server virtualization hyper-v 2012 server virtualizationserver virtualization hyper-v 2012
TRANSCRIPT
![Page 1: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/1.jpg)
TechNet
Windows Server 2012 Hyper-V NetworkingCarlos Mayol y Oscar BonaquePremier Field Engineers (PFE’s)Microsoft
TechNet
![Page 2: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/2.jpg)
TechNet
Serv
er
Vir
tualiz
ation
Hyp
er-V
2012
----- Updated to 8000
![Page 3: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/3.jpg)
Serv
er
Vir
tualiz
ation
Serv
er
Vir
tualiz
ation
Hyp
er-V
2012
![Page 4: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/4.jpg)
TechNet
NIC Teaming and Hyper-VDo not require Switch configuration
Static or Dynamic Teaming (LACP)Requires Switch configuration
Sw
itch
D
ependent
Sw
itch
In
depende
nt
![Page 5: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/5.jpg)
TechNet
NIC Teaming and Hyper-V (Balancing Modes Summary)
Address Hash Hyper-V port
Switch Independent
Best for: Active/Standby and Teaming in a VM(Acceptable for all cases)
Best for: Hyper-V *
Switch Dependent
Best for: Native Acceptable for: Hyper-V
Best for: Hyper-V • Sends on all active members, receives on all active members, traffic from
same port always on same NIC• Each Hyper-V port will be bandwidth limited to not more than one team member’s
bandwidth• Each VM (Hyper-V port) is associated with a single NIC, this also allows maximum
use of dVMQs for better performance over all
![Page 6: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/6.jpg)
TechNet
Host Network configurationsConverged Option1
10GbE each
VMNVM1
10GbE eachSto
rage
Live M
igra
tion
Clu
ster
Man
ag
e
Non-converged
1GbE 1GbE 1GbE 10GbEHBA/
10GbE
Sto
rage
Live M
igra
tion
Clu
ster
Man
ag
e
VM1 VMN
Converged Option2
VMNVM1
Sto
rage Live M
igra
tion
Clu
ster
Man
ag
e
RDMA Traffic 10GbE each
Non converged configuration can be accomplish with multiple physical NICs or using partition software at hardware level, normally equipped on Blade chassis systems like:• Dell NPAR• HP FLEXfabric• Cisco FEX
![Page 7: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/7.jpg)
TechNet
Converged NetworksQoS Windows Server 2012• Bandwidth management• Classification and tagging• Priority based flow control
Bandwidth mechanisms:• DCB (Data Center Bridging)• QoS Software Hyper-V Switch
Bandwidth options:• Absolute: bits per second• Weight: an integer in the range between 1 and
100 (Minimum bandwidth)
Best Practices for Minimum Bandwidth configurations:1. Keep the sum of the weights around or under 1002. Assign a relatively large weight to critical workloads even if they don’t require that percentage
of bandwidth3. Gap the weight assignment to differentiate the level of service to be provided (5, 3, 1)4. Make sure that traffic that is not specifically filtered out is also accounted for with a weight
assignment
![Page 8: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/8.jpg)
Serv
er
Vir
tualiz
ation
Hyp
er-V
2012
Demo: Converged Networks
![Page 9: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/9.jpg)
TechNet
Dynamic Switch PortsBy default, every vSwitch is
placed in the default Primordial pool for theEthernet resource pool
Dynamic Switch Port functionality allows a VM to request to connect to one or more virtual switches in a poll of virtual switches
Primordial pool
vEthernet (Public) vEthernet (DMZ)
Public pool DMZ pool
vEthernet (Public) vEthernet (DMZ)
Resource pool configuration using PowerShell (New-VMResourcePool)
Two-part process1. Create the Ethernet resource pool2. Add the vSwitch to the resource
poolNote: Properly configured Ethernet resource pools on Hyper-V hosts should allow for a proper automatic connection when a VM migrates because the virtual machine network configuration is now part of the virtual machine configuration
![Page 10: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/10.jpg)
Serv
er
Vir
tualiz
ation
Hyp
er-V
2012
Demo: Dynamic Switch Ports
![Page 11: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/11.jpg)
TechNet
Virtual Switch Expanded Functionality VM Settings
Network Adapter
Advanced Features
ARP/ND Poisoning (Spoofing) Protection
DHCP/Router Guard Network Traffic Monitoring
Per VM Bandwidth
Management QoS
Port Mirroring (Source or destination)
Netmon inside the VM required
Pseudo QoS to limit VM Network adapter bandwidth
MAC Spoofing protection
IP6 ND Spoofing attacks protection
Prevents VMs acting as DHCP servers or sent Router Advertisements
Can be managed using Hyper-V powershell module
Set-VMNetworkAdapter -ComputerName localhost -VMName VM1 -PortMirroring Source
Set-VMNetworkAdapter -Name “Network Adapter“ –VMName VM -MaximumBandwidth 20000000
Set-VMNetworkAdapter -ComputerName localhost -VMName VM1 -MacAddressSpoofing On
Set-VMNetworkAdapter -ComputerName localhost -VMName VM1 -DhcpGuard On
![Page 12: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/12.jpg)
TechNet
Per VM Bandwidth Management QoSSwitch bandwidth mode is defined during creation
• VM bandwidth modes, where?• UI = Absolute values (Mpbs)• PS = Absolute or Weight
This is an outbound traffic limit!
