Emulating WAN properties on EVE-NG
One of the most important improvements of Cisco SD-WAN over the Traditional WAN architecture is the ability to reroute application traffic around WAN performance degradations and brownout conditions such as packet loss, latency, and jitter. The solution has multiple features related to WAN link brownouts like Application-aware routing (AAR), Centralized Data Policies, Forwarding Error Correction (FEC), Packet Duplication, and many more. However, many network engineers do not know how to practice these SD-WAN capabilities at home using any of the homelab emulators such as GNS3 or EVE-NG. In this lesson, we are going to show how we can emulate wide-area network (WAN) properties on EVE-NG using an open-source Linux tool called NETem.
What is NETem?
NETem is a Network emulation tool that provides functionality for testing network protocols by emulating the properties of wide-area networks. The latest version of the tool supports the emulation of latency, packet loss, packet duplication, bursts, congestion, and packet re-ordering.
Installing Netem on Eve-NG is pretty straightforward. First, we need to update the virtual machine's linux packages and then just install the free add-on using the following commands:
Welcome to Ubuntu 16.04.7 LTS (GNU/Linux 4.20.17-eve-ng-ukms+ x86_64) Last login: Sat Sep 11 08:34:35 2021 from 192.168.115.200 root@eve-ng:~# root@eve-ng:~# apt-get update root@eve-ng:~# apt-get install eve-ng-addons-netem
If the virtual machine has an Internet connection and enough available disk space, the installation should be successful in no time.
Adding NETem node on EVE-NG
Once the addon is installed using the commands shown above, it will be automatically placed as a Linux node in EVE-NG. Therefore, to use it on a link between two network devices, we need to add a new node on EVE-NG. We select linux and then select the linux-netem image as shown in the screenshot below:
Notice that by default, the node is added with only one ethernet interface. However, to put it inline between two network devices, we are going to need at least two Ethernet interfaces, one to connect to device A and one to device B.
Once the node is added, we just connect it inline between two network devices as shown in the screenshot below. It acts as a layer 2 device, so it is layer 3 transparent and does not need an IP address information to any of the interfaces.
Once the linux-netem node boots up, we connect to it with VNC and log on with user "eve" and password "eve".
Once logged in, there is a very basic graphical interface that allows us to configure the desired values for bandwidth, delay, jitter, packet loss, and packet bursts.
Entering each configuration hierarchy, we specify the required values. The screenshot below shows how we configure packet loss and loss burst.
And the next screenshot shows how we configure delay and jitter.
Notice that we configure each traffic direction separately. Also, notice that the configured values shown in the screenshot below are for each traffic direction. Therefore, if you run traffic through a netem node configured as shown in the screenshot below, you will get approximately 8% of packet loss and 400ms of round trip times.
Let's now verify that the tool works by pinging through the WAN emulator.
vEdge-1# ping 10.10.0.2 Ping in VPN 0 PING 10.10.0.2 (10.10.0.2) 56(84) bytes of data. 64 bytes from 10.10.0.2: icmp_seq=1 ttl=64 time=1313 ms 64 bytes from 10.10.0.2: icmp_seq=2 ttl=64 time=455 ms 64 bytes from 10.10.0.2: icmp_seq=3 ttl=64 time=448 ms .... 64 bytes from 10.10.0.2: icmp_seq=147 ttl=64 time=430.9 ms 64 bytes from 10.10.0.2: icmp_seq=148 ttl=64 time=429.0 ms ^C --- 10.10.0.2 ping statistics --- 148 packets transmitted, 128 received, 9% packet loss, time 147710ms rtt min/avg/max/mdev = 27.550/416.361/1313.570/213.702 ms, pipe 2
You can see that there is approx 8% packet loss and the average round trip times are as configured in the netem node.
In this lesson, we have shown an open source add-on that can be used to emulate packet loss, latency, and jitter in EVE-NG. The add-on is a very useful tool when it comes to practicing SD-WAN capabilities such as Application-aware Routing, SLA-based routing, Forwarding Error Correction, Packet Duplication, and so on.