TechReady 16 11/17/2018 Network Management in System Center 2012 SP1 Virtual Machine Manager – Part 1 Greg Cusanza Senior Program Manager, Microsoft WS-B312 © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Agenda WS-B312: Part 1 WS-B313: Part 2 Room: You are in it Time: Now What’s new in SP1 How to setup your datacenter networking from scratch WS-B313: Part 2 Room: South Seas J Time: 4:30pm today Software defined networking with VMM Switch extensibility Network virtualization

What’s new for networking in VMM 2012 SP1 TechEd 2012 11/17/2018 10:47 AM What’s new for networking in VMM 2012 SP1 Connectivity Capability Multi-tenancy Isolation Mobility Bring your own IP Quality of service (QOS) Security Optimizations Monitors Result: VM Networks Result: Logical Switch © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

SP1 - Partner Ecosystem TechReady 16 11/17/2018 © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Starting from scratch

Lots of question Where do I start, what do I do next? How do I offer networking to my virtualization workloads? How do I make my network resilient to failure? How do I provide tenant self service? How can I provide isolation? How do I maintain consistency in large datacenters?

Steps to a successful deployment Design Draw your network requirements. Ask questions up front and get answers. Hardware Use hardware that supports your design. Iterate back on your design. Configure hardware. VMM configuration Create logical objects Configure hosts Add tenants Deploy workloads

Network Design

Network Overview SQL SPF, etc. VMM Tenant 1 VMs Tenant 2 VMs 1st question: how do I provide isolation? Datacenter isolation – separation of infrastructure traffic as security boundar and for QOS Tenant isolation – keeping tenants from each other and protect the infrastructure Network Overview Public Internet Gateway Corporate Windows Azure services for Windows Server SQL SPF, etc. VMM Management Tenant 1 VMs Tenant 1 Tenant 2 VMs Tenant 2 Hyper-V hosts LM, Cluster, Storage

Isolation Physical separation Physical switches and adapters for each type of traffic Layer 2: VLAN Tag is applied to packets which is used to control the forwarding Layer 2: Private VLAN (PVLAN) Primary and Secondary tags are used to isolate clients while still giving access to shared services. Network Virtualization Isolation through encapsulation. Independence from physical address space.

VLAN Isolation Defines a layer 2 broadcast domain, achieved by tagging packets to tell switch where it can go. Why use? Very mature and reliable technology Universally adopted Well understood Why not? Limited VLAN capacity on each switch and port (4095 max) Limited machine capacity on each VLAN Limits migration of machines High management overhead

Network Virtualization Production Network Exchange server, AD 192.168.1.0/24 Development Network 192.168.1.0/24 Customer Address Spaces Corporate 192.168.2.0/24 Provider Address Space Network Virtualization Gateway 10.0.1.0/24 10.0.2.0/24 Physical Hosts

Private VLAN (PVLAN) Isolation VLAN pairs used to provide isolation with small numbers of VLANs. VMM 2012 SP1 only supports creation of isolated PVLAN VMs Primary VLAN Promiscuous Secondary VLANs Isolated Community Net.Virt.

Where should you use what? Infrastructure networks – VLAN Load balancer back end and internet facing machines – PVLAN Tenant networks – network virtualization

No Isolation Why? Why? Why? Provides direct access to the logical network Upgrade to SP1 Pre-SP1 VMs have direct connectivity to the logical network by default. Direct access to infrastructure Think of the System Center in a VM scenario. Public Shared Shared internet network.

