Poster: Networking in Virtual Machine Manager

Posted on March 29, 2013 by Thomas Maurer

Microsoft released a poster about networking options available in System Center Virtual Machine Manager 2012 SP1. I am sure there will be also an updated version of the Microsoft Server Posterpedia Windows 8 App really soon.

System Center Virtual machine Manager Networking Poster

This poster for VMM in System Center 2012 SP1 can help you:

Plan your VMM networks using a logical view of VM networks, logical networks, and logical switches using a variety of configurations including VLAN-based configuration, no isolation, network virtualization, external networks, and with no virtual networking.
Configure networking in VMM using configuration steps by roles including fabric administrators, tenant administrators, or by any user.
Understand the network object model with diagrams of objects showing the relationships between objects.
Extend VMM with options including using a vendor network-management server with extensions, connect a VM network to other networks by configuring the VM network with a gateway, and load-balance requests to VMs that make up a VMM service tier by adding a load balancer to VMM.

You can get the poster here: Poster: Networking in Virtual Machine Manager

Make sure you check out our latest blog posts about Hyper-V Networking in System Center Virtual Machine Manager 2012 SP1.

There is also a poster for Windows Server 2012 Hyper-V available: Windows Server 2012 Hyper-V Component Architecture Poster and Companion References

Using System Center 2012 SP1 – Virtual Machine Manager Logical Switch with Hyper-V

Posted on February 14, 2013 by Thomas Maurer

This blog post is a part of a series of blog posts about System Center 2012 Virtual Machine Manager, I am writing together with Michel Luescher (Consultant from Microsoft Switzerland).

In the last post we wrote about the new networking features in System Center 2012 SP1 – Virtual Machine Manager. One of the biggest changes in SCVMM is the concept of the Logical Switch. The new Logical Switch allows to manage Hyper-V Virtual Switches including the underlying network teaming centralized from System Center Virtual Machine Manager.

In Service Pack 1 you can choose between two Virtual Switches; You can use either the new Logical Switch or you can use the Standard Virtual Switch, which is basically the “legacy” Virtual Switch with the default Hyper-V Virtual Switch functions. If you create the Virtual Switch on a Hyper-V host you can choose between the two options and this allows you to choose the Logical Switch.

Standard Switch

The Standard Virtual Switch is basically the normal Hyper-V Virtual Switch and the configuration looks exactky the same as in the Hyper-V Manager. If you add a Hyper-V Host to SCVMM and you have previously created the Virtual Switch using Hyper-V Manager or PowerShell cmdlets, this Virtual Switch will be shown as Standard Switch.

In a nutshell:

The Standard Switch can only be deployed on one network adapter, so if you want to use network teaming you have to create the network teaming manual on the Hyper-V host.
The available Logical Networks have to be added on every host on the physical network adapter. This can be a little of a management effort but I made a simple PowerShell Script which helps you to do configuration changes: SCVMM 2012: Add Logical Network to all Hyper-V Hosts in HostGroup via PowerShell
Existing Virtual Switches will be shown as Standard Switches in SCVMM, you have to recreate the configuration if you want to use the Logical Switch.
With the Standard Switch you can set the one single management vNIC which can be used by the Management OS. You can attach additional vNIC using Windows PowerShell on the Hyper-V host but not from the Virtual Machine Manager Console

Logical Switch

A Logical Switch includes Virtual Switch Extensions, Uplink Port Profiles which define the physical network adapters used by the Hyper-V Virtual Switch for example for teaming and the Virtual Adapter Port Profiles mapped to Port Classifications which are the settings for the Virtual Network Adapters of the virtual machines.

In a nutshell:

The Logical Switch allows you to add multiple NICs in one Virtual Switch and creates a NIC teaming based on Uplink Port Profile. The Uplink Port Port Profile includes all the information which teaming mode and algorithm has to be used.
The Uplink Port Profile also includes a list of available logical network sites. If you have an additional Logical Network which runs on this network adapters you can simply add this to the Uplink Port Profile.
You can create multiple vNICs (vEthernet Adapters) for example a Hyper-V Converged Networking setup. Port Classifications and Virtual Adapter Port Profiles bring support for Bandwidth Management and QoS.
Logical Switches only work with windows Server 2012 , but there is no need to stay on Windows Server 2008 R2 Hyper-V.

If you are running Windows Server 2012 Hyper-V hosts there is no reason why you should not use the Logical Switch, which adds additional functionality and centralized management to the Hyper-V Virtual Switch.

