locked
Hyper-V Cluster Network Configuration RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    I have a 3 node Hyper-V cluster setup on W2K8R2.  My nic configuration is as follows:
    1 Team for Host Management - 10.11.x.x
    1 Team for VM Access - DHCP
    1 Team for Live Migration/CSV 172.16.x.x
    Each node has two QLogic iscsi adapters to access storage on netapp.

    My questions are:
    1- Can I use the Host Management Nics for VM Access instead of having two separate networks?  What are the pros or cons of that?  

    2 - Keeping the current configuration should my network for VM Access stay on DHCP or should it get a static IP?

    3- With the current configuration I set the Live Migration\CSV network to "not allow cluster network communication on this network"  -  By doing this if I pull both Host Management NICs (Testing) my VMs failover to their failover node.  However if I unplug the Live Migration\CSV nics (Testing) My VM's do not failover, they remain up but you can't ping them or access them.  How should I configure my Live Migration\CSV network if I want to use one network for both?

    4 - If I set my Live MIgration\CSV network to "Not allow cluster network communication on this network" I don't believe the cluster is doing redirect through my csv network (Live Migration\CSV)  If I set this network to just "Allow cluster network communication on this network" it won't failover when I pull the Host Management Nics

    Thanks,
    Tuesday, April 26, 2011 7:43 PM

Answers

  • Question
    Sign in to vote
    4
    Sign in to vote

    Hi

    Failure to configure enough network connections can make it appear as though you have a storage problem, particularly when using iSCSI :

    Here is the recommendation:

    1 for Management. Microsoft recommends a dedicated network adapter for Hyper-V server management.
    1 or 2 for Virtual machines. Virtual network configurations of the external type require a minimum of one network adapter.
    2 for  SCSI. Microsoft recommends that IP storage communication have a dedicated network, so one adapter is required and two or more are necessary to support multipathing.
    1 for Failover cluster. Windows® failover cluster requires a private network.
    1 for Live migration. This new Hyper-V R2 feature supports the migration of running virtual machines between Hyper-V servers. Microsoft recommends configuring a dedicated physical network adapter for live migration traffic.
    1 for Cluster shared volumes. Microsoft recommends a dedicated network to support the communications traffic created by this new Hyper-V R2 feature.

    As you can see, you will need at least 7 NIC's.

    Now, answering your questions:

    1. Having a separate NIC for Management, will follow Hyper-V best practices. Also, the VM Access traffic will not be exposed to the parent partition for it to share.

    2. If you configured a DHCP server on that network, and the VM's are configured for automatic IP, them the VM's will receive IP from the DHCP server. Alsom It's important that if the management and the VM traffic are connected to the same phisical switch, that you use VLAN to seprate that traffic.

    For questions 3 and 4, I think that is better that you have a look here : http://technet.microsoft.com/en-us/library/ff182358(WS.10).aspx  and here http://blogs.technet.com/b/askcore/archive/2009/12/10/windows-server-2008-r2-live-migration-the-devil-may-be-in-the-networking-details.aspx

     

     

     

    If this post is helpful, please mark it as such
    ________________________________________
    Alessandro Cardoso
    MVP | Microsoft Heroes | MCT
    blog: http://virtualisationandmanagement.wordpress.com
    http://virtualizacaoegerenciamento.wordpress.com

    • Marked as answer by SMaximus7 Friday, May 20, 2011 1:19 PM
    Wednesday, April 27, 2011 6:28 AM
  • Question
    Sign in to vote
    1
    Sign in to vote

    Hello,

    1.  Definately do not use the host NIC for VM access.  You will find the management, as well as the consistency of the hosts, to be superior using dedicated NIC groups. 

    2.  Your VM network should not have an IP address.  You should configure this network to not be shared with the management operating system.

