You are browsing the archive for Hyper-V.

PowerShell: BgInfo Automation script

9:19 am in BgInfo, Client Hyper-V, Hyper-V, PowerShell, scvmm, VM Template, Windows Server 2016, Windows Sysinternals, WS2016 by Wim Matthyssen

Probably everyone knows the Windows Sysinternals tool BgInfo (currently version 4.21). For those who don’t, it’s a great free tool which captures system information from a workstation or server (probably where it is the most useful) and displays the catched data on the Desktop of that machine. It can show useful information like, DNS settings, used IP Addresses, computer name, domain name, OS version, memory, etc. If you want to read more about this tool you can do so via following link: https://technet.microsoft.com/en-us/sysinternals/bginfo.aspx

Whenever I create a new Windows Server 2016 Virtual Machine (VM) template for customers, I mostly add this tool in the base image (also called golden image) and set it so it starts up automatically whenever a user logs on to the server. To automate this process, I wrote a PowerShell script which does all of the following:

  • Download the latest BgInfo tool
  • Create the BgInfo folder on the C drive
  • Extract and cleanup the BgInfo.zip file
  • Download the logon.bgi file which holds the preferred settings
  • Extract and cleanup the LogonBgi.zip file
  • Create the registry key (regkey) to AutoStart the BgInfo tool in combination with the logon.bgi config file
  • Start the tool for the first time

Prerequisites

Windows PowerShell 5.0

PowerShell script:

To use the script copy and save the above as BGInfo_Automated_v1.0.ps1 or download it here. Afterwards run the script with Administrator privileges from the server you wish to use for your VM template. If you want to change configuration settings, just open the logon.bgi file and adjust the settings to your preferences.

image

image

image

image

Hope this script comes in handy for you. If you have and questions or recommendations about it, please contact me through my twitter handle.

Wim Matthyssen (@wmatthyssen)

2016: My blog year in an overview

2:37 pm in Azure, Azure Backup, Azure RemoteApp, Client Hyper-V, Cloud, DC, Hyper-V, IaaS, PowerShell, Private Cloud, Public Cloud, Replica DC, SCAC 2012 R2, SCVMM 2012 R2, System Center 2016, W2K12R2, Windows 10 by Wim Matthyssen

Hi all,

As a blogger completely focused on Microsoft technologies, it was a fun year of writing about all those interesting and ever changing products and services. As we almost end the year 2016 and are preparing for 2017 to start, I wanted to make a list of all the blog posts I wrote throughout the twelve months of 2016. During the year, I’ve published 26 blog posts mostly about Azure, the System Center Suite and Hyper-V. Below you can find them all divided by technology.

 

clip_image002

Azure Compute – IaaS (ASM)

Step-by-step: Move an Azure IaaS VM between different Azure Subscriptions

Clean up Azure PowerShell when using different Azure subscriptions

Replica DCs on Azure – Removing the Azure Endpoints

Replica DCs on Azure – Transferring FSMO roles to the IaaS DCs

Replica DCs on Azure – Manage the Time Configuration settings on the DCs

Replica DCs on Azure – Domain Controller Health Check

Replica DCs on Azure – Promote the Azure IaaS VMs to a domain controller

Replica DCs on Azure – Add the Active Directory Domain Services role

Replica DCs on Azure – Adjustment of some server settings before promoting the DCs

Replica DCs on Azure – Initialize and format the additional data disk

Replica DCs on Microsoft Azure – Create the VMs with Azure PowerShell

Step by step: Change the drive letter of the Temporary Storage on an Azure IaaS v1 VM

 

Azure Networking

How to connect an Azure ARM VNet to an ASM VNet using VNet Peering

Replica DCs on Azure – Switch DNS servers for the VNet

Replica DCs on Azure – Create the Active Directory site for the Azure VNet

 

Azure Backup

Microsoft Azure Backup Server: Install a new version of the Microsoft Azure Recovery Services Agent

Microsoft Azure Backup Server: System State backup fails with WSB Event ID: 546

Microsoft Azure Backup Server: System State backup fails with the message replica is inconsistent

Step by step: How to install Microsoft Azure Backup Server (MABS)

 

Azure RemoteApp

An RDP connection to the Azure RemoteApp custom VM fails with the following error: “No Remote Desktop License Servers available”

 

Windows 10

How to deploy Windows 10 from a USB flash drive

 

System Center

System Center 2016 evaluation VHDs download links

Step by step: How to connect SCAC 2012 R2 to SCVMM 2012 R2 and Microsoft Azure

Step by step: Installing SCAC 2012 R2

 

Hyper-V

A list of tools that can be used to do a V2V from VMware to Hyper-V

Client Hyper-V – Using nested virtualization to run Client Hyper-V on a Windows 10 VM

 

Before I wrap up this blog post, I want to thank you all for reading my blog posts in 2016, and I really hope you will keep doing so in 2017. I wish you all a healthy, successful and outstanding New Year! See you all in 2017!

