The Virtual Network Trifecta: NetClaw Now Supports GNS3, CML, and ContainerLab

Network engineers love choice. Some swear by Cisco Modeling Labs (CML) for its polished Cisco device support. Others prefer ContainerLab’s lightweight, container-based approach. And many have years of experience with GNS3’s flexible, open-source platform.

With the addition of GNS3 MCP server support, NetClaw now speaks all three languages — giving you the freedom to build virtual network labs in whichever framework fits your workflow.

Why Three Platforms?

Each network virtualization platform has its strengths:

Cisco Modeling Labs (CML)

Official Cisco images with full feature parity
Integrated with Cisco DevNet and CML-Personal licenses
Best for Cisco-centric environments

ContainerLab

Lightning-fast container-based nodes
Declarative YAML topology definitions
Ideal for CI/CD pipelines and rapid prototyping

GNS3

Open-source with massive community
Supports QEMU, Docker, VirtualBox, and VMware
Flexible compute server architecture (local or remote)

Now NetClaw can orchestrate labs across all three — using natural language.

What We Built: GNS3 MCP Server

The GNS3 MCP server provides 23 tools organized into 5 skills:

gns3-project-lifecycle

Create, open, close, delete, clone, and export/import GNS3 projects (labs).

gns3-node-operations

Add devices from templates, start/stop/suspend/reload nodes, access consoles, isolate nodes for testing.

gns3-link-management

Connect devices together, list links, delete links, build complete topologies.

gns3-packet-capture

Start and stop packet captures on any link, retrieve PCAP files for analysis.

gns3-snapshot-ops

Save and restore lab state — perfect for training scenarios or risky config changes.

Natural Language Lab Management

With GNS3 skills loaded, you can tell NetClaw:

"Create a new GNS3 lab called bgp-testing"
"Add two Cisco IOSv routers to the lab"
"Connect router1 eth0 to router2 eth0"
"Start all nodes"
"Capture traffic on the link between router1 and router2"
"Create a snapshot called baseline before I break everything"

NetClaw handles the REST API calls, UUID resolution, and error handling — you focus on the network design.

Setting Up GNS3 with NetClaw

Option 1: Fresh Install via install.sh

If you’re setting up NetClaw from scratch, the install script handles everything:

git clone https://github.com/automateyournetwork/netclaw.git
cd netclaw
./install.sh

During setup, provide your GNS3 server details when prompted, or set them in your .env file:

GNS3_URL=http://your-gns3-server:3080
GNS3_USER=admin
GNS3_PASSWORD=your-password

Option 2: Adding to Existing NetClaw

Already running NetClaw? Add GNS3 support in three steps:

Step 1: Add environment variables

Edit your .env file (or export directly):

# GNS3 Configuration
GNS3_URL=http://your-gns3-server:3080
GNS3_USER=admin
GNS3_PASSWORD=your-password

Step 2: Register the MCP server

Add to your config/openclaw.json under the "mcpServers" section:

"gns3": {
  "command": "python",
  "args": ["-m", "mcp_servers.gns3_mcp_server"],
  "env": {
    "GNS3_URL": "${GNS3_URL}",
    "GNS3_USER": "${GNS3_USER}",
    "GNS3_PASSWORD": "${GNS3_PASSWORD}"
  }
}

Step 3: Restart NetClaw

The GNS3 MCP server will connect on startup and verify connectivity.

GNS3 Server Requirements

GNS3 version 2.2.0 or later (REST API v3)
REST API enabled and accessible over the network
Node templates pre-configured (Cisco IOSv, Arista vEOS, etc.)
Compute resources available (local QEMU or remote Docker/VirtualBox/VMware)

Lab-Only Operations

Like CML and ContainerLab skills, GNS3 operations are designated lab-only — no ServiceNow Change Request gating required. This is intentional: virtual labs are isolated environments for testing, training, and proof-of-concept work.

All operations are still recorded in NetClaw’s GAIT audit trail for session traceability.

The Complete Picture

With GNS3 joining CML and ContainerLab, NetClaw now offers:

Capability	CML	ContainerLab	GNS3
Project/Lab Management	Yes	Yes	Yes
Node Operations	Yes	Yes	Yes
Link Management	Yes	Yes	Yes
Packet Capture	Yes	Yes	Yes
Snapshots	Yes	No	Yes
Topology Export	Yes	Yes	Yes

Mix and match based on your needs — or use all three in different scenarios.

