Configuring MikroTik QEMU VM in GNS3 with Winbox on Mac using TunTap

I didn’t have to work on MikroTik routers until now when most of our clients are Universities and it is needless to say how popular MikroTik boxes are to them. There would be no one without them. And, almost everyday we get calls from universities to provide technical supports by configuring or suggesting configurations for their MikroTik routers. Hence, I thought why not getting familiar with MT! Working with the new OS would be fun 🙂

The very first time when I was going to prepare a GNS3 Lab with MikroTik router on my Macbook I was fully stuck as I had no idea how this is going to work. The challenges are:

  1. I tried to get Winbox for Mac but there is none.
  2. I don’t know how to connect GNS3 Cloud with my Laptop.

Here’s how I make it work:

Download the softwares

  1. GNS3 (An account is needed to download, it’s free)
  2. TapTun
  3. MikroTik RouterOS Image
  4. WinBox
  5. PlayOnMac

Steps

  1. Download and install PlayOnMac (or any other application that runs .exe files on Mac). We need it to install and run winbox.exe as MikroTik does not have any macOS version for it. Once done, install WinBox. Here is a YouTube video that shows how to install a .exe application on Mac using PlayOnMac.
  2. Download and install GNS3. You need to run GNS3 as root administrator, so you must find the paht for this application and running from command line as follow:

    sudo /Applications/GNS3.app/Contents/MacOS/gns3

    or

    sudo /Applications/GNS3.app/Contents/MacOS/GNS3

    Don’t panic seeing all the logs that populates your Teminal, it’s just generated because the GNS3 is running and going through those steps.

    Fig 1: Running GNS3 as root on Mac.

  3. Add the MikroTik RouterOS Image in the QEMU VM. Just go to GNS3>Preferences>QEMU>Qemu VMs. Click “New” and give it a name. Browse and select the MikroTik RouterOS Image. From the “Network” you can increase the no. of ports according to your needs. I choose 5 Network Adapters as shown below:


    Fig 2: Adding MikorTik Image in Qemu VM

  4. Download and install TapTun in your Macbook. The TunTap package will provide us with a collection of virtual network interfaces for the Mac operating system. The TAP drivers allow us to bridge our GNS3 virtual network with the physical Mac host. You can assign IP addresses to these adapters and generally use them for testing.  By default, the TunTap adapter can’t really do anything useful by itself. We need to configure it. Unpack and install the downloaded TunTap package.Verify the TunTap package installed successfully. Run this command from Terminal.app:

    Awals-MacBook-Air:etc awal$ ls -l /dev/tap*
    crw-rw—- 1 root wheel 21, 0 May 3 22:20 /dev/tap0
    crw-rw—- 1 root wheel 21, 1 May 3 19:47 /dev/tap1
    crw-rw—- 1 root wheel 21, 10 May 3 19:47 /dev/tap10
    crw-rw—- 1 root wheel 21, 11 May 3 19:47 /dev/tap11
    crw-rw—- 1 root wheel 21, 12 May 3 19:47 /dev/tap12
    crw-rw—- 1 root wheel 21, 13 May 3 19:47 /dev/tap13
    crw-rw—- 1 root wheel 21, 14 May 3 19:47 /dev/tap14
    crw-rw—- 1 root wheel 21, 15 May 3 19:47 /dev/tap15
    crw-rw—- 1 root wheel 21, 2 May 3 19:47 /dev/tap2
    crw-rw—- 1 root wheel 21, 3 May 3 19:47 /dev/tap3
    crw-rw—- 1 root wheel 21, 4 May 3 19:47 /dev/tap4
    crw-rw—- 1 root wheel 21, 5 May 3 19:47 /dev/tap5
    crw-rw—- 1 root wheel 21, 6 May 3 19:47 /dev/tap6
    crw-rw—- 1 root wheel 21, 7 May 3 19:47 /dev/tap7
    crw-rw—- 1 root wheel 21, 8 May 3 19:47 /dev/tap8
    crw-rw—- 1 root wheel 21, 9 May 3 19:47 /dev/tap9

    A reboot of the computer may be required if the character device files are not listed in the output.

  5. To make QEMU gets connected to VM Host you should create a tap interface from GNS3 cloud options. Drag out a new cloud from the devices list in the left pane, right click it and choose “Configure”.

    Expand the cloud group in the left pane then choose the “NIO TAP” tab in the right pane.

    Under TAP interfaces (require root access) type /dev/tap0 as shown in Fig 3.

    Click “Add” and now the new interface will show up inside the box, something like nio_tap:/dev/tap0.  By the way, if you don’t click Add it won’t work – I’ve made this mistake many times. Anyways, now choose OK”.


    Fig 3: Adding TAP Interface

  6. Alright, now drag out a network device like an Ethernet Switch and then click the Add a link button in the bottom left corner of the GNS3 window to connect any port on your Switch to the nio_tap:/dev/tap0 interface of your cloud.

    The act of connecting this link causes GNS3 to create logical tap0 interface on your Mac.