Wim Matthyssen (@wmatthyssen)

System Center 2016 evaluation VHDs download links

4:04 pm in Hyper-V, SCDPM, SCOM, SCORCH, SCSM, scvmm, System Center 2016, VHD by Wim Matthyssen

 

Hi all,

Just a short blog post today. Like you probably already know System Center 2016 is officially launched on the 26th of September during Microsoft Ignite.

 

clip_image002

For all you guys running Hyper-V 2012 R2, and I hope that are a lot of you, Microsoft recently also released the System Center Evaluation VHDs (RTM version). The different download links, which you can find below, each consists of files that you extract into a single pre-configured VHD file. There are VHDs for several different System Center components like SCVMM, SCOM and SCDPM, but also for SCSM and SCORCH. When each VHD is downloaded it will enable you to create a VM (Generation 1) which you can use to evaluate and test each different System Center component. Be aware that most of these VMs ran in a Workgroup. It’s best to already have a DC configured and setup in your test environment, so you can join them into your test domain before you start playing around with them.

Hereby the list for are all the System Center 2016 Evaluation VHDs available for download:

Hope this helps you getting familiar with these new releases.

Wim Matthyssen (@wmatthyssen)

A list of tools that can be used to do a V2V from VMware to Hyper-V

11:49 am in Hyper-V, MVMC, SCVMM 2012 R2, V2V, VMware by Wim Matthyssen

From time to time clients ask me to convert VMware virtual machines (VM) to Hyper-V VMs. Briefly said to do a virtual-to-virtual (V2V) migration.

clip_image002

Most of the times those clients have System Center Virtual Machine Manager 2012 R2 (SCVMM) in place, which can perform those migrations with ease. You can find how you can do this by using SCVMM via following Microsoft TechNet article: https://technet.microsoft.com/en-us/library/gg610672(v=sc.12).aspx

But there are also clients who don’t make use of the System Center Suite, mostly because of the price or because they have a small environment. Therefore, other tools need to be used for these V2V migrations. In this blog post I will list up some of those tools (Microsoft and third party), all with their pros and cons.

Before I start listing them up, I would like to draw your attention to some things you should keep in mind:

  • Always check the current VMware ESX version -> not all tools migrate all versions of ESX
  • Check the guest OS version -> not all tools migrate all versions of the guest OS installed
  • Be aware that almost every migration process will introduce downtime -> no “warm migration”, VMware VM down, Hyper-V VM up
  • Hyper-V GEN 1 VMs -> Only an IDE disk can be used to boot a VM, no SCSI boot from VHD
  • Hyper-V GEN 1 VMs -> Never configure a paging file on a VHD connected to a SCSI Controller
  • Hyper-V GEN 2 VMs -> Only supports the following Windows guest operating systems (OSs): Windows Server 2012 R2, Windows Server 2012, 64-bit versions of Windows 8.1 and 64-bit versions of Windows 8

Below you can find the list of the different V2V migration tools:

1) Microsoft Virtual Machine Converter (MVMC) 3.0

Download link: https://www.microsoft.com/en-us/download/details.aspx?id=42497

Microsoft TechNet article: https://technet.microsoft.com/en-us/library/dn873998(v=ws.11).aspx

Pros:

  • Free
  • Automation via PowerShell
  • Can integrate with System Center Orchestrator (SCORCH) 2012 R2
  • VM and physical server (online) conversion
  • Not only Hyper-V but also Microsoft Azure is available as migration destination
  • Uninstalls VMware tools before an online conversion (VMware tools will not be uninstalled when an offline conversion is used)

Cons:

  • No GEN 2 VM support

2) 5nine V2V Easy Converter 6.5 free version

Download link: http://www.5nine.com/vmware-hyper-v-v2v-conversion-free.aspx

Pros:

  • Free
  • GEN 2 VM support
  • Ability to override the number of vCPUs and the available vMemory
  • Remap the vNetwork
  • Ability to override the VM start/stop/delay actions
  • Automatic conversion into a Highly Available Hyper-V VM is available
  • Faster than MVMC

Cons:

  • No automation trough PowerShell for the migration process in the free edition (only in the payed edition)
  • Does not remove VMware tools automatically

3) StarWind V2V Converter

Download link: https://www.starwindsoftware.com/converter

Pros:

  • Free
  • Converts VMs from any format (VMDK, VHD, VHDX, …) to another

Cons:

  • Requires registration in order to download it
  • Does not remove VMware tools automatically

Before ending this post, I also want to mention the Disk2vhd tool which enables you to do a physical-to-virtual (P2V) migration. You can dowload it via following link: https://technet.microsoft.com/en-us/sysinternals/ee656415.aspx

You can also read all about how to use this tool in a blog post I wrote some time ago: http://scug.be/wim/2015/01/22/how-to-perform-a-p2v-with-disk2vhd/

Like you can see you have several tools you can use, all with their advantages and possible disadvantages. Newer versions of those tools mostly include new features and add support for more OSs. I mostly prefer to use MVMC if SCVMM is not available to do the migration, but off course the choice is all yours. Hopefully this list helps, till next time!

Wim Matthyssen (@wmatthyssen)

Client Hyper-V – Using nested virtualization to run Client Hyper-V on a Windows 10 VM

7:37 pm in Client Hyper-V, Hyper-V, Nested Virtualization, PowerShell, W2K16 TP5, Windows 10 by Wim Matthyssen

From Windows 10 build 10565, Microsoft added a long awaited feature called nested virtualization. This technology will allow you to run Hyper-V inside of a virtual machine (VM) running on a Windows 10 (Client Hyper-V) or Windows Server 2016 host. In other words, in the simplest configuration it enables you to install Hyper-V in a guest VM, whit the possibility to create and also run VMs on top of that Hyper-V host VM. Completely different than the previous situation with Windows Server 2012 R2 or Windows 8.1, were you could create the VMs, but weren’t able to actually start them. This new feature kind of creates a second virtualization layer, like shown in the detailed screenshot below.

clip_image002

This new technology is very useful when you are setting up a test/lab environment because there is no need to buy a lot of expensive hardware anymore, it simply can run on top of your notebooks OS. It also comes in handy whenever you want to train you’re failover clustering or even your System Center skills. But it’s main purpose and probably Microsoft’s main reason to finally created this feature, is to enable you to work with Hyper-V containers (operating system level virtualization). If you’re interested in reading more about this type of containers you can do so via following link: https://msdn.microsoft.com/en-us/virtualization/windowscontainers/management/hyperv_container

Now before we start playing around with this new feature, I will first list up some things you should really keep in mind:

  • The Hyper-V host must be running at least Windows 10 build 10565 or Windows Server 2016 Technical Preview (TP) 4
  • An Intel processor with Intel VT-x (AMD-V is not supported yet) and EPT technology is needed to be able to use Hyper-V
  • Currently only Hyper-V is supported, all other hypervisors like for example vSphere ESXi will fail to run
  • Be aware that some VM features are not supported or will fail: Dynamic Memory, applying checkpoints, Live Migration and save/restore, hot memory resizing
  • The VM should have more than 1 vCPU
  • At least 4 GB RAM should be attached to the VM
  • MAC address spoofing must be enabled on the NIC attached to the VM
  • If you’re using Windows 10 Enterprise as the host, you should turnoff Virtualization Based Security (VBS) because it will prevent the use of nested virtualization
  • Plenty of available RAM is needed (at least more than 4GB of RAM is preferred to get started)

After going through the theory it’s now time to get our fingers wet and get everything up and running. I will walk you through all the different steps needed to use this feature on a Windows 10 Enterprise computer. In my example I will setup a generation 1 VM (Windows 10) with a PowerShell script to test the nested virtualization scenario. So off we go.

