Hyper-V: What are the uses for different types of virtual networks?

When you open Virtual Network Manager from Hyper-V Manager, there are three types of virtual network

which can be created: External, Internal and Private. There is also a fourth type which can only be created

through WMI and doesn’t have an official name, but I’ll call it a “Dedicated” virtual network. Let’s look at

each type, and when it is appropriate to use them. 

External  

External virtual networks are used where you want to allow communications between

Virtual machine to virtual machine on the same physical server

Virtual machine to parent partition (and visa-versa)

Virtual machine to externally located servers (and visa-versa)

(Optional) Parent partition to externally located servers (and visa-versa)

   

Internal 

Internal virtual networks are used where you want to allow communications between

Virtual machine to virtual machine on the same physical server

Virtual machine to parent partition (and visa-versa)

In a block diagram, an internal network is an external network without the binding to a physical NIC. An

internal network would commonly be used to build a test environment where you need network

connectivity into the virtual machines from the parent partition itself.

Private

Private virtual networks are used where you want to allow communications between

Virtual machine to virtual machine on the same physical server

In a block diagram, a private network is an internal network without a virtual NIC in the parent partition. A

private network would commonly be used where you need complete isolation of virtual machines from

external and parent partition traffic. DMZ workloads running on a leg of a tri-homed firewall, or an

isolated test domain are examples where this type of network may be useful.

Dedicated

Dedicated networks are in some ways one of the most useful type of virtual network where you dedicate

a physical NIC for use just by virtual machines. They allow communication between:

Virtual machine to virtual machine on the same physical server

Virtual machine to externally located servers (and visa-versa)

Note that the parent partition is unable to use a dedicated virtual network for its own communication. You

would normally have a second physical NIC for use by the parent partition, as was discussed yesterday. In

a block diagram, a dedicated network is an external network without a virtual NIC in the parent partition.

 

Note that you can achieve something functionally identical to a dedicated network by creating an

external virtual network, and unbinding the protocols from the newly created virtual NIC in the parent

partition. However, I would personally recommend you deploy a dedicated virtual network “correctly” to

avoid accidental changing of bindings on the virtual NIC, or to avoid confusion as to what is present in the

network adapters control panel applet. (And before you ask, I don’t have a sample script to create a

dedicated virtual network yet. A post for another day).