Forwarding Packets to Hyper-V Extensible Switch Ports
This page describes how a Hyper-V extensible switch forwarding extension can forward packets to one or more ports. This type of extension can also forward packets to individual network adapters that are connected to the extensible switch external network adapter.
Note Only the extensible switch forwarding extension or the extensible switch itself can forward packets to extensible switch ports.
Note In the extensible switch interface, NDIS filter drivers are known as extensible switch extensions and the driver stack is known as the extensible switch driver stack. For more information about extensions, see Hyper-V Extensible Switch Extensions.
If a forwarding extension is installed and enabled in the extensible switch driver stack, it is responsible for making forwarding decisions for each packet that it obtains on the extensible switch ingress data path. Based on these forwarding decisions, the extension adds destination ports into the destination port array in the out-of-band (OOB) data of the packet's NET_BUFFER_LIST structure. After the packet has completed its traversal of the extensible switch data path, the extensible switch interface delivers the packet to the specified destination ports.
Note If a forwarding extension is not installed or enabled, the extensible switch makes the forwarding decisions for packets it obtains from the ingress data path. The switch adds the destination ports to the OOB data of the packet's NET_BUFFER_LIST structure before it forwards the packet up the extensible switch egress data path.
Note If the packet is an NVGRE packet, the forwarding extension can add destination ports to the destination port array. However, the Hyper-V Network Virtualization (HNV) component of the extensible switch is responsible for determining the destination ports and forwarding the packet. For more information, see Hybrid Forwarding.
The forwarding extension can add port destinations only to packets obtained from the ingress data path. After the packet is forwarded up the egress data path, filtering and forwarding extensions can exclude packet delivery to extensible switch ports. For more information, see Excluding Packet Delivery to Extensible Switch Destination Ports.
Within the OOB data of a packet's NET_BUFFER_LIST structure, the data for destination ports are contained in an NDIS_SWITCH_FORWARDING_DESTINATION_ARRAY structure. Each element in the array defines a destination port and is formatted as an NDIS_SWITCH_PORT_DESTINATION structure.
The forwarding extension can call the following Hyper-V Extensible Switch handler functions to manage the NDIS_SWITCH_FORWARDING_DESTINATION_ARRAY structure and its NDIS_SWITCH_PORT_DESTINATION elements:
This function commits the modifications that the extension made to add or exclude one or more destination ports for a packet. These changes are committed to the NDIS_SWITCH_FORWARDING_DESTINATION_ARRAY structure in the packet's OOB data.
When the forwarding extension's FilterSendNetBufferLists function is called, the NetBufferList parameter contains a pointer to a linked list of NET_BUFFER_LIST structures. Each of these structures specifies a packet obtained from the ingress data path.
For each NET_BUFFER_LIST structure in this list, the forwarding extension adds destination ports for the packet by following these steps:
The extension makes forwarding decisions for the packet based on various types of criteria. These criteria include the following:
Policy criteria based on the packet's source port and network adapter connection. The forwarding extension obtains this information by using the NET_BUFFER_LIST_SWITCH_FORWARDING_DETAIL macro.
Policy criteria for an extensible switch port based on the packet's payload data. For example, a policy for an extensible switch port may include a filter to allow delivery of only IP version 4 (IPv4) packets.
Note If the packet is an NVGRE packet, the HNV component of the extensible switch is responsible for forwarding the packet. However, the forwarding extension can apply its own policy criteria in the ingress and egress paths. For more information, see Hybrid Forwarding.
If the extension determines that the packet can be forwarded to one or more extensible switch ports, it must add destination ports to the packet's OOB data. For more information about this procedure, see Adding Extensible Switch Destination Port Data to a Packet.
Note If the packet is an NVGRE packet, the forwarding extension is not required to add destination ports. For more information, see Hybrid Forwarding.
If the extension determines that the packet cannot be forwarded to any extensible switch port, it must drop the packet.
Note This is not true if the packet is an NVGRE packet. For more information, see Hybrid Forwarding.
If the extension has added one or more destination ports for the packet, it must call NdisFSendNetBufferLists to forward the packet on the egress data path.
Note If the packet is an NVGRE packet, the HNV component of the extensible switch is responsible for forwarding the packet. For more information, see Hybrid Forwarding.
For more information about the extensible switch ingress and egress data paths, see Hyper-V Extensible Switch Data Path.