Virtual network in Microsoft Hyper-V

In this article, I will discuss the problem of virtual networks in Hyper-V; Introducing how they work and some key features and limitations for these networks.

In this article, I will discuss the problem of virtual networks in Hyper-V; Introducing how they work and some key features and limitations for these networks.

Virtual network in Microsoft Hyper-V Picture 1 Virtual network in Microsoft Hyper-V Picture 1 Network connectivity in Hyper-V is one of the new discoveries for people who already use physical network connectivity or have used network connectivity implemented in VMware. With Hyper-V, guest operating systems will never access hardware directly, Hyper-V management interfaces can control traffic through virtual interfaces and physical interfaces. .

Hyper-V has Virtual Network Manager. Virtual Network Manager is responsible for creating and controlling virtual switches. There is no restriction on the number of virtual switches that can be created - depending on the type of virtual network you will work with. For example, external virtual networks are basically all on physical NICs, so you can only get the number of external networks equal to the number of physical NICs.

The concept of virtual networks is a very important concept to understand. Be aware that a virtual network can be like a switch, but instead of a physical switch, it is a virtual switch. All virtual machines connected to the same virtual network switch will be connected to the same switch. Each virtual switch will be logically isolated from all other virtual switches. If you want hosts to connect to a virtual switch to communicate with hosts on another virtual switch, then you must create a virtual router, VPN server, firewall or device similar to the device. You have on the physical network. It is advisable to create other virtual switches if you have scenarios where there is a need for separation between networks, just like what you have on the physical network, where different network segments are separated by a firewall or some Other access control devices.

Virtual network types

There are three types of virtual networks you can connect to in Hyper-V:

Private Virtual Network
Internal Virtual Network
External Virtual Network

Private Virtual Network is a virtual switch that only virtual machines can connect to. The guest operating systems connected to the same Private Virtual Network can communicate with each other, but they cannot communicate with the Host operating system and the Host operating system cannot connect to the VMs on Private Virtual Network. . Private Virtual Network is a great solution if you need to have a complete separation between all virtual networks, but they can sometimes cause difficulties if you need to copy files to virtual machines, because there is no connection to any physical network or to this Host operating system. In this scenario, you can create a virtual machine as a firewall or router, and connect a virtual network adapter to Private Virtual Network and other virtual network adapters to the physical network (that is, the External Virtual Network , the type of network we will introduce below).

The Internal Virtual Network is similar to the Private Virtual Network in that it has no connection to any physical NIC. The Internal Virtual Network is a separate virtual switch like the Private Virtual Network, but in the case of the Internal Virtual Network, the Host operating system can access guest virtual machines through the Internal Virtual Network virtual switch. However, there is no function like DHCP for this virtual switch, so if you want to communicate with virtual machines connected to the Internal Virtual Network switch, you need to assign a valid IP address to the virtual NIC associated with The Internal Virtual Network of the Host operating system on the virtual network is trying to connect to.

External Virtual Network is different from pretty virtual networks because this virtual network type is connected to physical network adapters. You will have an External Virtual Network with each physical NIC installed on the Hyper-V server. The External Virtual Network switch will appear at the physical NIC location on the Hyper-V server - so if you look at the NIC's configuration first, it will definitely not have an assigned IP address. Instead, virtual NICs are added to the Network Connections window and connected to the External Virtual Network switch, the virtual NIC with the assigned IP address will be able to communicate with the physical network.

There are some important things you need to know about virtual networks and virtual NICs before starting to work with them in Hyper-V:

If you connect to the Hyper-V server over a network that uses RDP, the network connection you used before will disappear, making sure you have access to the new Hyper-V server and the new virtual Virtual NIC configuration to authenticate. currently connected.
You cannot create an External Virtual Network based on a wireless NIC (this is a big drawback, but you can do that with VMware).
You can specify the name for the virtual NIC to be associated with the virtual switch because the NIC and switch will have the same name; The difference is that the virtual switch will not get the IP address information connected to it, and the NIC will get this information.
Because of connectivity issues as mentioned above, the best way is to have at least two physical NICs on the Hyper-V server. In this way, you can use a NIC as a dedicated management interface for the Host operating system, and assign an External Virtual Network to the remaining NIC.

Virtual NICs

Hyper-V supports two virtual NIC types:

Legacy NIC
High Speed NIC

Each virtual machine can have up to 12 virtual NICs attached to it; More specifically, there are up to 8 High Speed NIC and 4 high speed NIC legacy NICs.

The Legacy NIC emulates a physical NIC (DEC 21140 NIC) and will work well without installing any additional software, since most operating systems will support this NIC. The Legacy NIC also supports PXE to install the operating system on the network.

You can use the legacy NIC and run it for the purpose of creating a network connection before installing the Hyper-V integrated services. However, in many cases, you will have to install integrated services, such as those with 64-bit Windows XP and Windows Server 2003 operating systems, which do not support activation. legacy NIC for DEC virtual NIC.

High speed NIC is just a high speed NIC, and as you can guess, it will give you the best performance. However, to use high speed NIC, you need to install Hyper-V integrated services after the guest operating system is installed.

Virtual NICs support VLAN tagging with VLAN ID numbers assigned to them and virtual networks can be assigned VLAN IDs.

There are several things to keep in mind regarding configuring VLANs, virtual networks and NICs:

The physical NIC on the Hyper-V server needs to support VLAN tagging and the VLAN feature should be enabled on the physical NIC.
However, you should not set up a VLAN ID on a physical NIC but instead configure it on a virtual NIC that connects to External Network switches or to virtual machines themselves.
The virtual machine will use the VLAN ID assigned to its virtual NIC. The VM is unaware of the ID assigned to the virtual switch.

Network connection recommendations in Hyper-V

Here are some recommendations and best practices for you to best use the Hyper-V networking environment:

As mentioned above, you should have at least two physical NICs on your Hyper-V server, so that a NIC is responsible for managing the Host operating system, a NIC is assigned to the External Virtual Network.
Private Private Networks should be used when completely isolated from both Host operating systems and physical networks.
You should use the Internal Virtual Network when you need to transfer files between the Host operating system and virtual machines.
Virtual machines can be removed and dynamic for other virtual networks. However, it is not possible to turn off the virtual machine to change its network connection.
If you want to segment your virtual networks, create a virtual switch for each network (that is, create a Virtual Network for each network) and then connect them with a TMG firewall or Windows RRAS virtual machine. .
Remember to assign the Internal Virtual NIC of the Host operating system a valid IP address so that it can communicate with virtual machines on the same Internal Virtual Network.
Some virtual machines will require a large amount of bandwidth to communicate with the physical network. In this scenario, you need to configure a dedicated External Virtual Network for these NICs and should not connect any virtual machines to them.
If you want to place a Hyper-V server on your network, make sure that the virtual NIC of the Host operating system on the network is not trusted without valid IP address information. This will prevent an attacker from connecting to the Host operating system via the Internet.

Conclude

Hyper-V network connection provides you with a way to customize your virtual network environment. You can use other virtual networks to control the level of connections that the virtual ones have, as well as connect to the Host operating system and the physical network. However, before you start working with Hyper-V virtual networks, you need to understand how they work and some of the key features and limitations with these networks. In another article, I will show you how to configure and manage virtual networks, see how they work with a virtual server that has four physical NICs.