Module 4
Download
1 / 31

Module 4 - PowerPoint PPT Presentation


  • 131 Views
  • Uploaded on

Module 4. Creating and Configuring Virtual Machine Networks . Module Overview. Creating and Using Hyper-V Virtual Switches Advanced Hyper-V Networking Features Configuring and Using Hyper-V Network Virtualization. Lesson 1: Creating and Using Hyper-V Virtual Switches.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Module 4' - prince


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Module 4

Module 4

Creating and Configuring Virtual Machine Networks


Module overview
Module Overview

  • Creating and Using Hyper-V Virtual Switches Advanced Hyper-V Networking Features Configuring and Using Hyper-V Network Virtualization


Lesson 1 creating and using hyper v virtual switches
Lesson 1: Creating and Using Hyper-V Virtual Switches

  • Overview of the Hyper-V Virtual Switch Types of Virtual Switches What Is VLAN Tagging?


Overview of the hyper v virtual switch
Overview of the Hyper-V Virtual Switch

Compares with

VMware vSwitch (Not VDS)

  • Software implemented layer two switch

    • Connects virtual machines to virtual and physical networks

      • Parent partition is also A virtual machine

    • Extensible, has advanced features, can be replaced

      • Policy enforcement, isolation, traffic shaping, protection

  • Managed by Hyper-V Manager and Windows PowerShell

    • Get-VMSwitch

  • Parent partition can have multiple virtual NICs

    • Can be connected to different virtual switches

    • Can have different bandwidth limitations





Types of virtual switches
Types of Virtual Switches

  • Parent has physical network adapter(s)

    • Each virtual machine (and parent) has virtual network adapter(s)

    • Each virtual network adapter is connected to a virtual switch

  • Type of virtual switch is:

    • External – connects to a physical or wireless adapter

    • Internal – parent and virtual machine connections only

    • Private – virtual machine connections only

  • Configuration

    • Use Virtual Switch Manager to create virtual switches

    • Use virtual machine settings to connect a virtual network adapter to a switch


Types of virtual switches1
Types of Virtual Switches

Private

Virtual machine

Virtual machine

Virtual machine

Virtual machine

Virtual machine

Virtual machine

Parent

Parent

Virtual machine

Virtual machine

App

App

App

App

App

App

App

App

App

App

Internal

Parent

App

NAT

External

Parent

App

IP

IP

IP

No IP

- Physical network adapter

- Virtual network adapter

- Virtual switch









What is vlan tagging
What Is VLAN Tagging?

  • Used to isolate network traffic for nodes that are connected to the same physical network

  • VLANs are used by Hyper-V to

    • Isolate Hyper-V server management networks

    • Isolate virtual machines that are connected to external virtual switches

    • Isolate virtual machines on a single Hyper-V server

  • VLAN ID can be configured on

    • Virtual machine network adapter

    • External and Internal virtual switch

  • VLAN is limited to a single physical subnet

    • VLAN ID has 12 bits (up to 4,094 VLAN IDs)


Lesson 2 advanced hyper v networking features
Lesson 2: Advanced Hyper-V Networking Features

  • Virtual Switch Expanded Functionality Virtual Switch Extensibility What Is SR-IOV? What Is Dynamic Virtual Machine Queue? Network Adapter Advanced Features NIC Teaming in Virtual Machines


Virtual switch expanded functionality
Virtual Switch Expanded Functionality

  • ARP/Neighbor Discovery Poisoning protection

    • Protects against ARP and Neighbor Discovery spoofing

  • DHCP Guard protection

    • Protects against rogue DHCP server in virtual machine

  • Port ACLs

    • Enables isolation by allowing/denying traffic

  • Trunk mode to a virtual machine

    • Trunk mode forwards traffic from multiple VLANs

  • Network traffic monitoring

  • Bandwidth limit and burst support


Virtual switch extensibility
Virtual Switch Extensibility

Parent partition

  • Extensible

    • NDIS filter drivers

    • WFP callout drivers

  • Extensions

    • Ingress

    • Forwarding

    • Egress

    • Monitoring

  • Virtual switch can be replaced

Virtual machine

Virtual machine

Physical NIC

Virtual machine NIC

Virtual machine NIC

Host NIC

Extension protocol

Hyper-V virtual switch

Capture extensions

WFP extensions

Filtering extensions

Forwarding extension

Extension miniport


What is sr iov
What Is SR-IOV?

  • Requires support in network adapter

  • Provides Direct Memory Access to virtual machines

    • Increases network throughput

    • Reduces network latency

    • Reduces CPU overhead on the Hyper-V server

    • Virtual machine bypasses virtual switch

  • Supports Live Migration

Virtual switch

Routing

VLAN Filtering

Virtual machine

Physical NIC

Virtual Function

Virtual NIC

SR-IOV Physical NIC

Parent partition

  • Even when different SR-IOV adapters are used

VMBUS

Network I/O withSR-IOV

Network I/O without SR-IOV


What is dynamic virtual machine queue
What Is Dynamic Virtual Machine Queue?

