Monday, October 23, 2023

How Windows 11 Pro and Workstation Pro handles VLANs and Virtual Switches

How to setup vlans on Windows 11 and Server 2022
Windows 10 pre 1809 and Windows Server pre 2022 typically would be setup with a Teamed network adapter using LBFO (Load Balancing and Failover).  Windows 10 after 1809 and Windows 11 now require powershell to create your virtual switch and your vlan networks.  In windows Pre-1809 you would put the VLANs inside the network driver and it would show up in the VLAN tab of the driver as shown below. 


After Windows 1809 and 2012R2, 2016 and 2019 you had to use server manager to manage NIC teaming and the vlans as shown below.


Now in Server 2022, Windows 11 and later versions of windows 10 this has changed.  Setting up VLANS on server 2022 does work the same for the host but they are not usable in Hyper-V and doesn't really work quite right in windows either.  

If you try to add your Hyper-V virtual network switch to a multiplexor driver you will get an unknown error


You will need to enable the following windows features if you are not using the full hyper-v services to use vlans on windows.

  1. Data Center Bridging
  2. Hyper-V GUI Management Tools
  3. Hyper-V Module for Windows Powershell
  4. Hyper-V Services
  5. Window's Hyper-Visor platform





Powershell is now used to manage networking in windows.  You need to allow the host and virtual machines in Hyper-V we now have to use SET (Switch Embedded Teaming)

New-VMSwitch -Name "SET" -NetAdapterName "Ethernet" -AllowManagementOS $true

If you are using a virtual team be sure to enable the LBFO Teams shown below. 

New-VMSwitch -Name "SET" -NetAdapterName "Ethernet" -AllowNetLBFOTEAMS $true -AllowManagementOS $true

To add the vlan to hyper-v we need to add the VM network adapter

Add-VMNetworkAdapter -ManagementOS -Name "VlanX" -SwitchName "SET"

Now we set the vlan, otherwise it will take it's network information from the Untagged VLAN

Set-VMNetworkAdapterVlan -VMNetworkAdapterName "vlanX" -vlanid X -Access -ManagementOS

From here you can flush your ip address and reset the network adapter to get the ip address of the vlan.  Disabling and enabling the adapter also works well for that.

Here are some other powershell commands you will want to make note  of for removing virtual network adapters and switches.

Remove-VMSwitch "$VMSwitchName"

Remove-VMNetworkAdapter -ManagementOS -Name "VLANX" -SwitchName "$VirtualSwitch"

You can view my how to video for setting up switch embedded teams on windows 11 pro and server 2022 https://youtu.be/aL-dcWS6EhM

Sources

https://techcommunity.microsoft.com/t5/networking-blog/teaming-in-azure-stack-hci/ba-p/1070642

https://techcommunity.microsoft.com/t5/windows-server-for-it-pro/bypass-lbfo-teaming-deprecation-on-hyper-v-and-windows-server/m-p/3672310

https://learn.microsoft.com/en-us/windows-server/virtualization/hyper-v/get-started/create-a-virtual-switch-for-hyper-v-virtual-machines?tabs=powershell

https://learn.microsoft.com/en-us/windows-server/virtualization/hyper-v/get-started/create-a-virtual-switch-for-hyper-v-virtual-machines?tabs=powershell

https://www.aligrant.com/web/blog/2022-12-16_creating_multiple_vlans_on_windows_11

https://www.veeam.com/blog/hyperv-set-management-using-powershell.html

https://social.technet.microsoft.com/Forums/windows/en-US/e49df568-4f4c-47b7-b30c-952d1e26ca58/can39t-remove-failed-virtual-switch-from-hyperv39s-virtual-switch-manager?forum=winserverhyperv

Thursday, October 05, 2023

Upgrading a Veeam Backup Server Running Windows 2012R2

How to do an in place upgrade of server 2012R2 to 2016 and then upgrading Veeam from Version 11 to version 12.

Step 1 - Downloaded the software below.

