Today I was presenting @ bleedingedge.si conference… My session was about Windows server 2012 / Hyper-V 3.0 network virtualization.

 

I have recorded this sequence of commands so you can see the configuration and how it works:

http://www.screencast.com/t/wsDAKpKumlSm – Hyper-V 3.0 – Network virtualization Part 1

http://www.screencast.com/t/q3G9SViY6gId – Hyper-V 3.0 – Network virtualization Part 2

http://www.screencast.com/t/bxOznDklp – Hyper-V 3.0 – Network virtualization Part 3

 

In my demo environment I have:

Two Windows server 2012 with Hyper-V 3.0 role installed

HV01 / Only one network card so it is used by VMs and host (management) with IP 172.31.200.11
HV02 / Only one network card so it is used by VMs and host (management) with IP 172.31.200.12

On each host there are TWO virtual machines:

On HV01 there are:

– Blue01 (10.10.10.11 with STATIC MAC*address AAAAAAAAAA01)
– Red01 (10.10.10.21 with STATIC MAC*ddress CCCCCCCCCC01)

On HV02 there are:

– Blue02 (10.10.10.12 with STATIC MAC*address AAAAAAAAAA02)
– Red02 (10.10.10.22 with STATIC MAC*address CCCCCCCCCC02)

*You should DEFINE STATIC MAC on Virtual Machine network configuration – you must not use dynamicaly assigned MAC address (System center Virtual machine manager 2012 SP1 will do that for you automaticaly)

By defalt all machines are able to ping themselfs… We want to isolate Blue network so only Blue01 and Blue02 can ping each other and Red network so only Red01 and Red02 can ping each other.

First thing we need to do is to enable ms_netvm component on PHYSICAL NIC! (not on virtual switch created NIC!)
Enable-NetAdapterBinding “Ethernet” -ComponentID ms_netwnv

Second thing is that we need to create Lookup records on both Hyper-V servers. You should copy/paste this script on both hosts:
New-NetVirtualizationLookupRecord -CustomerAddress “10.10.10.11” -ProviderAddress “172.31.200.11” -VirtualSubnetID “5001” -MACAddress “AAAAAAAAAA01” -Rule “TranslationMethodEncap”
New-NetVirtualizationLookupRecord -CustomerAddress “10.10.10.12” -ProviderAddress “172.31.200.12” -VirtualSubnetID “5001” -MACAddress “AAAAAAAAAA02” -Rule “TranslationMethodEncap”

Then you need to create Costumer Route – on both Hyper-V hosts:
New-NetVirtualizationCustomerRoute -RoutingDomainID “{11111111-2222-3333-4444-000000005001}” -VirtualSubnetID “5001” -DestinationPrefix “10.10.10.0/24” -NextHop “0.0.0.0” -Metric 255

Then you need to add provider address to PHYSICAL NIC – you need to find out interface index by using get-netadapter!

In my example on HV01:
New-NetVirtualizationProviderAddress -InterfaceIndex 12 -ProviderAddress “172.31.200.11” -PrefixLength 24
New-NetVirtualizationProviderRoute -InterfaceIndex 12 -DestinationPrefix “0.0.0.0/0” -NextHop “172.31.200.1”

and on HV02:
New-NetVirtualizationProviderAddress -InterfaceIndex 12 -ProviderAddress “172.31.200.12” -PrefixLength 24
New-NetVirtualizationProviderRoute -InterfaceIndex 12 -DestinationPrefix “0.0.0.0/0” -NextHop “172.31.200.1”

When this is done we need to configure VirtualSubnetID on virtual machines:
On HV01 (where Blue01 vm is running) we should do:
Get-VMNetworkAdapter -VMName Blue01 | where {$_.MacAddress -eq “AAAAAAAAAA01”} | Set-VMNetworkAdapter -VirtualSubnetID 5001

and on HV02 (where Blue02 vm is running) we should do:
Get-VMNetworkAdapter -VMName Blue02 | where {$_.MacAddress -eq “AAAAAAAAAA02”} | Set-VMNetworkAdapter -VirtualSubnetID 5001

Now network virtualization will take place and Blue01 will only be able to ping Blue02 and vice-versa. Red01 and Red02 are outside this VitualSubnet. In video you can see network monitoring where you can detect GRE network between hosts.
In video I also do live migration so I move Blue02 machine from HV02 to HV01 so you can see that network virtualization is aware of live migration and moving machines between HV hosts in the same network or also cross premise… I will cover that in next part! 🙂

Let’s virtualise!