Published: November 12, 2007   |   Updated: February 25, 2008

Most production applications require access to the network in order to communicate with users and other VMs. Additionally; the server virtualization hosts require connections for management, backup, and storage purposes. Consider these requirements when determining the network configuration for the server virtualization infrastructure. Using the application requirements collected in step 2 and the physical server designs in steps 9–12, for each host server, determine the number of physical network adapters and the total throughput requirements. Also, consider redundancy for implementing fault tolerance. The business and technical requirements for each application to be deployed to the virtual network infrastructure should drive these decisions.

Task 1: Determine Host Connectivity Requirements

Windows Server 2008 Hyper-V and Virtual Server 2005 provide the ability to configure network settings based on application requirements. Several options exist for defining network access settings for VMs:

• No network connectivity. In this configuration, the VM does not have network access to other VMs or physical servers.
• VM-only (logical) networks. For security purposes, VMs can be configured to communicate only with other VMs that are on the same host computer.
• Physical network access. This method allows VMs to exist on production host networks similar to physical computers.

Design the number and types of network connections that will be required based on applications’ needs. The general rule should be to provide each VM with minimal network access based on specific application requirements. Doing so helps ensure security and reduces network traffic.

Task 2: Determine Host Throughput Requirements

In step 3, the amount of required network bandwidth for each VM to be deployed to the server virtualization infrastructure was established. Translate this information into specific host network requirements based on which VMs will reside on which servers. In the simplest configuration, a single physical host server network interface might be sufficient to handle the needs of all the VMs on a server. More often, performance and security requirements will require additional physical ports. The following types of connections are common for server virtualization deployments:

• Private network access. Applications that must have dedicated communication with other VMs. Physical servers such as a cluster heartbeat should be placed on private network segments through the host’s physical network adapter.
• Public network access. These networks allow external traffic for publicly accessible VMs such as Web servers. For security purposes, use separate physical network connections in this case.
• VM networks. Create physical network connections that isolated groups of VMs located on different host servers can use. These networks are typical in test and development environments.
• Management networks. For security and reliability purposes, organizations can choose to use a separate network for managing server virtualization administrative functions. These networks are restricted to internal traffic.
• Backup networks. Use these networks for performing host- and guest-level backups based on the specific needs of the environment.
• Storage networks. Storage-related traffic can require large amounts of free bandwidth and low latency. Use storage network connections to provide access to remote VHDs or to virtual operating systems to access network-based storage data.

Each network connection requires corresponding physical switch port capacity and available bandwidth within the physical network environment.

Task 3: Plan for Network Reliability and Availability

In addition to providing multiple network connections based on functional needs, ensure that physical host network connections meet reliability and availability needs. Most network vendors offer network adapter “port teaming” functionality to provide fault tolerance. This approach works by allowing multiple physical network adapter ports to act as a single port, ensuring reliability and availability. Features like automatic failover and bandwidth aggregation require switch and network-layer support, and specific configurations depend on the standards in use.

For each physical host, calculate the number of physical network adapters required. The determinations made for this step may inform changes in the host form factor if the selected host chassis cannot support the number of physical network cards required.

Validating with the Business

Base the specific design of network connections on application and business requirements. To validate design decisions, ask the following questions:

• Does the design accommodate all the supported user access scenarios? When designing virtual network access, it is often easy to overlook some segments of the user population. Consider factors such as remote access, access from the Internet, and support for branch offices.
• Does the network infrastructure meet security and regulatory compliance requirements? Organizations must ensure that communications and data remain secure in order to meet these standards. Network design should take into account methods for managing authentication, authorization, and encryption.

Additional Reading

“Manage virtual networks” in the Virtual Server 2005 Administrator’s Guide (https://www.microsoft.com/technet/prodtechnol/virtualserver/2005/proddocs/vs_operate_ht_configVMN.mspx?mfr=true) provides information on the design and implementation of various virtual network options.

Technical Note: Managing Network Addressing

Like physical machines, VMs require unique network media access control (MAC) and IP addresses to communicate with each other. By default, Virtual Server 2005 uses an automatic method to create MAC addresses for virtual network adapters. When working in a distributed environment that requires connectivity among many different virtual systems, some MAC addresses may be reused. Consider using static MAC address assignments to avoid this behavior.

Use the following approaches for IP address management:

• Using static IP address assignments within each VM
• Using the Virtual Server 2005 internal Dynamic Host Configuration Protocol (DHCP) server
• Using a network-based DHCP server

Most organizations use a combination of these approaches, depending on the specific connectivity needs of each VM.