none
Server 2012 Essentials on Hyper-V 2012 -- Need Help w/Networking Basics

    Question

  • Ah, for the good old days...

    In the good old days we'd simply:

    1. Install two NICs in our server box
    2. Call one external and the other internal
    3. Cable the backside of our DSL router to the external NIC
    4. Cable the internal NIC to our switch
    5. Cable our switch out to the workstations

    Simple stuff, really. Small single-office network, 10 workstations.

    How on earth to accomplish this on a Dell T420 w/dual-port NIC running Server 2012 Essentials in a VM on Hyper-V 2012?

    I'm absolutely lost. For hours now I'm wading neck-deep in highly complex documentation that tells me how to design and build a nuclear-propelled craft for flying to Saturn using same, along with plenty of helpful blogs and advice for Server 2008, but I'm turning up nothing that applies directly to what I'm trying to do on the new stuff. Odd. I'd have thought my setup was just about as simple and standard as one could get, but apparently not.

    Any kind assistance available? Even the not-so-kind kind would be appreciated at this point. This is starting to hurt.

    Thanks,
    Jeff Bowman

    Sunday, January 06, 2013 2:21 AM

Answers

  • :)

    Based on your schema, do what i suggested you much before..

    1 broadcom port for hyper host

    1 broadcom port for external virtual switch dont share it with os

    Connect to switch

    Connect modem to switch disable dns and dhcpcon it if have

    Connect clients to switch


    ------------------------------------------------------- I understand a little computers.

    • Marked as answer by InteXX Tuesday, January 08, 2013 1:52 AM
    Monday, January 07, 2013 5:53 AM
  •   I really can't see why you are putting yourself through this. I am a great fan of virtualising servers, but I can't see any reason for it in this case. It looks like extra complexity for no gain.

       Why not simply plug the switch into the router, plug the server into the switch (using one NIC), give it a static IP using the router as its gateway and install the server OS directly on the hardware. Promote it to DC and let the wizard install DNS for you. Configure the DNS to forward to a public DNS service.

       All you have to do before you plug your workstations into the switch is modify the DNS address in DHCP on your DSL router so that it gives clients its own IP for default gateway but the server's IP address for DNS. The DNS proxy method used by NAT devices like a DSL router work fine for a workgroup but are useless for a domain. The domain resources are found using DNS and these records only exist in your local DNS.

    Internet
    |
    public IP
    DSL router
    10.0.0.1
    |
    DC
    10.0.0.3  dns  1.0.0.3
    |             dg    1.0.0.1
    |
    workstations
    1.0.0.x   dns 1.0.0.3
                  dg   1.0.0.1 


    Bill

    • Marked as answer by InteXX Tuesday, January 08, 2013 1:53 AM
    Monday, January 07, 2013 10:22 PM

All replies

  • Hello

    it's not that different then before.. just the virtualization part or layer as you prefere.. after that the rest remain the same.

    i could try to help you but, it can be little long.. so before tellin you something let me know if at least on the hyper v host you are ok.. i mean do you just miss the essential installation and layout ? or even with hyper you lost ?

    Regards


    ------------------------------------------------------- I understand a little computers.

    Sunday, January 06, 2013 2:41 AM
  •   It does seem odd at first, but really it is still the same old setup. The only difference is that with virtual machines, you have to actually tell them which physical networks to use. They cannot see the physical hardware - they only see their own emulated devices. You have to link those to the actual networks you want to use.

       For the example you give, the setup inside the vm is exactly the same. You just have to tell the vm how to link the public NIC of the server to the physical network where your DSL router is, and how to link the private NIC to your private LAN where your workstations are. You do that by creating an external virtual network linked to each physical NIC in the host (from Virtual Switch Manager in the Hyper-V console), then link the NIC in the vm to the correct external network (select the vm in the virtual machines list then press Settings). You select the correct network from the dropdown list.

     If you have a spare NIC in the host, do not check the "Allow management......" box for the virtual switches. The switch will then be available to vms only. (Checking the box allows the host to use the NIC as well).


    Bill

    Sunday, January 06, 2013 3:12 AM
  • Hi Ales

    Thanks, any tips are much appreciated.

