the external switch to which the virtual network adapter is connected. Virtual
machines on the same virtual switch can also communicate with each other. If they
are on different switches that can communicate through the physical network (that is,
through routing), then they can also communicate. Each virtual machine sees a virtual
network device, and the Hyper-V host still sees the network adapter; however, it will
no longer use it. The network device on the Hyper-V host is the physical NIC, which is
bound only to the Hyper-V extensible virtual switch, which means that it is being used
by a Hyper-V virtual switch.
It is also possible when creating a virtual switch to enable the Hyper-V host itself, the
management OS, to continue using the network adapter even though it has been
assigned to a virtual switch. Sharing the adapter works by creating a virtual network
adapter in the management partition that is connected to the Hyper-V virtual switch
so that all communication still goes through the virtual switch, which exclusively
owns the physical network adapter. In Windows Server 2012 and above, it’s possible to
create multiple virtual network adapters in the management partition, which opens
new configuration options and scenarios that I cover later in this chapter. If you have
only a single network adapter in the Hyper-V host, you should definitely select the
option to share the network adapter with the management operating system. This
option can be enabled or disabled at any time after the external switch has been
created.
INTERNAL VIRTUAL NETWORKS
Internal virtual networks are not bound to a physical NIC and so cannot access any
machine outside the physical server. An internal network is visible to the Hyper-V
host and the virtual machines, which means that it can be used for communication
between virtual machines and between virtual machines and the Hyper-V host. This
can be useful if you are hosting services on the management partition, such as an
iSCSI target, that you wish the virtual machines to be able to use. On both the Hyper-
V host and virtual machines, a network device is visible that represents the internal
virtual network.
CREATING A NAT FORWARDING SWITCH
Windows Server 2016 (and Windows 10) introduces a new mode for the internal
switch, which is as a Network Address Translation (NAT) forwarding switch. In
this mode, the switch acts like a regular internal switch, providing connectivity
between VMs on the host and the host itself. Additionally, however, the VMs can
access the external networks connected to the host through NAT functionality.
Furthermore, port forwarding can be configured on the host IP so that certain
traffic is forwarded to a VM on the internal switch. This is useful when testing
and using containers.
To create a new internal switch and enable it for NAT, use the following: