Hyper-V and network
This will probably be the final article from the Hyper-V architecture series. At one forum, I was advised to write a sequel - “Hyper-V and the invisible virtual machine”, “Hyper-V and the Order of Linux”, I will definitely think about it, and maybe even write it.
So, this article will discuss how virtual machines in the Hyper-V environment work with network interfaces. As I said in previous articles, network interfaces are the only way that virtual machines interact with each other and with the “outside world”. Therefore, it is necessary to understand the features of network interaction in the Hyper-V environment.
As you can see in the Hyper-V Manager, there are two types of virtual network adapters: Network Adapter and Legacy Network Adapter. They differ from each other in that the first one is a synthetic device, and the second one is emulated. What is the difference between synthetic and emulated devices? You can read in the first article, “Hyper-V Architecture”. If someone is interested, the Legacy Network Adapter emulates a DEC 21140 10 / 100TX 100 MB multi-port network card (and therefore supports only 10/100 Mbit / s) and is not supported by Windows XP and Windows Server 2003 in the 64-bit version.
It seems that it is not worth explaining that the use of synthetic devices is always preferable, and that is why when creating a new virtual machine, the Network Adapter is added by default. The use of the Legacy Network Adapter is recommended only in two cases:
To do this, you need to uncheck the box “Start virtual machine automatically”, then go to the virtual machine configuration, manually remove the Network Adapter and add the Legacy Network Adapter.
It is also worth mentioning the assignment of MAC addresses to virtual adapters. It can be assigned as automatically when creating a virtual machine (and the range of issuing MAC addresses can be changed in the Hyper-V server settings), or manually through the configuration of the virtual machine.
Of course, if there are network adapters, they should be connected somewhere. And for this in Hyper-V, there are virtual networks (Virtual Networks), which are essentially the most common virtual switches. Both virtual machine network interfaces and physical server network interfaces can be connected to each virtual switch. Virtual networks are of three types, and to make it easier to understand them - take a look at the diagram.
Our server has two network interfaces. When the host OS has just been installed and the interfaces are configured - TCP / IP is attached to each of them, some other protocols and, respectively, network settings are assigned (IP address, subnet mask, gateway addresses and DNS) - statically or dynamically, in In this case - it does not matter.
')
Virtual networks (that is, virtual switches) come in three types: External, Internal, and Private. External - a virtual network with access to the "outside world". When creating a network of the External type, it is necessary to specify the network interface through which output will be carried out (Physical adapter 2). In this case, the physical interface loses all network settings, and a virtual adapter is created in the host OS (Virtual Adapter 1), to which all necessary protocols and settings are attached. The physical interface remains with only one protocol: the Virtual Network Switching Protocol. In addition, in Windows Server 2008 R2, it became possible to create External-type networks, but still isolate them from the host OS. This is done by unchecking the box “Allow management operating system to share this network adapter”:
ATTENTION: When you create a virtual network of the External type, there is a brief disconnection of the network connection, and all settings are transferred to the new, virtual adapter. This needs to be remembered firstly, if the configuration is done remotely - the connection may be interrupted, and secondly, you may have to reconfigure Windows Firewall to bind the rules to the new virtual interface.
Internal is an internal virtual network to which only virtual interfaces can be connected - virtual machines and host OS. A network of type Internal is not bound to a physical interface, and, accordingly, it has no way out.
Private is the same as Internal, except that only virtual machines can connect to such a network. A private network does not have access either to the "outside world" or to the host OS.
For a better understanding, I will draw a table that will indicate which interfaces will be connected to the virtual switchboard, and which ones will not with different settings:
Hyper-V supports VLAN (IEEE 802.1Q). To do this, in the properties of virtual network interfaces there is a tick "Enable VLAN Identification", after activating which you can enter a VLAN ID. Of course, you must first configure the switches so that traffic is tagged with the appropriate IDs, and, of course, install network adapter drivers with the necessary functions in the host OS.
For more information about configuring virtual machines to work with VLAN, read the article by Dmitry Makarov .
I can not finish the article without mentioning a new feature that appeared in Windows Server 2008 R2 - support for virtual queues, VMQ.
VMQ support allows you to move most of the cost of processing network packets addressed to virtual machines from the host OS onto the shoulders of the network adapter processor. Of course, provided that the network adapter supports it, and integration components are installed in the guest OS.
If VMQ is not used, the processing of network packets is as follows:
Virtual traffic is distributed over virtual machines and filtered by VLAN tags; the virtual switchboard operates in the space of the parent OS. With a large number of virtual machines and with large amounts of traffic, this can lead to a slight decrease in performance, since the server processor has other tasks besides processing network packets. Using VMQ allows you to put packet processing on the shoulders of the network adapter processor:
A network adapter that supports VMQ can independently perform the necessary processing of network packets and then write data directly to the memory area of the corresponding virtual machine.
The transfer of data that with VMQ, that without it - goes as usual: Virtual network adapter - VMBus - Virtual switch - Physical network adapter.
On this I would like to finish the article, and at the same time - the story of the architecture of Hyper-V. In conclusion, I would like to ask: I have a desire to write an article about Live Migration. Will it be interesting to the audience, or have everyone heard about it and everyone knows about it?