    Here's what I've got so far:

    • Hyper-V 2012 installed, workstation mode
    • Connecting from Win8 (that was a chore!)
    • VM created, running Server 2012 Essentials
    • Two external virtual switches created, NIC1 and NIC2

    Per Bill's advice above:

    1. I bound both switches to the VM; both are detected by Server 2012
    2. I renamed the adapter bound to NIC1 to External
    3. I renamed the adapter bound to NIC2 to Internal
    4. I configured static IPs for each
    5. I installed the DHCP Role, added a scope

    But I've erred somewhere. When I unplug the cable to the Win8 machine -- \\Test -- from the back of the router and plug it into NIC2 I can't reach the internet (I can from within the VM). \\Test gets an IP within the defined scope, but it can't get out.

    Here's my configuration:

    And here're some of the error messages I'm getting:

    Clearly I'm missing something somewhere.

    What do you think?

    Thanks,
    Jeff Bowman



    • Edited by InteXX Monday, January 07, 2013 4:49 AM
    Monday, January 07, 2013 4:37 AM
  • Hi Bill

    OK, I'm making some headway (thanks).

    The only NIC in the T420 is the dual-port Broadcom. I'm going to need both of those for the virtual switch bindings and the NAT setup to serve domain requests, so are you suggesting I install another NIC for dedicated host management? Is there a security issue with using the same NIC/port for host management and VM access?

    Something else: Now that I've gone so far as to implement your suggestions (see my reply to Ales), which in turn are based on my original request, in digging around I'm finding strong recommendations AGAINST configuring multi-homing on a DC. Well, this is a DC of course...  but is what I'm proposing a multi-homed setup? I thought it was simple NAT. Maybe I'm mistaken.

    What's your take on it? Also, do you have an insight as to why \\Test can't connect to the Internet?

    Thanks,
    Jeff Bowman

    Monday, January 07, 2013 4:47 AM
  • Hello..

    Gosh your post scared :))

    Well i need you explain me somethin here..

    Why you created an internal switch ?? For what you need it or assumed to need ?


    ------------------------------------------------------- I understand a little computers.

    Monday, January 07, 2013 4:47 AM
  • I designed many sbs in my life and essential is just.that..

    Need to know your hardware, i mean, have a switch, just a router ? 

    Phsycal clients ?


    ------------------------------------------------------- I understand a little computers.

    Monday, January 07, 2013 4:52 AM
  • Didn't mean to hit you over the head...  :-)

    It's not an internal switch--both virtual switches on the host are external.

    I just renamed the adapters in the server OS, so I could more easily keep track of things.

    Thanks,
    Jeff Bowman

    Monday, January 07, 2013 4:54 AM
  • For the initial configuration we're using a simple DSL modem with a built-in router and 4-port switch. A firewall appliance is coming soon.

    Cabling will go from that small switch to NIC1 on the host machine. Cabling will go from NIC2 on the host machine to a 16-port switch. Cabling will go from the large switch out to the workstations.

    Thanks,
    Jeff Bowman


    • Edited by InteXX Monday, January 07, 2013 5:01 AM
    Monday, January 07, 2013 4:59 AM
  • Aaok.. Well why you need two external switch ? ?

    I suppose you need one..

    Ok you have brodcoma 2 ports

    One port 192.168.0.2 lets say for management hyper host

    One port bind to an external switch in hyper network configuration, dont share it with os.

    Essential vm using the external switch, choose an ip address.. 

    Win 8 ?? Virtual ? Phsycal ? 


    ------------------------------------------------------- I understand a little computers.

    Monday, January 07, 2013 5:01 AM
  • Ok..

    Well disable dhcp and dns if you have on the router, you are going to use on essential

    Assign static ip router, 192.168.0.1

    Connect both nic ports to modem

    For hyper host configure gateway 192.168.0.1, and dns the ip address essential vm

    Enable tcp over netbios

    Essential same, gateway 192.160.0.1. Dns its ip address since it is the dns server and 127.0.01 second field

    Win 8 client ip address, always same gatewqy and dns the essential ip address


    ------------------------------------------------------- I understand a little computers.

    Monday, January 07, 2013 5:09 AM
  • Aaok.. Well why you need two external switch ? ?

    I suppose you need one..

    Ok you have brodcoma 2 ports

    One port 192.168.0.2 lets say for management hyper host

    One port bind to an external switch in hyper network configuration, dont share it with os.

    Essential vm using the external switch, choose an ip address.. 

    Win 8 ?? Virtual ? Phsycal ? 


    ------------------------------------------------------- I understand a little computers.

    I did briefly consider a setup like that, but I realized that the workstations would then be exposed at the same level as the server. If I configure Essentials as a NAT router, the workstations will be behind its firewall. That gives me a warm fuzzy.