You can find the German Version of this blog post on Michel Lueschers (Consultant Microsoft Switzerland) blog.

Basic Hyper-V Networking in System Center 2012 SP1 – Virtual Machine Manager

Posted on February 11, 2013 by Thomas Maurer

This blog post is a part of a series of blog posts about System Center 2012 Virtual Machine Manager, I am writing together with Michel Luescher (Consultant from Microsoft Switzerland).

In January Microsoft released the Service Pack 1 for System Center 2012. This was more close to a full featured release rather than just a normal maintenance Service Pack with just small changes and bug fixes. The main purpose of System Center 2012 Service Pack 1 is to support Windows Server 2012. But in the special case of Virtual Machine Manager there are also a lot of new features and improvements. One of the biggest investments Microsoft made with SP1 was the Network Management.

Besides the integration of Network Virtualization which came with Windows Server 2012 Hyper-V a new concept call “Logical Switch” has been introduced. These Logical Switches allow you to configure the Virtual Switch and other network components of Hyper-V hosts directly and centralized from Virtual Machine Manager.

Network Definitions

Logical Networks – Logical Networks represents basically the network infrastructure you have already in your environment. For example this can be a subnet for a specific server or even a storage network. In System Center 2012 Virtual Machine Manager without Service Pack 1 you connected a virtual machine to a Logical Network to connect it to the specific subnet. In Service Pack 1 the concept has been extended with VM Networks.

Network sites – Network sites are added to an Logical Network to associate VLANs and subnets to host groups, which are representing the different locations. For example the “CorpNET” network on “Site A” has a different VLAN or subnet than “Site B” uses for the same network. When deploying a new virtual machine to the “CorpNET” network, Virtual Machine Manager automatically detects the right subnet and also adds (if required) the VLAN ID to the specific virtual machines network adapter.

IP Pools – IP Pools are just a pool of IP addresses which can be used to automatically let Virtual Machine Manager to assign static IP addresses from the selected subnet (example CorpNET) to a virtual machine or a physical Hyper-V host. An IP Pool includes also the information about Gateway or DNS Serves which are automatically used for the network adapter configuration.

VM Networks – VM Networks are defined by logical networks and virtual machines are now connected to VM Networks. This is done because of the new Network Virtualization feature in Windows Server 2012 Hyper-V. With this technology multiple VM networks can run on a single logical network.

As already mentioned the Logical Network is mapped to a VM Network. This mapping is done because with the new Hyper-V Network Virtualization feature you can run multiple VM Networks on a single Logical network.

Extended Virtual Switch

Logical Switch – The new Logical Switch is the main part of the new concept Microsoft introduced in System Center 2012 SP1 Virtual Machine Manager. A Logical Switch combines the different configuration objects used to create a new Hyper-V Virtual Switch in your environment, as for example Virtual Switch Extensions, Uplink Port Profiles and Virtual Adapter Port Profiles mapped to Port Classifications.

Native Virtual Adapter Port Profile – The Virtual Adapter Port Profiles define Virtual network adapter definitions like QoS settings, security settings like router or DHCP guard and performance settings like SR-IOV, IPsec task offloading or Virtual Machine Queue (VMQ). The Virtual Adapter Port Profile settings are not just for Virtual Machines they are also used for Virtual Network Adapters (vNIC) attached to the Hyper-V Management OS in a Converged Network setup.

Native Uplink Port Profile – The Uplink Port Profile sets the definition for the physical adapter like which logical networks are available on these physical adapters, the configuration of the LBFO and if Network Virtualization is being used.

Port Classifications – Port Classifications are mapping with Virtual Adapter Port Profiles based on the logical switch the virtual machine runs on. If a Virtual Machine is moved to a Hyper-V hosts with a different logical switch, the port classification links in the background which Virtual Adapter Port Profile has to be used

How this works together

The Logical Switch defines a Virtual Switch with Extensions

The Logical Switch has Native Uplink Port Profiles which add information about the Teaming Configuration, which Logical Networks and Network Sites are available on the physical network adapters and if Network Virtualization is allowed.

The Logical Switch has also a Native Virtual Adapter Port Profiles which matches with a Port Classification on the Logical Switch and defines the Virtual Network Adapter settings for Virtual Machines or in a Converged Environment for the Hyper-V Management OS.

I hope this post gives you some basic understanding about the new networking features which are added in Service Pack 1 for System Center 2012 Virtual Machine Manager.

