Virtual Network Appliances I Use for Hyper-V Labs

When you build and maintain a test lab you’re always on the lookout for gear you can use. That’s either hardware or virtual appliances. My main concern is cost, it should work well on Hyper-V and the ability to mimic real world environments. That’s a great help for educational purposes as well as for testing and as an aid to troubles shooting. One of the nice things virtualization and now also cloud IAAS offers is the ability to run virtual storage and network appliances that allow us to have that real world look and feel. Add to that ever more software defined storage, networking and compute and we’re able to build very realistic labs. The limits we’re left with are time, money and space.

When building a lab some people tend to run into perceived limitations of their hypervisor. That’s to be expected as for many that hypervisor is just something to quickly get up and running an get to work writing code, implementing a backup solution or whatever the workload at hand is all about. The tip here is not to give up to fast.

More recently I’m build/working on a new lab setup simulating different sites. I need to route between these isolated test networks and load balance traffic in a site redundant manner. The idea was to mimic real life as well as we good. Add to that lab setup an Azure “site” and it’s fun all over. It’s all based on Hyper-V and Windows Server virtual machines but some components are not. Windows NLB has had its best day and RRAS is limited in the abilities I need to test. They can and do work fine for certain scenarios, but not for all that I need to test. I add virtual load balancers, virtual switches with the look and feel of physical ones and the same for virtual firewalls.

Now in real life you’ll be dealing with Link Aggregation Groups, Trunking, MLAG, routing, teaming … in short the tools of the trade when doing networking. One side effect of this is that on a Hyper-V host you quickly run out of physical network ports to work with. That’s not a problem, in real life your firewall or load balancer does not have 48 ports either. Often you have 4 to 8 and sometimes more, but often not, ports at your disposal and depending on the complexity that’s more than enough or not at all. Trunking & VLAN’s are the way we deal with this. In the Hyper-V GUI you will not find a way to define a trunk on an vNIC attached to a vSwitch. But this can be done via PowerShell. So please do not reject Hyper-V as not being up to the job. It is! Read about this in my blog post.

People often ask me what virtual network appliances I Use for Hyper-V Labs. This does vary over time, but there are some constants. In the lab I hate wasting time on time bombed trials. So I avoid those in favor of either fully featured solutions or I use free open source alternatives. Smart vendors provide the easiest access possible to their solutions. They realize that easy access delivers the ability to learn and test every aspect of the products which make a huge difference in the success of their offerings in the real world. When it comes to load balancers I use the KEMP Virtual Load Masters. You can read more about these in projects and lab testing  in blogs about the KEMP (Virtual) Load Master.

As an MVP I got 1 free license. Together with the ability to restore configurations I can have a pseudo permanent redundant load balancing setup. Only building labs for multi-site geo load balancing solutions requires to start from scratch every time. For routing I use VyOS, it works on both hardware and on a bunch of hypervisors with X64 bit virtual machines. When I need the look and feel of a firewall you’ll encounter in business I use Opnsense. It supports the synthetic vNICs with the enlightened Hyper-V drivers. Yup, the integration components are there.  It doesn’t boot from UEFI so no Generation 2 virtual machine support as of yet. imageimage

Another good one is IPFire. This one also does a nice job with the integration components.


I also have a DELL SonicWall in my home office where I have some ports to play with but it tends to be leveraged more for the permanent parts of the lab. It’s a crucial & permanent component.

SonicWALL NSA 220 Wireless-N Appliance

E2EVC 2015 Berlin SMB Direct Slide Deck

I attended and presented at E2EVC 2015 in Berlin from June 12th to June 14th. The networking was a blast. No “marchitecure” bull shit or vendor fairy tales what so ever and lots of very open discussions on the realities we’re seeing and facing in virtualization and cloud. Most account managers and esoteric presales would die a painful (but fast) death in this environment.