1) First of all, you should check your windows version (should be build 10565). Click run and type winver

clip_image003

clip_image004

2) Create two internal virtual switches, one is to use your wireless card and the other one will be used in a later step as a Hyper-V vSwitch inside the VM

clip_image006

3) To install the VM, run the following PowerShell script (customize to your need).

clip_image008

clip_image010

4) Go through the Windows Setup Installation Process on the newly created VM

5) When installation is completed shutdown the VMs and run following PowerShell commands on the Windows 10 computer (host) to set the Virtualization Extension for the vCPUs and to enable MAC spoofing on both VMs. Be aware a warning message will appear that Nested Virtualization is an unsupported preview feature. When both commands ran successfully start up the Windows 10 VM

clip_image012

6) To configure the W10-TST VM and to install the Client Hyper-V role with all tools, run the following PowerShell script (customize to your need). Connect to the VM with a Virtual Machine Connection with Enhanced session enabled

7) To create an external virtual switch on W10-TST, logon to this sever with RDP and run the following PowerShell cmdlet as administrator (customize to your need)

clip_image014

8) To create a nested VM named VM1-NESTED on W10-TST, logon to this VM with RDP and run the following PowerShell script as administrator (customize to your need)

clip_image016

9) Go through the Windows Setup Installation Process on the newly created nested VM named VM1-NESTED on W10-TST

10) If the installation is successful, you should now have a nested VM running like in the screenshot below

clip_image018

This concludes this blog post. Keep tuned and I’ll be back soon.

Wim Matthyssen (@wmatthyssen)

Step by step: How to install Microsoft Azure Backup Server (MABS)

3:11 pm in Azure, Azure Backup, Cloud, Hyper-V, IaaS, Private Cloud, Public Cloud, SCDPM by Wim Matthyssen

Microsoft Azure Backup Server (MABS) previously known as “Project Venus”, which was released by Microsoft on October 7th 2015 is a disk-to-disk-to-cloud backup (D2D2C) product, which uses an Azure Backup vault for long-term offsite retention. Basically it’s a lightweight customized version of System Center Data Protection Manager 2012 R2 (SCDPM) which offers centralized management and monitoring for your Azure Backup setup(s) and agents in a single console. Just like SCDPM, it can protect business applications workloads such as Exchange, SQL Server, Active Directory, IIS, Hyper-V virtual machines (VMs), VMware VMs, physical servers and Windows clients which can be running on premise or in the Azure cloud. MABS also comes with support for backup of large data sources, long-term retention up to 99 years and the capability to recover data in your Azure Backup vault using an alternate server. As part of the Operations Management Suite (OMS), one of the primary use cases for MABS will be for hybrid cloud backup scenarios.

clip_image001

 

Before we start whit the installation also a list of some things to keep in mind:

  • MABS is included as a free download with Azure Backup (link on your Azure Backup vault page) or you can download it directly via following link: https://www.microsoft.com/en-us/download/details.aspx?id=49170
  • MABS can be installed as an on premise standalone physical server or VM, but also as an Azure IaaS VM (size A2 or higher).
  • When you run MABS on an Azure VM you can only protect workloads also running on Azure VMs.
  • MABS will run on following supported Operating Systems: W2K8 R2 SP1, W2K12 or W2K12 R2 (is recommended).
  • MABS must be domain joined. Be sure to add the server to the domain before the MABS installation, because adding this server to the domain after the MABS installation is not supported.
  • MABS must have .Net 3.5, .Net 4.0 and .Net 3.5 SP1 features installed as a prerequisite.
  • The processor minimum requirements for a MABS server are 1GHz dual-core CPU, recommended 2.33 GHz quad-core CPU.
  • The minimum RAM needed by a MABS server is 4GB, recommended is 8 GB.
  • A free SQL Server 2014 license, which can only be used with MABS is included.
  • MABS will not work with a remote SQL Server instance. The instance being used needs to be local.
  • MABS cannot be installed on a server already running SCDPM or a SCDPM agent. It also cannot be installed on a server running any Microsoft Azure backup agent version.
  • A valid Windows Server license is needed for the MABS server.
  • You need to add  local backup storage to use MABS, because in the current architecture of MABS, the Azure Backup vault holds the second copy of the data while the local storage holds the first (and mandatory) backup copy.
  • An Azure Subscription and an Azure Backup vault needs to be in place before setting up the MABS server.
  • The MABS sever needs to have access to the Internet because Microsoft Azure should be accessible.
  • In contrast to SCDPM there is no support for tape drives
  • Some scratch space is needed to temporarily store the largest restore from the Azure cloud when needed. So keep approximately 5 % of the total amount of data that needs to be backed-up to the cloud free on the C: drive.
  • MABS doesn’t integrate with products of the System Center suite.
  • A separate data disk for the backup storage pool is needed. Like every other backup product the recommendation for the size of this disk is 1.5 times the size of the data you’re going to protect.
  • The default storage replication setting (storage redundancy option) when you create an Azure Backup vault is Geo Redundant Storage (GRS), be aware that for most customers Locally Redundant Storage (LRS) is more than enough.
  • There will be no charges for restores, outbound bandwidth and storage transactions when you use MABS.
  • If the MABS server fails with errors during the setup or while taking a backup or restoring data, refer to following link to find more information: https://support.microsoft.com/en-us/kb/3041338
  • You can find Azure Backup pricing details via following link: https://azure.microsoft.com/en-in/pricing/details/backup/
  • In my example I’m installing MABS on a W2K12 R2 Hyper-V VM. Before starting I first added the .NET Framework 3.5 Features via the Add Roles and Features Wizard.

