Getting GNS3 to work on Mac OS X 10.

7 Lion with
Parallels Desktop 7 or VirtualBox 4.1.2
Johan Havermans
September 22 2011 (version 201110oct24_22

DRAFT)

Getting GNS3 to work at on your Mac is pretty straightforward. Download the GNS3 package for OS X and run. But if you want to connect
a GNS3 virtual network to one or more Virtual Machine(s) running either in Parallels Desktop, VirtualBox of VMware1 things get a bit uglier
and complicated, but it is possible. Since I prefer to document what
I do and my current document system is Mac only, I really wanted
GNS3 to work on Mac OS X.
In this note I try to give a brief description of what I did to make this
happen on Mac OS X 10.7 Lion. You will see how to:
. install a (tap)driver that allows the creation of virtual network cards
on OS X Lion,
. run GNS3 on Mac OS X Lion so it can dynamically create virtual
network cards,

I only tested my solution with Parallels Desktop 7 and VirtualBox 4.1.2

1

...it took me about three weeks to figure

it all out and I did not find information
on the web about how to run GNS3 on
Mac OS X 10.7 Lion, hence I made this
note.

. connect virtual machines running in Parallels Desktop 7 or VirtualBox 4 to your virtualized network,
. install a protocol analyzer called Wireshark that you can use on your
Mac and in your virtualized GNS3 network,
. connect your virtualized network to a real network including the
internet and make your virtualized network accessible from your
Mac and vice versa.

Who am I and why do I need this stuff?

I am a second year Telecom student at ACE Group T University College at Leuven, Belgium. We use GNS3 to sniff with a protocol analyzer what is going over the line and what is not from a security and
network design point of view. Next to this we use it2 also for the Cisco
CCNA track that is partly embedded in this program.

Copyright notice
You may freely distribute, use and modify this note as long as you
mention my name when you refer or use this note in one piece or use
parts of this note.
You may freely distribute, use and modify my scripts that are mentioned in this note as long as you mention my name when you refer or
use it as a whole or use parts of it.
If you modify the scripts and you think others can also be helped
with your modifications, please notify me so I can update the scripts.

Can you please give me your MS Word copy of this document?

No. This is article is created in TeXShop-64 and typeset in LATEX using
the Tufte handout style from the MacTeX 2011 LATEX distribution for
Mac.

along with Ciscos Packet Tracer

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

For the impatient

GNS3 for Mac can be downloaded at http://www.gns3.net/download
and runs just fine on itself.
If however you want to connect your virtualized network in GNS3 to
one or more virtual machines you need to:
Run GNS3 with root privileges To let GNS3 communicate with things
outside its virtual network, we have to find a way to run GNS3
with root privileges.
Use TAP nic driver that comes with Tunnelblick We will use virtual
network cards that emulate a nic3 at OSI layer 3 (IP) and allows
us to connect the GNS3 network to a foreign object say a Virtual
Machine running in Parallels Desktop or VirtualBox.
Bridge the nic of your VM with the TAP nic We then bridge the nic of
the VM4 with our TAP nic and are able to connect our VM to the
GNS3 network.
If you want to connect the GNS3 virtual network to your real network you need to:
Setup up and configure IP forwarding on your Mac To let our virtual
network be able to communicate with the internet, we need to turn
our Mac into a router by enabling IP forwarding in OS X.
Let the TAP nic tap0 be the gateway between the real network and the
virtual GNS3 network and give tap0 an IP address.
If you want to be able to sniff with a protocol analyzer what is going
over your real of virtualized network:
Install Wireshark, an open source protocol analyzer,
Make sure GNS3 knows where to find Wireshark and start sniffing.
Be sure to check out:
how to save a GNS3 project with router configurations (if any),
how my three scripts might help you getting things mentioned on
this page up and running.

nic = network interface card or network adaptor

3

VM = virtual machine

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

Contents
Who am I and why do I need this stuff?
Copyright notice

Can you please give me your MS Word copy of this document?

For the impatient

Step 1: Install the tun-tap drivers

Why use Tunnelblick?

Step 2: Install GNS3 for Mac OS X

Step 3: Download my scripts to launch GNS3

Make the scripts executable

Step 4: Install Wireshark

Step 5: Make sure the preferences are set right in GNS3

Activate the Cisco IOS images

Step 6: Make a project in GNS3 - Launch GNS3 via the 1gns.sh script
Picking the right components
Configuring the PCs

10

11

Do I have to create the tap nics /dev/tap1 or 2 first?

Configure the router(hardware)

12

Connect the nodes to each other

13

12

Step 7: Configure the router: defining the subnets

13

Step 8: Connecting the VMs to the virtualized network

14

Step 9: tap0 up - Connecting the virtualized network to your LAN

Check your configuration

19

Starting and shutting down GNS3 with VMs

In general: when to use what script?