  • Network adapter uses receive queues to route traffic to the appropriate virtual machine

    • Physical network adapter must support VMQ

    • Dynamically use multiple CPUs when processingvirtual machine network traffic

    • DMA reduces CPU overhead on Hyper-V server

    • Beneficial when virtual machines receive lot of network traffic

  • VMQ is automatically configured and tuned

    • Based on processor networking and CPU load

    • VMQ is enabled by default on a virtual network adapter

      • Used only if the physical network adapter supports VMQ


Network adapter advanced features
Network Adapter Advanced Features

  • Same features available for all virtual network adapters

    • Features are implemented in Hyper-V virtual switch


Nic teaming in virtual machines
NIC Teaming in Virtual Machines

  • Provides redundancy and aggregates bandwidth

  • Can be used at the operating system and virtual machine level

    • Multiple physical network adapters in an NIC team

      • If a physical adapter fails, virtual switch has connectivity

    • Multiple virtual network adapters in an NIC team

      • If a virtual switch fails, virtual machine has connectivity

  • Particularly important when SR-IOV is used

    • SR-IOV traffic bypasses the virtual switch

    • Intended and optimized to support teaming of SR-IOV

      • May be used with any virtual network interface

  • Virtual machine must have multiple network adapters

    • Connected to different virtual switches

    • MAC address spoofing must be enabled


Lesson 3 configuring using hyper v network virtualization
Lesson 3: Configuring & Using Hyper-V Network Virtualization

  • Providing Multitenant Network Isolation What Is Network Virtualization? Benefits of Network Virtualization What Is Network Virtualization Generic Routing Encapsulation? What Are Network Virtualization Policies?


Providing multitenant network isolation
Providing Multitenant Network Isolation

  • Multiple isolated networks on the same infrastructure

  • VLANs are often used

    • Limited scalability (maximum of 4094 VLANs)

    • VLANs cannot span multiple subnets

    • Challenging to reconfigure when adding or moving virtual machine

Switch

Switch

VLAN ID

Virtual machines


Providing multitenant network isolation1
Providing Multitenant Network Isolation

  • Private VLANs

    • Addresses some VLAN scalability issues

    • Reduces number of IP subnets and VLANs

    • Virtual switch can limit virtual machines to the same VLAN

  • Port ACLs

    • Challenging to manage and update ACLs

  • Hyper-V virtual switch supports private VLANs and port ACLs

  • The solution is Software Defined Networking

    • Network virtualization is an implementation of Software Defined Networking

    • Hyper-V enables network virtualization


What is network virtualization
What Is Network Virtualization?

Blue virtual machine

Red virtual machine

Blue network

Red network

Physical network

Physical server

  • Server virtualization

  • Multiple virtual machines on a same physical server

  • Each virtual machine is isolated from others

  • Network virtualization

  • Multiple virtual networks on a same physical network

  • Each virtual network is isolated from others


Benefits of network virtualization
Benefits of Network Virtualization

  • Flexible virtual machine placement

  • Multitenant network isolation without VLANs

  • IP address reuse

  • Live migration across subnets

  • Is compatible with existing network infrastructure

  • Transparent moving of virtual machines to shared IaaS cloud

  • Can be configured using Windows PowerShell

    • Can also use System Center 2012 R2 Virtual Machine Manager


What is network virtualization generic routing encapsulation
What Is Network Virtualization Generic Routing Encapsulation?

192.168.2.22

192.168.5.55

GRE Key=5001

MAC

10.1.1.11

10.1.1.12

192.168.2.22

192.168.5.55

GRE Key=6001

MAC

10.1.1.11

10.1.1.12

192.168.2.22 (Provider address )

192.168.5.55

(Provider address)

192.168.5.55

10.1.1.11 (Customer address)

10.1.1.11 (Customer address)

10.1.1.12 (Customer address)

10.1.1.12 (Customer address )

10.1.1.11

10.1.1.11

10.1.1.12

10.1.1.12

10.1.1.11

10.1.1.12

10.1.1.11

10.1.1.12

10.1.1.11

10.1.1.12

10.1.1.11

10.1.1.12

  • Customer address space based on virtual machine configuration

  • Provider address space based on physical network

    • Not visible to the virtual machines


What are network virtualization policies
What Are Network Virtualization Policies? Encapsulation?

  • Define customer address-provider address mappings

    • Specify on which Hyper-V server virtual machines are running

    • Hyper-V implements policies by translating incoming and outgoing packets

    • If a virtual machine is moved, policies are modified

      • Virtual machine configuration stays the same

Policy Settings

Provider Address Space

Blue Yonder Airlines

Data Center Network

192.168.1.10

192.168.1.12

Hyper-V Host 1

Hyper-V Host 2

Woodgrove Bank

SQL

SQL

WEB

WEB

10.1.1.1

10.1.1.1

10.1.1.2

10.1.1.2

Customer Address Spaces


ad