locked
TP5: Where is VMSwitch type NAT? RRS feed

  • Question

  • I just installed Windows Server 2016 TP5 full GUI datacenter with Hyper-V and wanted to test some older NAT scenarios which worked fine in TP4 with VMSwitch type NAT. It seems that this switch type is no longer available with the New-VMSwitch cmdlet.

    I wonder where has this functionality been moved? How to define a NAT switch for VMs in Hyper-V?

    Regards

    Thursday, April 28, 2016 7:46 PM

Answers

  • Hello,

    The NAT VM Switch type was originally created to connect Windows Containers to a private IP network while also allowing for network and port address translation (NAT and PAT). However, since the VM Switch operates at Layer 2 in the networking stack and NAT/PAT operates at Layers 3 and 4 in the network stack, this created a layering violation.

    We support two options for creating NAT networks on a host.

    1) If you are using containers and wanting to connect your containers to a private IP network via NAT, you can either use the docker network create command or New-ContainerNetwork as documented here: https://msdn.microsoft.com/en-us/virtualization/windowscontainers/management/container_networking

    2) If instead you simply want to connect VMs to a NAT network, the documentation to do so is available here: https://msdn.microsoft.com/en-us/virtualization/hyperv_on_windows/user_guide/setup_nat_network?branch=scooley-client-nat

    Hope this helps!

    We are thinking long-term about how we will unify our NAT story across the host for both containers and VMs.

    • Proposed as answer by Jason Messer MSFT Thursday, April 28, 2016 11:03 PM
    • Marked as answer by GeriOnline Friday, April 29, 2016 2:40 PM
    Thursday, April 28, 2016 11:03 PM

All replies

  • Hello,

    The NAT VM Switch type was originally created to connect Windows Containers to a private IP network while also allowing for network and port address translation (NAT and PAT). However, since the VM Switch operates at Layer 2 in the networking stack and NAT/PAT operates at Layers 3 and 4 in the network stack, this created a layering violation.

    We support two options for creating NAT networks on a host.

    1) If you are using containers and wanting to connect your containers to a private IP network via NAT, you can either use the docker network create command or New-ContainerNetwork as documented here: https://msdn.microsoft.com/en-us/virtualization/windowscontainers/management/container_networking

    2) If instead you simply want to connect VMs to a NAT network, the documentation to do so is available here: https://msdn.microsoft.com/en-us/virtualization/hyperv_on_windows/user_guide/setup_nat_network?branch=scooley-client-nat

    Hope this helps!

    We are thinking long-term about how we will unify our NAT story across the host for both containers and VMs.

    • Proposed as answer by Jason Messer MSFT Thursday, April 28, 2016 11:03 PM
    • Marked as answer by GeriOnline Friday, April 29, 2016 2:40 PM
    Thursday, April 28, 2016 11:03 PM
  • Hello,

    thank you very much for your answer, that's exactly the info I was looking for. I think with that I can customize  my Powershell (DSC) scripts to the new implementation.

    I understand the need for the implementation change and as it was preview software I used it on my own risk. But now this shouldn't be no longer a problem. 

    I will mark your Reply as an answer.

    Thank you once more

    Regards

    Gerhard

    Friday, April 29, 2016 2:39 PM