Configuring Virtual Networks
Updated: December 29, 2010
Applies To: Windows Server 2008, Windows Server 2008 R2
This topic describes the basics of virtual networking in Hyper-V and the different types of virtual networks you can configure. Before you configure a virtual network, consider the types of communication that will be required by the virtual machines. This will help you determine which types of virtual networks you should configure on the server running Hyper-V.
This topic covers the following subjects:
Types of virtual networks
Networking and virtual machines
Configuring virtual local area networks (VLANs)
For examples that show you how to set up and use the different types of virtual networks, see http://technet.microsoft.com/en-us/library/ee247420(WS.10).aspx.
While Hyper-V allows you to configure complex virtual network environments, the basic concept of virtual networking is straightforward. A virtual network works like a physical network switch except that the switch is implemented in software (which is why it is sometimes referred to as a virtual network switch). Ports are added or removed as they are needed when virtual machines are connected to or disconnected from a virtual network.
Virtual Network Manager (available from the Hyper-V Manager snap-in) offers three types of virtual networks that you can use to define various networking topologies for virtual machines and the virtualization server. You can create the following types of virtual networks:
External virtual networks. Use this type when you want to provide virtual machines with access to a physical network to communicate with externally located servers and clients. This type of virtual network also allows virtual machines on the same virtualization server to communicate with each other. This type of network may also be available for use by the management operating system, depending on how you configure the networking. (The management operating system runs the Hyper-V role.) For more information, see “A closer look at external virtual networks” later in this topic.
Note Hyper-V does not support wireless networks. An external virtual network provides access to a physical network through a wired physical network adapter.
Internal virtual networks. Use this type when you want to allow communication between virtual machines on the same virtualization server and between virtual machines and the management operating system. This type of virtual network is commonly used to build a test environment in which you need to connect to the virtual machines from the management operating system. An internal virtual network is not bound to a physical network adapter. As a result, an internal virtual network is isolated from all external network traffic.
Private virtual networks. Use this type when you want to allow communication only between virtual machines on the same virtualization server. A private virtual network is not bound to a physical network adapter. A private virtual network is isolated from all external network traffic on the virtualization server, as well any network traffic between the management operating system and the external network. This type of network is useful when you need to create an isolated networking environment, such as an isolated test domain.
For a simple virtual network configuration that establishes connectivity to an external network, we recommend that you have at least two network adapters on the server running Hyper-V: one network adapter dedicated to the management operating system so you can access it remotely, and one or more network adapters dedicated to the virtual machines. If you are running an Internet SCSI (iSCSI) initiator for virtual hard disk storage, we recommend that you use additional network adapters in the management operating system.
When you add the Hyper-V role during a full installation of Windows Server 2008 or Windows Server 2008 R2, you have the option to configure one or more external virtual networks. However, this option is not available when you install Hyper-V on a Server Core installation.
|When you create an external virtual network, external network connectivity is temporarily disrupted.|
When you create an external virtual network, this action affects how networking is configured in the management operating system. Hyper-V creates a virtual network adapter in the management operating system. Hyper-V then binds the standard services and protocols to the virtual network adapter instead of the physical network adapter, and binds only the Virtual Network Service Protocol to the physical network adapter.
After an external virtual network is configured, all networking traffic is routed though the virtual network switch. The virtual network switch functions as a physical switch would and routes networking traffic through the virtual network to its destination. For this reason, we recommend using at least one additional physical network adapter for managing network traffic.
To connect a virtual machine to a virtual network, you add a virtual network adapter to the virtual machine and then connect the virtual network adapter to an existing virtual network. There are two types of network adapters available for Hyper-V: a network adapter and a legacy network adapter.
The network adapter is designed specifically for Hyper-V and requires a virtual machine driver that is included with the Hyper-V integration services. This type of networking adapter provides better performance than a legacy network adapter and is the recommended choice when it can be used. Because this type of virtual network adapter requires integration services in the guest operating system, it can be used only with guest operating systems for which integration services are available. For more information, see About Virtual Machines and Guest Operating Systems.
Note If a network adapter is configured for a virtual machine but integration services are not installed in the guest operating system, Device Manager lists the network adapter as an unknown device.
