP SLA had that much capability. I can definitely use this. Can you provide your running configs on how you applied this to the network and interfaces…

  2. Avatar of Rene Molenaar says

    Hi Alim,

    I have a couple of labs with configs that use IP SLA. You can use it for static/default routes and stuff like HSRP, VRRP.

    Each protocol that can use “Object Tracking” can be used for IP SLA…so if you want some example you can find them at google. Maybe i’ll cook up a lab with different protocols that can use IP SLA :)

    Rene

  3. RonB says

    Great info. Thanks for posting this. I’m looking forward to testing it out.

    I have been using extended ping to generate packets with QoS tagging in the headers.

    Use ping or ping ip for extended ping

    Router#ping
    Protocol [ip]:
    Target IP address: 10.1.1.2
    Repeat count [5]:
    Datagram size [100]:
    Timeout in seconds [2]:
    Extended commands [n]: y

  4. Avatar of Rene Molenaar says

    Glad you guys like it. I think IP SLA is extremely useful for testing stuff and generating traffic. In real life networks it’s useful to combine with “object tracking”. You can use it for static routes, hsrp and such as well.

    good luck!

    Rene

  5. Avatar of PUISCHEVRIER says

    Hi,

    Is it possible to use IP SLA with this behavior (TGN) :

    fastethernet0/0
    add tcp
    rate 1000
    l2-dest $R1-MAC$
    l3-src 172.16.10.4
    l3-dest 172.16.20.4
    l4-dest 23
    length random 16 to 1500
    burst on
    burst duration off 1000 to 2000
    burst duration on 1000 to 3000
    add fastethernet0/0 1
    l4-dest 80
    data ascii 0 GET /index.html HTTP/1.1
    add fastethernet0/0 1
    l4-dest 21
    add fastethernet0/0 1
    l4-dest 123
    add fastethernet0/0 1
    l4-dest 110
    add fastethernet0/0 1
    l4-dest 25
    add fastethernet0/0 1
    l4-dest 22
    add fastethernet0/0 1
    l4-dest 6000
    !
    end

    Regards

    Report user
  6. Avatar of arjun sl says

    i tried to run IP SLA on a simple set up with 2 routers R1 and R2, with the serial interface on R2 being 192.168.23.3.

    but m not seeing any traffic when the command sh ip nbar protocol-discovery stats was executed; could you plz verify this Rene??

    these are the configs on them
    ========================

    R1#sh run
    Building configuration…

    Current configuration : 1157 bytes
    !
    version 12.4
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname R1
    !
    boot-start-marker
    boot-end-marker
    !
    !
    no aaa new-model
    memory-size iomem 5
    !
    !
    ip cef
    no ip domain lookup
    !
    !
    ip auth-proxy max-nodata-conns 3
    ip admission max-nodata-conns 3
    ip sla monitor 1
    type echo protocol ipIcmpEcho 192.168.23.3
    timeout 0
    frequency 9
    ip sla monitor schedule 1 life forever start-time now
    ip sla monitor 2
    type dns target-addr http://www.gns3vault.com name-server 192.168.23.3
    timeout 0
    frequency 9
    ip sla monitor schedule 2 life forever start-time now
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    interface Serial0/0
    ip address 192.168.23.2 255.255.255.0
    serial restart-delay 0
    !
    interface Serial0/1
    no ip address
    shutdown
    serial restart-delay 0
    !
    interface Serial0/2
    no ip address
    shutdown
    serial restart-delay 0
    !
    interface Serial0/3
    no ip address
    shutdown
    serial restart-delay 0
    !
    no ip http server
    no ip http secure-server
    !
    ip forward-protocol nd
    !
    !
    !
    !
    !
    control-plane
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    line con 0
    exec-timeout 0 0
    logging synchronous
    line aux 0
    line vty 0 4
    login
    !
    !
    end
    ****************************************

    R2#sh run
    Building configuration…

    Current configuration : 883 bytes
    !
    version 12.4
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname R2
    !
    boot-start-marker
    boot-end-marker
    !
    !
    no aaa new-model
    memory-size iomem 5
    !
    !
    ip cef
    no ip domain lookup
    !
    !
    ip auth-proxy max-nodata-conns 3
    ip admission max-nodata-conns 3
    ip sla monitor responder
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    interface Serial0/0
    ip address 192.168.23.3 255.255.255.0
    serial restart-delay 0
    !
    interface Serial0/1
    no ip address
    shutdown
    serial restart-delay 0
    !
    interface Serial0/2
    no ip address
    shutdown
    serial restart-delay 0
    !
    interface Serial0/3
    no ip address
    shutdown
    serial restart-delay 0
    !
    no ip http server
    no ip http secure-server
    !
    ip forward-protocol nd
    !
    !
    !
    !
    !
    control-plane
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    line con 0
    exec-timeout 0 0
    logging synchronous
    line aux 0
    line vty 0 4
    login
    !
    !
    end

    Report user
  7. Avatar of Alesandro A. Albeso says

    hi Rene,

    will you please upload video solution regarding Breakout -Switch how would be the configuration and the connection between PC , Switches and GNS3. I cannot afford to buy actual Routers and Switches for my studies it will be a big help for me if you can Please…!!!

    Report user
  8. Aaron says

    I’m stuck trying to setup zone-based firewalls in gns3 because it seems an ‘ISR’ router is needed and gns3 doesn’t support any. Is this true even in the latest version of gns3? I have 7200’s setup and they don’t take the zone-security command.

Leave a reply:

Your email address will not be published. Required fields are marked *

If you have any technical questions, please use the Forum instead of posting a comment.