none
hyper-v network virtualization gateway

    Question

  • Hi


    I am planning a small testlab for Hyper-V network virtualization and SCVMM 2012 SP1. Now I am confused about the virtualization gateway. My understanding is that when the VMs needs external connection (Internet, other physical host etc.) then I need a virtualization gateway. Right?


    So, is it possible to configure a Hyper-V Host itself or a VM as a virtualization gateway for a testlab?


    Moreover, when you configure a virtualization Gateway with Windows Server 2012 can you manage it through SCVMM 2012 SP1or do you need maintain it manually?

     

    Thx
    J0fe

    • Edited by J0fe Monday, February 25, 2013 10:19 PM
    Monday, February 25, 2013 10:18 PM

Answers

  • By default it is a VM or device.

    You need to manually configure it.

    And yes, the 'gateway' is the way out of the virtualized network - no different than a router spanning multiple subnets.  The concept is totally the same - the terms are different.

    There is an assumption in the model that the gateway is the first IP in the virtual subnet.


    Brian Ehlert
    http://ITProctology.blogspot.com
    Learn. Apply. Repeat.
    Disclaimer: Attempting change is of your own free will.

    Monday, February 25, 2013 10:47 PM
    Moderator

  • Hi,

    Most deployments will require communication from the Hyper-V Network Virtualization environment to resources that are not part of the Hyper-V Network Virtualization environment. Network Virtualization gateways are required to allow communication between the two environments Scenarios requiring a Hyper-V Network Virtualization Gateway include Private Cloud and Hybrid Cloud.  Basically Hyper-V Network Virtualization gateways are required for VPN and routing.

    Gateways can come in different physical form factors. They can be built upon Windows Server 2012, incorporated into a Top of Rack (TOR) switch, load balancer, put into other existing network appliances, or can be a new stand-alone network appliance.

    In the VMM model the Hyper-V Network Virtualization Gateway is managed via a PowerShell plug-in module. Partners building Hyper-V Network Virtualization gateways need to create a PowerShell plug-in module which physically runs on the VMM server. This plug-in module will communicate policy to the gateway.

    For more information please refer to following MS articles:

    Simple Hyper-V Network Virtualization Script with Gateway
    http://gallery.technet.microsoft.com/scriptcenter/Simple-Hyper-V-Network-6928e91b
    Hyper-V Network Virtualization Gateway Architectural Guide
    http://technet.microsoft.com/en-us/library/jj618319.aspx
    Windows Server® 2012 Hyper-V Network Virtualization Survival Guide
    http://social.technet.microsoft.com/wiki/contents/articles/11524.windows-server-2012-hyper-v-network-virtualization-survival-guide.aspx#Simple_Hyper-V_Network_Virtualization_Script_with_Gateway

    Hope this helps!

    TechNet Subscriber Support

    If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.

     


    Lawrence

    TechNet Community Support

    Tuesday, February 26, 2013 6:15 AM
    Moderator
  • MMS is coming up, that is the time for system center announcements.

    now, is there anything special about the gateway? nope, not in a vm.  if the gateway is a vm it only needs to route, no need to know anything about NVGRE as the virtual switch handles that.

    if the router is physical, then it would have to understand NVGRE.  no one has announced support.


    Brian Ehlert
    http://ITProctology.blogspot.com
    Learn. Apply. Repeat.
    Disclaimer: Attempting change is of your own free will.

    Tuesday, February 26, 2013 1:50 PM
    Moderator

All replies

  • By default it is a VM or device.

    You need to manually configure it.

    And yes, the 'gateway' is the way out of the virtualized network - no different than a router spanning multiple subnets.  The concept is totally the same - the terms are different.

    There is an assumption in the model that the gateway is the first IP in the virtual subnet.


    Brian Ehlert
    http://ITProctology.blogspot.com
    Learn. Apply. Repeat.
    Disclaimer: Attempting change is of your own free will.

