Hi All,
I have an interesting issue which between myself and a client we have been unable to resolve.
We have a few Windows 2008 R2 VPSs running in a high availability environment in Hyper-V. These are across multiple physical nodes.
Two of the Windows VPSs are DCs, and have two NIC's in each:
NIC 1: 10.x.x.x (for internal domain traffic)
NIC 2: 200.x.x.x (for external/public traffic)
However, no matter what we do the Windows VPSs detect both as part of the Domain profile, which makes firewall settings exceptionally painful (so much so that the client has moved this project to a competing company using VMWare).
He's happy to move it back if we can get it working properly. We have tried all the 'hacks' including blocking UDP port for NLA, which works fine until the VPS is promoted to being a DC, then it makes no difference.
Because setting up a Private or Internal Virtual Network is only possible when the VPSs are located on the same physical server (node) it's not feasible to separate the NICs that way, so they are both on an External Virtual Network.
Does anyone have a solution to this?
Would using Windows 2012 on the guest OS allow us to specify a force a network profile per NIC?
Would upgrading to a Windows 2012 Hyper-V Cluster enable us to setup a private or internal virtual network available across nodes in the cluster?
Any suggestions would be appreciated.
Cheers,
- Will
