Windows Server 2019 contains really great new functionality and features. In today’s fast-paced, software-driven market, modern infrastructure must be able to keep pace with the production workload demands and pace of deployment, etc. Software-defined infrastructure has been the driving force behind today’s modern data centers as it allows the infrastructure and architecture that make today’s hybrid cloud environments possible.
Windows Server 2019 contains many new or enhanced software-defined features.
We have already taken a look at the new Storage Spaces Direct software-defined storage features.
Now, let’s look at what software-defined networking really is. Also, we will look at Windows Server 2019 new software-defined networking features and how these allow administrators to keep pace with today’s networking demands.
What is Software Defined Networking?
Before diving into the new features contained in Windows Server 2019 Software Defined Networking, let’s take a look at what software-defined networking is and how it is used in today’s modern infrastructure.
Software-defined networking allows abstracting the network from the physical network constructs. In the physical network world, you are bound by the physical cable uplinks, the VLANs configured, and gateway addresses that are configured for routing. While those still exist inside the physical network, the software-defined network allows “overlaying” networks on top of the physical network that is the “underlay”. So, the advantages of this approach become readily apparent. Without any change to a physical network, additional software-defined networks can be provisioned and utilized for network traffic in the virtual world. This allows infrastructure to take advantage of software-defined constructs including a much more agile deployment of new networks, automation capabilities, and security constructs that would otherwise be unavailable.
Windows Server 2019 Software Defined Networking Features
Windows Server 2019 contains some really great new software-defined networking features including the following that we will take a look at:
- RSSv2/Dynamic VMMQ
- Guest RDMA
- Receive Side Coalescing (RSC) in the virtual switch
- Windows Admin Center integration
- Virtual network peering
- Virtual subnet encryption
- Egress Bandwidth Measuring
- IPv6 and dual-stack
- Fabric ACLs and SDN ACL
- SDN Gateway GRE and IPsec Performance Improvements
Dynamic VMMQ, Guest RDMA, and Receive Side Coalescing RSC
With Windows Server 2016, there were new features called VMMQ and it allowed static assignment of queues to VMs based on static configuration.
With Windows Server 2019, dynamic reassignment of queues is able to be assigned to logical processes. Also, autotuning capabilities so that queues can be dynamically expanded or coalesced across logical processes as required. This is ideal for hosts with high-density VMs and large amounts of throughputs. This will result in much higher throughput and lower CPU utilization. This is only available for the SDDC Premium SKUs.
RDMA provides low latency storage data paths. With Windows Server 2019, RDMA is being brought to virtual machine guests. This is perfect for the SMB file server, VDI, and HPC VMs. This also is available only with 2019 SDDC Premium SKUs.
Receive Side Coalescing in the vSwitch. This coalesces multiple TCP segments into a larger segment prior to vNIC delivery. Since you will be receiving fewer TCP segments with larger segments, the throughput will be larger and utilization lower.
The new data plane features provide much great performance for much lower CPU utilization which results in much greater performance return on your Windows Server operating system investment.
Windows Admin Center SDN Management
One of the highly requested features and enhancements that Microsoft’s SDDC customers have requested is a much better way to manage the software-defined networking environment. Windows Admin Center is Microsoft’s new management tool that is being developed to have a single pane of glass management, configuration, and deployment view of the entire Windows Server environment, including SDDC. Now, Microsoft has released the Windows Admin Center SDN Management dashboard.
With the Windows Admin Center, you can create your virtual networks and subnets and use the UI to connect the virtual machines to the virtual networks. This is available currently with Windows Server 2016 as well as with Windows Server 2019.
Within the Windows Admin Center SDN UI, Microsoft has built in SDN Monitoring that allows Windows administrators to quickly and easily see any issues in the SDN environment. Monitoring includes throughput capabilities so that any point in time you can know the performance and throughput of the environment.
Virtual Network Peering, Encrypted Subnets, Egress Bandwidth Measuring, IPv6 Support
Virtual Network Peering is a new feature that allows customers who have various applications in different virtual networks to be able to connect these networks together. Virtual network peering allows creating a high performance and low-latency connectivity between virtual networks. This feature does not make use of or require virtual gateways as it uses the underlying fabric so that performance is not sacrificed for connectivity purposes.
Security is on the minds of everyone today. Microsoft had already made great strides to bolster security by devising mechanisms such as Shielded Virtual Machines. Shielded Virtual Machines provides encryption for data at rest for the virtual machine on disk. When data is in flight, the new encrypted subnets feature provides encryptions for the data that is on the move and exits the host. This is protected using DTLS encryption on a per-subnet basis. This protects against sniffing and tampering of data on the wire that is in transit.
Egress Bandwidth Measuring allows service providers the capability to measure the outbound bandwidth for your virtual network. Service providers want to know how much tenant traffic is going outside the data center or the cloud environment so tenants can be billed accordingly. Traffic can be filtered which is going outside the virtual network but not outside the cloud datacenter environment which allows easily differentiating traffic as needed.
IPv6 Support has been added to the SDN stack in Windows Server 2019. Now you can have virtual networks and subnets configured with IPv6 addresses. Virtual machines can be assigned IPv6 networks and also supports dual-stack support for both IPv6 and IPv4. Software load balancers greatly benefit from this new feature due to the shortage of IPv4 address space.
Fabric ACLs and SDN ACL Logging
Windows Server 2016 provides the capability to secure tenant virtual networks with Tenant ACLs. This protected it from north/south and east/west directions. With Windows Server 2019, you can provision ACLs for your management network and provider networks.
SDN ACL Logging functionality has been added to Windows Server 2019. Now you can log traffic entering, exiting, or that has been blocked at the virtual machine level. Logging data can be used for post mortem, auditing, or compliance auditing.
SDN Gateway GRE and IPsec Performance Improvements
The performance of site-to-site and GRE gateways in Windows Server 2019 has been drastically improved. Customers can see improvements up to 3X (200%) for GRE tunnels and IPSec site-to-site VPN. Also, the amount of CPU cycles per byte is improved. Microsoft has greatly reduced the amount of compute cycles needed for SDN gateway IPsec and GRE connections.
Windows Server 2019 includes a wide range of functionality and improvements in the realm of software-defined networking capabilities. With Windows Server 2019, administrators will see improvements in the data plane, Windows Admin Center dashboards and features, SDN features including dynamic VMMQ, guest RDMA, and IPv6 support. Virtual network peering will allow high performance peering of virtual networks without the use of gateways. Encrypted subnets will allow Microsoft to provide end-to-end encryption with in-flight traffic traversing in/out of virtual networks and subnets. Improved Fabric ACLs and SDN logging will also allow for greater flexibility in controlling security on management and provider networks along with the visibility needed to troubleshooting ingress/egress traffic and virtual machine traffic getting blocked. Strong software-defined features are going to be the theme of Windows Server 2019 as Microsoft is looking to extend its reach in the enterprise data center with new SDDC capabilities.Like what you read? Rate us