So after this brief introduction and things to keep in mind, it’s time to setup the MABS sever. To do so follow the steps described below:

 

1) First we need to setup an Azure Backup vault. So logon to your Azure Subscription via the classic portal (https://manage.windowsazure.com/). When your logged go to the bottom of the screen and click New, select Data Services, select Recovery Services and select Backup Vault

clip_image003

2) Next select Quick Create and fill in a Name and the proper Region (in my case the region is West Europe).

clip_image005

clip_image007

clip_image009

3) When the Azure Backup vault is created you can change the storage replication setting if preferred. In my example I will switch it to LRS. To switch select Recovery Services, select your Azure Backup vault, select Configure, select Locally Redundant and click Save at the bottom of the screen

clip_image011

4) Download the vault credential and when downloaded, place it the C:\Temp folder on the MABS server. To do so click on DASHBOARD and click Vault credentials. When you’re asked to open or save the vault credentials, click Save. After the download move it to the correct folder

clip_image013

clip_image015

clip_image017

5) When the Azure Backup vault is created we need to download the necessary files to install MABS. In my example I will download all necessary software packages from the separate link. When you go to this link select all files and click Next. Be aware that because of the size of all files together (approximately 3 GB), this download could take a while

clip_image019

6) I’ve stored all the files under my C:Temp folder on the MABS server

clip_image021

7) Run MicrosoftAzureBackupInstaller.exe from the download folder (C:\Temp) as an administrator

clip_image022

8) Click Next

clip_image023

9) Leave the default location and click Next

clip_image024

10) Click on Extract to begin extracting the setup files

clip_image025

clip_image026

11) Select Execute setup.exe (if not already selected) and click Finish

clip_image027

12) Click Microsoft Azure Backup to launch the setup wizard

clip_image029

13) The Microsoft Visual VC++ 2010 Redistributable Package (x64) will be installed in the foreground

clip_image030

14) On the Welcome screen click the Next

 

clip_image032

15) This opens up the Prerequisite Check section. On this screen, click on the Check button to determine if the hardware and software prerequisites for Azure Backup Server have been met. If all of is OK, you will see a message indicating that the machine meets the requirements. Click Next

clip_image034

16) On the SQL Settings page select Install new Instance of SQL Server with this Setup, to install SQL 2014 Standard. Click Check and Install. You could encounter some error messages. If so follow the instructions and most likely you should reboot the server and start the MABS installation all over again

clip_image036

clip_image038

17) If the computer meet the software and hardware requirements click Next

 

clip_image040

18) Provide a location for the installation of all the files and click Next. In my example I changed all locations to my E: drive

 

clip_image042

19) Provide a strong password for restricted local user accounts (this password will not expire) and click Next

 

clip_image044

20) It’s strongly recommended to use Microsoft update when you check for updates because this will offer all security and important updates for MABS. Select whether to use Microsoft Update or not and click Next

clip_image046

21) Review all settings and if all are OK click Install

clip_image048

clip_image050

22) Click Next to start the Microsoft Azure Recovery Service Agent installation

clip_image052

23) Click Install

clip_image054

clip_image056

24) When the agent installation is completed, click Next

clip_image058

25) Provide your vault credentials to register the machine to the Azure backup vault. Click Next

 

clip_image060

26) Provide a passphrase to encrypt/decrypt the data sent between Azure and your premises. You can automatically generate a passphrase or provide your own minimum 16-character passphrase. Also enter a location to save the passphrase. If all is done click Next

clip_image062

27) Once registration is done, the wizard proceeds with the installation and configuration of SQL Server 2012. This could take some time

clip_image064

clip_image066

28) When the installation is completed with success, click Close

 

clip_image068

29) Go to your desktop, were you will see two new icons. Double click the Microsoft Azure Backup server icon to launch MABS

clip_image069

clip_image071

Now you’re ready to start backing up with MABS. Have fun and till next time!