    Monday, February 25, 2013 10:47 PM
    Moderator

  • Hi,

    Most deployments will require communication from the Hyper-V Network Virtualization environment to resources that are not part of the Hyper-V Network Virtualization environment. Network Virtualization gateways are required to allow communication between the two environments Scenarios requiring a Hyper-V Network Virtualization Gateway include Private Cloud and Hybrid Cloud.  Basically Hyper-V Network Virtualization gateways are required for VPN and routing.

    Gateways can come in different physical form factors. They can be built upon Windows Server 2012, incorporated into a Top of Rack (TOR) switch, load balancer, put into other existing network appliances, or can be a new stand-alone network appliance.

    In the VMM model the Hyper-V Network Virtualization Gateway is managed via a PowerShell plug-in module. Partners building Hyper-V Network Virtualization gateways need to create a PowerShell plug-in module which physically runs on the VMM server. This plug-in module will communicate policy to the gateway.

    For more information please refer to following MS articles:

    Simple Hyper-V Network Virtualization Script with Gateway
    http://gallery.technet.microsoft.com/scriptcenter/Simple-Hyper-V-Network-6928e91b
    Hyper-V Network Virtualization Gateway Architectural Guide
    http://technet.microsoft.com/en-us/library/jj618319.aspx
    Windows Server® 2012 Hyper-V Network Virtualization Survival Guide
    http://social.technet.microsoft.com/wiki/contents/articles/11524.windows-server-2012-hyper-v-network-virtualization-survival-guide.aspx#Simple_Hyper-V_Network_Virtualization_Script_with_Gateway

    Hope this helps!

    TechNet Subscriber Support

    If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.

     


    Lawrence

    TechNet Community Support

    Tuesday, February 26, 2013 6:15 AM
    Moderator
  • Hi Brian, Hi Lawrence

    Thanks for your explanations and Information.

    However, I know already the Architectural Guide and the sample script on Technet. After reading this articles my understanding was that the virtualization gateway is not only a normal router with an interface in each virtual network, it moreover a special router, which can also terminate the NVGRE “tunnels” etc. Furthermore, the virtualization gateway work only with physical NIC so it must be a physical computer or device.

    Is that correct or does I still misunderstood something? If the gateway could also be a VM, it would simplify my lab setup a bit.

    Regarding SCVMM: Has Microsoft some plans to release a plug-in module for Windows Server 2012 sometime?

    Thanks!

    J0fe

    Tuesday, February 26, 2013 10:22 AM
  • Regarding SCVMM: Has Microsoft some plans to release a plug-in module for Windows Server 2012 sometime?


    System Center 2012 SP1 supports Windows Server 2012.  It released at the beginning of the year.

    .:|:.:|:. tim

    Tuesday, February 26, 2013 12:49 PM
  • Yes, I know. I'm asking about a Gateway configuration provider / plug-in for SCVMM 2012 SP1 so you can manange and configure a Windows Server 2012 based gateway from the SCVMM console. (http://technet.microsoft.com/en-us/library/jj721575.aspx#BKMK_gateways)

    Tuesday, February 26, 2013 1:08 PM
  • MMS is coming up, that is the time for system center announcements.

    now, is there anything special about the gateway? nope, not in a vm.  if the gateway is a vm it only needs to route, no need to know anything about NVGRE as the virtual switch handles that.

    if the router is physical, then it would have to understand NVGRE.  no one has announced support.


    Brian Ehlert
    http://ITProctology.blogspot.com
    Learn. Apply. Repeat.
    Disclaimer: Attempting change is of your own free will.

    Tuesday, February 26, 2013 1:50 PM
    Moderator
  • Hey so i'm really embarrassed to admit how long i've been trying to make this work

    all this hardware, all this time and i'm simply stymied by the seeming lack of any complete/accurate information

    please consider FIGURE TWO IN THIS DOCUMENT and kindly inform me:

    1. in this example for the VM BLUE-GW, what are the correct netmask, gateway, and dns addresses that i should be using?? 
           IP:10.0.1.2 / NETMASK:255.255.255.0 / GATEWAY:10.0.1.1 (where is this gateway shown in the diagram) / DNS: (surely not the DNS of corpnet !??)