    \\Test is a physical Win8 machine. Is that what you're asking?

    Thanks,
    Jeff Bowman

    Monday, January 07, 2013 5:10 AM
  • Last but not least

    Go in dns server ln essential, right click in it and properties, look for forwarders, put there dns ip from hour isp

    So.. Dns management, server at top, right click and open properties


    ------------------------------------------------------- I understand a little computers.

    Monday, January 07, 2013 5:12 AM
  • Aaahhhhhh :) ok

    You want to put clients on a separate subnet ? And behind nat and firewall ?? 

    Whell you need rras installed on essential, then you can connect straight a client into broadcom free port but better you need q switch

    This much different



    ------------------------------------------------------- I understand a little computers.

    Monday, January 07, 2013 5:22 AM
  • Ok..

    Well disable dhcp and dns if you have on the router, you are going to use on essential

    Assign static ip router, 192.168.0.1

    Connect both nic ports to modem

    For hyper host configure gateway 192.168.0.1, and dns the ip address essential vm

    Enable tcp over netbios

    Essential same, gateway 192.160.0.1. Dns its ip address since it is the dns server and 127.0.01 second field

    Win 8 client ip address, always same gatewqy and dns the essential ip address


    ------------------------------------------------------- I understand a little computers.

    Well I'm cornfused now.

    Shouldn't only NIC1 be connected to the modem? And NIC2 to the 16-port switch?

    Not sure what you mean by "Essential same, gateway 192.160.0.1. Dns its ip address since it is the dns server and 127.0.01 second field."

    You're talking about the adapter named Internal, right? Or are you referring to External? The router is on the 10.0.0.x range, so shouldn't External be on that subnet?

    Thanks,
    Jeff Bowman

    Monday, January 07, 2013 5:22 AM
  • Last but not least

    Go in dns server ln essential, right click in it and properties, look for forwarders, put there dns ip from hour isp

    So.. Dns management, server at top, right click and open properties


    ------------------------------------------------------- I understand a little computers.

    OK, will do.

    Thanks,
    Jeff Bowman

    Monday, January 07, 2013 5:23 AM
  • Hi,

    Thank you for the post.

    I’d like to confirm if the following topology is true:

    Isp------DSL route--------Hyper 2012(server 2012 essentials vm)------switch

    VM NIC1 bound to external connect to DSL route

    VM NIC2 bound to internal connect to switch

    If the above configuration is true, you should configure default gateway only for external NIC, and remove default gateway in internal NIC; remove DNS setting from external NIC, configure DNS setting in internal NIC.

    Regards,


    Nick Gu - MSFT

    Monday, January 07, 2013 5:27 AM
  • Hi,

    Thank you for the post.

    I’d like to confirm if the following topology is true:

    Isp------DSL route--------Hyper 2012(server 2012 essentials vm)------switch

    VM NIC1 bound to external connect to DSL route

    VM NIC2 bound to internal connect to switch

    If the above configuration is true, you should configure default gateway only for external NIC, and remove default gateway in internal NIC; remove DNS setting from external NIC, configure DNS setting in internal NIC.

    Regards,


    Nick Gu - MSFT

    Yes, you're correct.

    I'll give that a try tomorrow.

    Thanks,
    Jeff Bowman

    Monday, January 07, 2013 5:30 AM
  • What should I use then for these settings:

    • External adapter gateway
    • Internal adapter DNS

    Thanks,
    Jeff Bowman

    Monday, January 07, 2013 5:33 AM
  • Aaahhhhhh :) ok

    You want to put clients on a separate subnet ? And behind nat and firewall ?? 

    Whell you need rras installed on essential, then you can connect straight a client into broadcom free port but better you need q switch

    This much different



    ------------------------------------------------------- I understand a little computers.

    Yes, exactly.

    OK, I'll look into RRAS.

    Thanks,
    Jeff Bowman

    Monday, January 07, 2013 5:35 AM
  • Hi,

    The external adapter gateway should point to your DSL router, and the internal adapter DNS should point to your internal DNS server, if server 2012 essential vm is DNS server, just point to itself.

    Regards


    Nick Gu - MSFT

    Monday, January 07, 2013 5:38 AM
  • Jeff we are makin a disaster here :)

    Do you want your clients on a different subnet ? if yes that thing above wont work.


    ------------------------------------------------------- I understand a little computers.

    Monday, January 07, 2013 5:38 AM
  • Jeff we are makin a disaster here :)

    Do you want your clients on a different subnet ? if yes that thing above wont work.