19

20

The "GNS3 didnt save my router config" issue...

Be smart and verify

21

21

How to open and save next time?

Setting the IDLE PC parameter

Why Parallels Desktop for Mac?

21

21
22

Optional: Your Windows Guest OS - some tricks

23

Use Coherence (Parallels) Seamless Mode (VirtualBox)

23

To whom belongs this command line window? - t.bat

23

Logging on and shutting down windows guest OSes

23

16

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

My batch file suite - simple batch files to do simple repetitive things

Do I have to turn off my firewall in Lion to run GNS3?
Help! some of my labels disappear in GNS

24

HOWTO sniffing on your virtual network with Wireshark

Used sources
Software

26
26

24

25

24

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

Step 1: Install the tun-tap drivers

We use the tap kernel extension driver that comes with Tunnelblick. Download Tunnelblick from http://code.google.com/p/
tunnelblick/. Drag the application to your /Applications folder
and double click on it to launch it so it will install some stuff. The
tuntap drivers are provided as a kernel extension that we will load
via a bash script (1gns.sh) later.

Why use Tunnelblick?

Tun-tap consists of two separate drivers (kernel extensions) that
provide two types of virtual network interface cards:
a tun driver - emulates a nic on OSI layer 2 (ethernet),
a tap driver - emulates a nic on OSI layer 3 (IP).
OS X does not come with tuntap drivers as LINUX does, so we have
to install them ourselves. If you Google a bit, you probably find
http://tuntaposx.sourceforge.net/. The only problem is that this
driver does not seem to work well on Mac OS X 10.7 Lion.
Tunnelblick, an openVPN GUI client for Mac uses tun-tap too, and
at the time of writing, it uses its own Lion compatible tun-tap driver.
In this note, we will only use the tap driver.

Q How many tap nics can you create?

A 10: tap0 to tap9.

Step 2: Install GNS3 for Mac OS X

Download GNS3 from http://www.gns3.net/download. Luckily, we
can download a binary package that will work on Mac OS X Lion.
I downloaded the GNS3 v0.7.4 DMG package. Although the folks at
GNS.net mention that this 0.7.4 version is an experimental version for
Mac, it does run stable enough to be useful on Mac OS X Lion.

Step 3: Download my scripts to launch GNS3

Download my scripts from http://dl.dropbox.com/u/9671505/
GNSonMacOSXLion/GNS3onMacOSXLionScrips.zip. When you unzip
the package, you will find three files:
1gns.sh to load the tap kernel extension driver, modify some permissions to let DynaMIPS run with root privileges and launch GNS3
with root privileges5 .
2tapup.sh to bring the tap nics 0 true 2 up.
A few notes I have to make here:

I first used the bridge.sh script from

the guy behind DefaultrouteUK who is
a CCIE but decided later to split it up in
three parts and change a few things.

GNS3 needs to run with root privileges to be able to create the virtual tap
nics dynamically in Mac OS X.
5

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

1. This script is only needed for those who use Parallels Desktop.
VirtualBox automatically ups a tap nic that is connected to a
VirtualBox VM . Parallels Desktop doesnt. I dont know what
VMware Fusion 4 does.
2. Only if you use tap nics in your project, GNS3 will create them.
When you close your project, your dynamically created tap nics
will also be gone in OS X, hence I made a separate script to
bring them up.
3ConnectV2R.sh This6 is an optional script that makes your virtualized network accessible from your real network (LAN) and vice
versa. Your virtualized network runs just fine in itself without this
script.
It might be important to know that the script assumes that you
connect your virtualized network to a real network via a tap0 nic
and that this tap0 interface has an IP address of 10.1.1.1/24. This
script will setup IP forwarding between this tap0 nic and your
cabled ethernet nic (en0)7 of your Mac to reach your LAN. If you
are using your wireless nic (en1) and use DHCP instead (without
permanent reservation) or a fixed IP address, you have to modify
this script.
Please allow me to mention a few things about my scripts.
. My scripts are "stupid" scripts. They dont do error checking. As
a result you really need to understand what they do and foremost
what to expect and what not.
. Although the scripts work, they depend on the design of your
virtualized network. If you choose not to use tap0 to connect to
your real network, dont want to use 10.1.1.1, use something else
than two virtual machines that connect to your virtualized network,
you first have to edit the scripts.
. The order in which you launch the scripts is important as you will
see in a few moments, but please feel free to rename the scripts as
you like. Especially script 2 and 3 depend on the design of your
network, so you might need to create one based of the design of
each of your virtualized network projects. Just dont change the
digit each script starts with, since the order in which you start them
does count.

