AOS-CX Switch Simulator

 View Only
last person joined: yesterday 

Back to discussions
Expand all | Collapse all

Limitations of AOS-CX simulator

This thread has been viewed 356 times

  • 1.  Limitations of AOS-CX simulator

    Posted Sep 07, 2021 10:15 AM
    Hi,

    I remember that there was an overview a all the limitations of the ova. Like, this is not working on 10.5 etc.

    I'm trying to test something with access-list and policy's and this does not seems to be working.

    Is there an overview of limitations?

    ------------------------------
    Roelof Jager
    ------------------------------


  • 2.  RE: Limitations of AOS-CX simulator

    EMPLOYEE
    Posted Sep 08, 2021 04:04 AM
    Please have a look at the AOS-CX OVA release notes: limitations are documented there.
    https://www.arubanetworks.com/techdocs/AOS-CX/10.08/RN/rn_ova_10-08-0001.pdf

    ACL will work but not policy or classifier.
    You'll find an ACL lab out of the multiple other proposed labs here:
    https://community.arubanetworks.com/community-home/digestviewer/viewthread?GroupId=565&MessageKey=b7546d35-a40e-424f-8a8d-462531287670&CommunityKey=aa40c287-728e-4827-b062-5eff4ed6410b&tab=digestviewer&ReturnUrl=%2fcommunity-home%2fdigestviewer%3fcommunitykey%3daa40c287-728e-4827-b062-5eff4ed6410b%26tab%3ddigestviewer

    ------------------------------
    Vincent Giles
    ------------------------------

    Original Message


  • 3.  RE: Limitations of AOS-CX simulator

    Posted Oct 12, 2021 11:54 AM
    Dear Vincent and RJ26,

    I want to ask, you said that ACL will work, but i have tested on GNS3 using Virtual Box for OVA CX 10-08.01 switch simulator.



    I want to make only host 192.168.0.2 can ssh to the switch 192.168.0.1 configuration:
    access-list ip SSH
    10 permit tcp 192.168.0.2 any eq ssh
    20 deny tcp any any eq ssh
    30 permit any any any

     i want to apply the ACL on interface VLAN 1
    interface vlan 1
    ip address 192.168.0.1/24
    apply access-list ip SSH routed-in


    but on the show run, there is notification as follows:
    ! access-list ip SSH user configuration does not match active configuration.
    ! run 'access-list TYPE NAME reset' or 'access-list all reset' to reset the ACL to match the active configuration.
    ! access-list ip SSH failed to apply on module 1/1 (routed-in).

    What does it meant? did i miss something?

    Thanks you for your help,
    Gibs

    ------------------------------
    Luthfi Naufal Gibrani
    ------------------------------

    Original Message


  • 4.  RE: Limitations of AOS-CX simulator

    EMPLOYEE
    Posted Oct 13, 2021 04:52 AM
    Hi,
    It might be due to the ACL applied on the SVI instead of the VLAN.
    And more generally, management ACL would be applied on the control-plane with the command:
    apply access-list ip test control-plane vrf <vrf-name>
    (vrf-name can be default)

    The benefit is that the traffic coming from any VLANs, any ports, that hits the management-plane of the switch get filtered through this ACL.
    be careful to be specific for denying protocols, and keeping a permit ip any any at the end of the ACL.

    ------------------------------
    Vincent Giles
    ------------------------------

    Original Message


  • 5.  RE: Limitations of AOS-CX simulator

    EMPLOYEE
    Posted Sep 29, 2021 05:39 AM

    Overview of limitations:

    The AOS-CX OVA is a simulation environment and is not designed to be fully feature-compatible with AOS-CX running on switching hardware in the Aruba 4000, 6000, or 8000 series of switches. The following features may be configurable in the AOS-CX Simulation environment, but are non-functional:

    CoPP

    Link detection (link is always on)

    Classifier policy

    ECMP

    MAC ACLs

    QoS

    ADC (NAE)

    UDLD

    Mirroring

    ERPS

    Firmware upgrade

    DCBx

    PBR

    VXLAN support with L3 VTEPs

    UBT

    VSF

    VLAN translation

    Watchdog

    PBT

    MAC Lockdown/Lockout

    Captive Portal

    VXLAN support with VSX

     

     

     

    The OVA is a virtual switch and unable to determine the link status of interfaces, so a simulated status is used. You may need to manually adjust the status of an interface using the shutdown or no shutdown commands from the CLI to get the desired results.

     
    Link: https://www.arubanetworks.com/techdocs/AOS-CX/10.08/RN/rn_ova_10-08-0001.pdf

    Page-5



    ------------------------------
    Gaurangkumar Patel
    ------------------------------

    Original Message


  • 6.  RE: Limitations of AOS-CX simulator

    EMPLOYEE
    Posted Oct 25, 2021 12:52 PM
    Is there are limitation on the number of interfaces we can have? I've attempted to start an instance with 24 network interfaces, but only the first 10 come up. The others say "No XCVR installed".

    ------------------------------
    Garrett Ivy
    ------------------------------

    Original Message


  • 7.  RE: Limitations of AOS-CX simulator

    EMPLOYEE
    Posted Oct 25, 2021 01:06 PM
    Correct. Only 10 interfaces are functional.

    ------------------------------
    Vincent Giles
    ------------------------------

    Original Message


  • 8.  RE: Limitations of AOS-CX simulator

    Posted Nov 22, 2021 02:00 PM
    Hi 
        Are there a How to manual to configure aditional interface under gns3?

    ------------------------------
    juan Santamaria
    ------------------------------

    Original Message