So, this article will discuss how virtual machines in the Hyper-V environment work with network interfaces. As I said in previous articles, network interfaces are the only way that virtual machines interact with each other and with the “outside world”. Therefore, it is necessary to understand the features of network interaction in the Hyper-V environment.
Network adapters
As you can see in the Hyper-V Manager, there are two types of virtual network adapters: Network Adapter and Legacy Network Adapter. They differ from each other in that the first one is a synthetic device, and the second one is emulated. What is the difference between synthetic and emulated devices? You can read in the first article, “Hyper-V Architecture”. If someone is interested, the Legacy Network Adapter emulates a DEC 21140 10 / 100TX 100 MB multi-port network card (and therefore supports only 10/100 Mbit / s) and is not supported by Windows XP and Windows Server 2003 in the 64-bit version.
It seems that it is not worth explaining that the use of synthetic devices is always preferable, and that is why when creating a new virtual machine, the Network Adapter is added by default. The use of the Legacy Network Adapter is recommended only in two cases:
- When the guest OS does not support the installation of the integration component;
- When you need access to the network before booting the OS, for example, booting over PXE to install the OS from the WDS server.
To do this, you need to uncheck the box “Start virtual machine automatically”, then go to the virtual machine configuration, manually remove the Network Adapter and add the Legacy Network Adapter.
It is also worth mentioning the assignment of MAC addresses to virtual adapters. It can be assigned as automatically when creating a virtual machine (and the range of issuing MAC addresses can be changed in the Hyper-V server settings), or manually through the configuration of the virtual machine.
Virtual networks
Of course, if there are network adapters, they should be connected somewhere. And for this in Hyper-V, there are virtual networks (Virtual Networks), which are essentially the most common virtual switches. Both virtual machine network interfaces and physical server network interfaces can be connected to each virtual switch. Virtual networks are of three types, and to make it easier to understand them - take a look at the diagram.
Our server has two network interfaces. When the host OS has just been installed and the interfaces are configured - TCP / IP is attached to each of them, some other protocols and, respectively, network settings are assigned (IP address, subnet mask, gateway addresses and DNS) - statically or dynamically, in In this case - it does not matter.
')
Virtual networks (that is, virtual switches) come in three types: External, Internal, and Private. External - a virtual network with access to the "outside world". When creating a network of the External type, it is necessary to specify the network interface through which output will be carried out (Physical adapter 2). In this case, the physical interface loses all network settings, and a virtual adapter is created in the host OS (Virtual Adapter 1), to which all necessary protocols and settings are attached. The physical interface remains with only one protocol: the Virtual Network Switching Protocol. In addition, in Windows Server 2008 R2, it became possible to create External-type networks, but still isolate them from the host OS. This is done by unchecking the box “Allow management operating system to share this network adapter”:
ATTENTION: When you create a virtual network of the External type, there is a brief disconnection of the network connection, and all settings are transferred to the new, virtual adapter. This needs to be remembered firstly, if the configuration is done remotely - the connection may be interrupted, and secondly, you may have to reconfigure Windows Firewall to bind the rules to the new virtual interface.
Internal is an internal virtual network to which only virtual interfaces can be connected - virtual machines and host OS. A network of type Internal is not bound to a physical interface, and, accordingly, it has no way out.
Private is the same as Internal, except that only virtual machines can connect to such a network. A private network does not have access either to the "outside world" or to the host OS.
For a better understanding, I will draw a table that will indicate which interfaces will be connected to the virtual switchboard, and which ones will not with different settings:
Work with VLAN
Hyper-V supports VLAN (IEEE 802.1Q). To do this, in the properties of virtual network interfaces there is a tick "Enable VLAN Identification", after activating which you can enter a VLAN ID. Of course, you must first configure the switches so that traffic is tagged with the appropriate IDs, and, of course, install network adapter drivers with the necessary functions in the host OS.
For more information about configuring virtual machines to work with VLAN, read the article by Dmitry Makarov .
VMQ
I can not finish the article without mentioning a new feature that appeared in Windows Server 2008 R2 - support for virtual queues, VMQ.
VMQ support allows you to move most of the cost of processing network packets addressed to virtual machines from the host OS onto the shoulders of the network adapter processor. Of course, provided that the network adapter supports it, and integration components are installed in the guest OS.
If VMQ is not used, the processing of network packets is as follows:
Virtual traffic is distributed over virtual machines and filtered by VLAN tags; the virtual switchboard operates in the space of the parent OS. With a large number of virtual machines and with large amounts of traffic, this can lead to a slight decrease in performance, since the server processor has other tasks besides processing network packets. Using VMQ allows you to put packet processing on the shoulders of the network adapter processor:
A network adapter that supports VMQ can independently perform the necessary processing of network packets and then write data directly to the memory area of the corresponding virtual machine.
The transfer of data that with VMQ, that without it - goes as usual: Virtual network adapter - VMBus - Virtual switch - Physical network adapter.
Instead of conclusion
On this I would like to finish the article, and at the same time - the story of the architecture of Hyper-V. In conclusion, I would like to ask: I have a desire to write an article about Live Migration. Will it be interesting to the audience, or have everyone heard about it and everyone knows about it?
Source: https://habr.com/ru/post/97085/
All Articles