The legacy network adapter emulates an Intel 21140-based PCI Fast Ethernet Adapter. This type of network adapter provides networking capabilities for two scenarios: when using a guest operating systems for which integration services are not available, and when network boot capabilities are required. The legacy network adapter uses a driver that is available in most operating systems, instead of a Hyper-V specific driver. The legacy network adapter also provides the ability to boot to the Pre-Boot Execution Environment (PXE).
The network connection for a virtual machine is made by logically connecting it to a port on the virtual network. For a networking application on the virtual machine to connect to external end point, the networking packet is first routed through the virtual network adapter to the virtual port on the external virtual network to which the virtual machine is attached. The networking packet is then directed to the physical network adapter and out to an external physical network.
For the virtual machine to communicate with the management operating system, there are two options. One option is to route the network packet through the physical network adapter and out to the physical network, which then returns the packet back to the server running Hyper-V using the second physical network adapter. Another option is to route the network packet through the virtual network, which is more efficient. The option selected is determined by the virtual network. The virtual network includes a learning algorithm, which determines the most efficient port to direct traffic to and will send the network packet to that port. Until that determination is made by the virtual network, network packets are sent out to all virtual ports.
A virtual machine can be configured to use a static MAC address or a dynamic MAC address. Hyper-V assigns dynamic MAC addresses to virtual machines from a pool of available addresses that are established when Hyper-V is installed. When there is more than one server running Hyper-V on the same subnet and virtual machines use dynamic addresses, duplicate MAC addresses might exist and networking conflicts might occur. In Hyper-V in Windows Server 2008 R2, you can use Virtual Network Manager on each server running Hyper-V to define different ranges of MAC addresses to help avoid duplicate MAC addresses.
|Modifying the range of available MAC addresses does not affect existing virtual machines that are configured with a dynamic MAC address. To modify the MAC address of an existing virtual machine, you can reconfigure the virtual network adapter to use a static MAC address, or remove and then re-add the virtual network adapter to receive a new dynamic MAC address.|
All released versions of Hyper-V support virtual local area networks (VLANs). A VLAN configuration is software-based, which means that you can easily move a computer and still maintain their network configurations. For each virtual network adapter you connect to a virtual machine, you can configure a VLAN ID for the virtual machine. You will need the following to configure VLANs:
A physical network adapter that supports VLANs.
A physical network adapter that supports network packets with VLAN IDs that are already applied.
On the management operating system, you will need to configure the virtual network to allow network traffic on the physical port. This is for the VLAN IDs that you want to use internally with virtual machines. Next, you configure the virtual machine to specify the virtual LAN that the virtual machine will use for all network communications.
There are two modes in which you can configure a VLAN: access mode and trunk mode. In access mode, the external port of the virtual network is restricted to a single VLAN ID in the UI. You can have multiple VLANs using WMI. Use access mode when the physical network adapter is connected to a port on the physical network switch that also is in access mode. To give a virtual machine external access on the virtual network that is in access mode, you must configure the virtual machine to use the same VLAN ID that is configured in the access mode of the virtual network. Trunk mode allows multiple VLAN IDs to share the connection between the physical network adapter and the physical network. To give virtual machines external access on the virtual network in multiple VLANs, you need to configure the port on the physical network to be in trunk mode. You will also need to know the specific VLANs that are used and all of the VLAN IDs used by the virtual machines that the virtual network supports.
Open Hyper-V Manager.
From the Actions menu, click Virtual Network Manager.
Select the virtual network you want to edit, and, in the right pane, check to select Enable virtual LAN identification.
Enter a number for the VLAN ID. All traffic for the management operating system that goes through the network adapter will be tagged with the VLAN ID you set.
Open Hyper-V Manager.
In the results pane, under Virtual Machines, select the virtual machine that you want to configure to use a VLAN.
In the Action pane, under the virtual machine name, click Settings.
Under Hardware, select the virtual network adapter connected to the external virtual network.
In the right pane, select Enable virtual LAN identification, and then enter the VLAN ID you plan to use.
If you need the virtual machine to communicate using additional VLANs, connect additional network adapters to the appropriate virtual network and assign the VLAN ID. Make sure to configure the IP addresses correctly and that the traffic you want to move across the VLAN is also using the correct IP address.