Extensible Switch
The Hyper-V extensible switch provides a variety of capabilities that can be leveraged
by the virtual network adapters connected to the virtual switch ports, including
features such as port mirroring, protection from rogue DHCP servers and router
advertisements, bandwidth management, support for VMQ, and more. However,
although this specific set of capabilities covers the majority of scenarios and customer
requirements, it might not cover every requirement that various clients may have.
Those familiar with VMware may have heard of the Cisco Nexus 1000 V, which is
available for ESXi and essentially replaces the VMware switching infrastructure
completely. The Cisco Nexus 1000 V is the only model that VMware supports, and the
challenge is that not many vendors have the resources available to write a complete
virtual switching infrastructure. Microsoft went a different direction in Windows
Server 2012.
Windows Server 2012 introduced the extensible switch for Hyper-V. The extensible
switch enables third parties to plug into the Hyper-V virtual switch at various points
without having to replace it completely, thus making it far easier for organizations to
bring additional value. It was common to have the ability to add functionality into the
Hyper-V switch, such as enhanced packet-filtering capabilities, firewall and intrusion
detection at the switch level, switch forwarding, and utilities to help sniff data on the
network. Consider that Windows already has a rich capability around APIs and
interfaces for third parties to integrate with the operating system, specifically Network
Device Interface Specification (NDIS) filter drivers and Windows Filtering Platform
(WFP) callout drivers. The Hyper-V extensible switch uses these exact same interfaces
that partners are already utilizing, making it possible for vendors to easily adapt
solutions to integrate directly into the Windows 2012 and above extensible switch.
InMon’s sFlow monitoring extension allows great trending analysis of traffic, NEC has
OpenFlow extension, and 5 nine Software has a complete firewall extension for the
Hyper-V extensible switch.
The Hyper-V switch has four specific types of extensions, which are listed in Table 3. 1.
Table 3. 1 : Types of Extensions for Hyper-V Virtual Switch
EXTENSION PURPOSE EXAMPLES EXTENSIBILITY
COMPONENT
Network packet
inspectionInspecting network
packets, but not altering
themNetwork
monitoringNDIS filter driverNetwork packet
filterInjecting, modifying, and
dropping network packetsSecurity NDIS filter driverNetwork
forwardingThird-party forwarding that
bypasses defaultVirtual Ethernet
Port AggregatorNDIS filter driver