IoT with IoX on ISR 819HG-4G router

: Last Updated: 12 September 2023

What is IoX ?

Cisco IoX hosts applications in a virtual machines running on an hypervisor hosted on an IoX capable hardware called fog node. Cisco IoX is delivered with a pre-packaged Yocto Linux distribution but developpers are free to use any operating system. Yocto has been selected by Cisco because of it's various CPU architectures support, it's comprehensive SDK, and it's slim design to work on resource constraint platforms like routers.

Fog computing concept

All Cisco fog nodes have converged compute, networking and storage, which simplifies management and reduces power and space requirements and makes possible to run the same application on different kind of fog nodes without modification :

Cisco ISR router (ISR 819HG-4G-IOX router simulated in Cisco Packet Tracer 8.0
Cisco switch
Cisco Unified Computing System (UCS) servers

The data and application access is protected by classical Cisco security mecanism. For example, IoX applications hosted on an ISR router benefit from Netflow to help detect anormal activity and CBAC to inspect to inspect and restrict the network flows. These two security mecanism can be simulated in Cisco Packet Tracer 8.0

Cisco IoX use cases

The main use case of IoX is local interaction with IoT industrial devices.

Example :A manufacturer could use Cisco IoX to host Rokwell Factory software on factory-floor routers. Using Cisco IoX API, the software could communicate with the factory IoT devices running any proprietary protocol. A second fog application could send IoT data to the enterprise cloud network by translating the non-standard or proprietary protocol to IP.

IOE configuration with IoX

Configure IoX network connectivity on ISR 819HG-4G

Configure IoX management IP address

interface Ethernet1
 ip address 192.168.3.1 255.255.255.0
 ip nat inside
 duplex auto
 speed auto
 
iox
 host ip address 192.168.3.2 255.255.255.0
 host ip default-gateway 192.168.3.1

ip nat inside source list NAT_ACL interface GigabitEthernet0 overload
ip nat inside source static tcp 192.168.3.2 8443 172.1.1.1 8443 
ip nat inside source static udp 192.168.3.2 5679 172.1.1.1 5679

Configure a virtual port group for IoX VM connectivity to the ISR router

interface VirtualPortGroup0
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 duplex auto
 speed auto

Configure a DHCP pool for IoX Apps

ip dhcp excluded-address 192.168.1.0 192.168.1.1

ip dhcp pool iox-apps
 network 192.168.1.0 255.255.255.0
 default-router 192.168.1.1

Upload a VM to the router using GUI

Configure a management interface on the ISR 819 router (172.1.1.1) and connect to the router using https://172.1.1.1:8443 as the Cisco Application Management service is listening on port 8443. The default username/password is cisco/cisco

Packet Tracer 8 - ISR 819 router IOX apps management

When logged in, click on Add/Deploy button to add a new VM.

Enter the name of the VM (vm1 in our example) for Id and choose the OVA file on your local folder (vm1.ova) as the file.

After uploading the Applications page should reflect the newly added VM

Packet Tracer 8.0 - Upload an IOX VM to ISR 819 router

Upload a VM to the router using CLI

Another way to add a new VM is via tftp to the flash dir. On the router, download ova file via tftp using the follwing commands

Router#copy tftp flash
Address or name of remote host []? 172.1.1.2
Source filename []? vm1.ova
Destination filename [vm1.ova]?

Then install or uninstall the VM (run only one of these ;-) )

Router#virtual-service install name vm1 package flash:/vm1.ova

Router#virtual-service uninstall name vm1

Start the VM on ISR 819 router

Router#config t
Router(config)#virtual-service vm1
Router(config-virt-serv)#[no] activate

What is IoX ?

Read next :

Lab 4 - Port security

Download Cisco Packet Tracer 8.2.2 & GNS3

Cisco Packet Tracer 8.2.2 labs

Lab 16 - Clientless SSL VPN (WebVPN) with ASA 5505

Lab 18 - DMZ configuration with ASA 5506-X