2

I have a set of physical hosts with Windows Server 2008 R2 SP1 installed. Each physical host has the Hyper-V role installed and is configured to be part of a failover cluster (called cluster0).

Here is the example I need to replicate on my cluster. (This example is implemented on a single, non-clustered host). I one virtual machine configured as my gateway with the Routing and Remote Access (and NAT) role installed. This virtual machine has two virtual network interfaces: one Internal (to communicate with the physical host) and one Private (to communicate with virtual machines on the same network). All additional virtual machines have a single virtual network interface which is connected to the Private network. All virtual machines in the private network are able to communicate with each other as well as the outside world (because of NAT/gateway). I have multiple sets of this configuration that communicate with each other through the gateways but the private traffic remains on that network. Also, each analogous virtual machine across private networks have the same IP address.

How can I mimic this in a failover cluster? I know that Internal/Private network are isolated to a particular host, but I feel there is a way to do what I need. I can't be the only one who is interested in doing this either. Is this possible in Server 2008? Have they changed Server 2012 to allow for this?

Thank you all in advance!

longneck
  • 23,082
  • 4
  • 52
  • 86
Kevin Mangold
  • 158
  • 1
  • 1
  • 8
  • I don't understand what you have to do different in a cluster. Your RRAS server will be on a single host at any given time, but since all the hosts are connected to the same physical switch then they should all be able to use that RRAS box to get out. – SpacemanSpiff Oct 05 '12 at 20:15
  • I apologize for the lack of clarity. I need to be able to do this with multiple sets of like networks. I.e., gateway0 providing NAT for 5 virtual machines, gateway1 providing NAT for another 5, gateway2 providing NAT for an additional 5, etc. I have hopefully updated the question to make this more clear. – Kevin Mangold Oct 05 '12 at 20:28

2 Answers2

3

First, in Windows 2008, your Private network cannot span hosts in the cluster. As you mention, they will be limited to each cluster node. To work around this, you will need to setup a VLAN on your network and attached this to the guests as an External network.

As for Windows 2012, you still can't span the Private network, but you have a new option with Hyper-V Network Virtualization. This feature will encapsulate the packets on a private virtual network with GRE without relying on VLANs to segregate traffic. This may be good or bad depending on your requirements.

For only doing one or two "private" networks, I will still rely on VLANs, but if you are setting up multiple of theses, than this new Network Virtualization feature might be useful.

More information is available on Technet here.

Doug Luxem
  • 9,612
  • 7
  • 50
  • 80
  • I will check out 2012 next week. I am running 2012 on a few machines, but they aren't clustered. I will let you know what I find out! – Kevin Mangold Oct 05 '12 at 21:38
2

Some options:

1) VLAN

Instead of having a separate vswitch for each private network, connect the private virtual NICs all to the same vswitch as your public network, but assign a separate VLAN for each private network. You will need to configure your real switch to accept tagged frames.

2) Dedicate one NIC per private network

Each vswitch for each private network will need a real NIC dedicated to that vswitch. That real NIC should be connected to the corresponding real NIC on the other server.

3) Make sure that all of the private VM's are on the same host as the gateway VM

longneck
  • 23,082
  • 4
  • 52
  • 86
  • Yeah, VLANs will most likely be what we will use. Options 2 isn't quite feasible as we would need 10-20 NICs per host. And 3 isn't available either since we would lose benefits of having everything clustered. – Kevin Mangold Oct 05 '12 at 21:37
  • Really? What benefits do you lose? Clustering doesn't enable you to run a single guest on multiple hosts, so you will have to distribute your hosts anyway. – longneck Oct 06 '12 at 00:06
  • I would lose the ability to run multiple virtual machines on different hosts but are not on the same network. – Kevin Mangold Oct 06 '12 at 01:10
  • Do you really need that ability? Because of your unusual network requirements, I would argue that the simplicity that you get with option three is worth the sacrifice. The only case where it doesn't work is if one group of guests is too large to run on a single host. – longneck Oct 06 '12 at 01:52
  • My answer is a debate between *need* versus *convenience*. This is not a production environment so, I hate to say, convenience wins. Failover clustering is one of the requirements for this environment. If I need to ensure that specific guests run on specific hosts, that defeats the purpose of the cluster. I would love if that wasn't true, then I would do option 3 without question. – Kevin Mangold Oct 06 '12 at 12:32