You can find the German Version of this blog post on Michel Lueschers (Consultant Microsoft Switzerland) blog.

Cisco C200 M2 SR-IOV for Hyper-V

Posted on November 25, 2012 by Thomas Maurer

In my lab I am using three Cisco C200 M2 rack mount server for my Windows Server 2012 Hyper-V hosts. Windows Server 2012 Hyper-V brings support for SR-IOV which didn’t really work on my C200 M2 servers. Today I updated my Cisco servers to the latest firmware Release 1.4(3p).

After the update I checked the BIOS settings and found a new setting which allows to enable SR-IOV.

It’s great to see that vendors are bring support for the new features which are supported in Windows Server 2012.

Windows Server 2012 Hyper-V Component Architecture Poster and Companion References

Posted on August 29, 2012 by Thomas Maurer

Microsoft released a updated version of the Windows Server 2012 Hyper-V Component Architecture Poster.

Windows Server 2012 Hyper-V Component Architecture Poster provides a visual reference for understanding key Hyper-V technologies in Windows Server 2012 and focuses on Hyper-V Replica, networking, virtual machine mobility (live migration), storage, failover clustering, and scalability.

You can download it from the Microsoft Download Center: Windows Server 2012 Hyper-V Component Architecture Poster and Companion References

via Maarten Wijsman from Hyper-V.nu.

Windows Server 2012 Hyper-V Converged Fabric

Posted on July 22, 2012 by Thomas Maurer

Windows Server 2012 RC Logo

In Windows Server 2008 R2 we had some really simple configurations and best practices for Hyper-V and network configurations. The problem with this was, that this configurations were not really flexible. This had two main reasons, first NIC teaming wasn’t officially supported by Microsoft and secondly there was no possibility to create virtual network interfaces without third party solution.

Here is a example of a Hyper-V 2008 R2 host design which was used in a cluster setup.

Traditional Design

Each dedicated Hyper-V network such as CSV/Cluster communication or the Live Migration network used a own physical network interface. The different network interfaces could also be teamed with third party software from HP, Broadcom or Intel. This design is still a good design in Windows Server 2012 but there are other configurations which are a lot more flexible.

Microsoft MVP Adian Finn and Hans Vredevoort did a already some early work with Windows Server 2012 Converged Fabric and you should definitely read their blog posts.

In Windows Server 2012 you can get much more out of your network configuration. First of all NIC Teaming is now integrated and supported in Windows Server 2012 and another cool feature is the use of virtual network adapters in the Management OS (Host OS or Parent Partition). This allows you to create for example one of the following designs.

Virtual Switch and Dedicated Management Interfaces

This scenario has two teamed 10GbE adapter for Cluster and VM traffic.

Virtual Switch and Dedicated Teamed Management Interfaces

The same scenario with a teamed management interface.

Dedicated Virtual Switch for Management and VM Traffic

One Virtual Switch for Management and Cluster traffic and a dedicated switch for VM traffic.

One Virtual Switch for everything

This is may favorite design at the moment. Two 10GbE adapter as one team for Virtual Machine, Cluster traffic and management. It is a very flexible design and allows the two 10GbE adapters to be used very dynamic.

This design solutions will also be very interesting if you us SMB 3.0 as a storage for Hyper-V Virtual Machines.

There are at the moment not a lot of official information which designs will be unsupported and which will be supported. You can find some information about supported designs in the TechEd North America session WSV329 Architecting Private Clouds Using Windows Server 2012 by Yigal Edery and Joshua Adams.

Configuration

Now after you have seen these designs you may want to create such a configuration and want to know how you can do this. Not everything can be done via GUI you have to use your Windows PowerShell skills. In this scenario I use the design with four 10GbE network adapters 2 for iSCSI and to for my network connections.

Install the Hyper-V Role
Create NIC Teams
Create a Hyper-V Virtual Switch
Add new Virtual Network Adapters to the Management OS
Set VLANs of the Virtual Network Adapters
Set QoS Policies of the Virtual Network Adapters
Configure IP Addresses of the Virtual Network Adapters

Install Hyper-V Role

Before you can use the features of the Virtual Switch and can start create Virtual Network Adapters on the Management OS (Parent Partition) you have to install the Hyper-V role. You can do this via Server Manager or via Windows PowerShell.

