When Hyper-V External Virtual Network Switches Disrupt Network Connectivity
Microsoft Hyper-V provides three types of virtual network switches: Internal, Private and External. These virtual network switches are created using the Hyper-V Switch Manager.
- Navigating Your IT Career
- Exploring the Private Cloud for Your Organization
- IT Manager's Guide to Social Networking
An Internal Virtual Network Switch allows communication between virtual machines connected to an internal virtual network switch and Hyper-V host. A Private Virtual Network Switch can be used if you need to restrict communication between virtual machines connected to the same switch.
An External virtual network switch allows virtual machines to communicate with the corporate LAN. External virtual network switches require a physical network adapter to be available on the Hyper-V host before virtual machines can communicate with the corporate LAN.
The External virtual network switch is mapped to the physical network adapter. Private and Internal virtual network switches can be created without mapping to the physical network adapter.
Many virtual administrators do not know that when you create an External virtual network switch the packet flow changes on the Hyper-V host. By default, a Windows server OS sends network packets using the physical network adapter. This is because networking services always look for a physical network adapter to which networking protocols and services are bound.
When you create an External virtual network switch, all network packets generated by networking services/applications are received by that switch. Once the External virtual network switch receives the network packets, it forwards those packets to the mapped physical network adapter.
This is because when you create an External virtual network switch, the Virtual Switch Manager makes the necessary changes in both the property of the physical network adapter and the External virtual network switch. Before the Virtual Switch Manager processes the changes, you are presented with a warning message as shown in the screenshot below:
This message warns you about the loss of connectivity on the Hyper-V host. You do not see such a warning when you create either the Private or Internal virtual network switches. You'll only see the above warning message when you create an External virtual network switch. This is because of the changes processed during the creation process, including binding and unbinding of the protocols, services and client services.
For example, you create an External virtual network switch with the name "ExtSwitch" and map this virtual switch to a physical network adapter named "Intel(R) 82576 Gigabit Dual Port Network." When you click the Apply button, the following changes are processed in the property of the physical network adapter:
- Unbinds the following services, protocols, and clients: Client for Microsoft Networks, File and Print Sharing for Microsoft Networks, TCP/IP Protocol IPv4, TCP/IP Protocol IPv6, any other service, client or protocol listed in the physical network adapter property.
- Bind the "Microsoft Virtual Network Switch Protocol"
In addition, the changes below are done in the property of the External virtual network switch, in this case ExtSwitch:
- Bind the following Services, protocols, and clients: Client for Microsoft Networks, File and Print Sharing for Microsoft Networks, TCP/IP Protocol IPv4 and TCP/IP Protocol IPv6.
- Unbind the "Microsoft Virtual Network Switch Protocol."
The process also creates a new network connection in the Network Connections folder with the name that was specified when creating the External virtual network switch (ExtSwitch).
The "Microsoft Virtual Network Switch Protocol," which is bound to the physical network adapter, is responsible for listening to network traffic coming from the External virtual network switch. The physical network adapter will drop the network packets generated by the External virtual network switch if the "Microsoft Virtual Network Switch Protocol" is not bound to the physical network adapter.
The entire process causes the protocols, services and clients to unregister from the memory, which in turn results in the termination of any network sessions that were maintained by the system using that physical network adapter. The following connections will be terminated while the virtual network creation is in progress:
- Any virtual machine connection made using the RDP.
- Any virtual machine connection made using the Virtual Machine Connection Tool or VMCONNECT.exe.
- Any other network connection to the Hyper-V host or virtual machine using that physical network adapter.
Before creating an External virtual network switch on the Hyper-V host, it is recommended that you plan for the downtime.
Nirmal Sharma is a MCSEx3, MCITP and Microsoft MVP in Directory Services. He has specialized in Microsoft Technologies since 1994 and has followed the progression of Microsoft Operating System and software. In his spare time, he likes to help others and share some of his knowledge by writing tips and articles on various sites and contributing to Solution IDs for www.Dynamic-SpotAction.com. Nirmal can be reached at firstname.lastname@example.org.
Read more on "Server OS Spotlight" »