Last updated by at .

  • What's new in Hyper-V 2016
  • Microsoft Azure

Category: Powershell

Create NAT Virtual Switch on Hyper-V

Hyper-V Virtual Switch using NAT Configuration

In the latest Windows 10 build 10586 (Threshold 2) and Windows Server 2016 Technical Preview 4, Microsoft included a great new feature which is NAT mode for the Hyper-V Virtual Switch. This was mostly build for Windows Containers scenarios, but also has great value for Client Hyper-V. As of today Hyper-V had 3 different VMSwitch types called, Internal, Private and External. With the latest releases of the Windows 10 and Windows Server 2016 Technical Preview 4, Microsoft included a new VM Switch Type called NAT, which allows Virtual Machines to have a Internal Network and connect to the external world and internet using NAT. This feature right now is not included in the UI but you can use PowerShell to create the NAT Virtual Switch.

Create a new Virtual Switch using NAT:

Create NAT Virtual Switch on Hyper-V

Setup the NAT configuration:

This will create a new VM Network Adapter on the host using the IP Address. You can now use the NATSwitch to connect Virtual Machines. You can now set IP Addresses inside Virtual Machines to the subnet and add as the default gateway and you are good to go.

Hyper-V Virtual Switch NAT Configuration

Have fun and enjoy! Thanks to Ben Armstrong (Microsoft VirtualPCGuy) for the info.

E2EVC Copenhagen

Speaking at E2EVC 2015 Lisbon

After a great time in the US visiting VeeamON 2015, the Microsoft MVP Summit 2015 and the MMS 2015, I am happy to announce that I will speak tomorrow at the E2EVC (Experts 2 Experts Virtualization Conference) in Lisbon. Together with Alex Cooper (Microsoft MVP Remote Desktop Services) and Dr. Benny Tritsch (Microsoft MVP Remote Desktop Services), I will speak in one of the keynote about updates in the Microsoft Virtualization Technology.

What’s new with Microsoft Virtualization & Remote Desktop Services – Windows Server 2016 T3 Update

We will cover what is new in Hyper-V, Remote Desktop Services and Azure RemoteApp.

E2EVC Virtualization Conference is a non-commercial, virtualization community event. The main goal of the E2EVC is to bring the best virtualization experts together to exchange knowledge and to establish new connections. E2EVC is a weekend crammed with presentations, Master Classes and discussions delivered by both virtualization vendors product teams and independent experts. I am happy to be part of the community and listen to other industry leading experts, hopefully see you in Lisbon.

System Center Universe Europe

Session Recordings from System Center Universe Europe 2015

A couple of months ago I had the opportunity to speak at System Center Universe Europe 2015 in Basel. I had the chance to speak in 4 sessions about the latest and greatest Microsoft technology solutions. You can check out my conference recap here on my blog post: System Center Universe Europe 2015 – Recap. A couple of days ago System Center Universe Europe made the session recordings available online.

Nano Server the next generation of Cloud Server in your datacenter

In this session we will walk you through how Nano Server is changing the fundamental way we look at fabric Servers and workloads. Nano Server will change the way we build servers and solve fundamental challenges which we have encountered over the pact years embracing cloud fundamentals. Speaking together with Kristian Nese (Microsoft MVP)

What’s new in Windows Server 2016 for Hyper-V

With Windows Server 2016 Microsoft adds again exiting features to its Virtualization Platform. Learn in this session what Shielded VMs, Rolling Cluster Upgrades, Storage Spaces Direct, Hyper converged, PowerShell Direct, Windows Containers, and much more is and how you can profit from these new technologies. Speaking together with Carsten Rachfahl (Microsoft MVP)

Azure Site Recovery, 365 days later

Disaster Recovery, everyone talks about it – everyone claims they have it! But does it really work as expected?! Join us in the session about Azure Site Recovery, the business continuity service from Microsoft for all cloud platforms, on-premise – service providers – public cloud. You will learn how your company or customers can use ASR in their datacenter and which new scenarios have been added in the last 365 days, since we presented this topic at SCU 2014. Speaking together with Michel Lüscher (Microsoft)

Are ITIL and System Center BFFs?