Make the scripts executable

Open Terminal.app and go to the directory where the three scripts
reside. Execute the commands below in Terminal.app line by line:

It might be worth mentioning here

that this script turns your Mac into a
router by enabling IP forwarding.
Every modification to this script does
will be gone when you reboot your
Mac.
6

en0 has in my case a fixed IP address:

10.10.10.10
7

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

sudo chmod u+x 1gns.sh

sudo chmod u+x 2tapup.sh
sudo chmod u+x 3connectv2r.sh

For more information on when to use what script, go to section

Starting and shutting down GNS3 with VMs on page 19 applied to the
example used in this article or section In general: when to use what
script? on page 20 on when to use them in general.

Step 4: Install Wireshark

If you want to sniff what is going over the lines in your virtual network and beyond, you need a protocol analyzer. I use Wireshark
here since it also runs on Mac OS X Lion and also can be called from
within GNS3. Go to http://www.wireshark.org and download Wireshark for Mac. At the time of writing the latest version of Wireshark
is 1.6.2. The version for Mac is mentioned as "OS X 10.6 (Snow Leopard) Intel 64-bit.dmg". Dont worry and continue downloading. This
version runs just fine on Mac OS X 10.7 Lion.
We need to check a few settings in GNS3 to make sure GNS3 can
find Wireshark. We will check these settings in the next step.

To start sniffing using Wireshark in

GNS3, just right click on a wire in your
virtualized network and select capture.

Step 5: Make sure the preferences are set right in GNS3

Go to the /Applications folder and start GNS3.

Figure 1: When GNS3 is launched, it

will display the new project window by
default.

Click on Cancel in the New Project Window to dismiss it. Before

we can build networks with GNS3, we need to change a few preferences in GNS3. Click in menu [GNS3] on [Preferences] to open the

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

preferences window. I have made a GNS3 folder in ~/documents/Archive

that acts as a root folder for GNS3.
General: Image directory Path where the Cisco IOS images8 reside, for
instance /_Software/CiscoIOSImages.
General: Project directory Each project will have its own folder that
is a subfolder of the project folder you give here, for instance
/Users/jha/Documents/Archive/GNS39 .
DynaMIPS: Executable path DynaMIPS is the software that emulates
Cisco hardware that is based on the MIPS processor architecture.
DynaMIPS is provided in GNS3 for Mac version 0.7.4. If you have
installed GNS3 on Mac OS X Lion in the /Applications folder,
you can just copy and paste the line below:

YOU need to provide the Cisco IOS

boot image, preferably a 3600 series
image since this has router and switch
functionality. GNS3 does not provide
IOS images, neither do I.
8

Saving your project data with router

configuration is not without trouble.
See for more information section The
"GNS3 didnt save my router config"
issue.. on page 21.
9

/Applications/GNS3.app/Contents/Resources/dynamips-0.2.8-RC3-community-OSX.intel64.bin

Click on Test to see if you can launch DynaMIPS.

DynaMIPS: Working directory The folder where DynaMIPS puts all
its temporary files. I like to put this part of my GNS3 folder here:
/Users/username/Documents/Archive/GNS3/tmp

DynaMIPS: Enable Sparse memory support Enable this feature to save

some memory when using several routers at the same time in your
virtual network.
Capture: Working directory for capture files This is where the .cap
files reside. I created a subfolder for this in my GNS3 folder:
/Users/jha/Documents/Archive/GNS3/captures

Capture: Command to launch Wireshark or a capture file reader This is

the command GNS3 will use to call Wireshark that we installed in
the previous step. If Wireshark is installed in /Applications10 the
command will be:
/usr/bin/open -a /Applications/Wireshark.app %c

At the time of writing, Qemu and VirtualBox support are not yet implemented in the Mac version of GNS3 version 0.7.4.

When you are done editing your preferences, click on Apply to save
the adjustments and then OK to close the preference window.

Activate the Cisco IOS images

We are almost done. All we have to do now is to tell GNS3 what IOS
image it has to use for what router series. To do that we select in the
[GNS3] menu [Edit]/[IOS images and Hypervisors]. You then see a
window similar to that of figure 2.
Lets walk over some of the parameters in this window.

If you are using OS X in another language than English, you will probably
see something else in Finder (Dutch:
/Programmas). Dont worry and leave
the English path. OS X will still cope.
10

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

Figure 2: You need to tell GNS3 what

IOS image it must use on a per router
series base.

Image file Enter the path and file name of the IOS image you want to
use. Click on the [. . .] if you want to use the Finder to pinpoint the
file.
IDLE PC You set this parameter later on a per router series base.
See section Setting the IDLE PC parameter at page 21.
(Optionally) Base config If you are tired of each time setting the passwords, no dns-lookup and that sort of things, you can provide a
text file here where this is filled in already for this router series.
Other parameters will be filled in automatically.

