June 11, 2019
A How-To Guide on Setting Up Hyper-V VLANs
A virtual environment can consist of several physical servers, with multiple virtual machines (VMs) simultaneously running within each host. To ensure cooperation within such complex infrastructure, you need to enable communication between all of the system’s components. Previously, all communications between computers had been conducted using local area networks (LANs), which can span across only a limited area, or wide area networks (WANs), which can cover larger distances. Though effective, these types of networks can lack flexibility, scalability, and reliability.
However, achievements in server virtualization have triggered the development of network virtualization. As a result, virtual local area networks (VLANs) have been introduced, which can logically segment a physical LAN into different broadcast domains, thus allowing you to isolate network traffic in a secure and reliable way.
So, why should you deploy Hyper-V VLANs in the first place? – The answer is simple. A Hyper-V VLAN is a unique form of technology which can provide you with the following benefits:
- High performance. VLANs can decrease the latency and traffic load on the network and network devices.
- Using Hyper-V Manager or PowerShell cmdlets, you can easily create or delete virtual network adapters as well as virtual switches, thus allowing you to increase or decrease the scale of your virtual networks on demand.
- Using VLAN tags, you can easily isolate network traffic as well as restrict access to confidential information.
- VLANs can easily add, move, or change hosts on the network.
- With VLANs, you can access network services from any physical location, and an IT administrator can control the network traffic from a single pane of glass.
- Cost-efficiency. If your organization has multiple departments operating in various geographical locations, network virtualization eliminates the need for deploying expensive LANs for each geographical area.
In today’s blog post, we shall discuss in detail what a Hyper-V VLAN is, how virtual networks work, and which steps should be taken to deploy a Hyper-V VLAN in your infrastructure. Also, read further to learn what NAKIVO Backup & Replication can offer to protect your virtual environment.
What Is a Hyper-V VLAN?
A virtual LAN (VLAN) is a group of computers, servers, and other network devices which are logically connected and appear to work as a single LAN, regardless of their physical location. Previously, we had to create separate networks (for example, LAN 1 and LAN 2), with each of them operating in the same geographical area and having an individual switch. Due to the fact that LAN 1 and LAN 2 are two separate physical networks, the host connected to LAN 1 could not communicate with the host connected to LAN 2 and vice versa as there was no physical connection between their switches.
So, how do networks actually work? For example, you have two different departments, and don’t want these departments to have access to one another’s traffic. Hence, we would need to separate those networks. It can be done either physically (through creating individual LANs for each department) or digitally (through creating several VLANs). In a nutshell, creating and deploying two physical LANs is the same as deploying two virtual LANs. The difference is that two physical LANs or more would require separate switches, whereas two virtual LANs or more can operate on a single switch.
Hyper-V VLAN technology enables logical segmentation of networks, meaning that you can take a single switch and divide it into multiple logical networks. Note that the traffic of each network runs in isolation. Therefore, even though all virtual networks share the same hardware, Hyper-V VLANs can identify and read only their own network traffic. In truth, each virtual network is unaware of other virtual networks and is disconnected from them.
Moreover, by creating multiple Hyper-V VLANs, you can improve security within your system. For example, if you create different virtual networks for various departments and assign each department employee to a corresponding network, you can ensure that only selected users are granted access to confidential information.
Requirements for Hyper-V VLANs
In order to create and deploy Hyper-V VLANs, you would need to follow these requirements:
- Ensure that all networking hardware, including switches, routers, and network adapters, support the 802.1q standard, which helps to assign a tag into each Ethernet frame.
- Devices connected to the same VLAN must be assigned the same VLAN ID so as to enable secure communications between them. The VLAN identifier specifies the virtual LAN that this VM can use for conducting network communications through this network adapter.
- The host must run Windows Server 2008 (or later) or Hyper-V Server.
How to Set Up a Hyper-V VLAN
Generally, the process of setting up a Hyper-V VLAN requires two steps. First, you need to configure the virtual switch to enable network traffic on the physical switch port. Second, you must configure the VM to use a unique VLAN identifier for future network communications.
Configuring the Hyper-V virtual switch
In order to configure a selected virtual switch, you should do the following:
1. Open Hyper-V Manager.
2. In the Actions pane, click Virtual Switch Manager.
Here, you can create a new virtual switch (external, internal, or private) or you can configure the existing switches.
3. After selecting the required switch, you get access to configuring the virtual switch properties. In the VLAN ID section, check the Enable virtual LAN identification for management operating system Also, you must assign a unique VLAN identifier which will be used for network communications.
4. Click OK to save changes.
Configuring the Hyper-V virtual machine
The next step is to configure the VM to use VLAN identification. For this purpose, you need to take the following steps:
1. Open Hyper-V Manager.
2. In the Virtual Machines section, right-click the VM you would like to configure and select Settings.
3. Click Network Adapter to see network adapter properties. Check that the network adapter is connected to the right virtual switch.
4. Next, check the Enable virtual LAN identification box and assign the same VLAN ID that you used earlier. As a result, all network traffic travelling through the physical network adapter connected to this virtual switch will be tagged with the VLAN ID you have just set.
5. Click OK to save changes.
Your VM and a virtual switch have been properly configured and you can now ensure reliable traffic isolation using Hyper-V VLANs.
Once you have built a Hyper-V environment and made sure that it works as required, you need to take care of its security. NAKIVO Backup & Replication is a reliable, affordable, and powerful data protection solution, which can help you protect multiple environments using the following data protection options: backup, backup copy, backup to cloud, replication, and site recovery.