    2. also in this example, regarding the physical machine host3 - the interface CORPNIC which is physically connected to CORPNET is shown as directly connected to BLUE-GW ... and instructions indicate that this is so, but BLUE-GW is VM, hence CORPNIC would need to be (a second virtual switch?  or, ___PLEASE FILL IN THIS BLANK___)

    then please scroll down for my other question(s) on this topic

    in step 2 - E, when performing the "verify routes" step We are instructed to ensure that this route is present:
    10.0.0.0/16 nexthop 10.0.1.1 (where does 10.0.1.1 live again?)
    After following the example, I do not have any such route - PERHAPS because there are no ip's on that machine in that subnet ... so i don't see how that route would ever exist.  I did try using SET-NETROUTE but always got an error "ifindex or ifalais not found" no matter how i used the command.

    Perhaps 10.0.1.2 should actually be 10.0.0.2, but how is that going to work when there's no physical host reference to that address?

    Lot's of videos showing Red/Blue isolated networks that don't connect to the internet, and lots of chatter about the Glory of WNV but is there one single working example we can use as a basis for learning? 

    sorry to be a pest, not trying to be mean, i'm just really trying to make the tech work even close to as advertised - YOUR KIND ATTENTION MUCH APPRECIATED


    Work a little longer, try a little harder; success is imminent!



    • Edited by ericMon Sunday, March 10, 2013 11:38 PM typo
    Sunday, March 10, 2013 11:32 PM
  • ericMon you named it!

    The lack of any complete information is also my biggest problem.
    Maybe for the MS people everything is clear but for the rest of world who has never seen this technology before more complete information would be very helpful to test and implement this.

    I hope some session at the MMS will bring some light into this topic…

    Monday, March 25, 2013 7:29 AM
  • Yep, I've read through a lot of blog posts and some of the Microsoft documentation about Virtual Networking and it is astounding just how badly written this stuff is. The majority of documentation is based around How-To type information, which includes screen shots and some diagrams.

    The Hyper-V Network Virtualization Gateway Architectural Guide is a classic Microsoft document in that it is very badly written. It's quite astounding actually. Bad grammar and poor structure, terrible diagrams, disconnects all over the place between conceptual stuff and examples, and incomplete information - makes for tiresome reading that does little to enlighten the reader.

    Unbelievable. It is very apparent that many writers in Microsoft just don't know how to write truly nuts-and-bolts documentation that is concise, to the point, logical and complete. Give me Cisco documentation anytime over Microsoft documentation.


    • Edited by gxtoast Tuesday, April 30, 2013 2:31 PM
    Tuesday, April 30, 2013 2:30 PM
  • Almost a year later - the same question - how to connect my "blue and red" tenants to the internet? I have successfully built everything that can be built using MS out of the box technologies(2012 R2 both server and system center). Yet one question remains - what if I need more than one public(non-encapsulated) IP per tenant? It is undoubtfully cool if you can create a NAT rule on the virtualization gateway to forward some ports from my single NATed IP address to an internal tenant server but what if I need more? Private clouds, Hybrid clouds is cool but what about service provider clouds? How do I provide my tenants a solution where they can use their public IP pool to publish their own services out of their bubble? Does it require a 3rd party NV Gateway? What is it? Can't find any.

    Please, anyone?

    Monday, February 24, 2014 2:00 PM
  • Interesting Question. I would be also interested in this.

    Maybe it is possible to add multiple IP address to a NV Gateway NAT connection
    through Power Shell. But I’m not sure.

    Maybe someone from MS can give us an advice?<o:p></o:p>


    Friday, February 28, 2014 12:45 PM