Understanding Software Defined Networking (SDN) and Network Virtualization

The evolution of virtualization lead to an evolution of wide range of virtualized technology including the key building block of a data center which is Network. A traditional network used be wired connection of physical switches and devices. A network administrator has nightmare making some configuration changes and possibility of breaking another configuration while doing same changes. Putting together a massive data center would have been expensive venture and lengthy project. Since the virtualization and cloud services on the horizon, anything can be offered as a service and almost anything can virtualised and software defined.

Since development of Microsoft SCVMM and VMware NSX, network function virtualization (NFV), network virtualization (NV) and software defined network (SDN) are making bold statement on-premises based customer and cloud based service provider. Out of all great benefits having a software defined network, two key benefits standout among all which are easy provisioning a network and easy change control of that network. You don’t have to fiddle around physical layer of network and you certainly don’t have to modify virtual host to provision a complete network with few mouse click. How does it work?

Software Defined Networking- Software defined networking (SDN) is a dynamic, manageable, cost-effective, and adaptable, high-bandwidth, agile open architecture. SDN architectures decouple network control and forwarding functions, enabling network control to become directly programmable and the underlying infrastructure to be abstracted from applications and network services. Examples of Cisco software defined networking is here.

The fundamental building block of SDN is:

  • Programmable: Network control is directly programmable because it is decoupled from forwarding functions.
  • Agile: Abstracting control from forwarding lets administrators dynamically adjust network-wide traffic flow to meet changing needs.
  • Centrally managed: Network intelligence is (logically) centralized in software-based SDN controllers that maintain a global view of the network, which appears to applications and policy engines as a single, logical switch.
  • Programmatically configured: SDN lets network managers configure, manage, secure, and optimize network resources very quickly via dynamic, automated SDN programs, which they can write themselves because the programs do not depend on proprietary software.
  • Open standards-based and vendor-neutral: When implemented through open standards, SDN simplifies network design and operation because instructions are provided by SDN controllers instead of multiple, vendor-specific devices and protocols.

Cisco SDN Capable Switches

Modular Switches

Cisco Nexus 9516
Cisco Nexus 9508
Cisco Nexus 9504

Fixed Switches

Cisco Nexus 9396PX
Cisco Nexus 9396TX
Cisco Nexus 93128TX
Cisco Nexus 9372PX
Cisco Nexus 9372TX
Cisco Nexus 9336PQ ACI Spine Switch
Cisco Nexus 9332PQ

Network Virtualization- A virtualized network is simply partitioning existing physical network and creating multiple logical network. Network virtualization literally tries to create logical segments in an existing network by dividing the network logically at the flow level. End goal is to allow multiple virtual machine in same logical segment or a private portion of network allocated by business. In a physical networking you cannot have same IP address range within same network and manage traffic for two different kind of services and application. But in a virtual world you can have same IP range segregated in logical network. Let’s say two different business/tenant have 10.124.3.x/24 IP address scheme in their internal network. But both business/tenant decided to migrate to Microsoft Azure platform and bring their own IP address scheme (10.124.3.x/24) with them. It is absolutely possible for them to retain their own IP address and migrate to Microsoft Azure. You will not see changes within Azure portal. You even don’t know that another organisation have same internal IP address scheme and possibly hosted in same Hyper-v host. It is programmatically and logically managed by Azure Stack and SCVMM network virtualization technology.

Network Functions Virtualization- Network function virtualization is virtualising layer 4 to layer 7 of OSI model in a software defined network. NFV runs on high-performance x86 platforms, and it enables users to turn up functions on selected tunnels in the network. The end goal is to allow administrator to create a service profile for a VM then create logical workflow within the network (the tunnel) and then build virtual services on that specific logical environment. NFV saves a lot of time on provisioning and managing application level of network. Functions like IDS, firewall and load balancer can be virtualised in Microsoft SCVMM and VMware NSX.

Here are some Cisco NFV products.

IOS-XRv Virtual Router: Scale your network when and where you need with this carrier-class router.

Network Service Virtualization- Network Service Virtualization (NSV) virtualizes a network service, for example, a firewall module or IPS software instance, by dividing the software image so that it may be accessed independently among different applications all from a common hardware base. NSV eliminates cost of acquiring a separate hardware for single purpose instead it uses same hardware to service different purpose every time a network is accessed or service is requested. It also open the door for service provider offer security as a service to various customer.