Who Defines What? Address spaces Can be DHCP and Static IPv4 and IPv6 Logical network Address space defined by Example Corp Corp IT 172.30.0.0/16 Internet ICANN 65.55.57.0/24 Management Datacenter Admin 10.0.0.0/24 Net. Virt. Provider 10.0.1.0/24 Cluster/Storage/etc… 10.0.2.0/24 Tenant N Tenant 192.168.1.0/24

Hardware considerations

Single root IO virtualization (SR-IOV) Why? Virtual switch bypass for high performance workloads Why not? You need bandwidth controls Physical adapters don’t support it Limited number of VMs that can use it per host Must be enabled when virtual switch is created Must be enabled as needed on port profile Limited support for intelligent placement

Remote Direct Memory Access (RDMA) Adapters Why? High performance access from hosts to SMB3 based file servers Why not? No teaming No virtual switch Can also be used for live migration, management, clustering

Host configurations Three options TechReady 16 11/17/2018 Host configurations Three options Non-converged 1GbE 10GbE HBA/ Storage Live Migration Cluster Manage VM1 VMN Converged Option1+ 10GbE each VMN VM1 Storage LM Cluster Manage Converged Option1 10GbE each VMN VM1 Storage Live Migration Cluster Manage Converged Option2 VMN VM1 Storage Live Migration Cluster Manage RDMA Traffic 10GbE each © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Connecting hosts to the data center Corp or Internet Data center Edge Aggregator Switches Access Switches Virtual Switch Hyper RDMA Team Hyper-V Host VM VM

VMM configuration

Physical and logical in VMM In VMM Logical Network Models the physical network Separates like subnets and VLANs into named objects that can be scoped to a site Container for fabric static IP address pools VM networks are created on logical network Logical Switch Central container for virtual switch settings Consistent port profiles across data center Consistent extensions Compliance enforcement

Creating logical networks for infrastructure demo

Should I use a logical switch? TechReady 16 11/17/2018 Should I use a logical switch? Why? Automatic team creation Configuration for DC on a single object Compliance Access to hyper-v port settings 3rd party extension management Updates get applied to all hosts Why not? More up-front configuration Limits live migration © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Host configuration… with teaming Several ways to get there: Bare metal deployment Consistent deployment Use host profile Can re-deploy Manual configuration in host properties Already deployed hosts Updating an existing configuration Manual configuration in Hyper-V For hosts brought into VMM with an existing workload Will appear as a “Standard switch” Logical Switch Standard Switch

Using a logical switch demo TechReady 16 11/17/2018 Using a logical switch demo © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

VM configuration VM Networks Port classifications TechReady 16 11/17/2018 VM configuration VM Networks All virtual adapters now only connect to VM networks Port classifications Container for port profile settings For Hyper-V switch port settings and extension port profiles Reusable Exposed to tenants through cloud © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Deploying VM workload

Load balancers

Network Overview with load balancer Public Internet Gateway Load Balancer LB Backend Corporate SQL SPF, etc. VMM Management Windows Azure services for Windows Server Tenant 1 VMs Tenant 1 Tenant 2 VMs Tenant 2 Hyper-V hosts LM, Cluster, Storage

Load Balancing Front End Back End Network that clients use to access the service. Faces the Internet or Corp Each service is assigned a Virtual IP (VIP) address Back End Faces the tier instances Each instance gets one Dynamic IP Back end is usually on a network with non-routable IPs

Load balancer provisioning within lifecycle of service Modeling Model a service and specify if one or more servers are behind a LB Deployment Create virtual IP. Add dynamic IP to LB for each instance. Patching Disable server Patch Enable server Scale Up/Down Add server Delete server Decommission Delete virtual IP

Modeling in service template “DB” Tier Service Network “App” Tier LB Backend LB Frontend “Web” Tier Virtual IP address template LB Frontend and Backend requirements: Must have static IP address pool Can’t use network virtualization

Load balancer instance Deployment “DB” VM 192.168.1.2 Service Network – 192.168.1.x “App” VM 192.168.1.3 Virtual IP 1.2.3.4 Assign 10.0.0.2 Notify 10.0.0.2 LB Backend LB Frontend 192.168.1.4 “Web” VM1 10.0.0.2 1.2.3.4 192.168.1.5 “Web” VM2 10.0.0.3 Load balancer instance 192.168.1.6 “Web” VM3 10.0.0.4

Service deployment with load balancer demo

To be continued………..

