Building network automation solutions

9 module online course

Start now!

Networking Enhancements in Windows Server 2012 R2

The “What’s coming in Hyper-V Network Virtualization (Windows Server 2012 R2)” blog post got way too long, so I had to split it in two parts: Hyper-V Network Virtualization and the rest of the features (this post).

Stateful VM NIC firewalls. Windows Server 2012 included some basic VM NIC filtering functionality. Release 2 has built-in stateful firewall. It’s similar to vShield App or Juniper’s VGW – it can create per-flow ACL entries for return traffic, but does not inspect TCP session validity or perform IP/TCP reassembly.

Dynamic NIC teaming can spread a single TCP flow across multiple outbound NICs – a great solution for I/O intensive applications that need more than 10GE per single flow (obviously it only works with ToR switches that have 40GE uplinks, 10GE port channel uplinks on most ToR switches would push all traffic of the same flow onto the same 10GE uplink).

Hyper-V Network Virtualization is now part of extensible switch. The initial release of HNV was implemented as a device filter sitting between a physical NIC and the extensible switch. Switch extensions had no access to HNV (just to customer VM traffic) as all the encap/decap operations happened after the traffic has already left the extensible switch on its way toward the physical NIC.

Next release of HNV will integrate HNV with the extensible switch, giving switch extensions access to customer (VM) and provider (underlay) traffic – ideal if you want to capture or filter both VM-side traffic and encapsulated traffic.

Virtual RSS (vRSS) uses VMQ to extend Receive Side Scaling into VMs – traffic received by a VM can spread across multiple vCPUs. Ideal for high-performance appliances (firewalls, load balancers).

Remote live monitoring similar to SPAN and ERSPAN, including traffic captures for offline analysis.

Network switch management. Microsoft is trying to extend their existing OMI network management solutions into physical switches because we desperately need yet another switch management platform ;)

More information

Add comment