In the modern world where organizations are facing new challenges to be more competitive, they are looking for better ways to improve the quality and efficiency of their IT Service delivery using the ITIL framework. Gain valuable insights and best practices on how you can adopt the ITIL framework to Microsoft System Center and OMS from real world experiences together with Savision, Jonas Lenntun, CEO and Solution Architect at Approved Consulting, and Microsoft MVPs: Robert Hedblom, Kristian Nese, Kevin Greene and Thomas Maurer.

System Center Logo

Summary: Update Rollup 8 for System Center 2012 R2 and Azure Pack now available

Yesterday Microsoft released Update Rollup 8 for System Center 2012 R2 and Windows Azure Pack. Again with the Update Rollups for Windows Azure Pack and System Center, Microsoft not only delivers bug fixes, they also release new features.

There are some really cool highlights in this Update Rollup:

  • Network Virtualization Improvements (Multiple External IP Addresses,…)
  • SCDPM bug fixes
  • Better Checkpoint Integration (Checkpoint Quotas,…)
  • Support for SQL Server 2014 SP1
  • Support of Tier Storage in VMM for Storage Spaces
  • Hyper-V ACL Support in VMM
  • New Network devices in SCOM

Here you can get a quick update on what’s new in Update Rollup 8:

  • Data Protection Manager (KB3086084)
    • The DPM Agent crashes intermittently during a backup.
    • If you are trying to recover data from an imported tape, DPM may crash with a “Connection to the DPM service has been lost” error.
    • If you try to back up a SharePoint site that uses SQL Always On as a content database, SQL logs are not truncated as expected.
    • You cannot verify tape library compatibility for tapes that use RSMCompatmode settings such as IBM 35xx, 2900, and so on.
    • If you have multiple SharePoint farms hosted on the same SQL cluster with different instances but the same database names, DPM cannot back up the correct SharePoint farm content.
    • If you run Update Rollup 7 for Data Protection Manager 2012 R2, and you have already configured online protection for one or more protection groups, trying to change the protection group populates the default DPM settings for the “Select long-term goals” wizard instead of the previous configured values.
    • When you try to protect a SQL failover cluster, the Data Protection Manager UI crashes for every backup or synchronization operation.
    • If you install Update Rollup 7 for Data Protection Manager 2012 R2, self-service recovery for SQL databases may not work.
  • Operations Manager (KB3096382)
    • Slow load of alert view when it is opened by an operator
      Sometimes when the operators change between alert views, the views take up to two minutes to load. After this update rollup is installed, the reported performance issue is eradicated. The Alert View Load for the Operator role is now almost same as that for the Admin role user.
    • SCOMpercentageCPUTimeCounter.vbs causes enterprise wide performance issue
      Health Service encountered slow performance every five to six (5-6) minutes in a cyclical manner. This update rollup resolves this issue.
    • System Center Operations Manager Event ID 33333 Message: The statement has been terminated.
      This change filters out “statement has been terminated” warnings that SQL Server throws. These warning messages cannot be acted on. Therefore, they are removed.
    • System Center 2012 R2 Operations Manager: Report event 21404 occurs with error ‘0x80070057’ after Update Rollup 3 or Update Rollup 4 is applied.
      In Update Rollup 3, a design change was made in the agent code that regressed and caused SCOM agent to report error ‘0x80070057’ and MonitoringHost.exe to stop responding/crash in some scenarios. This update rollup rolls back that UR3 change.
    • SDK service crashes because of Callback exceptions from event handlers being NULL
      In a connected management group environment in certain race condition scenarios, the SDK of the local management group crashes if there are issues during the connection to the different management groups. After this update rollup is installed, the SDK of the local management group should no longer crash.
    • Run As Account(s) Expiring Soon — Alert does not raise early enough
      The 14-day warning for the RunAs account expiration was not visible in the SCOM console. Customers received only an Error event in the console three days before the account expiration. After this update rollup is installed, customers will receive a warning in their SCOM console 14 days before the RunAs account expiration, and receive an Error event three (3) days before the RunAs account expiration.
    • Network Device Certification
      As part of Network device certification, we have certified the following additional devices in Operations Manager to make extended monitoring available for them:

      • Cisco ASA5515
      • Cisco ASA5525
      • Cisco ASA5545
      • Cisco IPS 4345
      • Cisco Nexus 3172PQ
      • Cisco ASA5515-IPS
      • Cisco ASA5545-IPS
      • F5 Networks BIG-IP 2000
      • Dell S4048
      • Dell S3048
      • Cisco ASA5515sc
      • Cisco ASA5545sc
    • French translation of APM abbreviation is misleading
      The French translation of “System Center Management APM service” is misleading. APM abbreviation is translated incorrectly in the French version of Microsoft System Center 2012 R2 Operations Manager. APM means “Application Performance Monitoring” but is translated as “Advanced Power Management.” This fix corrects the translation.
    • p_HealthServiceRouteForTaskByManagedEntityId does not account for deleted resource pool members in System Center 2012 R2 Operations Manager
      If customers use Resource Pools and take some servers out of the pool, discovery tasks start failing in some scenarios. After this update rollup is installed, these issues are resolved.
    • Exception in the ‘Managed Computer’ view when you select Properties of a managed server in Operations Manager Console
      In the Operations Manager Server “Managed Computer” view on the Administrator tab, clicking the “Properties” button of a management server causes an error. After this update rollup is installed, a dialog box that contains a “Heart Beat” tab is displayed.
    • Duplicate entries for devices when network discovery runs
      When customers run discovery tasks to discover network devices, duplicate network devices that have alternative MAC addresses are discovered in some scenarios. After this update rollup is installed, customers will not receive any duplicate devices discovered in their environments.
    • Preferred Partner Program in Administration Pane
      This update lets customers view certified System Center Operations Manager partner solutions directly from the console. Customers can obtain an overview of the partner solutions and visit the partner websites to download and install the solutions.
  • Orchestrator & SMA (KB3096381)
    • SQL Server 2014 Service Pack 1 (SP1) is now supported in Orchestrator 2012 R2.
    • After you export and then import a Runbook, the Password field of Run Program activity is corrupted.
    • SMA: SQL Server 2014 Service Pack 1 is now supported in Service Management Automation 2012 R2.
    • SMA: Service Management Automation 2012 R2 does not let you stop jobs that are in the queued state.
  • Service Provider Foundation (KB3096384)
    • Installing update rollups for Service Provider Foundation causes additional bindings to be created, and this makes a Service Provider Foundation website inaccessible.
    • Quotas for multiple NAT connections are not supported. For more information about this feature, see WAP Update Rollup 8 documentation.
  • Virtual Machine Manager (KB3096389)
    • Support for SQL Server 2014 SP1 as VMM database
      With Update Rollup 8 for SC VMM 2012 R2 you can now have Microsoft SQL Server 2014 SP1 as the VMM database. This support does not include deploying service templates by using the SQL profile type as SQL Server 2014 SP1. For the latest information about SQL Server requirements for System Center 2012 R2, see the reference here.
    • Support for VMWare vCenter 6.0 management scenarios
      With Update Rollup 7, we announced support for management scenarios for vCenter 5.5. Building on our roadmap for vCenter and VMM integration and supportability, we are now excited to announce support for VMWare vCenter 6.0 in Update Rollup 8. For a complete list of supported scenarios, click here.
    • Ability to set quotas for external IP addresses
      With Update Rollup 7, we announced support for multiple external IP addresses per virtual network, but the story was incomplete, as there was no option to set quotas on the number of NAT connections. With UR8, we are glad to announce end-to-end support for this functionality, as you can now set quotas on the number of external IP addresses allowed per user role. You can also manage this by using Windows Azure Pack (WAP).
    • Support for quotas for checkpoints
      Before UR8, when you create a checkpoint through WAP, VMM does not check whether creating the checkpoint will exceed the tenant storage quota limit. Before UR8, tenants can create the checkpoint even if the storage quota limit will be exceeded.
    • Ability to configure static network adapter MAC address during operating system deployment
      With Update Rollup 8, we now provide the functionality to configure static network adapter MAC addresses during operating system deployment. If you have ever done Bare Metal provisioning of hosts and ended up having multiple hosts with the same MAC addresses (because of dynamic IP address assignment for network adapters), this could be a real savior for you.
    • Ability to deploy extended Hyper-V Port ACLs
      With Update Rollup 8 for VMM, you can now:

      • Define ACLs and their rules
      • Attach the ACLs created to a VM network, VM subnets, or virtual network adapters
      • Attach the ACL to global settings that apply it to all virtual network adapters
      • View and update ACL rules configured on the virtual network adapter in VMM
      • Delete port ACLs and ACL rules
    • Support for storage space tiering in VMM
      With Update Rollup 8, VMM now provides you the functionality to create file shares with tiers (SSD/HDD).
    • Issue 1
      Creation of Generation 2 VMs fails with error 13206
    • Issue 2
      VMM does not let you set the owner of a hardware profile with an owner name that contains the “$” symbol.
    • Issue 3
      HA VMs with VLAN configured on the network sites of a logical network cannot be migrated from one host to another. Error 26857 is thrown when you try to migrate the VM.
    • Issue 4
      The changes that are made by a tenant administrator (with deploy permissions to a cloud) to the Memory and CPU settings of a VM in the cloud through VMM Console do not stick. To work around this issue, change these settings by using PowerShell.
    • Issue 5
      When a VM is deployed and put on an SMB3 file share that’s hosted on NetApp filer 8.2.3 or later, the VM deployment process leaves a stale session open per VM deployed to the share. When many VMs are deployed by using this process, VM deployment starts to fail as the max limit of the allowed SMB session on the NetApp filer is reached.
    • Issue 6
      VMM hangs because of SQL Server performance issues when you perform VMM day-to-day operations. This issue occurs because of stale entries in the tbl_PCMT_PerfHistory_Raw table. With UR8, new stale entries are not created in the tbl_PCMT_PerfHistory_Raw table. However, the entries that existed before installation of UR8 will continue to exist.
    • Issue 7
      In a deployment with virtualized Fiber Channel adapters, VMM does not update the SMI-S storage provider, and it throws an exception.
    • Issue 8
      For VMs with VHDs that are put on a Scale out File Server (SOFS) over SMB, the Disk Read Speed VM performance counter incorrectly displays zero in the VMM Admin Console. This prevents an enterprise from monitoring its top IOPS consumers.
    • Issue 9
      Dynamic Optimization fails, leaks a transaction, and prevents other jobs from executing. It is blocked on the SQL Server computer until SCVMM is recycled or the offending SPID in SQL is killed.
    • Issue 10
      V2V conversion fails when you try to migrate VMs from ESX host to Hyper-V host if the hard disk size of the VM on the ESX host is very large.
    • Issue 11
      Live migration of VMs in an HNV network takes longer than expected. You may also find pings to the migrating VM are lost. This is because during the live migration, the WNV Policy table is transferred (instead of only delta). Therefore, if the WNV Policy table is too long, the transfer is delayed and may cause VMs to lose connectivity on the new host.
    • Issue 12
      VMM obtains a wrong MAC address while generating the HNV policy in the deployments where F5 Load Balancers are used.
    • Issue 13
      For IBM SVC devices, enabling replication fails in VMM because there is a limitation in SVC in which the name of the consistency group should start with an alphabetical character (error code: 36900). This issue occurs because while enabling replication, VMM generates random strings for naming the “consistency groups” and “relationship” between the source and the target, and these contain alphanumeric characters. Therefore, the first character that’s generated by VMM may be a number, and this breaks the requirement by IBM SVC.
    • Issue 14
      In Update Rollup 6, we included a change that lets customers have a static MAC address even if the network adapter is not connected. This fix did not cover all scenarios correctly, and it triggers an exception when there’s a template with a connected network adapter, and then you later try to edit the static address in order to disconnect the network adapter.
    • Issue 15
      Post Update Rollup 6, as soon as a host goes into legacy mode, it does not come back to eventing for 20 days. Therefore, the VM properties are not refreshed, and no events are received from HyperV for 20 days.This issue occurs because of a change that’s included in UR6 that set the expiry as 20 days for both eventing mode and legacy mode. The legacy refresher, which should ideally run after 2 minutes, now runs after 20 days; and until then, eventing is disabled.Workaround:
      To work around this issue, manually run the legacy refresher by refreshing VM properties.
    • Issue 16
      Post-UR7, deleting a virtual network does not correctly clean up the cluster resources for the Network Virtualization Gateway. This causes the cluster role (cluster group) to go into a failed state when a failover of the HNV gateway cluster role occurs.
  • Windows Azure Pack (KB3096392)
    • Administrators cannot offer and tenants cannot use multiple external IP addresses through a Network Address Translation (NAT) connection.
      Even though Microsoft System Center Virtual Machine Manager (VMM) has functionality to allocate IP addresses for this purpose, the WAP administrator and tenant experiences do not provide such functionality. Administrators can now allocate a set of external IP addresses for tenants to use when you create NAT rules. The administrator can set up the IP address quota through the Administrator Portal virtual machine (VM) extension.
    • Tenants can create only one checkpoint per virtual machine.
      Administrators can create plans that include quotas that let tenants create multiple VM checkpoints.
    • An unexpected exception is generated by the PowerShell command “Get-MgmtSvcSqlDatabase.”
      The command Get-MgmtSvcSqlDatabase does not retrieve SQL database information. The following examples return exception “Object reference not set to an instance of an object”:

      • Get-MgmtSvcSqlDatabase -AdminUri $AdminUri -Token $Token -HostingServerId “someid” -DisableCertificateValidation
      • Get-MgmtSvcSqlDatabase -AdminUri $AdminUri -Token $Token -HostingServerId $hostserver.ServerId -Name “somename” -DisableCertificateValidation
      • Get-MgmtSvcSqlDatabase -AdminUri $AdminUri -Token $Token -HostingServerId ” someserverid” -Name “datatest” -DisableCertificateValidation
    • An unexpected exception is generated by the PowerShell command “Remove-MgmtSvcMySqlHostingServer.” 
      This command fails with the exception “Index (zero-based) must be greater than or equal to zero and less than the size of the argument list” when you run statements such as the following:

      • Remove-MgmtSvcMySqlHostingServer -AdminUri $AdminUri -Token $Token -HostingServerId $HostServer[0].ServerId -DisableCertificateValidation
      • Remove-MgmtSvcMySqlHostingServer -AdminUri $AdminUri -Token $Token -HostingServerId “someserverid” -DisableCertificateValidation
    • When you create a virtual machine through the Tenant Portal, the menu dropdown boxes are not sorted.
      When a tenant tries to create a VM and the list of items is larger than some items, it becomes very difficult to find the necessary machine image or template.
    • Attaching ISOs in a generation 2 (gen 2) VM fails after three or four attach or detach operations.
      The attach and detach operations on ISO disks and VM gen 2 allocate adapters never releases the adapters for reuse.After you apply this update, detaching the disk adapter enables the adapter to be reused again.

This Update Rollup is one of the bigger one Microsoft released in terms of Azure Pack IaaS Scenarios. This update brings several great improvements to the implementation of Checkpoints and Network Virtualization. Update Rollup 8 finally bringing end to end support for multiple external IP Addresses for the NVGRE Gateways inside WAP as well as VMM. Also better support for Checkpoints on Hyper-V in the WAP Portal as well as VMM.

As always, before you deploy an update rollup in production, make sure, you have tested it in your test or lab environment.

Hyper-V Nested Virtualization

Hyper-V Nested Virtualization in Windows 10 Build 10565

This week Microsoft released a new Windows 10 Insider Preview build to the Windows Insiders. It brings a couple of new features to the OS, but Ben Armstrong (Hyper-V Program Manager at Microsoft) mentions in a blog post that it also brings a preview of Nested Virtualization to Hyper-V in Windows 10. Nested Virtualization allows you to run Hyper-V inside a VM. This is prefect for Lab and Training scenarios, so you can run multiple Hyper-V server without the need of a lot of physical hardware.