Network security appliances are now bundled as a set of security functions within one appliance. For example, firewalls were offered on special purpose hardware as were IPS (Intrusion Protection System), Web Filter, Content Filter, VPN (Virtual Private Network), NBAD (Network-Based Anomaly Detection) and other security products. This integration allows for greater software collaboration between security elements, lowers cost of acquisition and streamlines operations.

Cisco virtualized network services available on the Cisco Catalyst 6500 series platform.

Network security virtualization

  • Virtual firewall contexts also called security contexts
  • Up to 250 mixed-mode multiple virtual firewalls
  • Routed firewalls (Layer 3)
  • Transparent firewalls (Layer 2, or stealth)
  • Mixed-mode firewalls combination of both Layer 2 and Layer 3 firewalls coexisting on the same physical firewall. 

Virtual Route Forwarding (VRF) network services

  • NetFlow on VRF interfaces
  • VRF-aware syslog
  • VRF-aware TACACS
  • VRF-aware Telnet
  • Virtualized address management policies using VRF-aware DHCP
  • VRF-aware TACACS
  • Optimized traffic redirection using PBR-set VRF

Finally you can have all these in one basket without incurring cost for each component once you have System Center Virtual Machine Manager or Microsoft Azure Stack implemented in on-premises infrastructure or you choose to migrate to Microsoft Azure platform.

Relevant Articles

Comparing VMware vSwitch with SCVMM Network Virtualization

Understanding Network Virtualization in SCVMM 2012 R2

Cisco Nexus 1000V Switch for Microsoft Hyper-V

How to implement hardware load balancer in SCVMM

Understanding VLAN, Trunk, NIC Teaming, Virtual Switch Configuration in Hyper-v Server 2012 R2

How to configure Hyper-v Replica Step By Step

Hyper-V Replica provides IP based asynchronous replication of virtual machines between two Hyper-v servers. Since this an asynchronous replication, replica virtual machine will not have the most recent data. However, replica virtual machines provides a cost effective way of keeping a copy of production virtual machines in a secondary site and can be made available in case of a disaster.


  • Shared or standalone storage to fulfill the capacity requirement of the replicated virtual machine
  • Asynchronous replication of Hyper-V virtual machines over Ethernet IP based network
  • Replica works with standalone servers, failover clusters, or a mixture of both
  • Hyper-v Hosts can be physically co-located or geographically diverse location with MPLS or IPVPN connection
  • Hyper-v Hosts can be domain joined or standalone
  • Provide planned or unplanned failover
  • Any Hyper-v virtualized server can be replication using Hyper-v replica


  • Windows Server 2012 R2 Hyper-v Role Installed
  • Windows Server 2012 Hyper-v Role Installed
  • Similar virtual network and physical network must be configured in secondary site for replica virtual machine to function as production virtual machine.

Step1: Configure Firewall on Primary and Secondary Hyper-v Host

1. Right Click Windows Logo on Task Bar>Control Panel>Windows Firewall

2. Open Windows Firewall with Advance Security and click Inbound Rules.

3. Right-click Hyper-V Replica HTTP Listener (TCP-In) and click Enable Rule.

4. Right-click Hyper-V Replica HTTPS Listener (TCP-In) and click Enable Rule.

Step2: Pre-stage Replica Broker Computer Object

1. Log on to DC>Open Active Directory Users & Computers>Create New Computer e.g. HVReplica

2. Right Click on HVReplica Computer Object>Properties>Security Tab>Hyper-v Cluster Nodes NetBIOS Name>Allow Full Permission>Apply>Ok.

Step3: Configure Replica Broker in Hyper-v Environment

Hyper-v Replica using Failover Cluster Wizard

1. Log on Hyper-v Host>open Failover Cluster Manager.

2. In the left pane, connect to the cluster, and while the cluster name is highlighted, click Configure Role in the Actions pane. The High Availability wizard opens

3. In the Select Role screen, select Hyper-V Replica Broker.


4. Complete the wizard, providing a NetBIOS name you have created in previous step and IP address to be used as the connection point to the cluster.