  • Server 2016 Standard Edition, With Key on Hyper-V host
  • Veeam Backup and Replication V12, - on VM
  • Veeam Data Platform Essentials,  -on VM
  • Veeam Licience - on VM
I did the upgrade in the following order
  1. Upgrade to server 2016
  2. Upgrade Veeam backup and Replication
    1. Upgrade Enterprise Manager
    2. Upgrade Veeam

 Step 2 - Disable all backup and replication jobs


Step 3 - Backup the System

Since this is a VM I shutdown the system and did a full export, incase I have to roll back.


Step 4 - Upgrade to server 2016.  Since this VM is on a cluster I will need to remove it from the cluster roll first.



Once removed I can add the server 2016 disk to the VM



Now I can startup the machine and start the upgrade process


Mount and run the DVD and start the upgrade process.


I selected server 2016 Desktop experience


Select keep personal files and apps otherwise it will remove Veeam.




Once the system is ready, you will have to confirm the upgrade as it recommended to do a clean install of the system.  However for this system we need to do a in place upgrade.






When the install is successful, you will see it is upgraded to server 2016.  You may need to activate your system again so have your windows key ready.


Activate Windows - Change the product Key and Activate




After the upgrade Veeam should be horribly broken.   We can however proceed with the upgrade.



Mount the Veeam ISO and begin the upgrade.  We need to upgrade Enterprise manager first and we may need up run the installer a couple times rebooting after installs.  Click through until you start the install process.





Once the system has installed and rebooted we will update.  Re-Run the Veeam 12 installer and update anything else that needs to be updated as shown below.  

After the upgrade the SQL Server agent may have been set to disabled because of the server 2016 upgrade.  You will have to change it back to automatic or manual depending on how you want to run your system.  Then run the Enterprise Manager and finish the setup.




Proceed to upgrade the Enterprise Manager


After the upgrade we are now able to access the Enterprise Manager


Now we will upgrade the Backup & Replication part of Veeam









Once the installer finishes launch the backup & replication console; re-enable your backup jobs and update the clients on any systems you are running backups.



After launching the software 
you may encounter a permission error when trying to access the Veeam storage server and replication server.  This is due to some hardening Microsoft did to mitigate an exploit.
Access Denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

After looking into the error I found that this was caused by a security update in Windows 

https://www.veeam.com/kb4185

https://forums.veeam.com/veeam-agent-for-windows-f33/dcom-hardening-on-windows-server-june-cu-t81317.html

It turned out to be a DCOM error and to fix the issue you need to add a registry key on the Hyper-V Hosts using Veeam.  In regedit go to the following path:

Path : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat

add the following key as a dword 32bit (without the quotes): 

"RequireIntegrityActivationAuthenticationLevel" and set the value to 0

Once that is done the update to Server 2016 and Veeam 12 is complete.



The backups will start working like it has always been running server 2016 and Veeam 12.

Saturday, September 02, 2023

Fixing Windows Network Connection when nothing appears to be wrong

How to fix a network connection on Windows when nothing appears to be wrong.

So recently a system running Windows 10 22H2 just lost it's network connection on boot up.  The PXE boot worked fine but when the system got into windows it would just get a 169.X.X.X address when running a ipconfig




Upon further investigation it appears the RPC Server has stopped working


While there are a number of reasons why this can happen, the fix that worked for me was restarting the services in order.

Restart Services

  • Application Layer Gateway Service – Manual Triggered
  • Network Connections – Manual
  • Network Location Awareness  –  Manual
  • Plug and Play – Manual
  • Remote Access Auto Connection Manager – Manual
  • Remote Access Connection Manager – Automatic
  • Remote Procedure Call (RPC) – Automatic
  • Telephony – Manual

After that run these command as administrator though powershell or cmd prompt

net localgroup administrators localservice /add

net localgroup administrators networkservice /add

Then in explorer go to the networking settings in control panel


Then go to Network connections and run the diagnose and repair.


Once that has been run, and the system is rebooted you should get an ip address and the network icon should be showing up in the taskbar.



Sources

https://www.thewindowsclub.com/the-dependency-service-failed-to-start-on-windows-10#google_vignette

Hyper-V Cluster Node Keeps Randomly Going Down

Over the last few weeks I had an issue with a Hyper-V Cluster node randomly going down causing issues with my Hyper-V cluster. Looking at th...