Save to My DOJO
I’ve been seeing and fielding a lot of questions about the virtual switch in the 2012 products specifically as they relate to Hyper-V. The nice thing is that it seems the conceptual hurdles are shifting from “What is it?” to “How do I do this correctly?” So, where previous posts have been about concept, this post is about function and form. Please ask questions if anything isn’t thorough enough.
How To Set Up a Hyper-V 2012 Virtual Switch
Rule #1: Unless you are very clear on what the defaults are and what you’re going to get, don’t use the GUI. If you’re installing Hyper-V as a role through Server Manager, don’t let it create a switch. PowerShell gives you far more control. More than a few of the people who create a switch with the GUI will wind up deleting their switch and making another one because the GUI didn’t even let them see the options that they wanted (this doesn’t apply to SCVMM which is smarter about creating switches).
It all starts with New-VMSwitch . Read the full documentation, if you like. I’m going to annotate Microsoft’s rather Spartan notes here:
AllowManagementOS
Set this to zero or $false . All this does is create a virtual adapter for you, which you then have to go back, locate, rename and change all the settings on. You can make your own virtual adapter with Add-VMNetworkAdapter that begins life with most of the settings that you want.
ComputerName
“One or more hosts”, as in, use this one line to create the same switch with the same settings on all the hosts in that new cluster of yours. Try that in the GUI. Leave this parameter off for the local system.
EnableIov
Another setting that’s inaccessible in the Server Manager wizard and can never be changed later. Of course, if your hardware doesn’t support it, setting this can end badly.
MinimumBandwidthMode
The cake is a lie. “Default Value: weight” is an error. The default is Absolute. This cannot be changed after the fact. So, if you used a GUI or trusted the documentation, congratulations! You can’t set QoS mode to Weight.
Name
I’m assuming everyone understands what this one does. Remember to choose a name you can type easily. Auto-complete doesn’t work for switch names.
Notes
That odd stuff you wanted to put in the switch name? Put it here. Or don’t. I’ve never used the Notes parameter but I’m assuming someone out there wanted it or it wouldn’t be here. The Notes are also visible on the property sheet of the switch in the GUI.
SwitchType
Internal or private. External automatically is chosen with the NetAdapterName parameter. Struggling with this one? Look here. As with the AllowManagementOS parameter, it doesn’t mean exactly what it says. If you choose Private and then use Add-VMNetworkAdapter to make a vNIC in the management OS on it, it becomes Internal. If you use Remove-VMNetworkAdapter on all its vNICs in the management OS, it becomes Private. There is no converting to or from the External type, though.
NetAdapterInterfaceDescription
This parameter indicates the physical adapter you want to create the switch on by its description. This isn’t incredibly useful because the description is probably a lot longer and more difficult to type than the name, but it does provide consistency with the way the GUI does things. As the documentation indicates, you can see the description in Get-NetAdapter . Don’t use this with Private or Internal switch type because you can’t and because if you could, it wouldn’t be a Private or External switch type.
NetAdapterName
The name of the adapter to create a virtual switch on. You can get a list of the adapters with Get-NetAdapter. This can be a physical adapter or the virtual adapter that is created when you team adapters together. It cannot be a virtual adapter on a virtual switch. As with NetAdapterInterfaceDescription, don’t use this with the Internal or Private switch types for exactly the same reasons. I haven’t tested to see if it’s possible, but I wouldn’t recommend that you use this with the NetAdapterInterfaceDescription parameter either. There’s nothing overtly wrong with the combination, but it’s not good for anything unless you need a line item to boost your résumé for your application to the Department of Redundancy Department.
Confirm
Just in case you want the system to ask you if you’re sure that you want to create the switch. I can envision plenty of cases in a script where you want this (and that’s why it’s there), but any time I use -Confirm during manual entry, it looks exactly like this: -Confirm:$false , because, if I don’t know what I’m doing, asking me if I’m sure won’t change the fact that I don’t know what I’m doing. So, all it can do is delay the amount of time it takes to prove that I don’t know what I’m doing, which also delays the time I can get started on fixing it. But, if using -Confirm makes you feel better, by all means, please use it. It’s a switch parameter, so you only need to specify $false if you both want to include the parameter and want it to be ignored. You also need a colon for that. There’s a joke in there somewhere.
