![]() |
![]() | ![]() | ![]() | ![]() | ![]() | ![]() | ![]() |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
![]() |
| |
| | #1 (permalink) |
| | Hyper-V Setup - Networking Question Hi, I was wondering whether there are any best practice guidelines for the initial setup of the current Hyper-V RC? My main question is regarding network connectivity - can the Hyper-V parent partition be connected to the internal network and be a domain member (for management and VM backup purposes), even if the child partitions it hosts were connected to a less-secure network such as a DMZ? I'm assuming this is not a recommended configuration unless the VMs can be configured to have no access whatsoever to the parent partition? Thanks! |
My System Specs![]() |
| | #2 (permalink) |
| | Re: Hyper-V Setup - Networking Question Best practice is to have nothing at all running in the parent partition of a server running Hyper-V. That is the recommended configuration. "NJC1" <NJC1@xxxxxx> wrote in message news:524230FC-A448-49CF-832E-2F3DDC476E6A@xxxxxx Quote: > Hi, > > I was wondering whether there are any best practice guidelines for the > initial setup of the current Hyper-V RC? My main question is regarding > network connectivity - can the Hyper-V parent partition be connected to > the > internal network and be a domain member (for management and VM backup > purposes), even if the child partitions it hosts were connected to a > less-secure network such as a DMZ? I'm assuming this is not a recommended > configuration unless the VMs can be configured to have no access > whatsoever > to the parent partition? > > Thanks! |
My System Specs![]() |
| | #3 (permalink) |
| | RE: Hyper-V Setup - Networking Question Hi Bill, Many thanks for the speedy response - I wasn't planning on running anything apart from the Management Consoles for Hyper-V plus some agents for VM backup and parent partition OS monitoring purposes (nothing too resource intensive). "NJC1" wrote: Quote: > Hi, > > I was wondering whether there are any best practice guidelines for the > initial setup of the current Hyper-V RC? My main question is regarding > network connectivity - can the Hyper-V parent partition be connected to the > internal network and be a domain member (for management and VM backup > purposes), even if the child partitions it hosts were connected to a > less-secure network such as a DMZ? I'm assuming this is not a recommended > configuration unless the VMs can be configured to have no access whatsoever > to the parent partition? > > Thanks! |
My System Specs![]() |
| | #4 (permalink) |
| | Re: Hyper-V Setup - Networking Question Questions about DMZ operations can get tricky. The real point is that a vm can only access a physical network through a physical NIC on the host. If you have a vm connected to a DMZ you must have a NIC in the host connected to that DMZ somehow. If you also have another NIC in the host connected to some other network there is always a possibility of a leak from one network to the other, no matter how slight the risk may be. "NJC1" <NJC1@xxxxxx> wrote in message news:01910F92-5A1B-4CBA-AF39-70B8EF70D062@xxxxxx Quote: > Hi Bill, > > Many thanks for the speedy response - I wasn't planning on running > anything > apart from the Management Consoles for Hyper-V plus some agents for VM > backup > and parent partition OS monitoring purposes (nothing too resource > intensive). > > "NJC1" wrote: > Quote: >> Hi, >> >> I was wondering whether there are any best practice guidelines for the >> initial setup of the current Hyper-V RC? My main question is regarding >> network connectivity - can the Hyper-V parent partition be connected to >> the >> internal network and be a domain member (for management and VM backup >> purposes), even if the child partitions it hosts were connected to a >> less-secure network such as a DMZ? I'm assuming this is not a recommended >> configuration unless the VMs can be configured to have no access >> whatsoever >> to the parent partition? >> >> Thanks! |
My System Specs![]() |
| | #5 (permalink) |