Step 6: Make a project in GNS3 - Launch GNS3 via the 1gns.sh

script
Open Terminal.app, go to the directory where the 1gns.sh script
resides and type at the prompt:
sudo ./1gns.sh

It is a prerequisite to run this script with sudo in order to let the

script run with root privileges. GNS3 will be launched with a New
Project window popping up. As an example I will use the network
scheme that is given in figure 3 on page 10. In this lab, I use a series
3600 router11 .

...because it is the only IOS image I

have.
11

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

Picking the right components

To make this lab, just drag a 3600 series router to the workbench and
three clouds (the two PCs are also clouds).

10

Figure 3: Our Lab setup. Two VMs are

connected to the GNS3 virtual network
that optionally can connect to the LAN
(a real network).
The GNS3 virtual network is connected to a real network by setting up
IP forwarding between your real network adaptor en0 and the virtual TAP
network adaptor tap0.

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

11

Figure 4: The main components in our

lab setup: three cloud objects and a
series 3600 router.

Configuring the PCs

Changing the cloud symbol
1. Right click on a cloud that will act as a PC and select from the
submenu [Change Symbol].
2. From the symbol list that pops up choose the Server icon.
3. Click on [Apply] and then [OK].

Assign a virtual nic to the cloud

1. Right click on the server C2 and select from the submenu [Configure]. Figure 5: Change the symbol of a cloud
object.

2. In de Node Configurator window, select C2 under Clouds, go to

tab [NIO TAP].
3. Type the line below
/dev/tap1

so what you have is identical to what is shown in figure 6.

4. Click on [Add], [Apply] and [OK] to close this window.
Repeat this for the other cloud C1.
changing the hostname
1. Change the hostname by selecting server C2 and then right click
on it.

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

12

Figure 6: Assign a virtual TAP nic to a

cloud object.

2. Select from the submenu [Change hostname] to whatever you

choose, but for this example Leuven.
3. Click on [OK] when you are done.
Do repeat this for cloud C1 and use a tap nic /dev/tap2 and hostname Gent. For cloud C3 you use a tap nic /dev/tap0. Cloud C3 will
be our connection to a real network.

Do I have to create the tap nics /dev/tap1 or 2 first?

No12 , you dont.
It is very important here to understand that if you do an ifconfig
on your Mac right now, the tap nics does not exists.
It is up to GNS3 to create the tap nics when you start connecting
the nodes or when you load an existing project with connected
nodes in GNS3. If you see an error 206 in the console section of
GNS3, this means that GNS3 was unable to create the tap nics. The
cause of this can be:
typos, or
you didnt launch GNS3 with our script 1gns.sh, or
you didnt launch our script with root privileges (sudo 1gns.sh).

Configure the router(hardware)

1. Right click on the router and select [Configure] from the submenu.
2. Select R1 in the left column and click on tab [Slots].

Attention: Your current assigned tap

interfaces will change when you add
a new tap nic. Be warned and check
the assigned nic to your virtual PCs in
Parallels Desktop of VirtualBox.
12

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

13

3. For slot 1, choose [NM-4E] which is a 4 port ethernet slot.

4. Click on [Add], [Apply] and [OK] to close this window.

Connect the nodes to each other

Look at figure 7 on the right. It might be a good habit to always
enable the first two buttons. They show the hostnames on your
GNS3 workbench along the objects and also the wiring points.
The third button allows us to wire the nodes. Choose [Manual] or
[FastEthernet] from this menu. When wiring mode is active, the
symbol will change into a white x-sign with a red background. Click
on this x-symbol to exit wiring mode.

Figure 7: Change the symbol of a cloud

object.

Connecting the nodes Just click on a cloud or router object to

display the possible connection point of your choice as shown in
figure 8. In the same way, connect Leuven, Gent and cloud C3 to
router R1. If you get the Error 206 unable to create TAP NIO, see
section Do I have to create the tap nics /dev/tap1 or 2 first? on page 12.
When you open Terminal.app and do an ifconfig in OS X, you will
see the tap nics 0, 1 and 2 listed among the known nics in OS X.

Step 7: Configure the router: defining the subnets

So lets start our virtualized network now by clicking on the green
[Play] button in the menu bar of GNS3 or by right clicking on the
router and click on the same icon in the submenu.
To show the console, right click on the router and select [console]
from the submenu.
Enter global configuration mode of the router:
>ena
R1#conf t

Give interface e1/0 an IP address and bring it up:

>ena
R1#conf t
R1(config)#int e1/0
R1(config)#ip address 10.1.1.254 255.255.255.0
R1(config)#no shut

Ditto for interface e1/1:

R1(config)#int e1/1
R1(config)#ip address 10.20.20.254 255.255.255.0
R1(config)#no shut

Figure 8: Start wiring a node by clicking on a node.

