1 00:00:06,229 --> 00:00:08,819 - I'll be using VIRL to build an Internetwork 2 00:00:08,819 --> 00:00:10,832 and I will actually show this demo. 3 00:00:10,832 --> 00:00:12,753 This configuration is a little more complex, 4 00:00:12,753 --> 00:00:15,606 than the VIRL example you saw back in Lesson 1, 5 00:00:15,606 --> 00:00:18,580 we'll build a topology with multiple routers and switches 6 00:00:18,580 --> 00:00:21,545 and perform a traceroute to see each hop 7 00:00:21,545 --> 00:00:24,376 from Kali Linux client to an Ubuntu server, 8 00:00:24,376 --> 00:00:27,120 we'll demonstrate both IPv4 and IPv6 connectivity 9 00:00:27,120 --> 00:00:30,648 through out topology, let's get started. 10 00:00:30,648 --> 00:00:32,237 There are a couple of tricks you can use 11 00:00:32,237 --> 00:00:33,524 to make your experience better, 12 00:00:33,524 --> 00:00:36,367 when using Kali Linux on VIRL, 13 00:00:36,367 --> 00:00:37,642 to start, when you download the image 14 00:00:37,642 --> 00:00:39,682 from the offensive security website, 15 00:00:39,682 --> 00:00:42,508 it's in VMware VMDK format, 16 00:00:42,508 --> 00:00:46,295 VIRL can convert it to the date of OpenStack format for you, 17 00:00:46,295 --> 00:00:48,473 but before you install VIRL, you'll wanna add 18 00:00:48,473 --> 00:00:50,764 any additional software, that you might need, 19 00:00:50,764 --> 00:00:53,022 most notably cloud-init, 20 00:00:53,022 --> 00:00:54,809 this will automate the IP address 21 00:00:54,809 --> 00:00:57,309 and configuration for your VM. 22 00:00:58,249 --> 00:01:00,724 In User Resource Manager, in your Notary Sources, 23 00:01:00,724 --> 00:01:03,307 you can add your Kali image to VIRL, 24 00:01:03,307 --> 00:01:07,157 for ease of use, name your image Kali, 25 00:01:07,157 --> 00:01:09,830 although VIRL already has configurations for Kali, 26 00:01:09,830 --> 00:01:12,993 you'll wanna make sure that the hardware video model 27 00:01:12,993 --> 00:01:15,519 is set to VGA and the hardware disk bus is set to SCSI, 28 00:01:15,519 --> 00:01:17,936 so the system boots properly. 29 00:01:21,293 --> 00:01:24,267 Here's our topology, which I've already laid out, 30 00:01:24,267 --> 00:01:25,833 we have a Kali Linux machine on the left 31 00:01:25,833 --> 00:01:28,558 and then on the right, we have an Ubuntu server, 32 00:01:28,558 --> 00:01:32,141 each is connected to their own layer two switch running IOS, 33 00:01:32,141 --> 00:01:33,287 in the middle of our network, 34 00:01:33,287 --> 00:01:36,382 we have a partial mesh of four routers. 35 00:01:36,382 --> 00:01:39,302 To automatically configure our Internetwork with AutoNetkit, 36 00:01:39,302 --> 00:01:41,210 we'll configure our Management Network 37 00:01:41,210 --> 00:01:44,457 to Private simulation network 38 00:01:44,457 --> 00:01:47,040 and Use an LXC management node, 39 00:01:48,623 --> 00:01:51,890 we'll configure Cisco Discovery Protocol to true, 40 00:01:51,890 --> 00:01:54,223 so that we see our neighbors 41 00:01:55,403 --> 00:01:59,503 and set the IP address address family to dual stack, 42 00:01:59,503 --> 00:02:03,823 this will configure both IPv4 and IPv6 for us, 43 00:02:03,823 --> 00:02:05,886 the IPv4 Infrastructure Subnet will be used 44 00:02:05,886 --> 00:02:08,137 for the point-to-point links between nodes, 45 00:02:08,137 --> 00:02:09,887 we're using 10.0.0.0, 46 00:02:10,968 --> 00:02:14,460 the Loopback Subnet will be 192.168.0.0 47 00:02:14,460 --> 00:02:16,778 and the VRF Subnet will not be used, 48 00:02:16,778 --> 00:02:18,776 we also have the same Subnets 49 00:02:18,776 --> 00:02:22,943 for IPv6 Infrastructure and Loopbacks, set as shown here. 50 00:02:25,560 --> 00:02:28,266 We'll make sure our Interior Gateway Protocols 51 00:02:28,266 --> 00:02:32,654 are enabled and set to Open shortest path first, 52 00:02:32,654 --> 00:02:35,019 both OSPF version two for IPv4 53 00:02:35,019 --> 00:02:39,186 and OSPF version three for IPv6 will be configured. 