Prerequisites
Complete VCA-NET-101 and VCA-CSA-101 before enrolling. You need Python 3.11+ on Linux (or WSL2), Wireshark fluency from NET-101, familiarity with dig, traceroute, and tcpdump, and comfort installing Docker containers.
Software Requirements
Base environment (Linux strongly recommended)
Ubuntu 24.04 LTS is the primary platform. Most routing-lab tooling works on Debian/Kali too.
sudo apt update && sudo apt install -y \
docker.io docker-compose-v2 \
wireshark tshark \
nmap masscan traceroute \
python3-scapy python3-pip \
openssl gnutls-bin \
bind9 bind9-utils bind9-dnsutils \
iproute2 iputils-ping \
curl wget jq git
For macOS users: Docker Desktop + Homebrew toolchain works for most labs; the GNS3 desktop app is available for macOS.
GNS3 (routing labs)
Download GNS3 from gns3.com (community edition, free). The GNS3 VM runs as a VirtualBox/VMware appliance that hosts the actual routing processes; the GNS3 desktop application is the client.
# FRRouting appliance for GNS3 (download the .gns3a file from gns3.com marketplace)
# FRR Docker image for Containerlab (no GNS3 needed)
docker pull frrouting/frr:latest
Containerlab
Containerlab is the preferred substrate for Labs 5, 6, 9, 11 and for routing topologies when GNS3 is not available.
# Install containerlab
bash -c "$(curl -sL https://get.containerlab.dev)"
containerlab version
Containerlab requires Docker. It pulls container images as needed for each lab topology.
FRRouting
FRRouting (FRR) is the open-source routing daemon suite used in all routing labs. It ships with:
ospfd(OSPF)bgpd(BGP)isisd(IS-IS)ripd(RIP)vtysh(unified CLI)
When using Containerlab, FRR runs inside containers and requires no local install. For direct-install on a routing lab VM:
# Ubuntu 24.04
sudo apt install -y frr frr-pythontools
sudo systemctl enable frr && sudo systemctl start frr
vtysh
Mininet (SDN/OpenFlow lab)
# Option 1: apt (older version but stable)
sudo apt install -y mininet
mn --version
# Option 2: pip install (newer)
pip install mininet
# OpenFlow controller (Ryu)
pip install ryu
BIND 9 (DNS labs)
sudo apt install -y bind9 bind9utils bind9-doc
named -v
Suricata and Zeek (NSM lab)
# Suricata
sudo apt install -y suricata
suricata --build-info | grep "Suricata version"
# Zeek (formerly Bro)
# Zeek is not in standard Ubuntu repos; install via binary or build
sudo apt install -y cmake make gcc g++ flex bison libpcap-dev libssl-dev python3-dev zlib1g-dev
# Then build from source at github.com/zeek/zeek or use the prebuilt PPA:
echo 'deb http://download.opensuse.org/repositories/security:/zeek/xUbuntu_22.04/ /' | sudo tee /etc/apt/sources.list.d/security:zeek.list
curl -fsSL https://download.opensuse.org/repositories/security:zeek/xUbuntu_22.04/Release.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/security_zeek.gpg > /dev/null
sudo apt update && sudo apt install -y zeek
zeek --version
Flent (performance labs)
pip install flent
flent --version
mitmproxy
pip install mitmproxy
mitmproxy --version
OpenSSL (TLS labs)
OpenSSL 3.x is included in Ubuntu 24.04. Verify TLS 1.3 support:
openssl version # should report OpenSSL 3.x
openssl s_client -connect google.com:443 -tls1_3 < /dev/null 2>&1 | grep "Protocol"
Textbooks
Acquire the following before Week 1. The first two are reused from NET-101.
| Book | Format | Notes |
|---|---|---|
| Kurose & Ross, Computer Networking 9th ed. | PDF (id 674 in master library) | Required; Chapters 2-8 |
| Stevens & Fall, TCP/IP Illustrated Vol. 1 2nd ed. | Paperback / library | Required; Chapters 4-15 |
| Doyle & Carroll, Routing TCP/IP Vol. 1 | Paperback (Cisco Press) | Required for Weeks 1-4; ~$80 |
| Rescorla, SSL and TLS | Paperback | Required for Week 6; ~$70; free substitute: RFC 8446 |
Optional (recommended):
- Bejtlich, The Practice of Network Security Monitoring (library id 320)
- Sanders, Practical Packet Analysis 3rd ed. (library id 687)
Lab VMs and Topology Images
VM recommendation
A machine with 16+ GB RAM is recommended for GNS3 topologies running 4+ FRR routers simultaneously. Containerlab topologies are lighter-weight (~512 MB per FRR container).
Minimum: 8 GB RAM for the Mininet SDN labs (simulated topology runs in-kernel).
Image acquisition
| Image | Lab | Source |
|---|---|---|
| FRR Docker image | Labs 1, 2, 3, 9, 11 | docker pull frrouting/frr:latest |
| Arista cEOS | Lab 11 (optional) | Free from arista.com (registration required) |
| Mininet VM | Lab 7 | mininet.org or containerized Mininet |
First-Day Smoke Test
Run before attending Week 1:
# 1. Containerlab version
containerlab version
# 2. FRR in Docker
docker run --rm frrouting/frr:latest vtysh --version
# 3. Wireshark TLS 1.3 capture check
# (Capture any HTTPS traffic from a modern browser -- confirm TLS 1.3 in handshake)
openssl s_client -connect cloudflare.com:443 < /dev/null 2>&1 | grep "Protocol"
# 4. BIND named available
named -v
# 5. Suricata available
suricata --build-info | head -3
# 6. Python Scapy
python3 -c "from scapy.all import IP, TCP; print('Scapy OK')"
Flag any failures to the instructor before Week 1.
Windows / macOS Notes
All routing labs run inside Docker containers via Containerlab and work on macOS + WSL2. The Mininet lab (Lab 7) is Linux-native; use WSL2 or a Linux VM on Windows. GNS3 has native macOS and Windows desktop clients.
Zeek on Windows requires WSL2; do not attempt a native Windows Zeek install for this course.