This week I have been spending some time thinking about my Hyper-V configuration. One particular aspect of Hyper-V has given me a bit of pain: Hyper-V Virtual Networks. It has taken some time to get my head around the networking configurations. Fortunately there have been some excellent articles written that do an excellent job explaining how things work.
When I started with Hyper-V I took the least difficult path and configured a single External Network. Configuring my Hyper-V Parent (sometimes referred to as the Host) with an address of 192.168.1.254 and the gateway address of 192.168.1.1 there was approximately 250 or so addresses remaining that could be used for various VM’s.
But after a while I ran into some limitations to using this design. For starters you are unable to test any solutions that use broadcasting, such as DHCP and PXE Boot… You also have a hard time simulating subnet communication since you only have one subnet to work with… And the final straw was when I wanted to start working with Network Access Protection.
So that got me looking into how to use the virtual networks that Hyper-V provides. Following the previously mentioned article I began to create a new Hyper-V Internal Network called DevNet. I selected the Internal Network because I wanted my VM’s to be able to connect with the Parent and with the internet for updates and such. After saving the new network the Hyper-V Parent had a new NIC labeled DevNet Network, so I configured that interface with the ip address of 10.0.10.254. Next I updated my VM’s to use the 10.0.10.x address space. So far, so good…
But then it hit me… I need some way to have the Internal Network traffic route to the external network… By default Hyper-V includes a virtual switch but not a virtual router. So basically the VM’s could talk to other VM’s and to the Parent, but couldn’t talk to anyone else. Hmm… that just won’t do. It seemed obvious at this point that I needed a router to provide this functionality. This router would have to be configured with two NIC’s, one in the External Network and one in the DevNet network, and then configured to route the traffic accordingly.
I started thinking about the overhead of running a virtualized Router and it really frustrated me. I felt like I was wasting resources on my Hyper-V server by having to run a full fledge server when all I needed was a lightweight virtual router. So what to do…
Then an obvious but not so well known way occurred to me… The Parent server already had an interface in each VLAN, so why not just make the Parent the router? You’re probably thinking about using RRAS, right? No, RRAS was not needed, as there is an entry in the registry that you can configure that will enable routing for all network interfaces on a Windows Server.
There are a couple of steps needed to make all this work…
First, I re-configured the Parent DevNet interface with an IP address of 10.0.10.1. Second, I updated the registry property IPEnableRouter as per the above instructions. Finally I configured my Linksys router with a new static route to the 10.0.10.0/24 network pointing to the 192.168.1.254 address as the gateway.
After rebooting my Parent Server I fired up a VM and tried to connect to the internet. Success! Some more testing confirmed that my Parent server was acting as a router for my DevNet network and my VM’s could connect out to the internet without any problems.
So forget about building a router for Hyper-V! Just use the Parent as the router and you get all of the benefits of routing without the cost of building and managing another VM for the sole purpose of routing…
Tue, Sep 29, 2009
Technology