Virtual Networking for Hyper-V (Part 5)

by [Published on 11 Nov. 2010 / Last Updated on 11 Nov. 2010]

In this article, I want to continue my discussion of virtual networking within Hyper-V by introducing the concept of Virtual LANs (VLANs).

If you would like to read the other parts in this article series please go to:

Introduction

So far, my primary focus in this article series has revolved primarily around the interaction between the physical and the virtual networks used by Hyper-V. In this article, I want to turn my attention to another aspect of virtual networking – VLANs.

Although VLANs have been around practically forever, they are one of those networking concepts that a lot of administrators don’t understand. Don’t get me wrong though, there is nothing overly difficult about setting up a VLAN. It’s just that VLANs aren’t one of those things that everyone uses. As such, the only exposure that many network administrators have had to VLANs is what they have received while studying for certification exams.

In spite of the fact that VLANs are usually optional in the world of physical networking, they are actually very important in virtual datacenters that are using Hyper-V. Before I explain why this is the case, I want to give you some background about VLANs.

What are VLANs

To put it simply, a VLAN (or Virtual LAN) is a group of network hosts that behave as if they shared a common network segment, even though the hosts might all be physically connected to different segments. In other words, a node’s physical location becomes unimportant if the node is connected to a VLAN.

I have only ever worked for one organization that used VLANs in a physical datacenter. The nature of that organization’s business meant that the network topology was constantly changing. Rather than physically moving servers every time that a topology change was required, the organization created a series of VLANs. By doing so, it became possible to place a server onto a different network segment without having to physically move the server or having to run new cables. The end result was that VLANs allowed the network to be restructured more quickly and with less effort than would be required if server hardware had to be physically moved.

Right now, you might be wondering what all of this has to do with Hyper-V. Well, in Windows Server 2008 R2, Microsoft introduced a new Hyper-V feature called Live Migration. If you aren’t familiar with Live Migration, it is a feature that allows you to move a running virtual machine from one Hyper-V host to another with no down time.

I don’t want to get into all of the particulars involved in using Live Migration, but I will tell you that the migration process requires the contents of one virtual machine’s memory to be copied from one host server to another. Copying the virtual machine’s memory allows its state to be preserved throughout the migration process.

The point is that after a virtual machine migration completes, the virtual machine will be oblivious to the fact that it is now running on a different host server. It still retains its previous configuration. With this in mind, imagine what would happen if you migrated a virtual machine to another host on a separate subnet. The virtual machine would retain its original IP address, but it wouldn’t be able to communicate with the network because the virtual machine’s IP address would be invalid for the subnet that the new host server is physically connected to.

This is why VLANs are such an important concept for Hyper-V. Placing each virtual machine onto a common VLAN ensures that a virtual machine will still be able to communicate with the network, even if it is moved to a different host. It is worth noting however, that using a VLAN is not technically a requirement unless your host servers are a part of a multi site cluster that uses Cluster Shared Volumes. Having said that, I will also say that going ahead and placing all of your virtual machines on a common VLAN now can save you a lot of trouble down the road as your network grows.

How do VLANs Work

Now that I have explained what VLANs do and why they are important to Hyper-V, I want to spend the remainder of this article talking about how VLANs work.

The first thing that you need to understand about VLANs is that they are implemented through software. Even so, your underlying network hardware must be VLAN compatible. Specifically this means that any server that will be connected to a VLAN segment (including host servers and non virtualized servers) must be equipped with network cards that include VLAN support. It is worth noting that some network cards only offer partial VLAN support, and cannot handle network packets to which VLAN IDs have already been applied. The network cards that you use must provide full VLAN support.

The next concept that you need to be familiar with is that of VLAN IDs. A VLAN ID is a number (an integer) that identifies a VLAN segment. Each node that participates in a VLAN is assigned a VLAN ID. Nodes that share a common VLAN ID share a common VLAN segment. If you are going to use VLANs within a virtual datacenter, you must usually configure VLAN IDs on both physical and virtual network ports. Otherwise, your virtual networks may become isolated from the physical network.

Finally, there are two different VLAN modes that you need to be aware of; access mode and trunk mode. Access mode is used when all of the virtual machines on a host share the same VLAN ID, and when the VLAN ID is also used by the physical network adapter and the physical network switch. When you use access mode, you essentially create a single VLAN segment that spans both the physical and the virtual network.

Trunk mode is used when you need to place virtual machines residing on a single host into separate VLANs. In this type of situation, the physical network adapter is placed into trunk mode. This allows the network adapter to share multiple VLAN IDs.

In the real world, it is less common to use trunk mode than to use access mode. There are a couple of reasons for this. First, trunk mode is only required if the separate VLANs require access to the physical network. If you create VLANs that only span a virtual network, but that do not require external connectivity then trunk mode is not required.

Another reason why you may not have to use trunk mode is because most host servers are equipped with multiple physical network adapters. If multiple VLANs are required, it is sometimes possible to isolate network traffic based on its VLAN ID. Of course there is nothing wrong with using trunk mode if the situation calls for it. I just prefer using access mode whenever possible, because I like to try to keep things simple.

Conclusion

In this article, I have explained why VLANs are important to Hyper-V, how VLANs work, and about the differences between trunk mode and access mode. In Part 6, I want to conclude the series by walking you through the process of configuring your virtual machines to use a VLAN.

If you would like to read the other parts in this article series please go to:

Advertisement

Featured Links