Installing the Cloud Services Router (CSR1000v) in VMware Fusion
Below are the steps needed to get the CSR1000v working in VMware Fusion on a Mac. Before we look at the steps here is the hardware and software I used:
Basically you need a quad core machine with a hypervisor (VMware, Virtual Box, KVM, etc). I just used VMware Fusion as it's a commonly used hypervisor. Additionally I used two USB NICs to map to the GigabitEthernet1 and GigabitEthernet2 interfaces inside the CSR1000v. You could use any NICs or even subinterfaces if you are using Linux (Mac OS does support VLANs but I personally have not tried it with VMware Fusion). The GigabitEthernet0 is the management interface that is associated with the "Mgmt-intf" VRF so I didn't want to use it for the internal and internet facing interfaces.
Download the CSR1000v OVA (Open Virtualization Archive) file here if you haven't already done so. Note that you will need to use your Cisco CCO login to download.
Once the file has been downloaded, start the installation by finding the .ova file and double-clicking it. It will then open the VMWare Fusion window below:
VMware is now importing the machine:
Now that the machine has been imported you can start it.
Hit enter on the virtual console from the GRUB menu:
The CSR1000v will generate a lot of log messages as it goes through the first bootup process.
The CSR1000v will reboot after this next screen:
Now the CSR1000v is up and running.
We need to map the GigabitEthernet interfaces from the CSR1000v to the USB NICs.
We can verify the CSR1000v's interfaces with VMware. A good way is to check the MAC addresses as VMware will show you the MAC address of each NIC in the settings.
It's now ready to apply your configuration. Last night I used it as my home router (50Mbps down and 20Mbps up) and here was the performance numbers after I activated the 50Mbps throughput demo license/span>
CSR1000v(config)#platform hardware throughput level ?
10000 throughput in kbps
25000 throughput in kbps
50000 throughput in kbpsCSR1000v(config)#platform hardware throughput level
Here is the very basic configuration that I used in the CSR1000v to provide internet access:
CSR1000v#sho run
Building configuration...Current configuration : 1816 bytes
!
! Last configuration change at 04:06:59 UTC Fri Apr 19 2013
!
version 15.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no platform punt-keepalive disable-kernel-core
platform console virtual
platform hardware throughput level 50000
!
hostname CSR1000v
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
enable secret 4 wnIsLyS.p9pNIRVWPyb98mg0322nrnyQVqPabl7clC1
!
no aaa new-model
!
!
!
!
!no ip domain lookup
ip dhcp excluded-address 10.0.1.200 10.0.1.254
ip dhcp excluded-address 10.0.1.1 10.0.1.99
!
ip dhcp pool INSIDE
network 10.0.1.0 255.255.255.0
default-router 10.0.1.254
dns-server 8.8.8.8
!
!
!
!
!
!
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
license accept end user agreement
spanning-tree extend system-id
!
!
redundancy
mode none
!
!
!
!
!
!
ip tftp source-interface GigabitEthernet0
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface GigabitEthernet1
ip address 10.0.1.254 255.255.255.0
ip nat inside
negotiation auto
!
interface GigabitEthernet2
ip address dhcp
ip nat outside
negotiation auto
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
ip address dhcp
negotiation auto
!
ip nat inside source list ACL_NAT interface GigabitEthernet2 overload
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip access-list standard ACL_NAT
permit 10.0.1.0 0.0.0.255
ip access-list standard ACL_TELNET
permit 10.0.1.0 0.0.0.255
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
access-class ACL_TELNET in
privilege level 15
password 7 XXXXXXXX
login
!
!
endCSR1000v#
Note that you may find it easier to configure the G0 interface within VMware as "host only" so that it'll provide an IP address to the CSR1000v's management interface via DHCP. This way all you need to do is enable telnet access under the VTYs and not have to work on the VMware virtual console as there are limitations with cut/paste along with scroll back.