Issue with Virtual Network Configuration in Hyper-V and Windows Server Nano 2016

Question

My task is to use a virtual machine with OpenWRT (or OPNsense) as a virtual router, connecting it to the internet from the provider and various local networks, which should form a single unified network. The host machine is running Windows Server 2016 Nano Server with the Hyper-V role and has 3 physical network adapters.

When attempting to configure the VM as a router, I encountered an issue. However, to eliminate the influence of drivers and incorrect settings of physical network adapters, let's consider a scenario with fully virtual adapters and a virtual switch.

Here's the step-by-step process:

1. Create a virtual switch of the "Private Switch" type.
2. Set up a second-generation Router VM (VM1) with three vNICs. Connect the first vNIC to the virtual switch.
3. Create a second-generation Client VM (VM2) with one vNIC and connect it to the same virtual switch.
4. Install OpenWRT or OPNsense on VM1. By default, they will define the first port as LAN, set up a DHCP server, and be ready to assign IP addresses.
5. Install any OS on VM2 and obtain an IP address. At this point, everything seems to be going according to plan. The machines see each other, and the client VM received an IP address.

Now, let's simulate the connection of a second network, using existing connections:

1. On VM1, create a bridge (which is by default created in OpenWRT, for OPNsense use https://docs.opnsense.org/manual/how-tos/lan_bridge.html) and connect vNIC1 and vNIC3 to this bridge (vNIC2 is assumed to be WAN and is not connected yet).
2. Our expectation is that both networks connected to vNIC1 and vNIC3 will see the router, receive IP addresses through DHCP, and be able to communicate with each other.

For testing the functionality of the second network:

1. Disconnect vNIC1 of VM1 from the virtual switch and connect vNIC3 to the virtual switch.
2. We expect that our client VM2 should obtain an IP address from the router just as before. However, the client does not receive an IP address. It sends a request, the router receives it, attempts to assign an IP, but the issue is that VM2 is not receiving data through the network connection (received = 0).

I've tested the exact same scenario on VMware Workstation Pro, and it works as expected without any issues. Not to advertise, just to clarify that it should work. I'm sticking with Hyper-V, so I'm really looking for a way to fix this.

Answer 1

I experienced the same thing and eventually fixed it. I am using OPNsense, didn't try OpenWRT yet, but I'm pretty sure the cause is the same, so is the solution:

When a Bridge Interface is created in the Router VM, OPNsense will generate a new MAC address for this Bridge. (You can verify this using "ifconfig" in the Router VM.) In a physical environment, any computer/device connected to these bridged ports will see the OPNsense generated MAC address. However, in Hyper-V environment, the Router VM is not able to make these bridged ports to present the new unified MAC address to the virtual switch, because these vNIC's MAC addresses are managed by the hypervisor. To allow these vNICs updating their MAC addresses, you can open the virtual machine settings of your Router VM, find all these bridged vNICs, click the plus sign "+" beside the RJ45 plug icon to expand the setting options, go to "Advanced Features" and put a check mark on "Enable MAC address spoofing". This will allow the VM (OPNsense) to spoof/override the MAC addresses of these vNICs. After doing this, your Client VMs will be able to connect to the Router VM's bridged ports.

Answer 2

Hello,

Thank you for posting in Q&A forum.

Seems like the key problem here is that VM2 didn't get a correct DHCP IP address from the router and here's some troubleshooting steps that you can refer to:

1. First please double check the configuration in your environment to avoid some mis-configuration issue.
2. Make sure DHCP function is working properly on VM1.
3. After switching the vNIC1 to vNIC3, please kindly try to run cmd:

ipconfig/ release and ipconfig/ renew trying to get a DHCP IP manually and see if it works.

4. To most effective way is to capture network trace by wireshark or network monitor when getting the issue reproduced, and don't forget to capture manually IP assignment process (ipconfig command mentioned above). By analyzing the trace, you would be able to further figure out how the traffic flow goes and if VM2 gets the DHCP IP assignment correctly.

Hope this answer help in your case.