So how can you enable Nested Virtualization in this early preview build? Theo Thompson describes this in a blog post:

Step 1: Create a VM

Step 2: Run the enablement script

Given the configuration requirements (e.g. dynamic memory must be off), we’ve tried to make things easier by providing a PowerShell script.

This script will check your configuration, change anything which is incorrect (with permission), and enable nested virtualization for a VM. Note that the VM must be off.

Step 3: Install Hyper-V in the guest

From here, you can install Hyper-V in the guest VM.

Step 4: Enable networking (optional)

Once nested virtualization is enabled in a VM, MAC spoofing must be enabled for networking to work in its guests. Run the following PowerShell (as administrator) on the host machine:

Step 5: Create nested VMs

This is still a very early preview and this means this feature still has a lot of know issues:

  • Both hypervisors need to be the latest versions of Hyper-V. Other hypervisors will not work. Windows Server 2012R2, or even builds prior to 10565 will not work.
  • Once nested virtualization is enabled in a VM, the following features are no longer compatible with that VM. These actions will either fail, or cause the VM not to start:
    • Dynamic memory must be OFF. This will prevent the VM from booting.
    • Runtime memory resize will fail.
    • Applying checkpoints to a running VM will fail.
    • Live migration will fail.
    • Save/restore will fail.
  • Once nested virtualization is enabled in a VM, MAC spoofing must be enabled for networking to work in its guests.
  • Hosts with Virtualization Based Security (VBS) enabled cannot expose virtualization extensions to guests. You must first disable VBS in order to preview nested virtualization.
  • This feature is currently Intel-only. Intel VT-x is required.
  • Beware: nested virtualization requires a good amount of memory. I managed to run a VM in a VM with 4 GB of host RAM, but things were tight.



MMS Midwest Management Summit

Speaking at the Midwest Management Summit 2015

Last year I had the chance to speak at the Midwest Management Summit 2014 (MMS). I am proud to annouce that I will speak in two sessions at the Midwest Management Summit 2015, Mall of America
Minnesota, USA.

The Midwest Management Summit is a 3-day conference purposely capped to just 600 attendees so that nobody gets lost in the crowd. Speakers have time to meet and talk to you. No rushing people out of a session to get the next speaker going. Time to absorb what you see and talk it over with speakers and other attendees. A true learning experience. Real networking. Real-life issues discussed.

I have really good memories at the conference last time, it was a fun experience. This time I am honored to speak together with Symon Perriman, former Microsoft PM and Evangelist and now Microsoft MVP and VP of Business Development at 5Nine. We will talk in four sessions about What is new in Windows Server 2016 Hyper-V, All you need to know about Nano Server, Hyper-V Security Tips: Fix the Gaps you Never Knew About and Hyper-V High-Availability Best Practices with Failover Clustering.

So make sure you register for MMS and join our sessions!


Speaking at Experts Live 2015

I am proud to announce that I will speak at the Experts Live 2015 Conference in Ede. This is a great community event with a lot of great speakers and community members from all over the world. Experts Live 2015 will take place in Ede (Netherlands) on November 19th. Experts Live is one of the best conference you can visit if you want to learn about Microsoft Technologies. In 7 different Tracks, Azure, Office 365, Enterprise Mobility, Operations Management Suite, Azure Stack, Hyper-V and Windows, you can learn about the latest Microsoft Technology updates.

I will speak in the Hyper-V with some really great minds from the Hyper-V community such as Mike Ressler (MVP), Didier van Hoye (MVP), Aidan Finn (MVP), Carsten Rachfahl (MVP) and Jeff Woolsey (Microsoft Program Manager). My session will cover Nano Server and Windows Containers, two very big parts of the Windows Server 2016 wave.

There are also lot of other great session around other Microsoft topics, so make sure to register!