locked
Networking driver on 'RHEL56X64_01' loaded but has a different version from the server. Server version Client version (Virtual machine ID E2452702-B). The device will work, but this is an unsupported configuration. RRS feed

  • Question

  • i had a working system for months and now suddenly I am having nic or virtual nic issues...I get this warning in the windows core event manager:

     

    Networking driver on 'RHEL56X64_01' loaded but has a different version from the server. Server version Client version (Virtual machine ID E2452702-B). The device will work, but this is an unsupported configuration.

     

    i have had a working system with a external intel nic virtual network which is not shared with the host...and a on board realket I use to communicate with the host..

    this is my dev con output:

    c:\WinDDK\7600.16385.1\Tools\devcon\amd64>devcon findall =net
    PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_06\4&14486AD3&0&00E0: Realtek PCIe GBE Family Controller
    PCI\VEN_8086&DEV_10D3&SUBSYS_A01F8086&REV_00\4&2D68EC9A&0&0008: Intel(R) Gigabit CT Desktop Adapter
    ROOT\*ISATAP\0000 : Microsoft ISATAP Adapter #17
    ROOT\*ISATAP\0001 : Microsoft ISATAP Adapter #18
    ROOT\*TEREDO\0000 : Teredo Tunneling Pseudo-Interface
    ROOT\VMS_MP\0000 : Microsoft Virtual Network Switch Adapter
    ROOT\VMS_MP\0001 : Virtual Network 1
    7 matching device(s) found.

    what could have happened?

    • Moved by BrianEhMVP Tuesday, December 20, 2011 6:34 PM (From:Hyper-V)
    Tuesday, December 20, 2011 6:11 PM

Answers

  • Actually as long as there are no major problems with the RHEL5 ICs, don't expect them to be updated. MS focuses on upstream integration and more modern Enterprise Linux support where required (RHEL6). So you can ignore the message - same happens on RHEL6 or unsupported distributions using the mainline drivers.

    About securing your VM:

    • Have the management interface on a separate physical interface only
    • Don't bridge the parent partition with a virtual network that is attached to a physical port/or NIC team (starting 2008 R2 only, but still default setting)
    • Separate the management NIC from the VM network via VPN or other subnetz (as BrianEh suggested)
    • Enable the default firewall in RHEL (system-config-firewall)
    • Secure your SSH (public-key auth instead of passwords)
    • If you want to dive into SELinux, it might be worth, but be prepared for some pitfalls ;)
    • Chrooting processes is not explicitely a security feature but might be good idea where required
    • ...

    @BrianEh - as long as there is no known security issue how to break out of the virtualized environment on to the Hypervisor layer, you're quite save. :)

    Sunday, December 25, 2011 9:24 AM

All replies

  • If you applied any "hyper-V" patch to the Hyper-V Server there is frequently a revision in the Integration Services on the server side.

    This requires that the Integration Components in the VM be updated as well.

    Now, there is compatibility built in - and it has gotten better over time.  So, I am guressing tha thte VM can still get out to the world over your External Virtual Network.  (you never state the problem, just that you are having some problem and an event).

    The other thing that happens is that the ICs in the VM get updated - there was a recent update to the Linux ICs that are built into the kernel.  So, if you updated the kernel of the VM, you could also create this mis-match.

    I will shuttle this thread over to the Linux IC forum to see if you get a better answer.

     

     


    Brian Ehlert (hopefully you have found this useful) http://ITProctology.blogspot.com
    Learn. Apply. Repeat.
    Tuesday, December 20, 2011 6:34 PM
  • Hi Brian,

     

    I think I have been hacked on RHEL...

    My DNS host number was not what I set it..

     

    How do you propose people deal with Hyper V host exposed to the internet with internet facing vms?

     

    Most of us wont use selinux; most linux app server hosts have no protection.

     

    What do people do to protect their Hyper V host; I dont care if people ruin my vms...they are exported nightly..

     

     

    Thursday, December 22, 2011 2:03 AM
  • Exposing the VMs to the internet does not expose the host.  The managment interface of the host should never be exposed to the internet - just prudent practice.

    That being said, any machine can be hacked, or modified by folks that have proper access but don't communicate things.  But, hacking a VM only comprimises that VM, not the entire hypervisor, nor other VMs - they are designed specifically for this security model.

    You need to secure the management interface.  Require a VPN to reach it, have a secure password, etc. 

     


    Brian Ehlert (hopefully you have found this useful) http://ITProctology.blogspot.com
    Learn. Apply. Repeat.
    Thursday, December 22, 2011 2:39 PM
  • Actually as long as there are no major problems with the RHEL5 ICs, don't expect them to be updated. MS focuses on upstream integration and more modern Enterprise Linux support where required (RHEL6). So you can ignore the message - same happens on RHEL6 or unsupported distributions using the mainline drivers.

    About securing your VM:

    • Have the management interface on a separate physical interface only
    • Don't bridge the parent partition with a virtual network that is attached to a physical port/or NIC team (starting 2008 R2 only, but still default setting)
    • Separate the management NIC from the VM network via VPN or other subnetz (as BrianEh suggested)
    • Enable the default firewall in RHEL (system-config-firewall)
    • Secure your SSH (public-key auth instead of passwords)
    • If you want to dive into SELinux, it might be worth, but be prepared for some pitfalls ;)
    • Chrooting processes is not explicitely a security feature but might be good idea where required
    • ...

    @BrianEh - as long as there is no known security issue how to break out of the virtualized environment on to the Hypervisor layer, you're quite save. :)

    Sunday, December 25, 2011 9:24 AM
  • Koffi2k's answer is pretty much spot on. The message can be safely ignored as per the read me.
    This posting is provided "AS IS" with no warranties, and confers no rights.
    Sunday, December 25, 2011 7:51 PM
  • indeed thats a good answer...

    i realized my dns and some things had changed... i might have been slightly teased and hacked as its a internet facing linux vm...

    but like we said no one is gonna mess with selinux and ibm websphere...

    i am beginning to think the router and nat is the biggest issue with guest vms and NAS online hosts not the hype r v core parent partion exposing anything... i fear the internet guest facing vms can be exploited to hit your nat side internal ip hosts

     

    Tuesday, January 3, 2012 3:33 AM