Wim Matthyssen (@wmatthyssen)

Useful PowerShell commands for Hyper-V management

5:48 pm in Hyper-V, PowerShell, Private Cloud by Wim Matthyssen

Hi all,

In this blog post I will list some PowerShell commands I use from time to time on customers Hyper-V hosts to get some work done a little bit easier and faster. You can just run these commands directly in PowerShell (run as administrator) or you can copy them and save them as a .PS1.

This list is a work in progress and will be expanded in the future. So be sure to bookmark this post if you find it useful.

For the moment PowerShell v4 already includes 178 Hyper-V related cmdlets. If your interested in het entire list you can go to the following link: https://technet.microsoft.com/en-us/library/hh848559.aspx

In my commands I use the virtual machine (VM) CON-VM-01 as an example. If you want use the command just change the name to the name of your VM. Also for IP Addresses I use the 192.168.0.0 range, so if your IP range is different just change it.

Below you can find the PowerShell commands:

1) Show what PowerShell Hyper-V cmdlets are available

Get-Command –Module Hyper-V

image

2) List the current configuration of the Hyper-V host

Get-VMHost | Format-List *

image

3) Listing all VMs on a Hyper-V host

Get-VM

image

4) Listing all running VMs on a Hyper-V host

Get-VM | where {$_.state -eq 'running'} | sort Uptime | select Name,Uptime,@{N="MemoryMB";E={$_.MemoryAssigned/1MB}},Status

image

5) Check if a VM has the processor compatibility mode enabled. You can find more info about this mode via following link: https://technet.microsoft.com/en-us/library/dn859550.aspx

Get-VMProcessor -VMName * | select VMName, CompatibilityForMigrationEnabled

image

6) Enable Offload Data Transfer (ODX). You can find more info about ODX via following link: https://technet.microsoft.com/en-us/library/hh831628.aspx

Set-ItemProperty hklm:\system\currentcontrolset\control\filesystem -Name "FilterSupportedFeaturesMode" –Value 0

7) Change the default location where VMs and virtual hard disks are stored on your Hyper-V host

Set-VMHost -VirtualHardDiskPath E:\VMs -VirtualMachinePath E:\VMs

8) Retrieve information about all network adapters on the Hyper-V host

Get-NetAdapter -Name * | Format-List -Property Name, InterfaceDescription, InterfaceName

image

9) Write the Hyper-V host event log to a txt file (also applicable for other servers)

Get-EventLog application -Newest 1000 | where {$_.EntryType -eq "Error"} | Out-File "$env:systemdrive\eventlog.txt" -width 300
Notepad "$env:systemdrive\eventlog.txt"

10) Get the IP Adress of a certain VM

Get-VMNetworkAdapter -VMName CON-VM-01 | Select -expand IPAddresses

11) List the IP4 Adresses of all currently running VMs

Get-VM | where { $_.state -eq 'running'} | Get-VMNetworkAdapter | Select VMName,SwitchName,@{Name="IP";Expression={$_.IPAddresses | where {$_ -match "^192\."}}} | Sort VMName

image

12) Remove a VM with all folders and virtual hard disks

Get-VM CON-VM-01 | %{ Stop-VM -VM $_ -Force; Remove-VM -vm $_ -Force ; Remove-Item -Path $_.Path -Recurse -Force}

As a final remark I want to mention that PowerShell can’t prevent mistakes and like you all probably know they’re easy to make. So keep your eyes open when your running these commands on production Hyper-V hosts.

Till next time!