What’s Next

The GNS3 MCP server is available now in the netclaw repository on the 012-gns3-mcp-server branch. Pull request incoming to main.

Future enhancements may include:

Cross-platform topology conversion (CML to GNS3 and back)
Unified lab inventory across all three platforms
Template synchronization between environments

This post documents the GNS3 MCP server milestone — completing NetClaw’s virtual network trifecta. Built collaboratively by John Capobianco and Claude.

Optimizing NetClaw’s SOUL: From 60k to 8k Characters with Modular Architecture

When your AI agent’s personality file is three times larger than its allowed bootstrap limit, something has to change. That’s the challenge we faced with NetClaw’s SOUL.md — and the solution taught us valuable lessons about modular AI architecture.

The Problem: Growing Pains

NetClaw’s SOUL.md file had grown organically over months of development. What started as a simple identity document evolved into a comprehensive reference containing:

97 skill procedures with step-by-step instructions
CCIE-level networking expertise (OSPF, BGP, IS-IS, EIGRP, ACI, F5, and more)
Operational workflows (GAIT audit logging, ServiceNow CR gating)
Personality traits and rules defining NetClaw’s behavior

The result? A 59,696-character file that exceeded OpenClaw’s 20,000-character bootstrap limit by nearly 3x. This caused truncation warnings and incomplete agent initialization.

The Solution: Modular SOUL Architecture

Rather than simply cutting content, we designed a modular architecture that preserves 100% of the original content while dramatically reducing bootstrap size:

1. SOUL.md — The Core Bootstrap (8,131 chars)

Contains only what’s needed at startup:

Identity: "I am NetClaw (CCIE #AI-001)…"
Condensed Skill Index: All 97 skills listed by category (60 chars each)
GAIT Workflow: Audit logging essentials
ServiceNow CR Workflow: Change management rules
Loading Instructions: How to fetch reference files on-demand
Personality & Rules: The 12 non-negotiable behaviors

2. SOUL-SKILLS.md — On-Demand Skill Reference (28,832 chars)

Detailed step-by-step procedures for all 97 skills, organized by category:

Device Automation (pyATS, Nornir)
Cloud Operations (AWS, GCP, Azure)
Cisco Platforms (CML, SD-WAN, Meraki, NSO)
Security Tools (nmap, ISE, firewall analysis)
And 12 more categories…

3. SOUL-EXPERTISE.md — On-Demand Technical Knowledge (13,445 chars)

CCIE-level networking expertise, loaded when explaining protocol behavior:

Routing & Switching (BGP path selection, OSPF areas, IS-IS levels)
Data Center/SDN (ACI fabric model)
Application Delivery (F5 virtual servers, pools, iRules)
Identity/Security (ISE, 802.1X, TrustSec)

How It Works

When NetClaw starts, only SOUL.md loads — under 20k chars, no truncation. When a user asks to "run a pyATS health check," NetClaw:

Recognizes the skill from the condensed index
Loads SOUL-SKILLS.md to get detailed procedures
Executes with full context

When a user asks "explain BGP path selection," NetClaw:

Loads SOUL-EXPERTISE.md for CCIE-level detail
Provides the complete 11-step algorithm

Results

Metric	Before	After	Improvement
Bootstrap size	59,696 chars	8,131 chars	86% reduction
Within limit?	❌ No (3x over)	✅ Yes	Fixed
Content preserved	100%	100%	No loss
Load time	Truncated	Clean	Reliable

Lessons Learned

Bootstrap ≠ Reference: Not everything needs to load at startup. Identify what’s essential vs. what can be fetched on-demand.
Indexes Enable Discovery: A condensed skill index (60 chars per skill) lets the agent know what it CAN do without loading HOW to do it.
Modular Files Scale: As NetClaw gains more skills, we add to SOUL-SKILLS.md without touching the bootstrap. The architecture scales.
Preserve Everything: Optimization shouldn’t mean deletion. All 97 skills and all CCIE knowledge remain — just organized better.

Try It Yourself

The modular SOUL architecture is now live in NetClaw. Start a fresh session and notice:

No truncation warning
Clean identity response to "who are you?"
Full skill access when needed

The code is available in the netclaw repository under the 011-soul-optimization feature.

This post documents a milestone in NetClaw’s development — the modular SOUL optimization. Built collaboratively by John Capobianco and Claude.