5. Verify that the Hyper-V Replica Broker role comes online successfully. Click Finish.

6. To test Replica broker failover, right-click the role, point to Move, and then click Select Node. Then, select a node, and then click OK.

7. click Roles in the Navigate category of the Details pane

8. Right-click the role and choose Replication Settings.

9. In the Details pane, select Enable this cluster as a Replica server.

10. In the Authentication and ports section, select the authentication method Kerberos over HTTP and authentication over HTTPS.

11. To use certificate-based authentication, click Select Certificate and provide the request certificate information.

12. In the Authorization and storage section, you can specify default location or specific server with specific storage with the Trust Group tag.

13. Click OK or Apply when you are finished.


Configure Hyper-v Replica using Hyper-v Manager

To Configure Hyper-v replica Broker in non-clustered environment.

1. In Hyper-V Manager, click Hyper-V Settings in the Actions pane.

2. In the Hyper-V Settings dialog, click Replication Configuration.


3. In the Details pane, select Enable this computer as a Replica server.

4. In the Authentication and ports section, select the authentication method Kerberos over HTTP and authentication over HTTPS.

5. To use certificate-based authentication, click Select Certificate and provide the request certificate information.

6. In the Authorization and storage section, you can specify default location or specific server with specific storage with the Trust Group tag.

7. Click OK or Apply when you are finished.

Step4: Configure Replica Virtual Machine

1. In the Details pane of Hyper-V Manager, select a virtual machine by clicking it.

2. Right-click the selected virtual machine and point to Enable Replication. The Enable Replication wizard opens.

3. On the Specify Replica Server page, in the Replica Server box, enter either the NetBIOS or fully qualified international domain name (FQIDN) of the Replica server that you configured in Step 2.1. If the Replica server is part of a failover cluster, enter the name of the Hyper-V Replica Broker that you configured in Step 1.4. Click Next.

4. On the Specify Connection Parameters page, the authentication and port settings you configured for the Replica server in Step 2.1 will automatically be populated, provided that Remote WMI is enabled. If it is not enabled, you will have to provide the values. Click Next.

5. On the Choose Replication VHDs page, clear the checkboxes for any VHDs that you want to exclude from replication, then click Next.

6. On the Configure Recovery History page, select the number and types of recovery points to be created on the Replica server, then click Next.

7. On the Choose Initial Replication page, select the initial replication method and then click Next.

8. On the Completing the Enable Replication Relationship Wizard page, review the information in the Summary and then click Finish.

9. A Replica virtual machine is created on the Replica server. If you elected to send the initial copy over the network, the transmission begins either immediately or at the time you configured.

Step5: Test Replicated Virtual Machine

1. In Hyper-V Manager, right-click the virtual machine you want to test failover for, point to Replication…, and then point to Test Failover….

2. After you have concluded your testing, discard the test virtual machine by choosing Stop Test Failover under the Replication option

Step6: Planed Failover

1. Start Hyper-V Manager on the primary server and choose a virtual machine to fail over. Turn off the virtual machine that you want to fail over.

2. Right-click the virtual machine, point to Replication, and then point to Planned Failover.

3. Click Fail Over to actually transfer operations to the virtual machine on the Replica server. Failover will not occur if the prerequisites have not been met.

How to respond to unplanned Failover

1. Open Hyper-V Manager and connect to the Replica server.

2. Right-click the name of the virtual machine you want to use, point to Replication, and then point to Failover….

3. In the dialog that opens, choose the recovery snapshot you want the virtual machine to recover to, and then click Failover….. The Replication Status will change to Failed over – Waiting completion and the virtual machine will start using the network parameters you previously configured for it

4. Use the Complete-VMFailover Windows PowerShell cmdlet below to complete failover.

Starting a reverse replication once disaster is over

1. Open Hyper-V Manager and connect to the Replica server.

2. Right-click the name of the virtual machine you want to reverse replicate, point to Replication, and then point to Reverse replication…. The Reverse Replication wizard opens.