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

14

Ditto for interface e1/2:

R1(config)#int e1/2
R1(config)#ip address 10.40.40.254 255.255.255.0
R1(config)#no shut

Exit the global configuration mode, write configuration to flash and

last, exit privileged mode.
R1(config)#end
R1#wr mem
R1#exit
R1>

Step 8: Connecting the VMs to the virtualized network

Now that our virtualized network is running, it is time to connect
our virtual machines to it. In this article, I use Parallels Desktop 7,
but you can also use VirtualBox or VMwares Fusion if that is what
you prefer. The basic idea is that you let the VM use a tap nic that is
created13 by GNS3.
Refer to figure 9 on page 15.
1. If you are using Parallels Desktop, you first have to bring the tap
nics up by running my second script with root privileges.

So if you wonder how to start your

virtualized network and VMs, here is
your answer.
first start the virtualized network in
GNS3 so GNS3 will create the tap nics,
then start the virtual machines.
13

Open Terminal.app, go to the directory where the 2tapup.sh

script resides and type at the prompt:
sudo ./2tapup.sh

It is a prerequisite to run this script with sudo in order to let the

script run with root privileges.
2. Go to the Virtual Machines list in Parallels Desktop,
3. Right click on the VM that you want to connect to the GNS3 network and choose [Configure].
4. Click on the tab [Hardware] and then [Network 1] and choose the
appropriate tap nic under Bridged Network.
5. Close the configuration panel.
According to our topology as shown in figure 3 on page 10 we use
use tap1 to connect VM Leuven and tap2 to connect VM Gent to the
GNS3 virtual network.
Give the VM an IP address

Look at the network topology in figure

3 on page 10 to clarify the assigned IP
numbers.

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

15

Figure 9: Assign a virtual tap nic to a

Virtual Machine. Here we used a VM in
Parallels Desktop 7.

1. Start the network and the virtual machine. We use here two
Microsoft Windows 2008 R2 servers. Look at section Starting and
shutting down GNS3 with VMs on page 19 how to do this properly.
2. Be sure you first install:
Parallels Tools in your guest OS when you use Parallels Desktop, or
VirtualBox additions in your guest OS when you use VirtualBox.
3. Login as administrator
4. In the guest operating system we will assign an IP address to the
default network card. Here I do this via the command prompt but
you can also do this the GUI-way via Control Panel.
5. Open the command prompt [Start/cmd]
6. For Server Leuven, copy and paste this line in the command
prompt and execute.
netsh interface ip set address name="Local Area Connection" static 10.20.20.100 255.255.255.0 10.20.20.254 1

Where 10.20.20.100 is the assigned IP address, 255.255.255.0 the

subnet mask and 10.20.20.254 the gateway of the 10.20.20.0/24
network.
7. For Server Leuven, copy and paste this line in the command
prompt and execute.
netsh interface ip set address name="Local Area Connection" static 10.40.40.100 255.255.255.0 10.40.40.254 1

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

Test IP connectivity To test if the virtual machine is connected,

ping from within the virtual machine to the default nic, the default
gateway, the other server. If this does not work, restart your virtual
machine and try again14 . Do the same tests from the router: ping
an interface and ping the IP address of the virtual machine on that
subnet.

Step 9: tap0 up - Connecting the virtualized network to your LAN

16

If it still does not work and you use

Parallels Desktop, check if you up-ed
your tap nics via my script 2tapup.sh.
See for more information the beginning
of this section Step 8: Connecting the
VMs to the virtualized network on page
14.
14

So far we have our virtual network up and running and have two
virtual machines connected to it. What if we want to connect this
virtual network to our LAN or beyond that: the internet? Of course,
this can be done, but it is optional. Our virtualized network runs
just fine in itself with the two virtual machines connected to it. For
reasons of convenience, lets put our topology map here.
Figure 10: Our network topology
ends at tap0 that has an IP address
10.1.1.1/24 where it will meet our real
network that resides on the en0 ethernet
network interface (10.10.10.10/24) of
our Mac.
Talking from en0 to the real network
is default behaviour of a properly
configured TCP/IP client.
Talking from en0 and the virtualized
network behind tap0 and vice versa
will be made possible by enabling IP
forwarding in OS X. In other words:
by enabling IP forwarding in OS X, we
turn our Mac into a router.

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

17

To connect our virtualized network to a real network we need to do

two things:
turn our Mac into a router by enabling IP forwarding in OS X,
add some parameters to our virtual router R1 in GNS3.
Lets start with enabling IP forwarding in OS X.
Enabling IP forwarding on OS X: turn OS X into a router
Enabling IP forwarding in OS X and add a routing rule to forward
packets between our real network interface card en0 and our virtual
network interface tap0 and vice versa is exactly what my third script
3connectV2R.sh does with a few assumptions:
Applicable variable(s) in 3connectV2R.sh

1.

You use you ethernet nic en0 and not something else such as your
Wifi nic en1 to connect to your LAN (read: your real network).

MY_REAL_IF

en0 has a fixed IP address or permanently reserved IP address

10.10.10.10/24.