| | Re: Hyper-V Setup - Networking Question NJC1, If you have _any_ device with two NICs with one connected to each zone (such as a firewall), then there is also a possibility of a leak from one network to the other, no matter how slight the risk may be. So in your case, if TCP/IP is not actually bound to the host adaptor, then your risk is fairly small. -- Dave Harry "Bill Grant" <not.available@xxxxxx> wrote in message news:%23qLLInG0IHA.4848@xxxxxx Quote: > Questions about DMZ operations can get tricky. The real point is that a > vm can only access a physical network through a physical NIC on the host. > If you have a vm connected to a DMZ you must have a NIC in the host > connected to that DMZ somehow. If you also have another NIC in the host > connected to some other network there is always a possibility of a leak > from one network to the other, no matter how slight the risk may be. > > "NJC1" <NJC1@xxxxxx> wrote in message > news:01910F92-5A1B-4CBA-AF39-70B8EF70D062@xxxxxx Quote: >> Hi Bill, >> >> Many thanks for the speedy response - I wasn't planning on running >> anything >> apart from the Management Consoles for Hyper-V plus some agents for VM >> backup >> and parent partition OS monitoring purposes (nothing too resource >> intensive). >> >> "NJC1" wrote: >> Quote: >>> Hi, >>> >>> I was wondering whether there are any best practice guidelines for the >>> initial setup of the current Hyper-V RC? My main question is regarding >>> network connectivity - can the Hyper-V parent partition be connected to >>> the >>> internal network and be a domain member (for management and VM backup >>> purposes), even if the child partitions it hosts were connected to a >>> less-secure network such as a DMZ? I'm assuming this is not a >>> recommended >>> configuration unless the VMs can be configured to have no access >>> whatsoever >>> to the parent partition? >>> >>> Thanks! |
My System Specs![]() |
| | #6 (permalink) |
| | Re: Hyper-V Setup - Networking Question Yes, I agree. There is no real reason to know or care whether the machines and networks are virtual or physical. If a network design is basically sound, it really doesn't matter. A network is a network! "Dave Harry" <DaveHarry@xxxxxx> wrote in message news:OevGuCQ0IHA.3464@xxxxxx Quote: > NJC1, > > If you have _any_ device with two NICs with one connected to each zone > (such as a firewall), then there is also a possibility of a leak from one > network to the other, no matter how slight the risk may be. > > So in your case, if TCP/IP is not actually bound to the host adaptor, then > your risk is fairly small. > > -- > Dave Harry > > "Bill Grant" <not.available@xxxxxx> wrote in message > news:%23qLLInG0IHA.4848@xxxxxx Quote: >> Questions about DMZ operations can get tricky. The real point is that >> a vm can only access a physical network through a physical NIC on the >> host. If you have a vm connected to a DMZ you must have a NIC in the host >> connected to that DMZ somehow. If you also have another NIC in the host >> connected to some other network there is always a possibility of a leak >> from one network to the other, no matter how slight the risk may be. >> >> "NJC1" <NJC1@xxxxxx> wrote in message >> news:01910F92-5A1B-4CBA-AF39-70B8EF70D062@xxxxxx Quote: >>> Hi Bill, >>> >>> Many thanks for the speedy response - I wasn't planning on running >>> anything >>> apart from the Management Consoles for Hyper-V plus some agents for VM >>> backup >>> and parent partition OS monitoring purposes (nothing too resource >>> intensive). >>> >>> "NJC1" wrote: >>> >>>> Hi, >>>> >>>> I was wondering whether there are any best practice guidelines for the >>>> initial setup of the current Hyper-V RC? My main question is regarding >>>> network connectivity - can the Hyper-V parent partition be connected to >>>> the >>>> internal network and be a domain member (for management and VM backup >>>> purposes), even if the child partitions it hosts were connected to a >>>> less-secure network such as a DMZ? I'm assuming this is not a >>>> recommended >>>> configuration unless the VMs can be configured to have no access >>>> whatsoever >>>> to the parent partition? >>>> >>>> Thanks! |
My System Specs![]() |
![]() |
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| Hyper-V question | Virtual Server | |||
| Hyper-V networking | Virtual Server | |||
| Hyper-v and wireless networking | Virtual Server | |||
| Re: hyper-v networking | Virtual Server | |||
| Hyper-V question | Virtual Server | |||