Related Sessions SD-B201 Implementing Common Scenarios in VMM: Services and Service Templates IM-B203 Building UI Add–Ins For System Center 2012 SP1 Virtual Machine Manager IM-B308 System Center 2012 SP1 Virtual Machine Manager: Managing Large Datacenters IM-B310 Troubleshooting Common System Center 2012 SP1 Virtual Machine Manager Issues WS-B312 How to Design and Configure Networking in VMM and HyperV (Part 1 of 2) WS-B313 How to Design and Configure Networking in VMM and HyperV (Part 2 of 2) WS-B314 Implementing Common Storage Scenarios in Windows Server 2012 with SCVMM WS-B327 Software Defined Networking with WS2012, SC2012 SP1 and Partner Solutions

We want to hear from you! Evaluation Complete your session evaluations today and enter to win prizes daily. Provide your feedback at a CommNet kiosk or log on at www.2013mms.com. Upon submission you will receive instant notification if you have won a prize. Prize pickup is at the Information Desk located in Attendee Services in the Mandalay Bay Foyer. Entry details can be found on the MMS website.

Access MMS Online to view session recordings after the event. Resources Access MMS Online to view session recordings after the event. http://channel9.msdn.com/Events

Thank you!

11/17/2018 10:47 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. © 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Session Goals Prepare you for the era of software defined networking TechEd 2012 11/17/2018 10:47 AM Session Goals Prepare you for the era of software defined networking Discuss fabric networking in Virtual Machine Manager for System Center 2012 Preview upcoming networking improvements in Virtual Machine manager for System Center 2012 SP1 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Virtual Machine Manager 2012 Scenarios “I want this VM to connect to the Corp network” Answer: Logical Networks “I want to create a template that I can deploy anywhere” Answer: Logical Network Definitions “I want IP addresses assigned automatically” Answer: IP Pools “I want to scale out applications” Answer: Load Balancers

Network Management VMM 2012 LOGICAL NETWORKS ADDRESS POOLS LOAD BALANCERS Classify network for VMs to access Map to network topology Allocate to hosts and clouds Allocate a static IP address to VMs from a preconfigured pool Create IP pool as a managed range of IP address assignments Create MAC address pool as a managed range of MAC address assignments Apply settings for load balancer capability in service deployment Control load balancer through vendor provider based on PowerShell Create virtual IP templates consisting of load balancer configuration settings

Logical Network A logical abstraction for the type or class of network a VM connects to Examples: PROD Backup Front-end Build Etc… Internet VM to VM Data

Network objects Physical network adapter Virtual switch Logical Network “Corp” Logical network definition “Building 42” 1 - M 1 - M Subnet-VLAN “10.0.0.0/24” “VLAN 5” IP Pool “StaticSrv” “10.0.0.1-10.0.0.99” 1 - M Host group “Production” M - M Physical network adapter M - M 1 - M Virtual switch Virtual network adapter 1 - 1

Address Pools IP POOLS MAC POOLS VIRTUAL IP POOLS Assigned to VMs, vNICs, hosts, and virtual IPs (VIP’s) Specified use in VM template creation Checked out at VM creation—assigns static IP in VM Returned on VM deletion Assigned to VMs Specified use in VM template creation Checked out at VM creation—assigned before VM boot Returned on VM deletion Assigned to service tiers that use a load balancer Reserved within IP Pools Assigned to clouds Checked out at service deployment Returned on service deletion

Load Balancer Support AUTOMATION SUPPORTED BALANCERS VIRTUAL IP TEMPLATES Connect to load balancer through hardware provider Assign to clouds, host groups, and logical networks Configure load balancing method and add virtual IP on service deployment F5 BIG-IP Brocade ServerIron ADX Citrix NetScaler Microsoft Network Load Balancer Specifies preconfigured properties for configuring a load balancer at service deployment Specifies load balancing methods—round robin, least connections, fastest response