One session was with my Hyper-V Amigo buddy Carsten Rachfahl and was pure demo extravaganza, so no slides. My own session was “SMB Direct – The Secret Decoder Ring” and was an attempt to position this technology what by looking at the why and where followed by the how by who and when.


I hope a lot of people had at least a better understanding of SMB Direct, RDMA and DCB. The second aim was to take away the fear many people have of this tech by showcasing it in short demos. Time constraints where a challenge so it was not a 200 level session.

Please download the presentation here if interested.

Enjoy. If you have any concerns or questions, ask, and I’ll try to answer.

Microsoft Ignite Here I Come

Ignite is coming closer and I’m to Chicago soon to attend. I’ll be focusing on a couple of things. One of them is vNext, that means Hyper-V and everything that’s related the network and the storage stack.  The other is Azure and anything related to the above mentioned stack as well as identity/security.

That should be sufficient to keep me busy as next to that I’ll be having meetings with the Microsoft product groups and various vendors/partner on their offerings and plans.

The remaining time will be allocated to networking and talking shop with the international community. I’m looking forward to meet up with so many buddies from across the globe and dive into our beloved subjects. I you read my blog, follow me on twitter and you’re there, let me know. We can meet and greet!


So let’s ignite the future of technology and prepare for our future as well. Remember, it’s you who needs to invest in yourself and your career. Employee, independent consultant or civil servant, it doesn’t matter, while helping others succeed, keep working on your own life long education and future.

But before I’m in Chicago I need to travel there, so we’ll hop onto one of those nice Boeings for a long haul flight across the big pond.  See you there!


A MVP once more in 2015 – happy New Year from a renewed MVP

Happy New Year people! May 2015 bring you happiness,  good health,  and good jobs/projects/customers with real opportunities for growth & advancement. Don’t forget to step out of the office, away from the consoles once in a while to enjoy the wonderful experiences and majestic views this world has to offer.


Being an January 1st MVP (my expertise is Hyper-V) means that every year on new years day I might get an e-mail to inform me I have been renewed, or not. Prior to that our MVP lead will contact us to make sure we have updated our community activities and they’ll decide on whether we’re MVP material, or not.  Today I received this e-mail awarding me the MVP award for 2015.


It remains a special feeling to receive the award.  It’s recognition for what you’ve done and it means that I can enjoy the benefits that come with it: the MVP Global Summit and the interaction with the product groups at Microsoft. The summit is very valuable to me and if I knew the dates I would already book my flights and the hotel right now.

Some people think it makes us fan boys but I can assure you that’s not the case. Microsoft hears the great, the good, the bad and the ugly from us. And yes, they appreciate that as they cannot and do not want to live in an Ivory tower. So they need feedback and we’re a part of the feedback loop. We MVPs are a good mix of customers, consultants, partners & businesses working with their technologies & helping out the community to make the best use of them. Microsoft puts it like this:

“The Microsoft Most Valuable Professional (MVP) Award is our way of saying thank you to exceptional, independent community leaders who share their passion, technical expertise, and real-world knowledge of Microsoft products with others.”

The fact that we are independent is an important factor here. It makes us a valuable resource pool of hands on experience to mix in with other feedback channels. As Aidan Finn wrote in his blog post, Feedback Matters Once Again In Microsoft, it does indeed matter. Again? It always did but they listen more and better now Winking smile. They don’t need an "echo chamber" they value opinions, insights and experiences. The MVP award is for the things you’ve done and do. Sure, there is a code of conduct but that doesn’t mean you cannot voice your concerns. "Independent" means that what we say doesn’t have to be sugar coated marketing. Our value is in the fact that we help out the community (their customers, partners and Microsoft itself) in the better use and development of their solutions base on our real world experiences. Microsoft discusses that here.

It opens up doors and creates opportunities, and for that I’m grateful as well. For my employers/customers it means that when you hire me you get access to not just my skills and expertise but to the collective knowledge and experience of a global network of passionate experts that have a proven track record of engagement and are recognized internationally for that. Not too shabby is it Winking smile.