If you followed yesterdays post explaining the basics of networking in Hyper-V, you may be wondering what the different types of virtual networks are, when you should use them, and how they look in terms of traffic flow.
When you open Virtual Network Manager from Hyper-V Manager, there are three types of virtual network which can be created: External, Internal and Private. There is also a fourth type which can only be created through WMI and doesn’t have an official name, but I’ll call it a “Dedicated” virtual network (thanks Jake who came up with the suggestion!). Let’s look at each type, and when it is appropriate to use them. External External virtual networks are used where you want to allow communications between
Internal Internal virtual networks are used where you want to allow communications between
In a block diagram, an internal network is an external network without the binding to a physical NIC. An internal network would commonly be used to build a test environment where you need network connectivity into the virtual machines from the parent partition itself.
Private virtual networks are used where you want to allow communications between
In a block diagram, a private network is an internal network without a virtual NIC in the parent partition. A private network would commonly be used where you need complete isolation of virtual machines from external and parent partition traffic. DMZ workloads running on a leg of a tri-homed firewall, or an isolated test domain are examples where this type of network may be useful.
Dedicated networks are in some ways one of the most useful type of virtual network where you dedicate a physical NIC for use just by virtual machines. They allow communication between:
Note that the parent partition is unable to use a dedicated virtual network for its own communication. You would normally have a second physical NIC for use by the parent partition, as was discussed yesterday. In a block diagram, a dedicated network is an external network without a virtual NIC in the parent partition.
Note that you can achieve something functionally identical to a dedicated network by creating an external virtual network, and unbinding the protocols from the newly created virtual NIC in the parent partition. However, I would personally recommend you deploy a dedicated virtual network “correctly” to avoid accidental changing of bindings on the virtual NIC, or to avoid confusion as to what is present in the network adapters control panel applet. (And before you ask, I don’t have a sample script to create a dedicated virtual network yet. A post for another day).