Fabric Configuration Demo

PowerShell - Creating a Logical Network #Create a Logical Network $logicalNetwork = New-SCLogicalNetwork -Name "My Logical Network" #Create a network site $allHostGroups = @() $allHostGroups += Get-SCVMHostGroup “Hosts” $allHostGroups += Get-SCVMHostGroup “Infra” $allSubnetVlan = @() $allSubnetVlan += New-SCSubnetVLan -Subnet "10.0.2.0/24" -VLanID 4 $allSubnetVlan += New-SCSubnetVLan -Subnet "10.0.1.0/24" -VLanID 3 New-SCLogicalNetworkDefinition -Name "Building 44" -LogicalNetwork $logicalNetwork -VMHostGroup $allHostGroups -SubnetVLan $allSubnetVlan

PowerShell – IP Pools #Assume $logicalNetwork and $logicalNetworkDefinition are set $allGateways = @() $allGateways += New-SCDefaultGateway -IPAddress "10.0.0.1" -Automatic $allDnsServer = @("10.0.0.3") $allDnsSuffixes = @(“contoso.com”) $allWinsServers = @(“10.0.0.3”) New-SCStaticIPAddressPool -Name "MyIPPool" -LogicalNetworkDefinition $logicalNetworkDefinition -Subnet "10.0.0.0/16" -IPAddressRangeStart "10.0.0.1" -IPAddressRangeEnd "10.0.255.254" -DefaultGateway $allGateways -DNSServer $allDnsServer -DNSSuffix "" -DNSSearchSuffix $allDnsSuffixes

PowerShell – IP Pool Queries $ippool = Get-SCStaticIPAddressPool "VMTraffic" #Show allocated IP Addresses Get-SCIPAddress -StaticIPAddressPool $ippool | ft -property Address,AssignedToType,State Address AssignedToType State ------- -------------- ----- 192.168.1.1 VirtualNetworkAdapter Assigned 192.168.1.2 VirtualNetworkAdapter Assigned 192.168.1.7 VirtualNetworkAdapter UnAssigned 192.168.1.11 VirtualMachine UnAssigned 192.168.1.12 VirtualMachine UnAssigned

What’s new in Service Pack 1 Networking Scenarios TechEd 2012 11/17/2018 10:47 AM What’s new in Service Pack 1 Networking Scenarios Connectivity Capability Multi-tenancy Isolation Mobility Bring your own IP Quality of service (QOS) Security Optimizations Monitors Answer: VM Networks Answer: Logical Switch © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Connectivity VM Networks Multi-tenancy Owner Sharable - Access list Self service creation by Tenant Admin user role Isolation No isolation Network virtualization VLAN External Bring your own IP Enabled by network virtualization Tenant/Customer IP address space separate from Provider IP address space Mobility vNICs only connect to VM Networks VM Networks are built on logical networks VM Networks span clouds With NV, IP follows VM migration

VM Networks No Isolation Pass-through to Logical Network Maximum of one per Logical network Scenarios: Upgrade Management tools in a VM VM Network No Isolation “mgmt” 1 - 1 Logical Network “Corp” Logical network definition “Building 42” 1 - M IP Pool “StaticSrv” “10.0.0.1-10.0.0.99” Subnet-VLAN “10.0.0.0/24” “VLAN 5”

Hyper-V Network Virtualization Blue VM Red VM Blue Network Red Network Virtualization Physical Server Physical Network Server Virtualization Run multiple virtual servers on a physical server Each VM has illusion it is running as a physical server Hyper-V Network Virtualization Run multiple virtual networks on a physical network Each virtual network has illusion it is running as a physical network

Virtualize Customer Addresses Provider Address Space (PA) 192.168.4.22 192.168.4.11 Virtualization Policy System Center Datacenter Network Host 1 Host 2 Blue Corp Blue 10.0.0.5 10.0.0.7 Blue 10.0.0.5 192.168.4.11 10.0.0.7 192.168.4.22 Blue 10.0.0.5 192.168.4.11 10.0.0.7 192.168.4.22 Blue 10.0.0.5 192.168.4.11 10.0.0.7 192.168.4.22 Red Corp Red 10.0.0.5 192.168.4.11 10.0.0.7 192.168.4.22 Red 10.0.0.5 10.0.0.7 Red 10.0.0.5 192.168.4.11 10.0.0.7 192.168.4.22 Red 10.1.1.1 192.168.4.11 10.1.1.2 192.168.4.22 Customer Address Space (CA) Red2 Blue2 10.0.0.5 Red1 Blue1 10.0.0.7 CA PA