MY_REAL_NIC_IP

2.

The tap nic that will act as a gateway for your virtualized network is
tap0.

MY_VIRTUAL_TO_REAL_GW_TAP_NIC

3.

Your tap0 will be assigned (by this script) the IP address 10.1.1.1/24.

MY_VIRTUAL_TO_REAL_GW_TAP_NIC_IP,

4.
If your situation is different, you need to edit the appropriate variables of my script via vi, textedit.app or whatever you prefer.

MY_VIRTUAL_TO_REAL_GW_TAP_NIC_SM

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

18

When you finished editing the 3connectV2R.sh script

Open Terminal.app, go to the directory where the 3connectV2R.sh
script resides and type at the prompt:
sudo ./3connectV2R.sh

It is a prerequisite to run this script with sudo in order to let the

script run with root privileges.
It is important to note here that everything script 3connectV2R.sh
changes on your Mac is not permanent. In other words: Lion forgets it
was configured as a router each time you reboot your Mac.
Thus, you have to run this script again after each reboot when you
need it for a virtualized network.
For the correct order in which you have to do this, refer to section
Starting and shutting down GNS3 with VMs on page 19.

Add some parameters to our virtual router R1 in GNS3

Now that OS X act as a router for routing packets between our LAN
and our virtualized network (and vice versa), we need to modify the
configuration of our virtualized router R1 to make use of this and use
tap0 (10.1.1.1) as a gateway for packets unknown to our virtualized
router R1.
R1>ena
R1#conf t
R1(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.1
R1(config)#end
R1#wr mem

If you also want to make use of a DNS server on the internet on

your virtualized network, you can add this to the configuration of R1.
R1>ena
R1#conf t
R1(config)#ip dns server
R1(config)#ip name-server 10.10.10.254
R1(config)#end
R1#wr mem

where IP address 10.10.10.254 is the network interface of my real

router on the 10.10.10.0/24 network (my LAN) that connects me
to the internet. Of course, you can also change this value to the IP
address of the DNS server of your ISP.

Be sure to also change your DNS server

settings in each of your VM Guest OS.
For your Leuven server, the DNS server
would be 10.20.20.254 and for your
Gent server this would be 10.40.40.254.

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

Check your configuration

Can R1 reach tap0 and en0?
From router R1 do a ping to 10.1.1.1 (your tap0 nic) and 10.10.10.10
(your real en0 nic). If both are successful you can reach the real nic of
your Mac.
Can R1 reach your gateway on your real network?
Now try to ping your real router on the 10.10.10.0/24 network, in my
case 10.10.10.254. If successful, you can reach your real network.
Check dns resolving from R1
From R1, try to do a ping to www.google.com.
Check if you can reach R1 from OS X
Open Terminal.app and do a ping to 10.1.1.254. If successful, you can
reach your virtual network from your Mac. This might be useful if
you decide to put a RAS server in your virtual network for authorizing clients that want access to your virtualized network. The client(s)
who want to access your virtual network simply run in Parallels
Desktop of VirtualBox that uses a nic bridged to your real network
card of your Mac. From this client point of view, they are outside
your virtualized network.
Where all checks successful?
If so your virtualized network is accessible from your Mac and to
other clients on your LAN your Mac is connected to and vice versa.

Starting and shutting down GNS3 with VMs

Starting up a virtualized network with VMs
1. Start GNS3 with our script sudo 1gns.sh,
2. Open your created topology.net project in GNS3,
3. Start the virtualized network,
4. Bring the tap network interfaces up with our script sudo 2tapup.sh
5. Start the virtual machines who are connected to this virtual network.
6. If you want to connect your virtualized network to your LAN
make it happen by executing our third script sudo 3connectv2r.sh.

19

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

Shutting down a virtualized network with VMs

1. Shutdown the virtual machines who are connected to this virtual
network one by one.
2. For each router in the virtualized network
(a) Open the console
(b) ena
(c) wr mem
(d) exit
3. Stop the virtualized network,
4. Save the network topology in GNS3 via [File]/[Save].
5. Close your project or GNS3. As a result your dynamically created
tap network interfaces will also be discarded.

In general: when to use what script?

Always start each of my three scripts with sudo.
A standard workflow is:
1. Open Terminal.app and go to the directory where the scripts
reside.
2. sudo 1gns.sh for starting GNS3 in the proper way.
3. In GNS3 open an existing network or start designing a new one.
If you want to connect your virtualized network to a real network use a cloud object in GNS3 with nio_tap nic /dev/tap0.
This tap0 nic will be given IP address 10.1.1.1/24 so give your
GNS3 router interface an IP address also in this 10.1.1.0/24
range for instance 10.1.1.254/24. If you want to do differently,
modify script number 3 accordingly.
If you want to connect a virtual machine to your virtual network, use nic tap1 or nic tap2 for this. If you need more virtual
machines connected to your network, you have to modify script
number 2 accordingly.
4. Each time you load a project in GNS3 that is using tap nics, you
need to execute script number 2 AFTER you loaded the project.
5. If this project also need to be connected to a real network, you also
need to execute script number 3 AFTER you loaded the project.

