I am having some difficulty with a HyperV host and I wanted to be sure that my understanding of how HyperV deals with NICs is correct.
The server has 3 NICs and 2 of them have been identified to HyperV through the Virtual Network Manager. Both also have the "Allow management operating system to share this network adapter" selected. I understand that the best practice says that this should not be selected, correct? If I deselect it, will that cause any loss of communication with the VMs?
One thing I don't understand is the listing of NICs in the Network Connections section of the Control Panel. I was of the understanding that, if you select the "Allow management ..." option, there will be 2 NICs listed in Network Connections - one to represent the physical NIC and the other to represent the virtual switch NIC for each NIC thus configured. On this server, though, that is only true for one of the NICs. The other NIC is only represented by the virtual NIC, not the physical one. Is that the way it is supposed to be?
The problem with this server that drew my attention in the first place is that it will work fine for a few weeks and then you lose the ability to access the host remotely. The NIC says that everything is fine but you can't ping out from it or access it at all. The only solution is to reboot it and it will be fine for another couple of weeks. Any suggestions as to what might cause this behavior?
"The server has 3 NICs and 2 of them have been identified to HyperV through the Virtual Network Manager"
What's going on is that you've created two virtual switches. Is there a particular reason to have two? One will do for most situations.
"... I understand that the best practice says that this should not be selected, correct?"
Whether or not it's a best practice depends on the server configuration. All that checkbox does is create a virtual adapter on the virtual switch for the management operating system to use. Because you have a dedicated physical adapter for your management operating system, they are likely to be extraneous.
"If I deselect it, will that cause any loss of communication with the VMs?".
In general, no. Virtual switch connectivity for the guests is independent of whether or not the management operating system has its own virtual adapter on the switch. However, if someone tried to be clever and set up the management operating system's virtual adapters to use network connection sharing or RRAS for the guests, they could lose some or all IP connectivity if those adapters are removed.
"Is that the way it is supposed to be?"
Based on your description, I would say that something is wrong. However, the physical adapter used for a virtual switch is unbound from TCP/IP, so the management system is not "represented" by it. If you open up the properties on the physical NIC, you should see that it's not bound to any network protocols at all.
"The problem with this server that drew my attention in the first place is that it will work fine for a few weeks and then you lose the ability to access the host remotely."
As described, your management operating system has three NICs connected to the network, one physical and two virtual. Multi-homed systems are prone to odd network problems. I'd like to see those virtual adapters deleted altogether (just uncheck the "Allow management..." box), but you'll probably want to do a little research to be sure they're not really serving some purpose first. In the meantime, access their advanced TCP/IP properties and de-activate "Register this connection's addresses in DNS" on the DNS tab. That probably won't cure all your ills, but it might reduce them a bit.
- Marked as answer by MedicalSMicrosoft contingent staff, Moderator Tuesday, August 13, 2013 5:24 AM
- Unmarked as answer by MedicalSMicrosoft contingent staff, Moderator Tuesday, August 13, 2013 5:25 AM
- Proposed as answer by MedicalSMicrosoft contingent staff, Moderator Tuesday, August 13, 2013 5:25 AM
Thanks for the reply, Eric. I am new to these servers so I don't know what the history is or even if there is a specific reason for the configuration. It just seemed odd to me so I though I should ask. To your comments:
- Yes, each host has 2 virtual switches but on some hosts, only one of the virtual switches is being used. I don't know why yet;
- I must have gotten things backwards. I thought that the virtual NIC would always be created if the NIC was identified to HyperV and that the physical NIC would be listed if the host OS has access to it. That is the way it appears to be on my own servers, at least;
- OK, if we decide to remove the "Allow..." option, I will watch them closely, then;
- That is correct. I did check the protocol binding and it is as you suggest;
- OK, we will schedule changing the servers and see what happens.
Thanks again for your help.
If the second switch isn't being used, either move some virtual NICs to it or get rid of it. If the host is 2012, you can team the two physical adapters and create a single switch on them. You'll have to destroy the existing switch though, so that will involve some downtime.
I may not be understanding your description of what you're seeing. If you've got a GUI, it should show all NICs in Network connections, both physical and virtual, but it can only communicate using physical NICs that don't have a virtual switch bound to them and any virtual NICs assigned to it.
The virtual switch is usually not easily understood on the first go-round. See if this post helps you.
To give you an example of what I expect to see, on my own HyperV boxes, I see 4 NICs in "Network Connections". One, dedicated to the host OS, has all of the properties you would expect a NIC to have, including all of the ip settings. It also has the protocol bindings for those ip settings. The other 3, on the other hand, lack all of the protocol settings (or bindings) instead only having "Hyper-V Extensible Virtual Switch" selected. These NICs are dedicated to my VMs and have no interaction with the host OS.
On the servers I was referring to at the start of the thread, one of the NICs used by the VMs also has a NIC icon in "Network Connections" that has all of the settings one would expect for a NIC, just like one that is dedicated to the host OS. Granted, the servers are 2K8R2 while mine are 2012, but I think that the two OSs are the same as far as listing NICs in Network Connections.
I have seen this in the past but after reading years ago that it is considered to be a best practice to dedicate one NIC to the host OS and the other(s) to the VMs, I have never set up a HyperV host any other way. So, maybe the problem is just that I haven't seen a host configured this way in so long that I have forgotten what a machine so configured looks like. Plus, I didn't want to just deselect the "Allow..." checkbox without verifying that there isn't something dependent upon that checkbox being selected.