VM Networks Hyper-V Network Virtualization Default method is to encapsulate packets using NVGRE A VM Network defines a routing domain A routing domain can contain multiple virtual subnets VM Network Net. Virt. “Finance” M- 1 VM Subnet 192.168.0.0/16 IP Pool (CA) 192.168.0.2 192.168.0.99 1 - M Logical Network “Corp” Logical network definition “Building 42” 1 - M IP Pool (PA) “StaticSrv” “10.0.0.1-10.0.0.99” Subnet-VLAN “10.0.0.0/24” “VLAN 5”

VM Networks Hyper-V Network Virtualization Gateways VMM will manage and configure gateways for NV Routing gateway VPN gateway

VM Networks VLAN One VLAN per VM Network Uses VLANs from Logical Network Definitions Introducing new Logical Network property for “Not Connected” VM Network VLAN “Finance” M- 1 VM Subnet “99.0.0.0/24” 44 1 - 2 1 - M 1 - 1 Logical Network Not Connected “TenantVLANs” Logical network definition “B42Tenants” 1 - M IP Pool “StaticSrv” “99.0.0.1-99.0.0.99” Subnet-VLAN “99.0.0.0/24” “VLAN 44”

VM Networks External Isolation is managed by switch extension VM Networks are imported from extension manager VM Subnet 1 - 2 1 - 1 IP Pool “StaticSrv” “99.0.0.1-99.0.0.99” 1 - M VM Network External “Finance” M- 1 Logical Network Not Connected “TenantNets” Logical network definition “B27Tenants” 1 - M

VM Networks Demo

VM Network Powershell #Create Hyper-V NV VMNetwork $logicalNetwork = Get-SCLogicalNetwork “MyLN” $vmNetwork = New-SCVMNetwork -Name "MyVMNetwork" -LogicalNetwork $logicalNetwork #Add VMSubnet $subnet = New-SCSubnetVLan -Subnet "10.0.1.0/24" $vmSubnet = New-SCVMSubnet -Name "My_10.0.1.0_24" -VMNetwork $vmNetwork -SubnetVLan $subnet #...etc… #Add IP Pool is same cmdlet as with Logical Network New-SCStaticIPAddressPool -Name "MyIPPool" -VMSubnet $vmSubnet -Subnet “10.0.1.0/24" -IPAddressRangeStart “10.0.1.2" -IPAddressRangeEnd "192.168.0.254" -DefaultGateway $allGateways -DNSServer $allDnsServer -DNSSuffix "" -DNSSearchSuffix $allDnsSuffixes

What’s new in Service Pack 1 Networking Scenarios TechEd 2012 11/17/2018 10:47 AM What’s new in Service Pack 1 Networking Scenarios Connectivity Multi-tenancy Isolation Mobility Bring your own IP Answer: VM Networks Capability Quality of service (QOS) Security Optimizations Monitors Answer: Logical Switch © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Capability Defines how a network adapter is able to use its connection Quality of service Security Monitoring Capabilities are provided by Hyper-V Extensible Virtual Switch and extensions

Key Tenets for Hyper-V Extensible Switch Benefit Extensible, not replaceable Added features don’t remove other features Pluggable switch Extensions process all network traffic, including VM-to-VM 1st class citizen of system Live Migration and offloads just work; Extensions work together Open & public API model Large ecosystem of extensions Logo certification and rich OS framework High quality extensions Unified Tracing thru virtual switch Shorter down times

Hyper-V Extensible Switch Extensions are Filters or Windows Filtering Platform Providers Extension state/configuration is unique to each instance of an Extensible Switch on a machine Extension Extension Extension