    ------------------------------------------------------- I understand a little computers.

    Yes, I think we are.

    I'm just about a hop away from deciding to do this:

    Our firewall appliance will handle the security. I think I'm trying to shoot a squirrel with a shotgun.

    Thanks,
    Jeff Bowman

    Monday, January 07, 2013 5:44 AM
  • Hi,

    The external adapter gateway should point to your DSL router, and the internal adapter DNS should point to your internal DNS server, if server 2012 essential vm is DNS server, just point to itself.

    Regards


    Nick Gu - MSFT

    OK, I'll try that.

    If it doesn't work for some reason I'll start thinking strongly about scaling back on this NAT idea. I think I can put the VM OS with a single NIC and the workstations all on the same subnet. Our upcoming firewall appliance should be sufficient for security.

    Thanks,
    Jeff Bowman

    Monday, January 07, 2013 5:47 AM
  • :)

    Based on your schema, do what i suggested you much before..

    1 broadcom port for hyper host

    1 broadcom port for external virtual switch dont share it with os

    Connect to switch

    Connect modem to switch disable dns and dhcpcon it if have

    Connect clients to switch


    ------------------------------------------------------- I understand a little computers.

    • Marked as answer by InteXX Tuesday, January 08, 2013 1:52 AM
    Monday, January 07, 2013 5:53 AM
  • The dns server for all computers will be the ip address vm essential.

    The gateway, the modem ip address.

    In dns mangemenet configure dns forwarders as told you before

    You are done



    ------------------------------------------------------- I understand a little computers.

    Monday, January 07, 2013 5:57 AM
  • The dns server for all computers will be the ip address vm essential.

    The gateway, the modem ip address.

    In dns mangemenet configure dns forwarders as told you before

    You are done



    ------------------------------------------------------- I understand a little computers.

    And I do so much want to be done  :-)

    Thanks,
    Jeff Bowman

    Monday, January 07, 2013 6:16 AM
  • :)

    Based on your schema, do what i suggested you much before..

    1 broadcom port for hyper host

    1 broadcom port for external virtual switch dont share it with os

    Connect to switch

    Connect modem to switch disable dns and dhcpcon it if have

    Connect clients to switch


    ------------------------------------------------------- I understand a little computers.

    Now that's a real man's solution  :-)

    Thanks,
    Jeff Bowman

    Monday, January 07, 2013 6:17 AM
  •   Everyone seems to be making heavy weather of a simple problem here.

      I assumed that you knew how to configure SBS to work with one connection to the Internet and one to a private LAN, and that all you needed was to convert that to running as a vm. If that had been the case, my original post would have covered all you need to do.

     As I said earlier, the setup of the SBS server is exactly the same as it would be on a physical server. That covers all the necessary configuration of routing and DNS. The "public" NIC is in the same IP subnet as your DSL router and uses that router as its default gateway. The private or domain network NIC is the default gateway for your client machines and is in its own IP subnet. The DC is the DNS server for the client machines and is set to forward to a public DNS server so that it can resolve foreign URLs for its clients. The clients use the DC ONLY for DNS. They get their config from DHCP on the DC (or manual config if you only have a few). The SBS machine is the Internet router for its clients. All of this has nothing to do with Hyper-V or virtual networks. It is standard SBS setup.  eg

    Internet
    |
    DSL router
    |
    10.0.0.3  dg  10.0.0.1
    SBS
    192.168.0.1  dg  blank
    |
    clients
    192.168.0.x  dg    192.168.0.1
                         dns  192.168.0.1

       Yes, this is a multihomed DC, but is standard practice for SBS. SBS was designed as a one server solution and was therefore designed to work as both a DC and a router. You can easily run the router in a separate server but it is not required.

      The only things necessary to convert this setup to a virtual machine is to link the public NIC of the SBS to the physical network connected to the DSL router and link the private NIC of the SBS to the NIC connecting to the switch (where the client machines are).

        If you only have two NICs in the host you will have to enable "Allow management.." on one virtual switch or your host will have no network connection. I would put it in the public network. Don't even think about joining the host to the domain. 


    Bill

    • Marked as answer by InteXX Monday, January 07, 2013 9:23 AM
    • Unmarked as answer by InteXX Tuesday, January 08, 2013 1:51 AM
    Monday, January 07, 2013 7:02 AM
  • Thanks Bill. You wouldn't happen to be a Jaco Pastorius fan, would you?  ;-)

    That was a fair assumption and at one time you would have been correct. It's been many years, however, since I configured my first and only SBS 2003 machine. And now that I think of it, all the routing was done for me by a wizard.