![Page 13: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/13.jpg)
Serv
er
Vir
tualiz
ation
Hyp
er-V
2012
Demo: VM Bandwidth limitVM Network Monitor
![Page 14: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/14.jpg)
TechNet
Dynamic Virtual Machine Queue
Requires support from NIC vendors
Supported on
VMQ spreads interrupts for virtual environments the way RSS does for native workloads
Dynamic VMQ reassigns available queues based on changing networking demands of the VMs
All Hyper-V customers should be using VMQ on their 10Gb NICs. Customers without VMQ and with I/O loads in VMs may see each VM’s CPU0 run hot.
Can be configured with Powershell: Get-NetAdapterVmq and NetAdapterVmq
![Page 15: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/15.jpg)
TechNet
Single Root I/O Virtualization (SR-IOV) Remaps interrupts and provides
Direct Memory Access to virtual machines
Requires support in the Hyper-V server chipset (BIOS firmware) and in a Network Adapter (NIC) (driver + firmware) in the host
Virtual Functions (VF) in the SR-IOV-capable adapter are mapped directly to the virtual machine
SR-IOV is supported in VM mobility scenarios
Reduces Network Latency
Reduces CPU overhead
VM network traffic bypasses the vSwitchVery similar to basic RDMA functionality
Not enabled if a destination Host does not support SR-IOV
Host
Root PartitionHyper-V Switch
SR-IOV Physical NIC
Virtual Machine
Virtual Function
RoutingVLAN Filtering
Data Copy
![Page 16: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/16.jpg)
TechNet
Network Isolation
Physical separation
Physical switches and adapters for each type of traffic
Layer 2:VLAN
Tag is applied to packets which is used to control the forwarding
Network Virtualization
Isolation through encapsulation. Independence from physical address space.
Layer 2:Private VLAN (PVLAN)
Primary and Secondary tags are used to isolate clients while still giving access to shared services.
![Page 17: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/17.jpg)
TechNet
Network Isolation Vlan challengesV
LAN
s to
day
Limited scalability. Up to 4094 VLANs
VLANs cannot span multiple subnets
Cumbersome configuration when VMs need to be moved within the Datacenter can result in network outage
Physical Switch support limitations
![Page 18: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/18.jpg)
TechNet
Private VLAN (PVLAN) Isolation
Microsoft
Secondary VLANs
Primary VLAN
Isolated
Promiscuous
Community
VLAN pairs used to provide isolation with small numbers of VLANs.
![Page 19: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/19.jpg)
TechNet
Network Virtualization
Microsoft
• Customer Address (CA) space is based on their network infrastructure
• Provider Address (PA) space is assigned by a hoster based on the physicaladdress space in the datacenter (not visible to the VM)
![Page 20: Server Virtualization Hyper-V 2012 Server VirtualizationServer Virtualization Hyper-V 2012](https://reader035.vdocuments.net/reader035/viewer/2022081504/56649f0d5503460f94c218f4/html5/thumbnails/20.jpg)
Questions?