20

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

21

The "GNS3 didnt save my router config" issue...

GNS3 seems not always do what you expect it to do when it comes
to saving your created project and router configurations. Follow the
steps below for saving your project with the configuration of your
router(s).
Start GNS3 with the 1gns.sh script (sudo 1gns.sh).
At the New Project window, click [Cancel].
Make your network and add your routers.
Start your routers (by clicking on the green triangle (Play) button
in the GNS3 menu bar) and configure them. Save each router
configuration with wr mem. When you are done configuring,
Stop your routers (by clicking on the red square (stop) button in
the GNS3 menu bar).
In GNS3 click on File/Save project as
Project Name: projects/YourProject
Save nvrams and virtual hard drives = X
Save IOS startup configurations = X
Done!15

Be smart and verify

As a check you can go to the projects folder and see if a folder with
your project name exists. It should at least contain:
a subfolder called configs - it should contain the configuration of each
router in your virtualized network.
a file called topology.net - your virtualized network (without the
router configuration).

How to open and save next time?

Next time, you can just open the project in a regular way and save it
all by clicking in the GNS3 menu on [File]/[Save].

Setting the IDLE PC parameter

Each emulated Cisco router consumes about 100% CPU power. Setting the IDLE PC parameter helps us to lower this significantly. To
determine the IDLE PC parameter, you need to follow a few simple
steps.

One important note here might be

that nodes that are not connected
will be saved in your topology but
information about unconnected nics of
your nodes will be discarded.
15

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

22

1. In GNS3, Start a new project,

2. Drag a router on the white surface,
3. Start the router by clicking of the green triangle (Play) button in
the GNS3 button bar.
4. Right click on the router and select [console]. You will see something as shown in figure 11.
Click no to leave the initial setup and
Press ENTER to get started until you see the Router> prompt and
leave the router console open.

Figure 11: Text (or something similar)

shown in terminal window.

Go back to your GNS3 workbench and right click on the router

and select [Idle PC] in the submenu. A window with the GNS logo
pops up with the OS X beach ball circling. No worries. Just wait.
Open Activity monitor.app and make sure you see the CPU usage
in activity monitor (Activity monitor menu bar [Window]/[CPU usage]).
In the IDLE PC values window click on a value an click on [Apply].
Now watch closely if your CPU usage drops significantly. If not, pick
another value and click again on [Apply]. If you are satisfied, click on
OK to close the Idle PC window. As a result, this value is filled in in
the IDLE PC field for this router in the IOS images and Hypervisor
window discussed in section Activate the Cisco IOS images on page 8.

Why Parallels Desktop for Mac?

I guess the answer on this one is personal. At the time of writing,
Parallels Desktop 7 is the fastest virtual machine software for the
Mac compared with VMwares Fusion 4.0, and VirtualBox 4.1.2.
VirtualBox comes very close to the speed of Parallels.
Next to speed, Parallels has a feature that I use a lot: Undo Disks16 .
It basically gives me the freedom to do whatever I want in a VM and
when I shut it down Parallels, asks me if I want to save the latest adjustments or if I want to get rid of it. This feature is great for testing
software or features!
Next to this feature and my being a bit lazy, I like the feature to
drag n drop files from my Mac to my VM in Parallels17 . I dont use a

...but you have to enable this feature

on a per VM base. Just right click on
a VM, choose [Configure] and in the
[Security] tab you see Undo Disks (ask
me what to do)
16

Works great with Windows, dont

know about LINUX.)
17

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

mouse but use a Wacom tablet instead. Using a Wacom tablet seems
just to work more natural in Parallels than in VirtualBox and does
not work at al in VMwares Fusion 418 .

23

This was tested in Fusion 4.0 on the

day it came out.
18

Optional: Your Windows Guest OS - some tricks

Use Coherence (Parallels) Seamless Mode (VirtualBox)
When you have more than one virtual OS running on your Mac,
things can become a bit crowd. A simple trick might be to run your
Guest OS in Seamless mode (VirtualBox) or Coherence (Parallels).
In this mode, you dont see the background and desktop of your
guest OS but only the windows of the applications that run on top of
the desktop. Most of the time I have a command line window open
and and mmc window. To enable this mode when the guest OS is
running, click in the VirtualBox menu on View and then Seamless
Mode. In Parallels, click on Enter Coherence in the View menu of
Parallels when the guest OS is running.