    Fig 4: Lab setup in GNS3

    If this interface was created correctly you can verify the status of if on Terminal with ifconfig tap0 command:

    Awals-MacBook-Air:~ awal$ ifconfig tap0
    tap0: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    ether 9a:c7:44:6f:8a:6d
    media: autoselect
    status: active
    open (pid 15135)

    But, as you can see, there is no IP address associated to tap0 interface. To assign an IP address to the tap0 interface:

    sudo ifconfig tap0 10.0.0.2/24 up

    Now check it again from the Terminal, the IP address should be shown.

    Awals-MacBook-Air:~ awal$ ifconfig tap0
    tap0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    ether 9a:c7:44:6f:8a:6d
    inet 10.0.0.2 netmask 0xffffff00 broadcast 10.0.0.255
    media: autoselect
    status: active
    open (pid 15135)

  7. At this point you need to add the MikroTik Router to the topology, connect it to the Ethernet switch you created earlier. Just turn it on and connect it to the Switch as is showed in Fig 4. Open Console by right click on the Router. Login with the default user admin and with no password.

    Fig 5: Starting MikroTik router console

  8. We need to put the Router interface connected to the switch in the same subnet as the tap0 interface. We are gonna use 10.0.0.1/24 in our case. First, check the interface NAME as it might not be same as the interface ID shown on GNS3 topology. In our case, GNS3 topology shows Router interface e0 is connected to the Switch but from Router’s console it shows ether1. configure IP address for the Ethernet interface.

    Fig 6: Setting up IP address

  9. Now that we know tap0 works, we can bridge it to our real interface, which is en0 on my Mac.

    Awals-MacBook-Air:~ awal$ sudo ifconfig bridge0 create
    Password:
    ifconfig: SIOCIFCREATE2: File exists
    Awals-MacBook-Air:~ awal$ sudo ifconfig bridge0 addm en0
    Awals-MacBook-Air:~ awal$ sudo ifconfig bridge0 addm tap0
    Awals-MacBook-Air:~ awal$ sudo ifconfig bridge0 up

    We can view the virtual bridge and its members from Terminal:

    Awals-MacBook-Air:~ awal$ ifconfig bridge0
    bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=3<RXCSUM,TXCSUM>
    ether 9a:00:0b:c8:78:40
    inet6 fe80::da:dca5:3dde:8edf%bridge0 prefixlen 64 secured scopeid 0x8
    inet 169.254.161.27 netmask 0xffff0000 broadcast 169.254.255.255
    Configuration:
            id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
            maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
            root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
            ipfilter disabled flags 0x2
    member: en1 flags=3<LEARNING,DISCOVER>
            ifmaxaddr 0 port 5 priority 0 path cost 0
    member: en0 flags=3<LEARNING,DISCOVER>
            ifmaxaddr 0 port 4 priority 0 path cost 0
    member: tap0 flags=3<LEARNING,DISCOVER>
            ifmaxaddr 0 port 12 priority 0 path cost 0
    Address cache:
            e8:de:27:ea:28:9a Vlan1 en0 1196 flags=0<>
            0:26:82:a0:f8:c9 Vlan1 en0 1200 flags=0<>
            14:cc:20:7c:3c:d6 Vlan1 en0 1197 flags=0<>
            2c:ae:2b:24:93:5b Vlan1 en0 1185 flags=0<>
            0:77:ac:47:16:0 Vlan1 tap0 1195 flags=0<>
    nd6 options=201<PERFORMNUD,DAD>
    media: autoselect
    status: active

    At this point, you should be able to ping PC’s tap0 and Router’s ether1 from each other:

    Awals-MacBook-Air:~ awal$ ping 10.0.0.1
    PING 10.0.0.1 (10.0.0.1): 56 data bytes
    64 bytes from 10.0.0.1: icmp_seq=0 ttl=64 time=1.257 ms
    64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=0.975 ms
    64 bytes from 10.0.0.1: icmp_seq=2 ttl=64 time=0.482 ms
    64 bytes from 10.0.0.1: icmp_seq=3 ttl=64 time=0.619 ms
    64 bytes from 10.0.0.1: icmp_seq=4 ttl=64 time=0.466 ms


    Fig 7: Ping test between Router (ether1) and PC (tap0) interface

  10. Now, open WinBox application that we set up previously using PlayOnMac. In the Connect To field type the MikroTik Router’s IP address (In our case, ether1 Interface which is 10.0.0.1), login as default user admin and hit Connect.
    Fig 8: Connecting the Router with WinBox

    This is it, you should now be able to get the known view of RouterOS WinBox.


    Fig 9: WinBox console for MikroTik router

  11. You should be able to add more routers, finish connectivity and routing and complete your own lab. Have fun, happy networking 🙂

I would like to dedicate this post to my colleague Nazrul, who is experienced in MikroTik and helped me to run WinBox for the first time in GNS3 on Mac.

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 4.00 out of 5)
Loading...

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.