Hyper-V Virtual Switch - Windows Server Tutorial

- [Narrator] A Hyper-V virtual switch is the connection between our host computer and a virtual machine. We're in a 2019 Windows server running Hyper-V. We'll open up our Hyper-V manager and we see several different virtual machines that are running and some that are turned off. If we go over to where it says virtual switch manager, we can see we have a virtual switch already configured called Virtual Switch 1. And we can see here that it's an external network which means that it can communicate with everyone. It can go out the internet, it can communicate with our LAN, and it could also go out to other subnets, if we had them configured. And we also see that it's using this particular adapter, which is a Qlogic adapter. If we hit the drop down, we see a lot of other adapter also available that we can use. If we choose to, we can use an internal network or a private network. So an internal network means that the virtual machines can communicate with each other as well as with the host. The private network allows only virtual machines to communicate with each other. So in most cases, we're going to want to configure the external network. We also have the option for configuring a VLAN ID. And this is if you're using a router or layer-three switch where you have multiple VLANs configured. If we expand our switch and click on extensions we see some options for Windows filtering as well as Azure. We also see the option for the Mac address. And this is the hardware address that is broadcast out to the switch. In some cases, you may end up with overlapping Mac addresses where you'll need to go in and edit these settings in order to keep from having two different virtual machines broadcasting through the same Mac address, which stands for media access control. And this is at layer two of our OSI model. The numbers and letters you see here represent hexadecimal, so that means you can use the number zero through nine as well as the letters A through F. A through F represent 10 through 15. Let's choose to create a new virtual network switch. Once again, we'll choose external because that's the most useful. And we'll click create the switch and we'll call this one Virtual Switch 2. We can't use the same network adapter that we used for our Virtual Switch 1, so we're going to choose a different one. Choosing the option to allow management operating systems to share the network adapter allows us to connect to this particular adapter for both the host as well as the virtual machine. And in most cases, this is recommended. We also have the option for enabling single, root IO virtualization. Which we'll be going over in a future video. Once this is done, we can apply it and it says here that we may see an disruption in network connectivity. Now we're not currently using this network adapter for anything else. So I don't see here a big issue with applying this particular network adapter. However, if you only have one network adapter then it is possible you'll see the screen flash, you may lose connectivity for a little bit and then it should reconnect. Now let's look at how we can assign this new virtual adapter to a virtual machine. Let's highlight one of our servers that's currently off. And we'll right click and choose settings. If we click on network adapter, we can change from Virtual Switch 1 to Virtual Switch 2. You can also set up our virtual LAN identification like we talked about previously. And we can set up bandwidth management. We can set up minimum and maximum packets that can float through this adapter. And that allows us to set up a quality of service so we don't end up having any particular virtual machine use too many packets and choke out a different virtual machines bandwidth. If you don't have high bandwidth usage, you can leave this unchecked. We also have a couple other options such as hardware acceleration and advanced features. And we'll be talking about some of these different features in upcoming videos. We saw the Mac address range when we created our virtual switch but you can also set up a static Mac address if you don't want to use that range. If you feel the need to add additional security, you can check the box for enabling Mac address spoofing. So that way it shows a fake Mac address when other people query it. The HCP guard allows us to drop any type of DHCP server messages from an unauthorized virtual machine pretending to be a DHCP server. When you create a virtual machine as a DHCP server, you need to go in an authorize it in order for it to serve DHCP automatic IP addresses to any type of computer, whether it's a virtual or physical. If we check this box, it's only going to accept DHCP IP addresses from any of those particular servers. And it won't accept DHCP from a router or a switch. And we have the same option for router guard. Where it also will drop any router advertisements if it's not authorized. If you have an intrusion detection system or prevention system, then you can set up mirroring mode. And we can do this in order for our IPS or IDS to be able to analyze our packets in a protocol analyzer. We can also establish a NIC team. And we'll be talking about this in upcoming videos and that allows us to provide redundancy as well as aggregate bandwidth. Virtual switches are versatile and necessary to properly manage and maintain virtual machines.