    Nevertheless, what you're describing here appears to be a very simple setup. It seems I'm close to success already. No one is onsite at the moment to switch that cable for me, but I'll give it a try tomorrow and let you know how it goes. I'll also need to turn DHCP off in the router.

    So to confirm, you're recommending I leave DNS blank on both the Public and Private adapters, yes? (FWIW, I now prefer the names Public and Private; I've switched to those.)

    > Don't even think about joining the host to the domain

    Not a peep.

    Thanks,
    Jeff Bowman

    Monday, January 07, 2013 10:09 AM
  • Well i dont agree .. i am sorry.. so instead pushing you with my thoughts i spent little time to find for you this.

    basically what i think it is wrote here.. i dont want this post become 300 miles long..

    so lets not make the sbs multihomed setup the best option, even not the easiest..

    http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/c44b966b-db0b-4e1c-b15b-9c80cb1d5de3

    regards


    ------------------------------------------------------- I understand a little computers.

    Monday, January 07, 2013 2:40 PM
  • Well i dont agree .. i am sorry.. so instead pushing you with my thoughts i spent little time to find for you this.

    basically what i think it is wrote here.. i dont want this post become 300 miles long..

    so lets not make the sbs multihomed setup the best option, even not the easiest..

    http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/c44b966b-db0b-4e1c-b15b-9c80cb1d5de3

    regards


    ------------------------------------------------------- I understand a little computers.

    Don't worry, it already is three hundred miles long. And full of twists and turns at that. I pity the poor soul who stops in now and tries to figure out what's going on.

    That's a worrisome thread you found there. As a result I'm inclined to not multi-home, however I'm not comfortable leaving our workstations out in the open like that. I like the idea of them being behind that firewall, especially since we don't have our appliance yet.

    So I'm torn. At least Jay's problem doesn't apply here as we'll be running our intranet server on a different VM. The only port open to the outside will be for incoming mail.

    I'll have to mull it over. I suppose I could multi-home for now and switch it when we get our appliance.

    That said, I still don't know for sure that it works. Will be trying soon...

    Thanks,
    Jeff

    Monday, January 07, 2013 9:11 PM
  • hello jeff..

    well its up to you.. i just wanted to inform you about drawbacks, i didnt want to compare that guy problem with yours, i wanted mainly to show you what the other guy is suggesting and commenting about multihomed setup. that is a very good write.

    unfortunately my english is not good enough to write thoughts on the argument.. that's why i searched for it

    you can start multihomed and of course switch later.

    regards


    ------------------------------------------------------- I understand a little computers.

    Monday, January 07, 2013 9:20 PM
  • hello jeff..

    well its up to you.. i just wanted to inform you about drawbacks, i didnt want to compare that guy problem with yours, i wanted mainly to show you what the other guy is suggesting and commenting about multihomed setup. that is a very good write.

    unfortunately my english is not good enough to write thoughts on the argument.. that's why i searched for it

    you can start multihomed and of course switch later.

    regards


    ------------------------------------------------------- I understand a little computers.

    Well you did succeed in making an impression, I'll give you that  :-)

    OK, I'll post back here with the results of Bill's recommendations. If it works, I'll likely keep the setup only temporarily.

    Thanks,
    Jeff Bowman

    Monday, January 07, 2013 9:33 PM
  • ok Jeff

    good luck and let me know..

    Regards


    ------------------------------------------------------- I understand a little computers.

    Monday, January 07, 2013 9:35 PM
  •   I really can't see why you are putting yourself through this. I am a great fan of virtualising servers, but I can't see any reason for it in this case. It looks like extra complexity for no gain.

       Why not simply plug the switch into the router, plug the server into the switch (using one NIC), give it a static IP using the router as its gateway and install the server OS directly on the hardware. Promote it to DC and let the wizard install DNS for you. Configure the DNS to forward to a public DNS service.

       All you have to do before you plug your workstations into the switch is modify the DNS address in DHCP on your DSL router so that it gives clients its own IP for default gateway but the server's IP address for DNS. The DNS proxy method used by NAT devices like a DSL router work fine for a workgroup but are useless for a domain. The domain resources are found using DNS and these records only exist in your local DNS.

