Most of us IT Pros usually have a lab of some kind. Mostly running some form of virtualization and if you are Microsoft savvy, chances are you are running Hyper-V either on Windows 7/8 pro edition so you can carry your lab around with you or have a Windows Server with Hyper-V. When we try to mimic real world complexities in these labs, routing becomes one essential component of these labs.
Most of the times we are squeezed for resources and if you are like me, you would like to avoid creating an extra VM for routing and use those resources for something else when possible.
So the obvious question that comes up often is how do you route between your lab VMs on Hyper-V without creating an extra “router” VM?
For this article, let’s assume a small lab. The one where you have all VMs located on single host. Your need to have 2 subnets connected via a router.
I have setup a single Windows Server 2012 R2 host for this article. I have also created two VMs that will go on two networks I mentioned earlier. Let’s assume one VM is going to be New York, I call it NY-S1. We are going to have another machine somewhere in Europe. I call it EU-S1. Here’s what the IP addressing looks like:
|Subnet||VM||VM IP||Router IP|
Now that we know how we need our lab setup, let’s see how we can configure it. The question is, who is playing role of a router? The answer is very simple: Hyper-V host! And no you don’t need to install RRAS on the host either! What I am going to show you is an age old trick!
KB Article KB323339 from Microsoft discussed how to enable TCP/IP forwarding on Windows Server 2003, however, the referred registry entry “IPEnableRouter” can be traced all the way back to Windows NT 4. When you change IPEnableRouter from 0 to 1, you are allowing packets from one interface to be forwarded to any other interface connected to the same server. i.e. you are making it a router!
So let’s configure our Windows Server 2012 R2 host first. To keep this simple, I will use elevated PowerShell and run the following:
Set-ItemProperty -Path HKLM:\system\CurrentControlSet\services\Tcpip\Parameters -Name IpEnableRouter -Value 1
There is going to be no response from PowerShell except it will return you back to prompt. If you get something back, most likely it would be because you didn’t elevate PowerShell or you don’t have administrative permissions to edit that registry key.
Since we are changing parameters for TCPIP service, the change won’t be effective until after a reboot. Go ahead and reboot your Hyper-V host now.
Once your host is rebooted, we are ready to configure host networks. We will create two networks using “internal” type for virtual switch. One for NY and one for EU. We will simply call them that to make it easy. Here’s how:
New-VMSwitch -Name “NY” -SwitchType Internal
New-VMSwitch -Name “EU” -SwitchType Internal
Sorry if you were expecting GUI and screenshots. I am sure you can figure that out if you don’t want to use PowerShell.
Before we work on VMs, we have one more step to complete on host. You will notice that when you create two switches above, two new NICs showed up in your Network and Sharing Center. Each named “vEthernet (NY)” and “vEthernet (EU)”. Let’s give each one its IP:
New-NetIPAddress -InterfaceAlias ‘vEthernet (NY)’ -IPAddress 172.16.111.1 -PrefixLength 24
New-NetIPAddress -InterfaceAlias ‘vEthernet (EU)’ -IPAddress 172.16.112.1 -PrefixLength 24
This will configure host interfaces with IP addresses that will become default gateway for VMs.
Phew, on home stretch. With host configuration out of the way we can now connect VMs to their respective switches:
Connect-VMNetworkAdapter -VMName NY-S1 -SwitchName NY
Connect-VMNetworkAdapter -VMName EU-S1 -SwitchName EU
Last step is to configure VMs with their respective IP and default gateway. I am sure this isn’t something you need help with so go ahead and take care of that step.
At this time, you should be able to ping EU VM from NY and vice versa. Keep in mind that default firewall rules on your VM may be blocking ICMP and you may get request timed out. If so, check your firewall configuration and allow ICMP or test using something else that is allowed by firewall rules.
How’s that for a router that’s built-into your environment and doesn’t need an extra VM chewing up those valuable computer resources?
In Part 2, we will discuss how you can configure routing if you have multiple Hyper-V hosts in your lab.
Remember, all things discussed in this articles are for your LAB not for your production environment. Please use proper routing for that.