    3.  I would leave cluster communication on. 

    Here is some more information on Hyper-V networking:

    http://blog.concurrency.com/sharepoint/hyper-v-networking-best-practices/

    Nathan Lasnoski

    http://blog.concurrency.com/author/nlasnoski/
    • Marked as answer by SMaximus7 Friday, May 20, 2011 1:19 PM
    Friday, April 29, 2011 4:22 AM

All replies

  • Question
    Sign in to vote
    4
    Sign in to vote

    Hi

    Failure to configure enough network connections can make it appear as though you have a storage problem, particularly when using iSCSI :

    Here is the recommendation:

    1 for Management. Microsoft recommends a dedicated network adapter for Hyper-V server management.
    1 or 2 for Virtual machines. Virtual network configurations of the external type require a minimum of one network adapter.
    2 for  SCSI. Microsoft recommends that IP storage communication have a dedicated network, so one adapter is required and two or more are necessary to support multipathing.
    1 for Failover cluster. Windows® failover cluster requires a private network.
    1 for Live migration. This new Hyper-V R2 feature supports the migration of running virtual machines between Hyper-V servers. Microsoft recommends configuring a dedicated physical network adapter for live migration traffic.
    1 for Cluster shared volumes. Microsoft recommends a dedicated network to support the communications traffic created by this new Hyper-V R2 feature.

    As you can see, you will need at least 7 NIC's.

    Now, answering your questions:

    1. Having a separate NIC for Management, will follow Hyper-V best practices. Also, the VM Access traffic will not be exposed to the parent partition for it to share.

    2. If you configured a DHCP server on that network, and the VM's are configured for automatic IP, them the VM's will receive IP from the DHCP server. Alsom It's important that if the management and the VM traffic are connected to the same phisical switch, that you use VLAN to seprate that traffic.

    For questions 3 and 4, I think that is better that you have a look here : http://technet.microsoft.com/en-us/library/ff182358(WS.10).aspx  and here http://blogs.technet.com/b/askcore/archive/2009/12/10/windows-server-2008-r2-live-migration-the-devil-may-be-in-the-networking-details.aspx

     

     

     

    If this post is helpful, please mark it as such
    ________________________________________
    Alessandro Cardoso
    MVP | Microsoft Heroes | MCT
    blog: http://virtualisationandmanagement.wordpress.com
    http://virtualizacaoegerenciamento.wordpress.com

    • Marked as answer by SMaximus7 Friday, May 20, 2011 1:19 PM
    Wednesday, April 27, 2011 6:28 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Thank you Alessandro,

    That answers most of my questions.  The only real questions I have is regarding how to make the host failover it's VMs if a production NIC (team) goes bad or if the VM (team) goes down.

    SMaximus7
    Thursday, April 28, 2011 2:23 PM
  • Question
    Sign in to vote
    1
    Sign in to vote

    Hello,

    1.  Definately do not use the host NIC for VM access.  You will find the management, as well as the consistency of the hosts, to be superior using dedicated NIC groups. 

    2.  Your VM network should not have an IP address.  You should configure this network to not be shared with the management operating system.

    3.  I would leave cluster communication on. 

    Here is some more information on Hyper-V networking:

    http://blog.concurrency.com/sharepoint/hyper-v-networking-best-practices/

    Nathan Lasnoski

    http://blog.concurrency.com/author/nlasnoski/
    • Marked as answer by SMaximus7 Friday, May 20, 2011 1:19 PM
    Friday, April 29, 2011 4:22 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi

    When configuring NIC teaming, use two ports that span separate network adapters, in separate PCI slots/buses, that way if you lose one physical adapter, the other adapter will remain online, as will the port you configured for network teaming that resides on it as well.

    Also, you must never send iSCSI traffic over a logical teamed network adapter : MPIO is the preferred method for providing redundancy with iSCSI connectivity over multiple adapters. As such, if you configure a teamed network adapter for use with a virtual switch in the Hyper-V parent, you shouldn’t configure a virtual machine with a virtual NIC that connects to the virtual switch and allow iSCSI traffic to traverse the virtual switch configured to use a teamed network adapter (as configured on the Hyper-V parent).

    More, if you are worried about the NIC Team availability, you should have another NIC team for redundancy.

