[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Network adapter priority in 2012 R2 Hyper-V Virtual Switches / VMs

Posted on 2013-11-20
6
Medium Priority
?
2,435 Views
Last Modified: 2014-11-12
Hello all,

I've recently installed our new servers which run Windows Server 2012 R2 using Hyper-V host.
There are 2 VM's both also running Server 2012 R2.

Networking is setup as:
-Public VM Interface (10.25.x.x)
-Internal Only VM Interface (192.168.1.x)
-Management Interface on Hyper-V Host (10.25.x.x)
Note: The Public VM Interface is using NIC Teaming (2 x 1GB NICs) and also Management Interface is in a Team of 2.

The problem i'm having is trying to force the VMs to use the "Internal Only VM Interface" for traffic between the Hyper-V Host and the VM.
(This is due to backup server running on the Hyper-V host trying to transfer data always using the physical switch on external interface).
So far the Hyper-V host refuses to use the Internal interface, always going over the Public VM Interface, unless I manually DISABLE the Public VM NIC inside the virtual machine.
This then forces the Hyper-V host and VM to use the Internal VM interface (massively faster, around 3 x !)

So far i've tried:
-Changing the binding order on the VM and on the Hyper-V host with the Internal Only VM interface at the top)
-Setting "Metric" manually on each adapter in the VM and also Hyper-V host with 5 for the Internal and 10 for the Public
-Rebooted VM
-Ran "nbtstat -R", "ipconfig /flushdns", "netsh interface ip delete arpcache" on both host and VM

When I run "nbtstat -c" on the Hyper-V host, it correctly shows that it is using the Internal Only VM interface (192.168.1.x), but still transfers files over network at the slower speed.

Any ideas would be very welcome!
0
Comment
Question by:chrismanncalgavin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 39663322
From a logical standpoint, I understanding wanting to control which MIC traffic goes out from, and MIC binding order SHOULD impact that,

From a practical standpoint though, it should make no difference. Hyper-V creates an extensible switch either way, and the hypervisor will only push traffic out the physical MIC (acting as an uplink port on the virtual switch) if it decides it can't reach the VM (including the "host" OS, which is actually a management VM) another way. In other words, it still uses ARP, etch to make that decision.

So if you are seeing a performance difference AND you are seeing that traffic on your physical NIC, it sounds like you have a subnet setup issue so the hypervisor assumes it must push packets out of the virtual switch.

So with that in mind, I'd even questing if you need the two virtual switches. Like I said, if configured properly , there'd be no performance difference. The only reason to set up multiple v-switches between VMs if is you have some security issue where you need to keep the host VM from seeing that traffic or, in the EXTREMELY rare instance, you are actually saturating all 10GB of the virtual switch and need do some sort of multipath load balancing. Otherwise you could just team the virtual NICs =.
0
 
LVL 8

Author Comment

by:chrismanncalgavin
ID: 39665253
Hi, thanks for the comments.

What I want to confirm is, should the management interface for Hyper-V ALWAYS be on a different subnet to the VM's to achieve this?
Surely there's other people who put the Hyper-V host in the same subnet as VMs but using different adapters in the same manner I have?
(whether that is best practice or not).
They are currently on the same subnet for ease of management.

I just tested something out and I put the management interface on a seperate subnet, this appeared to work and forced the file transfer to use the Internal Only switch / network for traffic between the host and the guest VMs (resulting in 3 x the speed).

What I would rather find out is if there can we a way to operate the way I have intended with Hyper-V host on same subnet as VMs?
Main reason is the easy of management as mentioned and also the connection to our UPS on the same subnet.
Note: We only have a single subnet at our company plus a small DMZ.
0
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 39667403
The separate subnet is purely a security/risk tolerance decision. Some smaller environments will be fine with that. Some won't.

what is a bigger factor though is that the management NIC(s) should NOT have any VMs attached (so no virtual switch) and VM NICs should not be allowed for management (so that box would be unchecked in the virtual network setup.) This makes he topology (both virtual and physical) much easier to understand and packet paths easy to follow. Even if everything is on the same subnet.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 8

Author Comment

by:chrismanncalgavin
ID: 39667585
Thanks. Just to confirm that is exactly how I have things configured.

The Management NIC is purely used for this purpose (although on same subnet as VMs), the VM NIC is dedicated to Hyper-V Virtual Switch for VMs.
Also the VM switch DOES NOT have the option "Allow Management Operating System To Share This Adapter" ticked, as per recommendations.

Still no luck yet.
0
 
LVL 8

Accepted Solution

by:
chrismanncalgavin earned 0 total points
ID: 39689785
In the end the only solution I could find was to set the Windows Firewall settings on each VM to restrict required traffic for certain applications (Yosemite Server Backup) to only use the 192 subnet (VM Only Internal Network).
This is a temporary fix until the backup software company release an update to allow me to bind the software to specific NIC.

Thanks again
0
 
LVL 8

Author Closing Comment

by:chrismanncalgavin
ID: 39702861
The solution took at a lot of research and testing on my behalf and in the end was quite different to the suggestions in the comments made.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Veeam Backup & Replication has added a new integration – Veeam Backup for Microsoft Office 365.  In this blog, we will discuss how you can benefit from Office 365 email backup with the Veeam’s new product and try to shed some light on the needs and …
Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question