Everyone trying to use Provisioning Services with hyper-v knows that there is one big issue. Hyper-V does not support PXE boot on synthetic NIC. To work around this, you need 2 NIC’s for PVS traffic, one legacy and one synthetic. Before PVS 7 you had to switch off the legacy NIC after booting Windows to force PVS to use the Synthetic NIC. This could be done using the nvspbind.exe tool from Microsoft, to disable IPV4 on legacy NIC after Synthetic NIC was up. There are scripts that can do this and there is my own tiny service that will do this for you:http://virtexperience.com/2013/03/14/hypervpvsfix-service-to-use-citrix-provisioning-on-hyper-v-with-synthetic-nic/
After PVS7 this is done automatically in the PVS device, however there is very little documentation on how this works from Citrix. I’ve tried to get some more information on this, and this is a summary of it. Please note that the information in this blog is based on my own observations and could be wrong. Use the comment field if you have any more information on this subject.
Do we still need to disable IP on legacy NIC with PVS 7 ?
No, you don’t. That means that if you have been using my hypervpvsfix-service, you don’t need it any more at PVS 7. PVS 6x still needs this fix.
How is PVS device handling the switchover?
Only documentation I found was this:
There is a registry key[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BNIStack\Parameters] DisableHyperVLegacyNic”=dword:00000000 , but what does it do? Let us see on a PVS device with two NIC’s in the same LAN:
Without the registry key, after boot ipconfig shows that the legacy NIC now has a “fake ip” 169.254.x.x/16 but gateway is still from DHCP. This means that not network traffic will be enabled on this NIC, but IP is still enabled on the NIC unlike the nvspbind.exe method. A route print command also show lower metric on the Synthetic NIC, so don’t worry about traffic going out on legacy NIC. A large file copy to the PVS device system disk, shows no traffic on the legacy NIC.
Going deeper, Wireshark shows that the device communicates with PVS server only on the synthetic NIC
If we set the DisableHyperVLegacyNic=0 the behavior should be “only use synthetic NICs if legacy Hyper-V NICs exist within the same subnet”, but it does not seems to be so:
Ipconfig shows that both NIC’s have a valid IP address. A large file copy shows that there is traffic on the legacy NIC:
Wireshark shows that the device communicates with PVS server only on the legacy NIC
I guess setting the reg key to 1 is the same as default (without the reg key) but I’ve not verified this.
PVS traffic on isolated NIC or not?
There is a lot pro’s and con’s and discussions about this, read more herehttp://blogs.citrix.com/2012/05/01/pvs-stream-traffic-isolation/
Personally I prefer using PVS and LAN traffic on same NIC to keep the infrastructure simple. When using 10GB NIC or even 1 GB NIC, bandwidth is not really a big issue with PVS devices. If you do chose to isolate PVS traffic with Hyper-V, you need at least three NIC’s:
- Legacy NIC in isolated PVS LAN
- Synthetic NIC in isolated PVS LAN
- Synthetic NIC in LAN
I’ve not tested how PVS 7 behaves in this scenario, but I guess by default it will work without the registry key. I would recommend using this configuration
- Legacy NIC in LAN
- Synthetic NIC in LAN
Boot from boot ISO.
XenApp and multiple NIC’s
When using XenApp and multiple NIC’s you should enable DNS address resolution.http://support.citrix.com/article/CTX131554
Other issues with PVS 7 on Hyper-V
I’ve seen several other issues with PVS on Hyper-V 2012.
- Lock files not release when shutting down a machine in private mode with a 2 NIC configuration. “Mark device down” is a workaround. I guess that since the device unique ID in PVS database is the MAC address and we have switched PVS traffic to another NIC, the shutdown event is not registred in PVS database. I hope there will be a fix for this soon.
- Some VM’s go to bluescreen immediately after boot or after windows is loaded. Bluescreen says “Duplicate IP detected”. I’ve been able to work around this by giving the NIC’s new MAC addresses until it boots. Suspect duplicate MAC address pool on the network, read more about it here: http://www.virtualizationadmin.com/articles-tutorials/microsoft-hyper-v-articles/networking/mac-address-pool-duplication-hyper-v.html and herehttp://blogs.technet.com/b/jhoward/archive/2008/07/15/hyper-v-mac-address-allocation-and-apparent-network-issues-mac-collisions-can-cause.aspx
- Switchover may not work as expected if the PVS has an OS with other languageshttp://forums.citrix.com/thread.jspa?messageID=1766398�
What will happen in the future?
There is a PVS hotfix coming to fix switchover if you have other OS languages.
With Windows Server 2012 R2, Microsoft is changing the virtual machine template completely and removing the legacy components on the VM. They are introducing a Generation 2 template which will include for instance a synthetic adapter which supports PXE boot.