Win8/2012: How to Get Hyper-V Virtual Machines To Ping Each Other
I’d like to share my 3 day battle to get 2 virtual machines to ping one another in my Windows 8 RTM Hyper-V server. The information in this post would also apply to 2012 Server.
First I created an External virtual switch through the management console and connected it to my physical network adapter. Fairly straight forward.
Next I provisioned two Windows virtual machines and tried to remote desktop to them.. no luck. Then I tried to have one ping the other, no luck. According to ipconfig both had all the expected properties, but no go.
From playing around I discovered that I could load up the router config page //192.168.0.1 so I knew that it *should* work. So I dug through my router config for about 2hrs and no button or knob would fix machine a being able to ping machine b.
Then I stumbled through the Virtual Switch Documentation where one key phrase jumped out at me in the feature list..
“Port ACLs: Provides traffic filtering based on Media Access Control (MAC) or Internet Protocol (IP) addresses/ranges, which enables you to set up virtual network isolation.
If there was Access Control lists on the virtual switch ports this would explain the behavior. Now where in the UI do they hide this? Well they don’t. As far as I can tell the only way to configure these is through the PowerShell interface (or WMI).
After some searching around I stumbled across the commands of interest:
- Add-VMNetworkAdapterAcl
- Get-VMNetworkAdapterAcl
- Remove-VMNetworkAdapterAcl
An example of using these commands:
# Lookup machine and set $win8client = Get-VM win8client Add-VMNetworkAdapterAcl -VM $win8client -Action Allow -Direction Both -RemoteIPAddress 192.168.0.0/16 # Or Just pass in the name Add-VMNetworkAdapterAcl -VMName dc -Action Allow -Direction Both -RemoteIPAddress 192.168.0.0/16 # Or just apply the Allow Rule to all machines Get-VM | Add-VMNetworkAdapterAcl -Action Allow -Direction Both -RemoteIPAddress 192.168.0.0/16 # Then verify the set worked Get-VMNetworkAdapterAcl -VMName dc
Finally, I’d like to say fuku to secure by default; I get it but aarrg!
Sql: Query Who is Connected to a Database Win8/Hyper-V 2012 Enable Num Lock on All Virtual Machines