 Add-WindowsFeature Hyper-V -Restart

Create NIC Teams

Now most of the time you will create a NIC Teaming for fault tolerance and load balancing. A team can be created over the Server Manager or PowerShell. Of course I prefer the Windows PowerShell. For a Team which will not only be used for Hyper-V Virtual Machines but also for Management OS traffic I use the TransportPorts as load balancing algorithm. If you use this team only for Virtual Machine traffic there is a algorithm called Hyper-V-Port. The Teaming Mode of course depends on your configuration.

 New-NetLbfoTeam -Name Team01 -TeamMembers NIC1,NIC2 -LoadBalancingAlgorithm HyperVPort -TeamingMode SwitchIndependent

Create the Virtual Switch

After the team is created you have to create a new Virtual Switch. We also define the DefaultFlowMinimumBandwidthWeight to be set to 20.

 New-VMSwitch -Name VMNET -NetAdapterName Team01 -AllowManagementOS $False -MinimumBandwidthMode Weight
Set-VMSwitch "VMNET" -DefaultFlowMinimumBandwidthWeight 3.

After you have created the Hyper-V Virtual Switch or VM Switch you will find this switch also in the Hyper-V Manager.

Create Virtual Network Adapters for the Management OS

After you have created your Hyper-V Virtual Switch you can now start adding VM Network Adapters to this Virtual Switch. We also configure the VLAN ID and the QoS policy settings.

 Add-VMNetworkAdapter -ManagementOS -Name "Management" -SwitchName "VMNET"
Add-VMNetworkAdapter -ManagementOS -Name "LiveMigration" -SwitchName "VMNET"
Add-VMNetworkAdapter -ManagementOS -Name "CSV" -SwitchName "VMNET"

 

Set-VMNetworkAdapterVlan -ManagementOS -VMNetworkAdapterName "Management" -Access -VlanId 185
Set-VMNetworkAdapterVlan -ManagementOS -VMNetworkAdapterName "CSV" -Access -VlanId 195
Set-VMNetworkAdapterVlan -ManagementOS -VMNetworkAdapterName "LiveMigration" -Access -VlanId 196

 

Set-VMNetworkAdapter -ManagementOS -Name "LiveMigration" -MinimumBandwidthWeight 20
Set-VMNetworkAdapter -ManagementOS -Name "CSV" -MinimumBandwidthWeight 10
Set-VMNetworkAdapter -ManagementOS -Name "Management" -MinimumBandwidthWeight 10

Your new configuration will now look like this:

As you can see the name of the new Hyper-V Virtual Ethernet Adapter is vEthernet (NetworkAdapaterName). This will be important for automation tasks or configuring IP addresses via Windows PowerShell.

Set IP Addresses

Some months ago I wrote two blog posts, the first was how to configure you Hyper-V host network adapters like a boss and the second one was how to replace the netsh command with Windows PowerShell. Now using Windows PowerShell to configure IP addresses will save you a lot of time.


# Set IP Address Management
New-NetIPAddress -InterfaceAlias "vEthernet (Management)" -IPAddress 192.168.25.11 -PrefixLength "24" -DefaultGateway 192.168.25.1
Set-DnsClientServerAddress -InterfaceAlias "vEthernet (Management)" -ServerAddresses 192.168.25.51, 192.168.25.52

# Set LM and CSV
New-NetIPAddress -InterfaceAlias "vEthernet (LiveMigration)" -IPAddress 192.168.31.11 -PrefixLength "24"
New-NetIPAddress -InterfaceAlias "vEthernet (CSV)" -IPAddress 192.168.32.11 -PrefixLength "24"

# iSCSI
New-NetIPAddress -InterfaceAlias "iSCSI01" -IPAddress 192.168.71.11 -PrefixLength "24"
New-NetIPAddress -InterfaceAlias "iSCSI02" -IPAddress 192.168.72.11 -PrefixLength "24"

There is still a lot more about Windows Server 2012 Hyper-V Converged Fabric in the future, but I hope this post will give you a quick insight into some new features of Windows Server 2012 and Hyper-V.

Hyper-V vs. VMware vSphere – Networking

Posted on July 2, 2012 by Thomas Maurer

Windows Server 2012 RC Logo It is time to compare some of the networking features of Hyper-V and VMware vSphere. Networking is one of the key elements of a Private Cloud. It is important to have a simple and scalable network infrastructure which is fast and secure. That’s why Microsoft invested into Hyper-V networking with creating features like built in NIC teaming, Network Virtualization and other security and offloading features.