54 00:02:42,048 --> 00:02:44,219 Now we'll generate our initial configurations 55 00:02:44,219 --> 00:02:45,444 to push to the devices, 56 00:02:45,444 --> 00:02:47,928 we'd like to see the configurations generated, 57 00:02:47,928 --> 00:02:49,511 so we'll click Yes. 58 00:02:52,661 --> 00:02:55,114 You can navigate to each device configuration 59 00:02:55,114 --> 00:02:56,637 by clicking on the special scroll bar 60 00:02:56,637 --> 00:02:58,807 on the right-hand side of the window, 61 00:02:58,807 --> 00:03:00,078 you'll see that not only do we have 62 00:03:00,078 --> 00:03:01,720 router and switch configurations, 63 00:03:01,720 --> 00:03:03,773 but we also have our host configurations 64 00:03:03,773 --> 00:03:05,596 in cloud-init format as well. 65 00:03:05,596 --> 00:03:07,740 If there are any questions about what usernames 66 00:03:07,740 --> 00:03:11,907 and passwords to use, make sure you take a look here. 67 00:03:13,389 --> 00:03:16,314 We'll choose No for AutoNetkit visualization, 68 00:03:16,314 --> 00:03:18,338 this is a useful feature to browse through your network 69 00:03:18,338 --> 00:03:20,346 and automatically generate a network drawing 70 00:03:20,346 --> 00:03:22,004 for future reference. 71 00:03:22,004 --> 00:03:23,736 You'll see that all of our routers now have 72 00:03:23,736 --> 00:03:26,732 v4 and v6 addresses, these were their Loopback interfaces. 73 00:03:26,732 --> 00:03:30,065 Let's go ahead and start the simulation. 74 00:03:32,637 --> 00:03:36,063 I'm gonna go ahead and log into my Kali Linux machine, 75 00:03:36,063 --> 00:03:38,121 now I've customized my environment, 76 00:03:38,121 --> 00:03:40,006 before installing in VIRL, 77 00:03:40,006 --> 00:03:44,005 so I'm using the XFCE environment, rather than GNOME, 78 00:03:44,005 --> 00:03:48,371 so my desktop may look a little bit different from yours. 79 00:03:48,371 --> 00:03:51,301 Let's take a look at my machine's IP address configuration, 80 00:03:51,301 --> 00:03:54,127 you'll see my management network on ethernet0 81 00:03:54,127 --> 00:03:57,089 and my network face and interface on ethernet1, 82 00:03:57,089 --> 00:03:59,247 I have a v4 address on both interfaces, 83 00:03:59,247 --> 00:04:01,265 but you'll note that ethernet1 84 00:04:01,265 --> 00:04:04,797 has both a v4 and v6 configuration. 85 00:04:04,797 --> 00:04:09,660 Let's use the telnet command to log into the router, 86 00:04:09,660 --> 00:04:13,291 username is Cisco and password is Cisco, 87 00:04:13,291 --> 00:04:15,109 we'll look at the routing table, 88 00:04:15,109 --> 00:04:17,405 you'll see that we have all of our routes 89 00:04:17,405 --> 00:04:20,254 in OSPF as fully adjacent and converged, 90 00:04:20,254 --> 00:04:24,672 the 10.0.0.8 subnet connects to the Ubuntu server, 91 00:04:24,672 --> 00:04:27,869 AutoNetkit tries to conserve as much address space as it can 92 00:04:27,869 --> 00:04:30,319 and allocates subnets with the prefix link 93 00:04:30,319 --> 00:04:32,866 only enough to give all the hosts on each link an address. 94 00:04:32,866 --> 00:04:34,975 I'll ping the router that is connected 95 00:04:34,975 --> 00:04:37,288 to the server at 10.0.0.9, 96 00:04:37,288 --> 00:04:41,455 then we'll log out and traceroute to that IP from Kali. 97 00:04:42,710 --> 00:04:46,298 You can see the intermediate routers and their IP addresses, 98 00:04:46,298 --> 00:04:48,687 now if we traceroute to 10.0.0.10, 99 00:04:48,687 --> 00:04:50,939 you'll see that we reach our server, 100 00:04:50,939 --> 00:04:52,370 note that the path to the server 101 00:04:52,370 --> 00:04:54,218 is different from the path to the router, 102 00:04:54,218 --> 00:04:56,672 this is because one of the routers in the path 103 00:04:56,672 --> 00:05:00,799 is load balancing using Equal Cost Multipath or ECMP, 104 00:05:00,799 --> 00:05:03,411 router IOSv1 has multiple next hops 105 00:05:03,411 --> 00:05:05,328 to the 10.0.0.8 subnet. 106 00:05:07,026 --> 00:05:09,944 Let's look at the routing table for the Kali host. 107 00:05:09,944 --> 00:05:11,539 VIRL has already set up static routes 108 00:05:11,539 --> 00:05:13,146 to the subnets and my routed network, 109 00:05:13,146 --> 00:05:16,217 it has also done this for IPv6 as well, 110 00:05:16,217 --> 00:05:18,984 using Copy and Paste for the linked IPv6 address, 111 00:05:18,984 --> 00:05:21,621 I'll use traceroute over IPv6 to my server 112 00:05:21,621 --> 00:05:23,621 and the last hop router, 113 00:05:24,744 --> 00:05:26,356 you'll notice that the path to the server 114 00:05:26,356 --> 00:05:27,796 and the router are different, 115 00:05:27,796 --> 00:05:31,713 again, this is because of Equal Cost Multipath. 116 00:05:34,627 --> 00:05:36,688 This concludes this demo of using VIRL 117 00:05:36,688 --> 00:05:37,946 to simulate an Internetwork 118 00:05:37,946 --> 00:05:39,532 with hosts, routers and switches. 119 00:05:39,532 --> 00:05:41,449 Thank you for watching.