What You Get
Either you get a brand new virtual switch, or you get an error. 50/50 odds aren’t too bad, I suppose. Realistically, you’re going to get errors because you tried to create an internal/private switch with an adapter or because you picked an adapter it doesn’t like. You can also get an error if you used the Confirm parameter, tried to pass in $false, and forgot the colon. If you’re getting other errors, share them.
If all went well, you’ve got the virtual switch you’ve always wanted. Try Get-VMSwitch to admire your handiwork. Now, you can start creating virtual machines and attaching their virtual adapters to your switch. They’ll connect by switch name. What you can also do is create virtual adapters in the management operating system. This is something you must use PowerShell for, because the GUI only lets you create a single virtual adapter for the management OS. The PowerShell way is Add-VMNetworkAdapter. Why is its verb “Add” instead of “New”? I have absolutely no idea. I can tell you that I was really angry when I spent fifteen minutes adding a bunch of virtual adapters to a system and then went to another host and tried to use Add-VMSwitch and it didn’t work the way I thought it should. I won’t embarrass myself further by admitting just how long it took me to remember that New-VMSwitch was the command I wanted.
The Fine Print
Some things that bear repeating and some other things you might be interested in:
- SR-IOV can only be enabled when the switch is created. It must then be set on the vNICs. Your physical adapter determines how many SR-IOV vNICs you can have. Check its documentation or ad sheet for Virtual Functions. One Virtual Function equals one SR-IOV vNIC.
- If you Live Migrate a VM with an SR-IOV adapter to a host that doesn’t have any available Virtual Functions, the Live Migration fails. The reason is that it’s like trying to replace the vNIC on the fly without interruption.
- You can use an adapter team for a virtual switch or you can enable SR-IOV. You can’t do both. Actually, you probably can set both, but SR-IOV won’t work. The reason is that the virtual machine talks directly to the Virtual Function, which is right on the hardware, which is difficult and maybe impossible to properly perform on a team. Given that VMQ works by singling out a team member, I suspect this might change someday. For now, team or SR-IOV, not both. You can team in the guest if it’s running 2012.
- You can’t team vNICs in the management OS, but you can in guest OSs if they support it (2012+ for Windows guests).
- VMQ (virtual machine queues) have limited slots like SR-IOV, also determined by the adapter hardware. Check with your hardware vendor. Unlike SR-IOV, nothing will fail if there aren’t any queues left and you don’t need to set anything on the switch.
- The switch can get squirrely if VMQ is on but the hardware won’t support it.
Running into issues using virtual switches?
I’ve got a handy guide on Troubleshooting Hyper-V virtual switches for you.
Not a DOJO Member yet?
Join thousands of other IT pros and receive a weekly roundup email with the latest content & updates!
15 thoughts on "Quick Guide to the Virtual Switch in Hyper-V Server 2012"
Eric, this is kind of a bonehead question, but I’ve looked around and haven’t been able to find an answer. The virtual switches provide 10 Gbps connections to guests. So, if I have two guests plugged into the same virtual switch, then they can connect to each other at 10 Gpbs. But, if my host has two physical 1 Gps nics, and I setup one virtual switch for each physical nic, and add one guest to each of these virtual switches, can these guests still communicate at 10 Gbps? Or, would traffic pass out and back in through each physical nic causing 1 Gbps communication between the guests?
Thanks,
Stephen
The 10Gbps display value is pretty much meaningless. When two adapters communicate, they are limited to the maximum speed of the slowest device in the communications chain. This is a universally applicable truism. The virtual switch itself can go very fast, hence the displayed value of 10G, but as soon as data crosses that physical uplink into the physical realm, the network hardware imposes a bottleneck.
In your situation, that uplink must be brought into play. The virtual switches cannot be linked to each other directly over the host fabric. Their only connection is through physical links. Therefore, they’ll have to make a trip over the 1Gbps adapters and switch and will be limited to 1Gbps.
