Can't get to VMs on a Hyper-V host with RRAS
July 16, 2010 7:54 AM Subscribe
I have a new laptop on which I run Windows 2008 Server R2 on. I'll be using it for demos and such as well as an opportunity to learn more about the features of R2. I didn't know you can't use Hyper-V with a wireless card, so I'm forced to do some finagling to get the VMs to talk to the outside world. What I'd like, though, is for machines on the network be able to access VMs.
I installed RRAS per these instructions . VMs can connect to the Internet and can actually ping physical machines on the network. However, physical machines can't connect to VMs.
The network looks like this:
Internet
|
firewall
192.168.1.1
|
192.168.1.200
laptop wireless
|
172.168.1.1
hyper-V internal NIC
|
172.168.1.0/255.255.255.0 VMs
I'm more a server guy than a network,but it seems really odd that I could ping physical machines and get a reply, but not go the opposite way, isn't it? I'd disabled the firewall on the laptop entirely (netsh firewall set opmode disable) and the VM I'm trying to get to. I've also set a static route on the physical machines to use the laptop's physical interface as a gateway for the virtual network. (route add 172.16.1.0 mask 255.255.255.0 192.168.1.200 metric 1)
Really not sure what else I'd have to do. I've found similar questions and answers, but all seem to be about having a single machine with VMs and allowing the VMs to connect to the Internet.
192.168.1.0/255.255.255.0
I installed RRAS per these instructions . VMs can connect to the Internet and can actually ping physical machines on the network. However, physical machines can't connect to VMs.
The network looks like this:
Internet
|
firewall
192.168.1.1
|
192.168.1.200
laptop wireless
|
172.168.1.1
hyper-V internal NIC
|
172.168.1.0/255.255.255.0 VMs
I'm more a server guy than a network,but it seems really odd that I could ping physical machines and get a reply, but not go the opposite way, isn't it? I'd disabled the firewall on the laptop entirely (netsh firewall set opmode disable) and the VM I'm trying to get to. I've also set a static route on the physical machines to use the laptop's physical interface as a gateway for the virtual network. (route add 172.16.1.0 mask 255.255.255.0 192.168.1.200 metric 1)
Really not sure what else I'd have to do. I've found similar questions and answers, but all seem to be about having a single machine with VMs and allowing the VMs to connect to the Internet.
192.168.1.0/255.255.255.0
Have you tried Virtual Box? I'm running Win2008r2, and I've got multiple VMs on my laptop talking to my network via wifi (and to the internet via my bluetooth tether to my iPhone). I didn't do anything special to set it up either.
posted by blue_beetle at 8:14 AM on July 16, 2010
posted by blue_beetle at 8:14 AM on July 16, 2010
Best answer: to clarify on the "very confused, network-wise" comment: imagine your VMs as physical servers. with RRAS set up to do NAT (as your instructions set), it's akin to having them all connected to a Linksys router, and your actual LAN is hooked in where the cable modem would be. you get a private IP in a different subnet on the router side of things. with the network bridge, it's like having a regular desktop switch set up there instead of the Linksys router, so everything exists pretty much directly on your existing network. (some VM software actually calls it a virtualized switch - AFAIK, VirtualBox does this. it's really pretty much what's happening.)
so, the confusion may set in if you take your laptop elsewhere and connect it to another network - it'll be like hauling everything and plugging it into some random network. if your servers are DHCP, they'll get different IP addresses and all that. you can always break the bridge if you don't want them talking on a foreign network, though, and as long as your VMs aren't using DHCP, they should be copacetic. (if they are DHCP, you might have to jump through some additional hoops. you could always set up a really simple VM with Linux or something small just to do DHCP on the internal-only network when your real network goes away.)
(I simplified this a bit for the benefit of others.. after reading my initial post, I thought "wow, that's a lot of acronyms"..)
posted by mrg at 9:04 AM on July 16, 2010
so, the confusion may set in if you take your laptop elsewhere and connect it to another network - it'll be like hauling everything and plugging it into some random network. if your servers are DHCP, they'll get different IP addresses and all that. you can always break the bridge if you don't want them talking on a foreign network, though, and as long as your VMs aren't using DHCP, they should be copacetic. (if they are DHCP, you might have to jump through some additional hoops. you could always set up a really simple VM with Linux or something small just to do DHCP on the internal-only network when your real network goes away.)
(I simplified this a bit for the benefit of others.. after reading my initial post, I thought "wow, that's a lot of acronyms"..)
posted by mrg at 9:04 AM on July 16, 2010
Response by poster: @mrg: Um, DUH! Yeah, I have no idea what I was thinking. I think the issue is I started with that instruction set and kept trying to set it up NATed rather than as a LAN router. It's been a very long time since I've worked with RRAS, and the option to do LAN routing isn't on the first dialog screen, you have to choose a custom config and go from there. Once I got there, I was up and running as I wanted to be almost immediately. I've got a static route now setup on the gateway for the physical network to "reflect" packets for the VMs through the Hyper-V server, and everything works as I'd intended. Everything can get to everything else.
I really have no need for the VMs to access the external network when they're not "home", so I'm not concerned about moving it around. I just wanted to be able to admin them from other machines on my network and allow them to update automatically. While you didn't give me the "right" answer, you did make me realize I was thinking about this completely wrong, so I'll mark yours as the best. :) Thanks!
@blue_beetle: VirtualBox is nice, but since I'm demoing Hyper-V, I really can't be using a different product. :)
posted by Spoonman at 4:51 PM on July 16, 2010
I really have no need for the VMs to access the external network when they're not "home", so I'm not concerned about moving it around. I just wanted to be able to admin them from other machines on my network and allow them to update automatically. While you didn't give me the "right" answer, you did make me realize I was thinking about this completely wrong, so I'll mark yours as the best. :) Thanks!
@blue_beetle: VirtualBox is nice, but since I'm demoing Hyper-V, I really can't be using a different product. :)
posted by Spoonman at 4:51 PM on July 16, 2010
This thread is closed to new comments.
the instructions you linked to pretty much explicitly set it up routing on the host server as NAT - you may want to instead set up a Network Bridge instead. this won't do any translation - your VMs would have 192.168.1/32 IPs - and should accomplish what you want. however, if you migrate somewhere that's not your network and connect your laptop via wireless, your VMs may be very confused, network-wise.
posted by mrg at 8:09 AM on July 16, 2010