How to Capture and Analyze packets with the tcpdump command on Docker Containers  

Docker Containers are running on top of Linux so we have more flexibility in capturing the packets that are exchanged between the docker containers.

Containerlab at the end of a lab deployment reports that it created the containers with the names

Capturing the packets from an interface requires having that interface name and its network namespace (netns)

We use the netns command  to identify the IP links associated with them and capture the packet for further analysis

Using netns command we got the namespace of the container and use namespace and check the link associated with that container in specific 

Use tcpdump command to capture the packet coming to e1 for analysis

Command-List:

ip netns

ip netns <namespace> ip link

Local Capture ip netns exec $lab_node_name tcpdump -nni $if_name Remote Capture ssh $containerlab_host_address "ip netns exec $lab_node_name tcpdump -nni $if_name"

Video Link#

 How to Install EVE-NG on Laptop Up and Running

Prerequisites for Installation of EVE NG on laptop 

1. Download VMworkstation Player or Oracle Virtual box 

https://www.vmware.com/au/products/workstation-pro/workstation-pro-evaluation.html

https://www.virtualbox.org/wiki/Downloads

2. After successful installation of the VM manager download the EVE-NG OVA image

https://www.eve-ng.net/index.php/download/

3. Upload the EVE-NG OVA Image using VM Player (Click pen a Virtual Machine)

4. Change the VM setting to NAT or VMNET8 

5. Start the VM and login to the Eve-ng VM, during the first time login will prompt with hostname and password to configure

default hostname # eve

default username # root

default password # eve

6. Get the IP address from the VM and use the IP address to access your eve-ng

default username # admin

default password # eve

7. Create your own LAB and start your practice into the master in networking

How to add Cisco IOU Image on Eve-ng Up and Running

Step 1#

Download Linux L2/L3 adventerprise Image 

Step 2#

Upload the downloaded image to the EVE path /opt/unetlab/addons/iol/bin/ using WinSCP or Filezilla

Step 3#

Fix the permission for the added image using the below command

/opt/unetlab/wrappers/unl_wrapper -a fixpermissions

Step 4#

Create an iou keygen file Copy the Cisco IOU Image Script provided below and add to the script

vim /opt/unetlab/addons/iol/bin/ioukeygen.py

Esc:wq

Step 5#

Fix the permission for the Python script

chmod –x vim /opt/unetlab/addons/iol/bin/ioukeygen.py

Step 6#

Run the license generator script 

/opt/unetlab/addons/iol/bin/ioukeygen.py

copy the license generated by the script

Step 7#

Create iourc license file for your EVE

vim /opt/unetlab/addons/iol/bin/iourc

Paste the output captured in Step 6

Step 8#

Fix the permission and start practicing your lab by adding the image on eve-ng web

/opt/unetlab/wrappers/unl_wrapper -a fixpermissions

Cisco IOU Image Script#

#! /usr/bin/python3

print("*********************************************************************")

print("Cisco IOU License Generator - Kal 2011, python port of 2006 C version")

import os

import socket

import hashlib

import struct

# get the host id and host name to calculate the hostkey

hostid=os.popen("hostid").read().strip()

hostname = socket.gethostname()

ioukey=int(hostid,16)

for x in hostname:

 ioukey = ioukey + ord(x)

print("hostid=" + hostid +", hostname="+ hostname + ", ioukey=" + hex(ioukey)[2:])

# create the license using md5sum

iouPad1 = b'\x4B\x58\x21\x81\x56\x7B\x0D\xF3\x21\x43\x9B\x7E\xAC\x1D\xE6\x8A'

iouPad2 = b'\x80' + 39*b'\0'

md5input=iouPad1 + iouPad2 + struct.pack('!i', ioukey) + iouPad1

iouLicense=hashlib.md5(md5input).hexdigest()[:16]

print("\nAdd the following text to ~/.iourc:")

print("[license]\n" + hostname + " = " + iouLicense + ";\n")

with open("iourc.txt", "wt") as out_file:

   out_file.write("[license]\n" + hostname + " = " + iouLicense + ";\n")

print("^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\nAlready copy to the file iourc.txt\n ")

print("You can disable the phone home feature with something like:")

print(" echo '127.0.0.127 xml.cisco.com' >> /etc/hosts\n")

# end of the script

Final output on eve-ng

Refer to the video with the steps