Re: Server 2008 NAT and VM adapters

From: "Bill Grant" <not.available@online>
Date: Thu, 2 Apr 2009 10:18:58 +1100

"Tom M" <thomas.a.meier@xxxxxxxxx> wrote in message news:5323696c-db58-408c-85b9-50ece3f6e0ba@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Ok, so I'm a bit of a newbie, but I've gotten pretty far in setting up
our church network. What we got: Windows Server 2008 Enterprise.
I've installed Server Core with Hyper-V as the host machine on the
physical box, and created 3 VM's. VM1 is the primary DC; VM2 is the
backup DC and file server; VM3 has RRAS and NAT on it (w/ print
services following later). The physical server has 2 NIC's: one
connected to the cable modem (Internet) and one connected to the
network switch (LAN).

VM3 has two virtual network adapters, each piggybacking on the
physical adapters. VM3 is acting as the gateway for clients (also
connected to the switch) to the Internet. This was for security
purposes, to isolate the Internet from the LAN. Now, my issue is two
parts:

1. Internet access is pretty slow, much slower than when the gateway
for the clients was the modem. Not quite dial-up slow, but pretty
close. Sometimes connections even time out. Not that internal access
is quite fast.

2. When I create VM's it seems I HAVE to use the legacy adapters.
Here is the weird thing: I originally installed the full version (not
Core) of Enterprise as the host machine to fool around (I later wiped
it and installed Core), and created VM's. I could have sworn that
when I created the VM's, I did not have to use the legacy adapter
option when creating the virtual adapters. Now that I'm using Core,
is there something else I need to do, to not have to use the legacy
adapters? I am wondering if the legacy adapters are making the
Internet access slow for clients?

Bonus question: is it absolutely necessary to isolate the switch from
the Internet to maximize security? Or should I just go ahead and plug
the switch into the modem and have the clients' gateways be the
modem? How would this affect VPN capabilities I'd like to have later?

Tom

Meinolf is correct. The hyper-v forum would be a better place to post this.

If it turns up there I will probably answer it anyway, so here are a few pointers.

1. If you are not an experienced sysadmin proficient at running installations from the command line, Server Core is a bad decision. You really need the GUI screens.

2. Core will not be the problem with the synthetic NICs. The drivers for the synthetic NICs are loaded when you install the integration components (vmguest.iso).

3. Running RRAS/NAT in a vm is not a problem and you should not notice any slowdown. (I have a system running that way). However, I cannot see any reason to do it in your case. It is only sensible if you want to isolate the machines on the virtual network from the LAN machines. As I see it, your LAN machines are clients of the DCs running in the vms.

4. Make sure that you have the latest version of Hyper-V. This should be there already if you have automatic updates configured.

I would go back to a full install, not core. I would install a simple hardware NAT router between the cable modem and the switch. Configure the Hyper-V server to have only one NIC associated with a virtual switch (ie configure the virtual switch so that it is simply an extension of the physical LAN). Install the integration components on the vms.

Configure the DHCP server on the NAT router to hand out its own IP as gateway but the DC for DNS. If it cannot do that, disable DHCP here and run DHCP on your DC.

Configure the DNS server on the DC to forward to a public DNS server.

You now have a much simpler network that looks like this.

Internet
|
cable connection
NAT router
192.168.21.1 (or whatever)
|
client machines
192.168.21.x dg 192.168.21.1 dns 192.168.21.11
|
DC vm
192.168.21.11 dg 192.168.21.1 dns 192.168.21.11

.

References:
- Server 2008 NAT and VM adapters
  - From: Tom M

Prev by Date: Re: Sporatic printing, maybe network issue?
Next by Date: nslookup and internal server
Previous by thread: Re: Server 2008 NAT and VM adapters
Next by thread: Sporatic printing, maybe network issue?
Index(es):
- Date
- Thread

Relevant Pages

Re: network slows down after SP2 install
... the machines updated from W2K still open and read the ... Locate the "Microsoft network server: ... Install SP2 for WIN XP and latest service pack for Office 2003 on ... Microsoft CSS Online Newsgroup Support ...
(microsoft.public.windows.server.sbs)
Re: network slows down after SP2 install
... These machines cannot even run the program locally being disconnected from the server with a local copy of the database. ... Install SP2 for WIN XP and latest service pack for Office 2003 on ... Microsoft CSS Online Newsgroup Support ...
(microsoft.public.windows.server.sbs)
RE: OT: Whats the deal with Ubuntu?
... distribution of core apps for a given app/service would probably be useful. ... -project management server ... Fedora isnt Ubuntu or viceversa though these two ... farms where the drives are cloned, or at least it's a network install ...
(Fedora)
Re: Exchange on VMWare
... I have found in the past that installing exchange on the dc then removing it ... Check to be sure that your virtual member server is also using your vm dc ... resources outside of my vm machines, I just want this member server ... However when i install exchange on the member server it cannot find the ...
(microsoft.public.exchange.setup)
Re: network slows down after SP2 install
... duo xp pro machines are the slower ones. ... terminal services as well on this server which is the domain controller. ... It is also odd that the physical network now cannot run ... machines with the SP2 install that prohibits running the program either ...
(microsoft.public.windows.server.sbs)