If you want the guests to be able to communicate over the internal fabric, set up a private switch, add secondary adapters that don’t register in DNS, and leverage HOST files on the guest machines.
Thank you, that’s very interesting. I could see this as something that would be worth trying between my Sharepoint server and its database server, or my terminal server and the file server – as long as each guest pair are on the same host…
It seems like there some ways you could make this work with an existing DNS infrastructure. Would you happen to know of a good client to client network benchmarking app?
Stephen
I use iPerf, available on SourceForge. If you’re not into compiling from source, look for JPerf, also on SourceForge. It has a Java front-end which I don’t use because I don’t put Java on servers, but it does come bundled with a compiled version of iPerf.
You can use a manually-created A record in your DNS infrastructure. Still, make sure that private/internal adapters don’t register themselves. In DNS, make a “sv-targetserver-privateswitch” A record and have it point to the IP on the private/internal switch. Have services in the VMs on the same host target that name instead of the server’s actual name. There could be side-effects in some cases but it’s a fairly solid solution.
Eric, backing up a bit – If I had a host that was going to support 4 guests and had 5 NIC’s, my first inclination would be to give the host its own nic, and give each of the guests their own virtual switch and NIC as well.
But, we could put all 4 guests on the same virtual switch which would provide 10Gbps interconnects. With the 4 NICS, we could Team all 4 providing 4Gbps aggregate bandwidth to the common virtual switch. Seems win/win, they even seem to recommend this configuration in May 2013 Technet Mag article – Run Hyper-V on Commodity Hardware.
But, I have some concerns about this scenario –
1. With the NIC team, throughput is not the only thing that affects network performance. For example latency could cause performance issues that would affect the whole environment instead of being isolated to one NIC/switch/host.
2. What kind of performance information can we get out of these virtual switches? If a guest is hogging bandwidth or causing other network problems, how would we know? Task Manager and Resource Monitor certainly don’t help, and so far I haven’t been able to find any Perfmon counters that help.
Appreciate your comments Eric,
Stephen
Four virtual switches? That’s a lot of overhead and micromanagement at the expense of redundancy and the potential for exceeding 1Gbps on a vNIC.
Have you seen something that makes you concerned that teaming would introduce latency? My own measurements haven’t found any meaningful amounts.
Perfmon can read counters directly from the virtual adapters through the management OS. The category is “Hyper-V Virtual Network Adapter”. The available instances include all of the vNICs.
Hi Erick
thanks for share this article
I installwd windows 8.1 as my host windows and then installed visual studio 2013 on windows 8.1 .
then enabled hyper-v and installed all , win server 2012 , configures it , installed SQL server 2012 , configured it , installed Sharepoint server 2013 , configured it and create my first server farm . all are successful . but now , when I browse sp server administrator home page in my browser on windows 8.1 (host ) the browser load home page of sp server . but when I try to add sp connection to visual studio 2013 on windows 8.1 visual studio can’t and is not able to find sharepoint connection and server .
Please help me how can I add virtual hyper-v sharepoint server and connection to visual studio 2013 on windows 8.1 (host )
Great Thanks
And best regards :
Raha
Hello Raha,
I have no idea how to do this. It doesn’t appear that Hyper-V is the issue. You might try asking on the MSDN forums.
Can I possible change the connection type of my virtual switch with SR-IOV enabled?
Unfortunately, no. The SR-IOV switch is permanent. You have to delete and recreate the switch.
If you choose to do this, disconnect your VM adapters first. Your management adapters will be lost, although you can bounce them through a temporary switch first using our script, if you want.
We are upgrading our 2008 R2 HypV cluster to 2012 R2 using the same hardware. We have a virtual switch bound to a Windows team of 2 x 1Gbps NICs to be used for virtual machine traffic only. We have lots of other NICs for all the other network roles on 2012 R2. We haven’t had any noticable bandwidth contention issues using the same set up on 2008 R2 so do we really need to use minimumbandwidthmode? For example when is a good scenario for setting this to None?
Thanks
Whatever you set it to is permanent. It’s better to have the option and never use it than to not have the option.