How To Configure Hyper-V Virtual Switch That Supports NAT ...

In Windows Server 2016 Technical Preview 4 and Windows 10 build #1058, Microsoft included a new Virtual Switch Type called Network Address ... Skiptocontent CHARBELNEMNOMSharethispost:ShareonTwitter ShareonFacebook ShareonLinkedIn ShareonEmail[Updated03/05/2016:New-ContainerNetworkattheendofthispost]InThisArticleIntroductionNetworkAddressTranslationOverviewStep1–CreateinternalvirtualswitchStep2–ConfigureNATgatewayStep3–ConfigureNATNetworkStep 4–Connectyourvirtualmachinetotheinternal“NAT”networkswitchContainersNetworkIntroductionInWindowsServer2016TechnicalPreview4andWindows10build#1058,MicrosoftincludedanewVirtualSwitchTypecalledNetworkAddressTranslation(NAT),whichallowsVirtualMachinestohaveanInternalNetworkandconnecttothephysicalworldandhaveInternetaccess.TheNATmodewasbasicallybuiltforWindowsServerContainersandHyper-VContainers,becauseWindowscontainersfunctionsimilarlytovirtualmachinesinregardstonetworking.Eachcontainerhasavirtualnetworkadapterwhichisconnectedtoavirtualswitch,overwhichinboundandoutboundtrafficisforwarded.ThisfeatureissoconvenienttogiveInternetaccesstovirtualmachineswithoutbridgingtheWi-FiadaptersorusingRRAS/Linuxserver.ThisfeaturewasnotexposedintheUI,youneedtousePowerShelltocreatethe“NAT”VirtualSwitchtype.InWindowsServer2016TechnicalPreview5andthelatestWindows10build#14295,Microsoftremoved“NAT”VMSwitchType…It’sgone!However,thegoodnewsis,theNATnetworkscanstillbecreatedandcustomizedusingPowerShellcmdletsbutindifferentway.NetworkAddressTranslationOverviewEachvirtualmachineisconnectedtoaninternalvirtualswitchandwilluseWinNATtoconnecttoaprivateIPsubnet.WinNATgivesavirtualmachineaccesstonetworkresourcesusingthehostcomputer’sIPaddressandaport.WinNATwillperformbothnetworkaddresstranslation(NAT)andportaddresstranslation(PAT)betweenthecontainer/Hyper-Vhostandthecontainers/virtualmachinesthemselves.ThisfeatureisnotincludedintheUIofcourse,butyoucanusePowerShelltocreatethe“NAT”internalVirtualSwitch.Step1–CreateinternalvirtualswitchNew-VMSwitch–SwitchName“NAT_vSwitch”–SwitchTypeInternal–VerboseStep2–ConfigureNATgatewayInordertoconfigureaNATgatewayusingNew-NetIPAddress,you’llneedabitofinformationaboutyournetwork,youwouldusethefollowingsyntax.NoticethatadditionalparametersincludingIPAddress,PrefixLengthandInterfaceIndexcanbespecifiedbyusingPowerShell.New-NetIPAddress–IPAddress172.31.1.1-PrefixLength24-InterfaceIndex16–VerboseIPAddress:IPv4orIPv6addresstouseastheNATgatewayIPwhichwillbeassignedtothe(vEthernet)internalswitch.PrefixLength:Isasubnetmask,therangewillbeavaluefrom0upto32.YouwanttodefineaSubnetMasktobeusedbytheNATinternalswitch.InterfaceIndex:IstheinterfaceindexoftheinternalswitchthatwecreatedinStep1.YoucanuseGet-NetAdaptertodeterminetheifIndexnumber.Inmycasehere,theInterfaceIndexis16.Step3–ConfigureNATNetworkInordertoconfigureaNATnetworkusingNew-NetNat,you’llneedalsoabitofinformationaboutyournetworkandtheNATgatewayweconfiguredinStep2.youwouldusethefollowingsyntax.NoticethatadditionalparametersincludingNameandInternalIPInterfaceAddressPrefix.New-NetNat–NameNATNetwork–InternalIPInterfaceAddressPrefix172.31.1.0/24–VerboseName:ThisisthenameoftheNATnetwork.IfyouwanttoremovetheNATnetworkinthefuture,you needto useRemove-NetNAT–Name.InternalIPInterfaceAddressPrefix:ThisistheNATsubnetnetworkdescribesforboththeNATGatewayIPprefixandtheNATSubnetmaskfromStep2.Inmycasehere,theNATsubnetnetworkis(172.31.1.0)andthesubnetmaskis(24)whichis255.255.255.0.Step 4–Connectyourvirtualmachinetotheinternal“NAT”networkswitchYouneedtoconnecttheinternal“NAT”switchyoucreatedinStep1toyourvirtualmachineusingtheVMSettingsorusingPowerShell.Get-VM|Get-VMNetworkAdapter|Connect-VMNetworkAdapter–SwitchName“NAT_vSwitch”Inthefinalstep,youneedtosetmanuallyorthroughDHCPanIPAddress(anddefaultGW)tothevirtualmachineonthesameNATsubnet,inmycasehereit’s(172.31.1.0/24)anddefaultgateway(172.31.1.1).Hereyou go…YourvirtualmachinesarenowcommunicatingtotheexternalworldNote:Atthetimeofthiswriting,Hyper-VonlyallowsyoutocreateoneNATnetwork.ContainersNetworkTheNew-ContainerNetworkcmdletcouldalsobeusedtoconnectVMstoaNATnetworkifyouinstalledtheContainerfeatureontheHyper-Vhost,butitshouldbe usedwithcaution,becausethecmdletwasdesignedforWindowsServerContainersandinstructsthehostnetworkservicetoallocateIPstocontainersfromtheNATnetworkrange.YouwouldhavetomanuallyassignIPanddefaultgatewaytotheVMandmakesuretheIPaddressisn’talreadyassignedtoaContainer.Pleasenote,thehostnetworkservicewon’tknowthatyouhaveassignedanIPfromthisrangetoaVMandsomaytryandre-assignthesameIPtoacontainerinthefuture,thusyouwillend-upbyhavinganetworkconflict.Therecommendedwayistousethemethoddescribedinthispost.HappyNatting!ManyThankstoJasonMesser(MicrosoftPMontheSDNTeam)fortheinformation.Cheers,-CharbelRelatedPostsPreviousHowToUpdateandPatchNanoServerwithPowerShell?#NanoLove#WS2016GettingStartedwithAzureResourceManagerandAzureDeployment#ARM#Microsoft#AzureNextLetmeknowwhatyouthink,oraskaquestion...CommentName EmailNotifymeoffollow-upcommentsbyemail.Notifymeofnewpostsbyemail. ΔThissiteusesAkismettoreducespam.Learnhowyourcommentdataisprocessed.ThankYouforVisiting!2,812,336visitorsCan’tkeepupwiththetutorials?SubscribeToday!BadgesAndCertificationsHornetSecurityAzureStorageEssentialTrainingHomeABOUTADVERTISECOURSESBOOKSMeetupLINKSCONTACTPRIVACYPOLICYDONATEDISCLAIMERSUBSCRIBE CloseThecontentofthiswebsiteiscopyrightedfrombeingplagiarized!Youcancopyfromthe'CodeBlocks'in'Black'byselectingtheCode.Pleasesendyourfeedbacktotheauthorusingthisformforany'Code'youlike.Thankyouforvisiting!Javascriptnotdetected.Javascriptisrequiredforthissitetofunction.Pleaseenableitinyourbrowsersettingsandrefreshthispage!ThankYou! xx