If you followed yesterdays post explaining the basics of networking in Hyper-V, you may be wondering what the different types of virtual networks are, when you should use them, and how they look in terms of traffic flow.

When you open Virtual Network Manager from Hyper-V Manager, there are three types of virtual network which can be created: External, Internal and Private. There is also a fourth type which can only be created through WMI and doesn’t have an official name, but I’ll call it a “Dedicated” virtual network (thanks Jake who came up with the suggestion!). Let’s look at each type, and when it is appropriate to use them. 

External 

External virtual networks are used where you want to allow communications between

  • Virtual machine to virtual machine on the same physical server
  • Virtual machine to parent partition (and visa-versa)
  • Virtual machine to externally located servers (and visa-versa)
  • (Optional) Parent partition to externally located servers (and visa-versa)

external   

Internal 

Internal virtual networks are used where you want to allow communications between

  • Virtual machine to virtual machine on the same physical server
  • Virtual machine to parent partition (and visa-versa)

In a block diagram, an internal network is an external network without the binding to a physical NIC. An internal network would commonly be used to build a test environment where you need network connectivity into the virtual machines from the parent partition itself.

internal

Private

Private virtual networks are used where you want to allow communications between

  • Virtual machine to virtual machine on the same physical server

In a block diagram, a private network is an internal network without a virtual NIC in the parent partition. A private network would commonly be used where you need complete isolation of virtual machines from external and parent partition traffic. DMZ workloads running on a leg of a tri-homed firewall, or an isolated test domain are examples where this type of network may be useful.

private

Dedicated

Dedicated networks are in some ways one of the most useful type of virtual network where you dedicate a physical NIC for use just by virtual machines. They allow communication between:

  • Virtual machine to virtual machine on the same physical server
  • Virtual machine to externally located servers (and visa-versa)

Note that the parent partition is unable to use a dedicated virtual network for its own communication. You would normally have a second physical NIC for use by the parent partition, as was discussed yesterday. In a block diagram, a dedicated network is an external network without a virtual NIC in the parent partition.

 

dedicated

Note that you can achieve something functionally identical to a dedicated network by creating an external virtual network, and unbinding the protocols from the newly created virtual NIC in the parent partition. However, I would personally recommend you deploy a dedicated virtual network “correctly” to avoid accidental changing of bindings on the virtual NIC, or to avoid confusion as to what is present in the network adapters control panel applet. (And before you ask, I don’t have a sample script to create a dedicated virtual network yet. A post for another day).

Cheers, 
John.