3. Complete the Reverse Replication wizard. You will find the requested information to be very similar if not identical to the information you provided in the Enable Replication wizard

Similar Articles:

Migrating VMs from Standalone Hyper-v Host to clustered Hyper-v Host

Understanding VLAN, Trunk, NIC Teaming, Virtual Switch Configuration in Hyper-v Server 2012 R2

How to configure SAN replication between IBM Storwize V3700 systems

How to install and run Hyper-v Server 2012 R2 on USB


 Note: The following steps work for Hyper-v 2012 R2. You have to use SConfig tool to configure basic Hyper-v settings such as remote administration and networking. When you boot server using this USB stick containing .vhdx file, Setup begins. You can then select preferred option.

How to install Hyper-v Server 2012 R2 on USB

Step1: Install Windows WAIK on a Windows 8 PC

You will see DISM.exe in C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\Deployment Tools\amd64\DISM

Step2: Extract Windows Server 2012 R2 and copy install.wim file in C:\Win2012R2ISO location

Step3: Create VHDX file

Open elevated command prompt, issue the following command step by step

mkdir c:\Win2012R2


create vdisk file=c:\Win2012R2\HYPV2012R2.vhdx maximum=81920 type=fixed

where 81920 is 80GB.

select vdisk file=c:\Win2012R2\ HYPV2012R2.vhdx

attach vdisk

create partition primary

assign letter=r

format quick fs=ntfs label=HYPV2012R2


Step4: Apply install.wim file

Open elevated command prompt, issue the following command step by step

cd /d “c:\Program Files (x86)\Windows Kits\8.1\Assessment and Deployment Kit\Deployment Tools\<architecture>\DISM” where architecture is amd64 or x86

dism.exe /apply-image /Imagefile: C:\Win2012R2ISO\install.wim /Index:1 /ApplyDir:R:\

Step5: Insert USB stick and create partition

Open elevated command prompt, issue the following command step by step


list disk

select disk <USB stick number>


create partition primary

select partition 1


format quick fs=ntfs

assign letter=v


Step6: Remove PageFile from Bootable disk

Open elevated command prompt, issue the following command step by step

reg load HKLM\HyperVTemp r:\windows\system32\config\system

reg add “HKLM\HyperVTemp\ControlSet001\Control\Session Manager\Memory Management” /v PagingFiles /t REG_MULTI_SZ /d “” /f

reg delete “HKLM\HyperVTemp\ControlSet001\Control\Session Manager\Memory Management” /v ExistingPageFiles /f

If you receive invalid key error. Simply type regedit and go this location and delete PagingFiles key.

reg unload HKLM\HyperVTemp

Step7: Copy VHDX to USB stick

Say USB stick is presented as V: drive of your PC. Copy the VHDX file from c:\Win2012R2\HYPV2012R2.vhdx to V: drive where the USB stick is attached. Open elevated command prompt, issue the following command step by step


list disk

select vdisk file=V:\HYPV2012R2.vhdx

attach vdisk


Step8: Make it bootable

Open elevated command prompt, issue the following command step by step

cd /d ” c:\Program Files (x86)\Windows Kits\8.1\Assessment and Deployment Kit\Deployment Tools\<architecture>\BCDBoot”

bootsect /nt60 v: /force /mbr

Use the BCDBoot tool to copy the necessary boot files so that you can boot your USB stick.

bcdboot r:\windows /s v:

Step9: Dettach r:\HYPV2012R2.vhdx

Open elevated command prompt, issue the following command step by step


select vdisk file=r:\HYPV2012R2.vhdx

detach vdisk


Step10: Test

Detach USB stick from PC and insert into server. Power on Server. Go to BIOS of the server. Change boot order to USB/ Build in Hypervisor. Save and Exit BIOS. Reboot the server.

Step11: Troubleshooting if required

  • Put the USB in to your server
  • Boot the server using a Hyper-v 2012 R2 DVD
  • Select your language, click Next, then select ‘Repair your computer’
  • Select ‘Command prompt’
    Run ‘bcdedit /enum’, it’s probably still pointing to your .vhdx file (check ‘device’ and ‘osdevice’)
  • Fix this by using bcdedit, I used;
    exe /set {default} device vhd=[C:]\HYPRV2012R2.vhd
    bcdedit.exe /set {default} osdevice vhd=[C:]\HYPRV2012R2.vhd
  • Now remove the Windows dvd and boot from USB.

References http://technet.microsoft.com/en-us/library/ee731893%28WS.10%29.aspx