VMM Management of Switch Extensions CA1 VM1 VMU CA2 VM2 Hardware 3rd Party components VMM Agent VMM Server SCVMM Vendor Plugin Virtualization Root Partition Capture Extension Filtering Extension Forwarding Extension Vendor network mgmt console Physical NIC (SRIOV) Physical NIC (Non SRIOV) Top of rack switch Policy database

Extension Manager Integration Supplies network objects and policy to VMM VMM 3rd Party Extension Manager Provider Vendor network management console Virtual Switch Extension Manager (VSEM) Provider Interface Import: Logical Networks IP Pools VM Networks Port Profiles Policy database 3. Retrieve port Profile policies 2. Set VM Network Port Profile Hyper-V Host

Multiple Windows Server 2012 hosts Physical Host NICs Uplink pNIC1 Uplink pNIC2 Uplink pNIC1 Uplink pNIC2 Uplink pNIC1 Uplink pNIC2 Uplink pNIC1 Uplink pNIC2 Virtual Switch Instances …on Host1 …on Host2 …on Host3 …etc Native Switch Settings Extension1 Native Switch Settings Extension1 Native Switch Settings Extension1 Native Switch Settings Extension1 Extension2 Extension2 Extension2 Extension2 Extension3 Extension3 Extension3 Extension3 VM1 vNIC1 VM2 vNIC1 VM3 vNIC1 VM4 vNIC1 VM5 vNIC1 VM6 vNIC1 vNICs VM Host vNICs Host1 vNIC1 Host1 vNIC2 Host2 vNIC1 Host2 vNIC2 Host3 vNIC1 Host3 vNIC2 Host4 vNIC1 Host4 vNIC2

Native Switch Settings VMM Switch Infrastructure Physical Host NICs Uplink pNIC1 Uplink pNIC2 Uplink pNIC1 Uplink pNIC2 Uplink pNIC1 Uplink pNIC2 Uplink pNIC1 Uplink pNIC2 Logical Switch Native Switch Settings Extension1 Extension2 Extension3 Instances VS …on Host1 …on Host2 …on Host3 …on Host4 VM1 vNIC1 VM2 vNIC1 VM3 vNIC1 VM4 vNIC1 VM5 vNIC1 VM6 vNIC1 vNICs VM Host vNICs Host1 vNIC1 Host1 vNIC2 Host2 vNIC1 Host2 vNIC2 Host3 vNIC1 Host3 vNIC2 Host4 vNIC1 Host4 vNIC2

Logical Switch A single logical representation of the virtual switch instances which exist in a group of hosts

Logical switch objects 1 - M Physical NIC Logical switch objects 1 - M Uplink Port Profile Set Extension Uplink Port Profile M - M Native Uplink Port Profile M - 1 Switch Extensions “Cisco Nexus 1000v” “InMon sFlow” M - M Logical Switch “B42Switch” Self Service User 1 - 1 Virtual Port Profile Set Extension Virtual Port Profile M - M Native Virtual Port Profile M - 1 1 - M Port Classification “Fast DB” “Web” “Restricted” Cloud vNIC 1 - M

Logical switch objects 1 - M Physical NIC Logical switch objects 1 - M Uplink Port Profile Set Native Uplink Port Profile M - 1 Logical Switch “B42Switch” 1 - 1 Virtual Port Profile Set Native Virtual Port Profile M - 1 1 - M Port Classification “Fast DB” “Web” “Restricted” Cloud vNIC 1 - M

Logical Switch Demo

Windows Server IP Address Management Integration Script Reports IP Pool utilization from VMM into IPAM Can run on demand or configure as a periodic task Included in the “cd layout” of VMM \scripts\IPAMIntegration.ps1

IPAM Script Demo

In Review: Session Objectives And Takeaways Tech Ready 15 11/17/2018 In Review: Session Objectives And Takeaways Logical Networks define physical network VM Networks define VM connectivity Logical Switches define port capability © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.