Wim Matthyssen (@wmatthyssen)

TCP Chimney Offloading on Hyper-V hosts

6:24 pm in Hyper-V, Private Cloud by Wim Matthyssen

From time to time I’m pulled into a discussion whether or not you should disable TCP Chimney offloading on Hyper-V hosts. To be completely honest, when I just started working with Virtual Server on W2K3 (R2) it was a best practice to just disable it. Like a good ITPro, I followed that recommendation and I kept on doing it when I switched to running Hyper-V on W2K8 (R2). It just became a habit when deploying a new Hyper-V host. Furthermore like you probably already know, when your running servers with W2K12 R2 (also Hyper-V hosts) it’s turned off by default anyway (like you can see in the screenshot below). So in this blog post I will show you how you can disable it should it be enabled.

clip_image002

Before going into the practical part, first a little bit of information about the feature in general. TCP Chimney Offload is a networking technology that allows the work associated with moving data across a network to be offloaded from the server’s CPU to the network interface (NIC). This helps improve the processing of the network tasks such as packet segmentation without the need for additional programs or any loss to manageability or security. Programs that are currently bound by network processing overhead will generally scale better when used with TCP Chimney Offload. This allows the servers operating system (OS) to perform quicker and also speed up the processing of network traffic. Be aware that Offloading TCP tasks is only effective with a physical NIC and not with virtual ones.

As an important remark, I just want to say that it is always wise to use the latest NIC drivers and firmware on your Hyper-V hosts. In this way your always ensured the NIC manufacturers latest updates are in place and most of the latest bugs are solved.

After this short intro, it is time to get started with the real stuff.

1) To show the status of the TCP-IP Chimney Offloading on a host, open PowerShell (as an Administrator) and type cmd

clip_image004

2) Next run following command:

netsh int tcp show global

 

clip_image006

Like you can see the TCP Chimney Offload State is enabled

3) To disable it run following command:

netsh interface tcp set global chimney=disabled

 

clip_image008

Like you can see it’s now disabled

It’s also possible to disable TCP Chimney Offload using the registry by changing following registry keys (not applicable for all server OS versions):

4) First of all, open the registry by typing regedit in the Run bar

clip_image009

5) Next change following registry keys:

  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TCPIP\Parameters\DisableTaskOffload

Setting this value to 1 disables all task offloads from the TCP/IP transport. Setting this value to 0 enables all task offloads.

  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Ipsec\EnabledOffload

Setting this value to 0 disables Internet Protocol security (IPsec) offloads from the TCP/IP transport. The offloading of TCP/IP checksum tasks and the offloading of large TCP packets for segmentation are not affected. Setting this value to 1 enables IPsec offloads.

This concludes this blog post, hope it helps!

Wim Matthyssen (@wmatthyssen)

Critical status for WinRM on host status (error 20506) in SCVMM 2012 R2

6:06 pm in Hyper-V, PowerShell, scvmm by Wim Matthyssen

Some time ago I was contacted by a customer who made the switch from VMware to Hyper-V for running his virtual environment. He already installed a Hyper-V cluster with 4 nodes and was now setting up the System Center Virtual Machine Manger (SCVMM) 2012 R2 management server. That installation ran without any issues, but when he tried to add his Hyper-V hosts he bumped into a critical WinRM error, namely 20506.

clip_image001

After reading the “Error details” and a short investigation on the Hyper-V hosts the problem was found. All Hyper-V hosts ran with the Windows Firewall enabled, but the communication ports for the SCVMM agent were not opened. To fix this I ran the following PowerShell Cmdlets to open up port 80 and 443 which fixed the problem. Keep in mind to run PowerShell as an Administrator.

New-NetFirewallRule -DisplayName "SCVMM Agent 80" -Direction Inbound -LocalPort 80 -Protocol TCP -Action Allow

New-NetFirewallRule -DisplayName "SCVMM Agent 443" -Direction Inbound -LocalPort 443 -Protocol TCP -Action Allow

Set-NetfirewallRule -DisplayName "SCVMM Agent 80" -Enabled True

Set-NetfirewallRule -DisplayName "SCVMM Agent 443" -Enabled True

clip_image003

This concludes this blog post. Keep tuned and I’ll be back soon.

Wim Matthyssen (@wmatthyssen)

Critical Hyper-V Security Update MS15-068

9:44 pm in Hyper-V by Wim Matthyssen

Today Microsoft released a critical security update MS15-068that fixes a vulnerability which could allow remote code execution in a Hyper-V host.

Hyper-V-Security-Tutorial

All of the following operating systems running Hyper-V are affected: Windows Server 2008, Windows Server 2008 R2, Windows 8, Windows 8.1, Windows Server 2012 and Windows Server 2012 R2.

You can find more information and the download links concerning this update in the security bulletin over here: https://technet.microsoft.com/en-us/library/security/ms15-068.aspx

So test it out and deploy it as soon as possible to your Hyper-V production environment.

Hope it helps.

Wim Matthyssen (@wmatthyssen)