SR-IOV Support – Single-root I/O virtualization supports native IOV in existing single root complex PCI-E topologies. It requires support for new device capabilities to configure multiple virtualized configuration spaces.
Network Virtualization
PVLAN support – Provide isolation between two virtual machines on the same VLAN
Dynamic Virtual Machine Queue (D-VMQ) – D-MVQ will dynamically span processing Virtual Machine Queue traffic across multiple CPUs.
DHCP Guard – Protects the environment from DHCP servers installed in a virtual machine
Router Guard – Protects the environment from router advertisement installed in a virtual machine
Port mirroring
Port ACLs – isolation of network traffic for virtual network adapters and virtual ports.
VLAN Trunk mode – Allows directing traffic from a group of VLANs to a specific VM
IPsec Task offload – Allows to offload IPsec traffic to the physical network adapter
Integrated Network Adapter Teaming
The maximum size of a physical disk in attached to a Hyper-V virtual machine is determined by the guest operating system and the chosen file system within the guest
vStorage API for Multipathing (VAMP) is only available in Enterprise & Enterprise Plus editions of vSphere 5.0
vStorage API for Array Integration (VAAI) is only available in Enterprise & Enterprise Plus editions of vSphere 5.0
VMware documentation does not suggests that their respective platforms support 4K Advanced Format Drives

Capability	Windows Server 2012 RC Hyper-V	VMware vSphere Hypervisor	VMware vSphere 5.0 Enterprise Plus
Extensible Switch	Yes	No	Replaceable
Available Partner Extensions	4	No	2
PVLAN Support	Yes	No	Yes
ARP/ND Spoofing Protection	Yes	No	vShield App/Partner
DHCP Snooping Protection	Yes	No	vShield App/Partner
Virtual Port ACLs	Yes	No	vShield App/Partner
Trunk Mode to Virtual Machines	Yes	No	No
Port Monitoring	Yes	Per Port Group	Yes
Port Mirroring	Yes	Per Port Group	Yes
Dynamic Virtual Machine Queue	Yes	NetQueue^C	NetQueue
IPsec Task Offload	Yes	No	No
SR-IOV	Yes	DirectPath I/O	DirectPath I/O
Network Virtualization	Yes	No	Partner

The vSphere Distributed Switch (required for PVLAN capability) is available only in the Enterprise Plus edition of vSphere 5.0 and thus far, seems to be replaceable (By Partners such as Cisco/IBM) rather than extensible.
ARP Spoofing, DHCP Snooping Protection & Virtual Port ACLs require either vShield App or a Partner solution, all of which are additional purchases on top of vSphere 5.0 Enterprise Plus
Port Monitoring and Mirroring at a granular level requires vSphere Distributed Switch, which is available in the Enterprise Plus edition of vSphere 5.0.
Dynamic Virtual Machine Queue (DVMQ) is not supported by either XenServer or vSphere, which both support regular VMq (known as NetQueue on vSphere).
DirectPath IO, whilst not identical to SR-IOV, aims to provide virtual machines with more direct access to hardware devices, with network cards being a good example. Whilst on the surface, this will boost VM networking performance, and reduce the burden on host CPU cycles, in reality, there are a number of caveats in using DirectPath I/O:
- Very small Hardware Compatibility List
- No Memory Overcommit
- No vMotion (unless running certain configurations of Cisco UCS)
- No Fault Tolerance
- No Network I/O Control
- No VM Snapshots (unless running certain configurations of Cisco UCS)
- No Suspend/Resume (unless running certain configurations of Cisco UCS)
- No VMsafe/Endpoint Security support
- No such restrictions are imposed when using SR-IOV, ensuring customers can combine the highest levels of performance with the flexibility they need for an agile infrastructure.

Sources:

TechEd session “VIR311 – Compete to Win | Part I: Comparing Core Virtualization Platforms” from Matt McSpirit (@mattmcspirit)
http://www.vmware.com/products/cisco-nexus-1000V/overview.html,
http://www-03.ibm.com/systems/networking/switches/virtual/dvs5000v /,
http://www.vmware.com/technical-resources/virtualization-topics/virtual-networking/distributed-virtual-switches.html,
http://www.vmware.com/products/vshield-app/features.html
http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9902/data_sheet_c78-492971.html
http://www.vmware.com/pdf/Perf_Best_Practices_vSphere5.0.pdf

Check out my Blog post Hyper-V 2012 – Hey I Just Met You And This Is Crazy for more information about the latest version of Hyper-V.