Install GNS3 server
sudo add-apt-repository ppa:gns3/ppa sudo apt-get update sudo apt-get install gns3-server
If you are prompted whether non-root users should be allowed to use ubridge, select "Yes".
Note that GNS3 only works if the front-end and back-end are the same version. Therefore we recommend you 'hold' the gns3-server package so that it is not updated unless you explicitly ask for it:
sudo apt-mark hold gns3-server
You can cancel this later with
apt-mark unhold, e.g. when you
are ready to perform an upgrade:
# How to upgrade gns3 sudo apt-mark unhold gns3-server sudo apt-get install gns3-server sudo apt-mark hold gns3-server sudo systemctl restart gns3
Create gns3 user
This is the user that the gns3 server will run as.
sudo useradd -d /var/lib/GNS3 -s /bin/bash -r gns3
Add to groups
Add the gns3 user into the "kvm" and "ubridge" groups:
sudo usermod -a -G kvm,ubridge gns3
It's also conventient add your unprivileged user to the "gns3" group, as it
will allow you to change directory to
/var/lib/GNS3 without "sudo".
sudo usermod -a -G gns3 nsrc
sudo mkdir -p /var/lib/GNS3 /etc/gns3 sudo chown -R gns3:gns3 /var/lib/GNS3 /etc/gns3
These directories must be writable by the
Optionally you can secure them so they are only readable by the gns3 user and group (this helps protect the gns3 server password from prying eyes)
sudo chmod 750 /var/lib/GNS3 /etc/gns3
Create a systemd unit file
[Unit] Description=GNS3 network simulator After=network-online.target Wants=network-online.target Conflicts=shutdown.target [Service] User=gns3 Group=gns3 ExecStart=/usr/bin/gns3server --config /etc/gns3/gns3_server.conf ExecReload=/bin/kill -s HUP $MAINPID Restart=always RestartSec=5 LimitNOFILE=16384 [Install] WantedBy=multi-user.target
Create configuration file
Now create file
/etc/gns3/gns3_server.conf with the following contents:
[Server] images_path = /var/lib/GNS3/images projects_path = /var/lib/GNS3/projects configs_path = /var/lib/GNS3/configs appliances_path = /var/lib/GNS3/appliances symbols_path = /var/lib/GNS3/symbols report_errors = True auth = True user = nsrc password = XXXXXXXX [Qemu] enable_kvm = True require_kvm = False
images_pathtells GNS3 where to find its base hard drive images. The pre-generated snapshots have
/var/lib/GNS3/images/QEMU/xxx.imgas the base path coded within them, so we need to put images in the same place.
passwordconfigure the GNS3 API to require authentication. This will prevent students from connecting and taking over the emulator. The password in this file is in cleartext, so do not use a valuable password. The GNS3 username and password do not need to match your system username and password.
Start the gns3 server like this:
sudo systemctl start gns3 sudo systemctl enable gns3
The second line means that it will be automatically started at system boot.
If it won't start, check for errors using this command:
journalctl -eu gns3
Regardless of authentication settings, serial consoles are accessible remotely without any authentication, to anyone who knows or guesses the port number. If this is a concern (e.g. because your WAN interface is a public IP) then you can apply firewall rules, or you can bind GNS3 so that it only listens on the internal interface:
images_path = /var/lib/GNS3/images
host = 100.64.0.1
However there is a bug in
gns3-server (at least 2.2.11) which may prevent network traffic flowing when
you have this setting. You will also need to change the TARGET setting