    Internet
    |
    public IP
    DSL router
    10.0.0.1
    |
    DC
    10.0.0.3  dns  1.0.0.3
    |             dg    1.0.0.1
    |
    workstations
    1.0.0.x   dns 1.0.0.3
                  dg   1.0.0.1 


    Bill

    • Marked as answer by InteXX Tuesday, January 08, 2013 1:53 AM
    Monday, January 07, 2013 10:22 PM
  •   I really can't see why you are putting yourself through this. I am a great fan of virtualising servers, but I can't see any reason for it in this case. It looks like extra complexity for no gain.

       Why not simply plug the switch into the router, plug the server into the switch (using one NIC), give it a static IP using the router as its gateway and install the server OS directly on the hardware. Promote it to DC and let the wizard install DNS for you. Configure the DNS to forward to a public DNS service.

       All you have to do before you plug your workstations into the switch is modify the DNS address in DHCP on your DSL router so that it gives clients its own IP for default gateway but the server's IP address for DNS. The DNS proxy method used by NAT devices like a DSL router work fine for a workgroup but are useless for a domain. The domain resources are found using DNS and these records only exist in your local DNS.

    Internet
    |
    public IP
    DSL router
    10.0.0.1
    |
    DC
    10.0.0.3  dns  1.0.0.3
    |             dg    1.0.0.1
    |
    workstations
    1.0.0.x   dns 1.0.0.3
                  dg   1.0.0.1 


    Bill

    Yes, that's pretty much what I've decided to do (except I'll retain the Hyper-V installation--we need multiple OSs for other reasons).

    For some reason the multi-homed setup still doesn't work. The test machine gets an IP but can't make it outside the local network. A DNS forwarder was created for me (not sure how/why, but I'll take it), pointing to the gateway router. All else looks well according to your description, although I'm still not sure whether you intended that I leave DNS off of both Public and Private adapters.

    In the end, I'll likely end up going with a single-homed setup. As mentioned a couple of times earlier, the reason I'm wanting a multi-homed setup--at least for now--is that I'm not comfortable with the workstations being protected only by a simple DSL/NAT router.

    So, since I can't seem to get multi-homed working in the first place, I guess it's a moot point. It looks like we'll have speed up the purchase of that SPI firewall appliance.

    Thanks,
    Jeff Bowman

    Monday, January 07, 2013 11:07 PM
  •   I agree with that. Any "protection" from a multihomed server would be more imagined than real (unless you ran third party firewall software or Forefront on the server/router).

      If the host machine is running as a DC I would not consider running Hyper-V on it to host additional machines. The less additional bits you put on a DC the better. If you are running your only DC as a vm, best of luck!

     

    Bill

    Tuesday, January 08, 2013 3:48 AM
  •   I agree with that. Any "protection" from a multihomed server would be more imagined than real (unless you ran third party firewall software or Forefront on the server/router).

      If the host machine is running as a DC I would not consider running Hyper-V on it to host additional machines. The less additional bits you put on a DC the better. If you are running your only DC as a vm, best of luck!

     

    Bill

    this is correct.. however with a little env. good control and good backups there is not to be worried too much..


    ------------------------------------------------------- I understand a little computers.

    Tuesday, January 08, 2013 3:53 AM
  •   I agree with that. Any "protection" from a multihomed server would be more imagined than real (unless you ran third party firewall software or Forefront on the server/router).

      If the host machine is running as a DC I would not consider running Hyper-V on it to host additional machines. The less additional bits you put on a DC the better. If you are running your only DC as a vm, best of luck!

     

    Bill

    >  If you are running your only DC as a vm, best of luck

    Eh?

    Why's that, pray tell?

    Tuesday, January 08, 2013 4:09 AM
  •   I agree with that. Any "protection" from a multihomed server would be more imagined than real (unless you ran third party firewall software or Forefront on the server/router).

      If the host machine is running as a DC I would not consider running Hyper-V on it to host additional machines. The less additional bits you put on a DC the better. If you are running your only DC as a vm, best of luck!

     

    Bill

    this is correct.. however with a little env. good control and good backups there is not to be worried too much..


    ------------------------------------------------------- I understand a little computers.

    I'm going to go out on a limb here and say it's starting to look like we're all in agreement.

    Whew!

    Tuesday, January 08, 2013 4:09 AM
  • dear Bill no... :))

    i just agree about that..

    even a good commercial router.. with firewall setup.. and you are not attacked by anonymous.. is enough..


    ------------------------------------------------------- I understand a little computers.

    Tuesday, January 08, 2013 4:14 AM