Networking – Hyper-V virtual network switch

hyper-vnetworking

So this might be a very basic and very stupid question but for the life of me I can not find an explanation on the web anywhere as to how this should work.

I have a very basic Hyper-V setup on my Windows 10 machine. I have two VM's one is a Mikrotik image and the other is lUbuntu. At this point I'm working on the most basic network configuration. I want the Mikrotik to behave as a router and firewall between the lUbuntu system and the outside.

I have two virtual network switches (VS) setup in Hyper-V. First the default switch (call it Outside) and second an internal switch (call it Inside) I created. The Mikrotik box has two VNIC's setup that are connected to the two switches. It acts as a DHCP-server on the VNIC which is connected to the Inside VNS.

If I look at my Host system (the Windows 10 I'm running the Hyper-V on) I see the expected two virtual switches as NIC's one vEthernet (Inside) and one vEthernet (Outside).

The issue I have is that the (Inside) NIC has a APIPA address. When I try to get it to renew the adress using ipconfig /renew the command times out. At the same time the Lubuntu system which has one VNIC which is connected to the (Inside) VS works just fine and gets an IP address from the appropriate pool right away.

So my first question is why does the Host system not behave the way I would expect with regards to a Hyper-V Virtual switch?

I assumed from what I read about Hyper-V virtual switches that the Host operating system should see it pretty much the same as a guest. Except it knows it's virtual I guess.

Best Answer

So you have . . .

  1. The VM Mikrotik machine configured with two NIC's with one connected to the "internal" Hyper-V switch (inside) that has the DHCP service running on it, and the other is connected to an "external" Hyper-V switch (outside), etc.

  2. The lUbuntu VM has one NIC and you connect that to the "internal" Hyper-V switch which has a DHCP server service listening on it from the Mikrotik machine to process requests accordingly.

Clarification Resources

1. Configuring VM Networking on a Hyper-V NAT Switch

  • Virtual machines that are connected to a NAT virtual switch are in an isolated broadcast domain, a different one to the LAN. The NAT switch does not have flat, 2-way routing to the LAN that the host is connected to. The virtual switch is an internal virtual switch that the host NATs to the LAN. This means that, by default, the virtual machines can connect to the LAN, but the LAN cannot connect to the virtual machines. And even if we do create NAT rules, the virtual switch remains a separate broadcast domain from the LAN.

    The virtual switch is somewhat isolated from the LAN, especially from broadcast-based services such as DHCP. You can deploy your own DHCP server(s) as virtual machines that are connected to the virtual switch. The scope of these servers is limited to the virtual switch, so there is no impact on the LAN, and network administrators should not have a problem with your DHCP servers being deployed on the NAT virtual switch.

    Source

2. Internal Hyper-V switch configuration

  • Internal: Allows communication between virtual machines on the same Hyper-V server, and between the virtual machines and the management host operating system.

    Source

3. Visualization of all switch modes

Potential Workarounds

  1. The way I've handled this is to ensure the VMs connected to the internal switch have IP addresses assigned, and then from the host Hyper-V management server, I then can access those machines from the host OS that way via their IP addresses.

  2. You could probably look over the Set up a NAT network, and be sure to have a full understanding of it and then Create a NAT virtual network and configure it accordingly to see if it'll do what you want using the "internal" Hyper-V switch functionality.

  3. Since the VMs can talk with the Mikrotik machine, perhaps you can setup routing in it and then tell the VMs to use it's accessible internal Hyper-V switch IP address as the default gateway on all those devices, and just let it do the routing when things need accessed that's not connected to the internal Hyper-V switch.

  4. Check your VLAN configuration and see Configure virtual local area networks for Hyper-V in the event something at this level is needed or causing trouble.

  5. Check any OS level firewall rules for the blocking of the traffic coming from the internal Hyper-V switch to the host Hyper-V or any of the connected VMs.

Related Question