To whom belongs this command line window? - t.bat

If your running in Coherence mode or Seamless Mode, and you have
more than one command line window open, how do you know to
which guest OS it belongs to? I made a small and simple batch file
(for English Windows 7 and Windows 2008R2 Server) to customize
the title of a command line window with the name of the host, its
IPv4 and IPv6 address. Look at section My batch file suite - simple batch
files to do simple repetitive things on page 24 where to obtain.

I added the command prompt shortcut

to the startup items so the command
prompt is opened automatically at
login.
To distinguish client and server
command prompt, I gave each category
its own color
Servers:
front R:200 G:100 B:0
back R:40 G:0 B:0

Logging on and shutting down windows guest OSes

Clients:
front R:85 G:36 B:34

Autologon For Windows systems that run on my virtual network, it annoys me that I have to press ctrl-alt-delete each time to
logon. There is a simple utility from sysinternals to enable autologon. You can download at http://technet.microsoft.com/en-us/
sysinternals/bb963905.
A faster way to shutdown - s.bat For my test machines, I dont
need to have a detailed shutdown eventlog, they just need to shutdown when I want them to and do it fast. I wrote a simple batch file
for it called s.bat19 . Put it in your home directory (you need admin
privileges to run this script). Run it when you want to shutdown
your windows guest OS. It runs on Windows 7 and Windows 2008R2.

back R:221 G:218 B:196

Look at section My batch file suite simple batch files to do simple repetitive
things on page 24 where to download.
19

...and other widows flavors probably

too.

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

My batch file suite - simple batch files to do simple repetitive things

When testing things in a virtual environment with virtual machines,
you propbaly do a lot of shutdowns, restarts and other kind of stuff.
I made a few batch that might make your your (windows) live a bit
easier. This is what they do.
t.bat Show to what machine a command prompt window belong to
(Vista, 7, 2008 R2)
sm.bat start server manager (2008 R2)
r.bat reboot windows computer (Vista, 7, 2008 R2)
s.bat shutdown windows computer (Vista, 7, 2008 R2)
You can obtain them from http://dl.dropbox.com/u/9671505/
GNSonMacOSXLion/MyMatchFiles.zip. Just put them in a directory
where windows can reach them such as in your directory when you
open a command prompt.

Do I have to turn off my firewall in Lion to run GNS3?

Answer is: it depends. For GNS3 and the virtualized network that is
runs within, you dont need to turn off your firewall. You can even
leave it on if you start sniffing with Wireshark on your tap interfaces.
However, if you start sniffing on your LAN interface (en0 of your
Mac) or Wifi interface (en1 of your Mac), you might want to turn it
off but only then.

Help! some of my labels disappear in GNS

Dont worry. It happens. Here is what to do.
1. hide your hostnames (In View menu of GNS3 select: hide hostnames)
2. hide your interface labels (In View menu of GNS3 select: hide
interface labels)
3. reset interface labels (In View menu of GNS3 select: reset interface
labels)
Done!

24

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

HOWTO sniffing on your virtual network with Wireshark

Sniffing your network is easy when installed Wireshark: In GNS3,
right click on a wire and select Capture from the submenu. However
there might be times GNS3 gives you a message:
No device available for traffic capture

Dont worry. you can still use your protocol analyzer here, but instead of selecting wires in your GNS3 network, select the appropriate
nic in Wireshark directly. So if you want to sniff on a line between
a PC and a switch, go to Wireshark and select the nic of the PC and
start sniffing. Problem solved!
Oh, and you can run several Wireshark instances the same time so
it is no problem if you sniff at three places at the same time.

25

getting gns3 to work on mac os x 10.7 lion with parallels desktop 7 or virtualbox 4.1.2

26

Used sources
Bitsontheline (http://www.bitsontheline.net) - GNS3 and VirtualBox Integration Under OS X part 1 , part 2 and part 3 used
as a proof of concept but is a bit outdated on Lion.
defaultrouteUK (http://www.defaultrouteuk.com Watched his
video and inspired my scripts on his script to let GNS3 run
with root privileges, a necessity get rid of the pesky GNS3 error
206 unable to create NIO_TAP device.

Software
Apple Mac OS X 10.7 Lion Of course.
GNS3 for Mac OSX http://www.gns3.net/download GNS3 network
virtualizer that has the DynaMIPS Cisco hardware emulator embedded
Tunnelblick http://code.google.com/p/tunnelblick/ used for it
Lion compatible TAP-driver (open source)
Wireshark http://www.wireshark.org/ network protocol analyser
(open source)
Oracles VirtualBox http://www.virtualbox.org a very good Open
source Virtualization software for Mac, Windows and LINUX that
as of Version 4.1.2 is compatible with Mac OS X Lion.
Parallels Desktop 7 for Mac http://www.parallels.com 20 a commercial VM virtualization software for Mac OS X that as of version 7 is
compatible with Lion.

Parallels is commercial software. If

you are a student, you can buy this
software with an educational discount
in the Apple store of your country.
20