Experience with Hyper-V and PVS 7

UPDATED INFO HERE: http://virtexperience.com/2014/03/10/an-update-about-my-experience-with-pvs/

Everyone trying to use Provisioning Services with hyper-v knows that there is one big issue. Hyper-V does not support PXE boot on synthetic NIC. To work around this, you need 2 NIC’s for PVS traffic, one legacy and one synthetic. Before PVS 7 you had to switch off the legacy NIC after booting Windows to force PVS to use the Synthetic NIC. This could be done using the nvspbind.exe tool from Microsoft, to disable IPV4 on legacy NIC after Synthetic NIC was up. There are scripts that can do this and there is my own tiny service that will do this for you: http://virtexperience.com/2013/03/14/hypervpvsfix-service-to-use-citrix-provisioning-on-hyper-v-with-synthetic-nic/

After PVS7 this is done automatically in the PVS device, however there is very little documentation on how this works from Citrix. I’ve tried to get some more information on this, and this is a summary of it. Please note that the information in this blog is based on my own observations and could be wrong. Use the comment field if you have any more information on this subject.

Do we still need to disable IP on legacy NIC with PVS 7 ?

No, you don’t. That means that if you have been using my hypervpvsfix-service, you don’t need it any more at PVS 7. PVS 6x still needs this fix.

How is PVS device handling the switchover?

Only documentation I found was this:

http://support.citrix.com/proddocs/topic/provisioning-7/pvs-readme-7.html

http://support.citrix.com/proddocs/topic/provisioning-7/pvs-nics-requirements-failover.html

There is a registry key [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetservicesBNIStackParameters] DisableHyperVLegacyNic”=dword:00000000 , but what does it do? Let us see on a PVS device with two NIC’s in the same LAN:

Without the registry key, after boot ipconfig shows that the legacy NIC now has a “fake ip” 169.254.x.x/16 but gateway is still from DHCP. This means that not network traffic will be enabled on this NIC, but IP is still enabled on the NIC unlike the nvspbind.exe method. A route print command also show lower metric on the Synthetic NIC, so don’t worry about traffic going out on legacy NIC. A large file copy to the PVS device system disk, shows no traffic on the legacy NIC.

Going deeper, Wireshark shows that the device communicates with PVS server only on the synthetic NIC

If we set the DisableHyperVLegacyNic=0 the behavior should be “only use synthetic NICs if legacy Hyper-V NICs exist within the same subnet”, but it does not seems to be so:

Ipconfig shows that both NIC’s have a valid IP address. A large file copy shows that there is traffic on the legacy NIC:

Wireshark shows that the device communicates with PVS server only on the legacy NIC

I guess setting the reg key to 1 is the same as default (without the reg key) but I’ve not verified this.

PVS traffic on isolated NIC or not?

There is a lot pro’s and con’s and discussions about this, read more here http://blogs.citrix.com/2012/05/01/pvs-stream-traffic-isolation/

Personally I prefer using PVS and LAN traffic on same NIC to keep the infrastructure simple. When using 10GB NIC or even 1 GB NIC, bandwidth is not really a big issue with PVS devices. If you do chose to isolate PVS traffic with Hyper-V, you need at least three NIC’s:

  1. Legacy NIC in isolated PVS LAN
  2. Synthetic NIC in isolated PVS LAN
  3. Synthetic NIC in LAN

I’ve not tested how PVS 7 behaves in this scenario, but I guess by default it will work without the registry key. I would recommend using this configuration

  1. Legacy NIC in LAN
  2. Synthetic NIC in LAN

Boot from boot ISO.

XenApp and multiple NIC’s

When using XenApp and multiple NIC’s you should enable DNS address resolution. http://support.citrix.com/article/CTX131554

Other issues with PVS 7 on Hyper-V

I’ve seen several other issues with PVS on Hyper-V 2012.

  1. Lock files not release when shutting down a machine in private mode with a 2 NIC configuration. “Mark device down” is a workaround. I guess that since the device unique ID in PVS database is the MAC address and we have switched PVS traffic to another NIC, the shutdown event is not registred in PVS database. I hope there will be a fix for this soon.
  2. Some VM’s go to bluescreen immediately after boot or after windows is loaded. Bluescreen says “Duplicate IP detected”. I’ve been able to work around this by giving the NIC’s new MAC addresses until it boots. Suspect duplicate MAC address pool on the network, read more about it here: http://www.virtualizationadmin.com/articles-tutorials/microsoft-hyper-v-articles/networking/mac-address-pool-duplication-hyper-v.html and here http://blogs.technet.com/b/jhoward/archive/2008/07/15/hyper-v-mac-address-allocation-and-apparent-network-issues-mac-collisions-can-cause.aspx
  3. Switchover may not work as expected if the PVS has an OS with other languages http://forums.citrix.com/thread.jspa?messageID=1766398&#1766398

What will happen in the future?

There is a PVS hotfix coming to fix switchover if you have other OS languages.

With Windows Server 2012 R2, Microsoft is changing the virtual machine template completely and removing the legacy components on the VM. They are introducing a Generation 2 template which will include for instance a synthetic adapter which supports PXE boot.

Fingers crossed!

