?
Solved

Private network routing between two Hyper-V Windows Server 2008 R2 servers

Posted on 2011-09-23
8
Medium Priority
?
755 Views
Last Modified: 2012-08-14
I'll do my best to describe what I am trying to do.  I may try and create a diagram if my description is inadequate.

My goal is to utilize the secondary server NICs and directly connect two Hyper-V servers together to achieve a backend private network between them.  The Hyper-V servers and all their VM's should use the secondary interface for any and all traffic between them.

I have two WS2008R2 servers and each are running Hyper-V.
Both servers have two NICs, a primary and secondary.
The primary NIC (192.168.1.0/24) is enabled and secondary NIC (10.0.0.0/24) is disabled.
The primary NIC provides internet access for the Hyper-V servers and all the VM's.

The configuration above works correctly and completely. The downside is that when VM's on server1 talk o VM's on server2 the traffic must all go through the single interface and the network switch.

THE PROBLEM:

With the secondary NIC configured and attempting to ping via the secondary NIC, all server1 Hyper-V VM's can talk to each other and to server1, but not to server2 or its VM's. And vice-versa.

I have configured binding order so that the secondary interface for all servers and VM's is the top priority.

When a VM on server1 attempts to talk to a VM on server2 there seems to be no traffic.  



0
Comment
Question by:Dan-Aspitel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 2
8 Comments
 
LVL 20

Accepted Solution

by:
Svet Paperov earned 1500 total points
ID: 36592233
The easiest and cleanest way to do that is:
1. Create a dedicated subnet for the network between both servers using the 2nd NIC
2. Clear the checkbox of “Allow management operating system to share this network adapter” of the 1st NIC and use it for all VMs
3. To route between the Hyper-V servers and virtual machines you will need a router: you can use your default gateway router/firewall if you have multiple interfaces on it or another router. If it is not the default gateway, you will have to either manually add the route to the routing table of each VM or use a logon script to publish it.
0
 

Author Comment

by:Dan-Aspitel
ID: 36592569
Thank you for the reply.

>>1. Create a dedicated subnet for the network between both servers using the 2nd NIC

10.0.0.xxx is dedicated to it.

>>2. Clear the checkbox of “Allow management operating system to share this network adapter” of the 1st NIC and use it for all VMs

I do want the host servers to be accessible on the second network though.

>>3. To route between the Hyper-V servers and virtual machines you will need a router: you can use your default gateway router/firewall if you have multiple interfaces on it or another router. If it is not the default gateway, you will have to either manually add the route to the routing table of each VM or use a logon script to publish it.

The NICs are connected directly together without a router or switch. I'm not sure exactly what route I should be adding though.

Would route entries on all VM's be sufficient or should I instead be using the RRAS on each host server to route the second LAN?

0
 

Author Comment

by:Dan-Aspitel
ID: 36592631
Perhaps this is what you proposed?

Would this be a workable solution for the second NIC:

- host server1 and all its VM's would be on 10.0.1.xxx
- all of these would have a route to direct 10.0.2.xxx to server2


- host server2 and all its VM's would be on 10.0.2.xxx
- all of these would have a route to direct 10.0.1.xxx to server1
0
Looking for a new Web Host?

Lunarpages' assortment of hosting products and solutions ensure a perfect fit for anyone looking to get their vision or products to market. Our award winning customer support and 30-day money back guarantee show the pride we take in being the industry's premier MSP.

 
LVL 20

Expert Comment

by:Svet Paperov
ID: 36595176
The setup I suggested follows the best practices to separate the management traffic (back-end connection between both Hyper-V servers) from the production traffic (of the virtual machines). It is the easiest and cleanest configuration.

In your case I suspect you have routing problems on both servers. Start by looking at ROUTE command on the servers: you could use ROUTE ADD to set a static route if needed. If the management traffic is allowed on the virtual adapters, the servers behave as mulhihomed.
0
 

Author Comment

by:Dan-Aspitel
ID: 36595195
The issue does seem to revolve around routing/forwarding between the two host servers; and the desire to not use a physical router.

If the server1 IP is 10.0.1.1 and the server2 IP is 10.0.2.1 what would each server need a a route?

Would each VM have the corresponding server as their gateway?
0
 

Author Comment

by:Dan-Aspitel
ID: 36595206
Or do I need to have 3 separate private networks?  

(p1) 1 for the server1 VM's
(p2) 1 for the server2 VM's
(p3) 1 which both server1 and server2 belong

Then use RRAS on server1 to route p1 through p3 and
use RRAS on server2 to route p2 through p3

Would that work?
0
 

Author Comment

by:Dan-Aspitel
ID: 36595227
Perhaps what I am trying to do without a physical switch is beyond Windows Server  2008 R2.  I'm reading a bit about HP's virtual switch and Cisco's plan to have a virtual switch for Windows Server 8.

http://arstechnica.com/business/news/2011/09/cisco-bringing-virtual-switch-support-to-hyper-v-in-windows-server-8.ars
0
 

Author Closing Comment

by:Dan-Aspitel
ID: 37415812
Accepting this in order to close this question.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question