     

    If this post is helpful, please mark it as such
    ________________________________________
    Alessandro Cardoso
    MVP | Microsoft Heroes | MCT
    blog: http://virtualisationandmanagement.wordpress.com
    http://virtualizacaoegerenciamento.wordpress.com
    Friday, April 29, 2011 5:25 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Thank you for your help.  I think I have most of it down.  I still however have the question on I can make the vms on a host failover in case a nic goes bad or a nic team.  Currently if I disable the VMs nic team my VMs are not failing over and that's a big no-no.  Since I'm teaming all my nics (except storage) the chances of this scenario happening isn't very likely but nonetheless it is a point of failure if my vm nic team goes bad and my vm's don't failover
    SMaximus7
    Friday, May 6, 2011 1:37 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    i too am interest in this answer.

    i have two HP DL380 servers which have 4 NICS each, both are configured with

    NIC1, Lan managment

    NIC2, Virtual Machine access

    NIC3, Live migration

    NIC4, heartbeat

    i would like the servers to failover to if NIC2 fails on one server, at the moment i can pull the cable from NIC2 and the machines stay on that node even though they are now innaccesible on the network.

    Monday, June 20, 2011 9:32 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi

    Actualy with 4 NIC's you will need to iuse a combination MPIO, TEAM and QoS/VLAN in order to have HA.

    Then, as a supported scenario, with the other 2 NIC's : with NIC1, create Virtual network and use QoS to cap at 1% and assign to the Mgmt, and then assign the same virtual network to the Virtual Machines. With NIC3, use QoS to cap at 50% and assign to Live Migration and then assign the same NIC3 to CSV and Cluster. You will also need to create a secondary path using the NIC1 for the Cluster and CSV

    Then I would use MPIO on NIC2 and NIC4 for ISCSI.

    If your NIC has the NPAR or FLEX technology you can sub-divide your NIC which is much better than the use of QoS. The NPAR will allow you to create up to 4 NIC's and with this in place you will end up with 8 NIC's + 2 for ISCSI( if using NIC1 and NIC3 for NPAR and NIC2 and NIC4 for ISCSI ) which will allow you to really have an HA network scenario.

    Please have a look here :

    http://virtualisationandmanagement.wordpress.com/2011/04/27/hyper-v-r2-and-right-numbers-of-physical-nics/

    http://technet.microsoft.com/en-us/library/ff428137(WS.10).aspx

    If this post is helpful, please mark it as such
    ________________________________________
    Alessandro Cardoso
    MVP | Microsoft Heroes | MCT
    blog: http://virtualisationandmanagement.wordpress.com
    http://virtualizacaoegerenciamento.wordpress.com

    Tuesday, June 21, 2011 5:40 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Also, although not supported by MS, you can team the Nic2 and Nic4 and then create 5 Virtual NIC's on the Team software.

    This will expose 5 nics to the OS + 2 the other 2 that you can used for iSCSI(Nic1 and Nic3 ->MPIO).

    You can those 5 for:

    -Mgmt

    -Client Access

    -Cluster

    -Live Migration

    -CSV

     

    100% HA

    If this post is helpful, please mark it as such
    ________________________________________
    Alessandro Cardoso
    MVP | Microsoft Heroes | MCT
    blog: http://virtualisationandmanagement.wordpress.com
    http://virtualizacaoegerenciamento.wordpress.com
    Wednesday, June 22, 2011 12:40 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi

    Which of these can you safely combine to save on the amount of NIC's needed?

    Monday, November 5, 2012 7:51 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi

    At the end it all depends on your environment. The answer will be based on :

    - Do you want HA?  Is this a lab environment? Do you have NIC team in place, QOS, 10GB network?

    I would not recommend for HA, security and performance point of view less than 7 nics. W2008R2 cannot saturate a 10GB network, but W2012 can.:)

    1 for Management.
    2 (min 1) for Virtual machines. teamed
    2 (min 1) for  SCSI with multipath
    2 (min 1) for Failover cluster. teamed
    1 for Live migration.
    1 for Cluster shared volumes.

    On an Lab environment you can team/combine : Cluster, Live Migration, CSV and Management. I do not recommend this on a production environment 

    If this post is helpful, please mark it as such
    ________________________________________
    Alessandro Cardoso
    MVP | Microsoft Heroes | MCT
    blog: http://virtualisationandmanagement.wordpress.com
    http://virtualizacaoegerenciamento.wordpress.com

    • Proposed as answer by CryptoBalls Tuesday, November 6, 2012 4:06 AM
    Tuesday, November 6, 2012 3:41 AM