Solved

Private network routing between two Hyper-V Windows Server 2008 R2 servers

Posted on 2011-09-23
8
736 Views
Last Modified: 2012-08-14
I'll do my best to describe what I am trying to do.  I may try and create a diagram if my description is inadequate.

My goal is to utilize the secondary server NICs and directly connect two Hyper-V servers together to achieve a backend private network between them.  The Hyper-V servers and all their VM's should use the secondary interface for any and all traffic between them.

I have two WS2008R2 servers and each are running Hyper-V.
Both servers have two NICs, a primary and secondary.
The primary NIC (192.168.1.0/24) is enabled and secondary NIC (10.0.0.0/24) is disabled.
The primary NIC provides internet access for the Hyper-V servers and all the VM's.

The configuration above works correctly and completely. The downside is that when VM's on server1 talk o VM's on server2 the traffic must all go through the single interface and the network switch.

THE PROBLEM:

With the secondary NIC configured and attempting to ping via the secondary NIC, all server1 Hyper-V VM's can talk to each other and to server1, but not to server2 or its VM's. And vice-versa.

I have configured binding order so that the secondary interface for all servers and VM's is the top priority.

When a VM on server1 attempts to talk to a VM on server2 there seems to be no traffic.  



0
Comment
Question by:Dan-Aspitel
  • 6
  • 2
8 Comments
 
LVL 20

Accepted Solution

by:
Svet Paperov earned 500 total points
ID: 36592233
The easiest and cleanest way to do that is:
1. Create a dedicated subnet for the network between both servers using the 2nd NIC
2. Clear the checkbox of “Allow management operating system to share this network adapter” of the 1st NIC and use it for all VMs
3. To route between the Hyper-V servers and virtual machines you will need a router: you can use your default gateway router/firewall if you have multiple interfaces on it or another router. If it is not the default gateway, you will have to either manually add the route to the routing table of each VM or use a logon script to publish it.
0
 

Author Comment

by:Dan-Aspitel
ID: 36592569
Thank you for the reply.

>>1. Create a dedicated subnet for the network between both servers using the 2nd NIC

10.0.0.xxx is dedicated to it.

>>2. Clear the checkbox of “Allow management operating system to share this network adapter” of the 1st NIC and use it for all VMs

I do want the host servers to be accessible on the second network though.

>>3. To route between the Hyper-V servers and virtual machines you will need a router: you can use your default gateway router/firewall if you have multiple interfaces on it or another router. If it is not the default gateway, you will have to either manually add the route to the routing table of each VM or use a logon script to publish it.

The NICs are connected directly together without a router or switch. I'm not sure exactly what route I should be adding though.

Would route entries on all VM's be sufficient or should I instead be using the RRAS on each host server to route the second LAN?

0
 

Author Comment

by:Dan-Aspitel
ID: 36592631
Perhaps this is what you proposed?

Would this be a workable solution for the second NIC:

- host server1 and all its VM's would be on 10.0.1.xxx
- all of these would have a route to direct 10.0.2.xxx to server2


- host server2 and all its VM's would be on 10.0.2.xxx
- all of these would have a route to direct 10.0.1.xxx to server1
0
 
LVL 20

Expert Comment

by:Svet Paperov
ID: 36595176
The setup I suggested follows the best practices to separate the management traffic (back-end connection between both Hyper-V servers) from the production traffic (of the virtual machines). It is the easiest and cleanest configuration.

In your case I suspect you have routing problems on both servers. Start by looking at ROUTE command on the servers: you could use ROUTE ADD to set a static route if needed. If the management traffic is allowed on the virtual adapters, the servers behave as mulhihomed.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:Dan-Aspitel
ID: 36595195
The issue does seem to revolve around routing/forwarding between the two host servers; and the desire to not use a physical router.

If the server1 IP is 10.0.1.1 and the server2 IP is 10.0.2.1 what would each server need a a route?

Would each VM have the corresponding server as their gateway?
0
 

Author Comment

by:Dan-Aspitel
ID: 36595206
Or do I need to have 3 separate private networks?  

(p1) 1 for the server1 VM's
(p2) 1 for the server2 VM's
(p3) 1 which both server1 and server2 belong

Then use RRAS on server1 to route p1 through p3 and
use RRAS on server2 to route p2 through p3

Would that work?
0
 

Author Comment

by:Dan-Aspitel
ID: 36595227
Perhaps what I am trying to do without a physical switch is beyond Windows Server  2008 R2.  I'm reading a bit about HP's virtual switch and Cisco's plan to have a virtual switch for Windows Server 8.

http://arstechnica.com/business/news/2011/09/cisco-bringing-virtual-switch-support-to-hyper-v-in-windows-server-8.ars
0
 

Author Closing Comment

by:Dan-Aspitel
ID: 37415812
Accepting this in order to close this question.
0

Featured Post

Can’t get the mobile email signature right?

Not having any luck when trying to create an email signature for mobile devices? Does the formatting keep messing up? Make sure you have great email signatures on all devices by using Exclaimer Cloud - Signatures for Office 365.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now