17 thoughts on “Experience with Hyper-V and PVS 7

  1. Pingback: Experience with Hyper-V and PVS 7 | Conde Malagueta

  2. Very interesting article, not sure if the administrative cost to do this would be worth it in my environment. I was hoping Server 2012 r2 would get me off the legacy network adapters, but it looks to use Generation 2 the guest OS needs to be running Server 2012 or Windows 8.1…. Since I am provisioning Server 2008 r2 VMs doesn’t look like that will work. Have you tried it with Server 2008 OS running on the VM? If not I am gonna have to give it a try…

  3. Can you tell me if you’re using two reserved IP addresses or doing some MAC address magic so not to use two addresses. Citrix really does not have any real good docs on this setup. Thanks.

    • I’m using 2mac adresses with static Mac, on legacy nic dhcp random ip And on synthetic dhcp reserved. Static dns entry connected to synthetic ip address. You may also have reserved on legacy nic but do not register this ip in dns.

  4. Hi,

    We use PVS 7 and HYPER-V 2008 R2.
    Each virtual machine has two network adapters.
    One is the legacy for the PXE BOOT and the other one is for PVS.
    We are facing a strange behavior.

    Some of our VM get 169.254.X.X ip adress on the legacy card (it is the normal behavior, isn’t it ?) while others VM get an IP of the PVS network (always on the legacy card).

    Have you ever seen something like that ? Could you explain me how to get a 169.X.X.X IP adress for the legacy card of all our VM ?

    Thanks for your help.

    • In shared vdisk mode (read only) the legacy adapter has ip until windows is started, then the ip i set to 169.x.x.x to move the PVS stream to the synthetic NIC. This is by design. I’ve seen that after a while, probably when the DHCP lease time is expired, the legacy NIC gets an valid IP again.Try experimenting with DHCP lease time to see if this is the cause.

  5. We are seeing the same issue with Hyper-V 2012 and PVS 7 where the legacy NIC obtains a 169.x.x.x address for a short while and then switches to a valid production address. We have our lease time set for 14 days so I do not believe it is lease time. The timing of when the legacy NIC grabs a production address seems very random.

    I have even tried to upgrade the target device of a few of our PVS targets to 7.1 and have the same issue.

    Does the service you wrote still work with PVS 7?

    • The service I wrote should probably work, but I would recommend to stay with just PVS 7.1 and update with hotfix 1. If you are on XenApp 6.x I would suggest to go to XA7.x as it better handles the ip switchover.

  6. Pingback: An update about my experience with PVS. | Virtual eXperience

  7. Hi Magner, Great work on the service build.

    I’m trying with PVS7.6 & W2k8R2 & XA7.6. Both legacy & Synthetic NICs are in same subnet.

    When i try to boot the system, it loads windows and freezes. I beleive switchover isn’t working.

    Can you help with it please

    Regards
    Rajeev S

    • Hi, I recommend that you use the builtin switchover function in PVS 7.6. The service was built for pre PVS 7.x versions.

      • Hi Magnar, I tried using the in-built feature. However i couldn’t get the feature work. When system is applying computer settings it goes out of the NW and gets freezed.

        It works fine 2 out of 10 times. Any idea?

        • It should be possible to get it working with the built-in feature, sounds like you got some other issue with your network config. I’ve got it working, but I must admit that PVS with Hyper-V is quite tricky compared to XS and VMWare. You can also just use the legacy adapter if your apps is not using more than 100Mbit network traffic, but I would guess this is not a preferred solution. I hope Citrix will fix this. I can see a lot of our clients prefer PVS over MCS and with an increase in Hyper-V deployments, this needs to be fixed so that it works with Synthetic NICs.

  8. Hi Magnar,

    we have a similar problem, streaming W2K8R2 Terminalserver with PVS 7.1 on Hyper-V 2012 R2. We have six VMs on each host. We reset all the VMs every night, everything works fine (only 2-3 VMs out of 300 are not booting, but I can reset them). Our problem is if nealy every user is working, so that we have a heavy workload, i’m not able to reboot a VM, when there are more then 3 VMs are up and running on that host. If i want to boot the whole farm, only 3 out of 6 Vms on each host will boot. But thats only during the day. If i do that during weekend or at night, it works.
    Have you ever seen such a behavior? Even if the PVS is virtualized and on the same host as the Terminal Server VM, it doesn’t work.

  9. We are using HV, PVS 7.6 with 2 NICS for our 2008R2 XA servers.

    Although the legacy NIC does have an APIPA address with the same gateway as our synthetic NIC. WE are seeing that the legacy NIC is having a very negative impact on the browsing experience. Basically, pages will take 5 to 20 seconds to load.

    If we uninstall the legacy NIC, then the browsing is support fast. Note that we can also see the Legacy NIC using .02% to .05% of the network link VIA task manager.

    Anybody seeing this?

    Thanks

    • Daniel – did you ever find a resolution to the performance issue with 2 NIC’s? We are seeing a similar problem where the Citrix Receiver on target devices with both the legacy and standard NIC is performing very poorly. Also, Outlook is very slow to load.

Leave a Reply

Your email address will not be published. Required fields are marked *

*