Cat9300 Guestshell Question

HUBERT RESCH · ‎02-17-2020

Hi all,

I already did some deployments with enabled guestshell where we had Catalyst 9300 running as L3-switch.

iox

!

interface virtualPortGroup 0

description Gateway for Guestshell

ip address 172.23.226.1 255.255.255.0

!

app-hosting appid guestshell
app-vnic gateway0 virtualportgroup 0 guest-interface 0
guest-ipaddress 172.23.226.254 netmask 255.255.255.0
app-default-gateway 172.23.226.1 guest-interface 0

!

Now we want to deploy guestshell on Catalyst9300 running as L2 switch , guestshell should run in the VLAN which is availabe on the Switch (eg. 172.23.226.254. Gateway is on the distribution-switch behind the uplink

vlan 226

ip default-gateway 172.23.226.1

interface range gigabitethernet 1/0/1-48

switchport mode access

switchport access vlan 226

interface vlan 226

description Management

ip address 172.23.226.100 255.255.255.0

interface Ten 1/1/1

description Uplink

switchport mode trunk

switchport trunk allowed vlan 226

for me it seems this could be done with usage of the Appgigabitethernet-Interface:

app-hosting appid guestshell
app-vnic AppGigabitEthernet access
guest-interface 0
app-default-gateway 172.23.226.1 guest-interface 0

interface AppGigabitEthernet1/0/1
switchport access vlan 226
switchport mode access

It seems to be fine, but the remaining question is how to assigne the IP to guestshell.
Per default the network-interface of guestshell is enabled for DHCP

[guestshell@guestshell network-scripts]$ cat ifcfg-eth0
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
HOSTNAME=
NM_CONTROLLED=no
TYPE=Ethernet
MTU=
DHCP_HOSTNAME=guestshell
[guestshell@guestshell network-scripts]$

in vlan 226 there is a DHCP-Server running, but no DHCP-request from guestshell is reaching the DHCP-Server,
I also cannot see any MAC-address in interface App1/0/1.

whats wrong there, anything I understood wrong ??

Thx in Advance
Hubert

andrewswanson · ‎02-17-2020

Hi

I've looked at guestshell on Catalyst 3ks running as L2 switches before.

To get Guestshell running I used a virtualportgroup interface and assigned it the Switch's L2 management IP address (using ip unnumbered). In your environment the config would look something like:

interface VirtualPortGroup0
ip unnumbered Vlan226

!

app-hosting appid guestshell
app-vnic gateway0 virtualportgroup 0 guest-interface 0
app-default-gateway 172.23.226.1 guest-interface 0

!

hth
Andy

Tony M · ‎05-07-2020

Hello Hubert,

IOSXE Version 17.01.01 accepts this syntax:

app-hosting appid guestshell
 app-vnic AppGigabitEthernet trunk
  vlan 256 guest-interface 0
   guest-ipaddress 172.23.226.254 netmask 255.255.255.0
 app-default-gateway 172.23.226.1 guest-interface 0

This does assign the address to eth0 in the guestshell:

[guestshell@guestshell ~]$ sudo ip addr show dev eth0
73: eth0@if74: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 52:54:dd:12:54:78 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 172.23.226.254/24 brd 10.56.31.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ddff:fe12:5478/64 scope link
       valid_lft forever preferred_lft forever
[guestshell@guestshell ~]$

The default GW is also configured properly. However, at this point, I am stuck. The network remains unreachable from the guest shell.

Have you been able to make any progress beyond where you were when you originally posted?

Thanks!

Tony M · ‎05-07-2020

Please disregard the incorrect broadcast address in the ip addr show command below. I was replacing the values with the ones you were using but missed one :)

Tristan G · ‎09-04-2024

Hi all,

Did anyone get to the bottom of this? Is this configuration supported with guestshell? I've configured similar on 17.15.1 using similar config. I can see the IP in the ARP table with the correct MAC address, but not in the MAC address table. nor do I see any traffic via tcpdump on the guestshell.