Configuring Networks and Logical Switches
In part two of the video series we go over how to implement logical networking in System Center Virtual Machine Manager 2012R2 (SCVMM). First we provide an overview of logical networking and why it is a good idea. We then talk about each of the fabric components necessary to implement logical networking. Finally, we implement logical networking in the SCVMM GUI then show the process for implementation with PowerShell.
Logic Networking Overview
Logical networks provide a way for administrators to represent the physical network configuration in the virtual environment. This enables many features such as delegating access to network segments to specific user roles. It also eases the deployment of converged networking and can help ensure all of your Hyper-V hosts have identical network configuration. If someone makes a change to the network configuration in Hyper-V manager or Failover Cluster manager the host will be flagged as not compliant in SCVMM. The network configuration deployed via logical networking resides on the Hyper-V hosts and is not dependent on SCVMM to stay online. This configuration survives reboots even if SCVMM is offline.
When deploying logical networks the management IP must be available the entire time the switches are deployed. This can be challenging when a system only has two NICs as the management VLAN must be available as both tagged and untagged (native). Systems using more than two adapters are easier to configure as the management interface can be can be deployed locally before the system is imported into SCVMM.
Some of the logical networking features can be used when importing Hyper-V hosts with an existing virtual switch. SCVMM will detect existing configurations as ‘Standard Switches’. The administrator must manually select the logical networks in the properties of the host hardware to use virtual networks.
This diagram shows how all of the fabric components in SCVMM relate to one another.
This component allows you to assign a network segment (VLAN) to a virtual adapter. It is created under ‘VMs and Services’ rather than Fabric-Networking. One VM network will typically be associated with one network segment. This gives the network segment a friendly name that can be used so that users do not need to know subnets or VLANIDs. It also can have permissions assigned so that only certain users can select the network segment in their virtual machines.
Logical networks represent a group of network segments. Logical networks may group network segments in many ways:
- Single segments or VLAN
- All Production segments in all sites
- All segments in a single site
Logical Network – Network Site
Logical network have a subcomponent called a network site. A network site can be used to associate network segments with host groups. Multiple sites can exist in a single logical network. Network sites are primarily used to represent geographies or unique areas such as a DMZ.
Logical Network – Network Site – Subnet / VLAN
Subnets and VLANs can be defined within the network site. Subnets/VLANs are used to associate one or more network segments within a site. You do not have to populate the subnet field in all cases.
This component is used to associate a range of IP Address with a network segment. VMM can then assign these addresses statically to VMs or Hyper-V hosts.
Two types of port profiles exist, ‘Uplink’ and ‘Virtual Adapter’. Uplink port profiles are used to represent the network segments (VLANs) in the configuration of a physical switch port to which a Hyper-V host is connected. It is also used to define the teaming and load balancing mode for a host.
Virtual Adapter port profiles provide a way to create a collection of setting pertaining to virtual adapters. These profiles can define settings such a network optimization, security and QoS. Virtual adapter port profiles are assigned to virtual adapters in VMs and Hyper-V hosts.
The logical switch component is a vSwitch deployed by SCVMM employing a network topology and configuration defined by the components listed above. It is not possible to import existing Hyper-V network configurations into SCVMM as logical switches. Both the LBFO Team and the vSwitch must be created by SCVMM. By forcing deployment with SCVMM this ensures configuration uniformity among the hosts where it is deployed.
A logical switch will have an association with one or more virtual adapter port profiles. It will also have at least one uplink port profile. When deploying a logical switch one uplink port profile is selected and this will determine the teaming and load balance modes for the vSwitch. Logical networks are the last network fabric component deployed as they depend on the other fabric components.
In the video we deploy a sample configuration with two data center sites. These sites have several network segments each. The segments are grouped into 3 logical networks: Dev, Backup and Prod. Dev is only in Las Vegas while Prod is in both datacenters. Prod uses a different VLAN ID in each data center. Backup is a single stretched VLAN. Two uplink port profiles are created to describe the two possible switch port configuration for the Hyper-V hosts. In this case the switch ports are uniformly configured within a site, so one port profile is required for the Seattle datacenter and a second for the Las Vegas datacenter. These port profiles can be used to create two possible logical switches: Host and Virtual Machine. In our example we use separate physical adapters for the host traffic and the VM traffic.