Posts

Windows Server 2019 Advanced Networking Features

Connecting on-premise and off-premise facilities via networks allows for the creation of an efficient ‘intelligent cloud’.

Windows Server 2019 is built with a comprehensive list of powerful networking capabilities designed to optimize performance in the intelligent cloud and edge environments.

This article discusses four of the advanced networking features in the Windows Server 2019 release.

1. Network Performance Optimization for Virtual Workloads

Previously, to prevent network processing from causing CPU overhead, high-speed network throughput incurred extra costs in baselining, complex planning, tuning, and monitoring.

Windows Server 2019 is built to allow virtual workloads to reach (and maintain) 40 Gbps peaks, lower CPU utilization, and skip redundant tuning and configuration expenses.

This is achieved by including two features that optimize the network throughput of virtual machines by lowering the operations and maintenance costs and elevating hosts’ available density without constantly tuning the host.

Here is a description of the two features:

a) Receive Segment Coalescing (RSC) min in the vSwitch

The Receive Segment Coalescing (RSC) feature integrated in Windows Server 2019 improves throughput gains and host processing of virtual workloads.

This affects all traffic running via the virtual switch counting Hyper-V compute workloads, Software Defined Networking, and some Storage Spaces Direct patterns.

Windows Server 2019 not only supports RSC in the vSwitch, it’s enabled by default!

RSC in the vSwitch unifies TCP segments from the same TCP-stream into larger, fewer packets headed for a Hyper-V Guest. Processing these fewer (coalesced) packets is easier and more efficient than in segmented packets.

Hence, RSC in the vSwitch leads to major performance leaps in Hyper-V virtual machines.

b) Dynamic Virtual Machine Multi-Queue (d.VMMQ)

Virtual Machine Queue and Virtual Machine Multi-Queue features enable the processing of traffic destined for a vmNIC by one or multiple processor cores.

Windows Server 2019 dynamically tunes hosts for optimal CPU efficiency and consistent virtual machine throughput.

D.VMMQ reduces the OPEX costs in previous Windows OS versions, as it doesn’t require any setup once a supporting driver is installed.

D.VMMQ auto-tunes current workloads, thereby maximizing throughput for all virtual machines.

2. Automatic Connection of On-premise Servers to Azure

Connecting on-premise servers and workloads to Azure resources in previous Windows versions requires Site-to-Site VPN, an Express Route, or Point-to-Site VPN connection.  These options include numerous steps and expertise in network and certificate management, as well as infrastructure setup, upgrade, and maintenance.

The Windows Admin Center in Windows Server 2019 enables one-click configuration for a point-to-site VPN connection between on-premise Windows Servers and Azure Virtual Networks.  This automates the configuration for both on-premise VPN client and the Azure Virtual Network gateway.

Here are some of the improvements:

  • Windows Admin Center: The Windows Admin Center is an ‘all-under-one-roof’ evolution of the Windows Server in-box management tools that consolidates all local and remote server management aspects. It’s a free locally deployed (default) Windows Server 2019 browser-based app for managing servers, Windows 10 PCs, clusters, and hyper-converged infrastructures.
  • Azure Network Adapter: The Azure Network Adapter allows you to set up Point-to-Site VPN connections between your Windows server and Azure. It’s a new Network extension aspect of the Windows Admin Center that enables Point-to-Site connections without a public-facing IP address or a VPN device.

3. Software-Defined Networking (SDN)

Software-Defined Networking offers great performance efficiency, but it is difficult to deploy in previous Windows versions.

Windows Server 2019 provides easy SDN deployment and management via a Windows Admin Center extension and a new user interface.

Windows Server 2019 integrates key features in the Software-Defined Data Center (SDDC) to support software-based networking functions.

This leads to the virtualization and optimization of various networking aspects like switching, load balancing, firewalling with micro-segmentation, and routing to offer better availability and performance.

Here are some improved capabilities:

  • Using Windows Admin Center for SDN management: With Windows Server 2019 Windows Admin Center, SDN has been integrated with the Hyper-Converged Cluster experience. You can easily manage SDN infrastructure and resources via a single application by adding a Network Controller to your Hyper-Converged cluster.
  • Virtual network management: After adding an SDN to your hyper-converged environment, you can then create, configure, and modify virtual networks and consecutive subnets. You can also view the VMs connected to the virtual network subnets. Later versions of the Windows Server 2019 are also set to include complete end-to-end virtual network management for the SDN extension in the Windows Admin Center.
  • SDN infrastructure management: Proper SDN management is crucial for a healthy SDN infrastructure. Individual component failures hardly affect Windows Server SDN workloads. Thus, Windows Server 2019 integrates an easy way to monitor SDN performance. The SDN Monitoring extension enables real-time monitoring of SDN services’ state and infrastructure. For instance, you can monitor the health and performance of your Virtual Gateways, Network Controller, Software Load Balancers, and hosts.  Further, the extension allows for monitoring of Virtual Gateway Pools’ consumption, Private IP Pools, and Public IP Pools.

4. Network Security Integrations

Windows Server 2019 brings a full house of network security improvements.

Here is a description of some of them:

a) Windows Defender Advanced Threat Protection (ATP)

ATP is designed with deep sensors and response mechanisms to swiftly expose memory and kernel-level attacks, then respond by terminating suspect processes and repressing malicious files.

Windows Defender ATP Exploit Guard is built with multiple powerful host-intrusion prevention components with capabilities to fend off malicious attack vectors and malware.

b) Enhancements in Software Defined Networking (SDN) security

Windows Server 2019 comes with a more robust SDN security package than Windows Server 2016. The most visible aspects are:

  • Encrypted networks
  • Egress metering
  • Virtual network peering
  • Firewall auditing

c) Shielded Virtual Machines support improvements

Windows Server 2019 provides shielded support for mixed OS environments. This not only boosts performance efficiency in the virtual machines but also keeps the physical server safe.

  • Linux support: For mixed-OS environments, Windows Server 2019 supports running of Red Hat Enterprise Linux, Ubuntu, and SUSE Linux Enterprise Server in shielded virtual machines
  • Troubleshooting virtual machine improvement: PowerShell Direct and VMConnect Enhanced Session Mode have made troubleshooting of shielded virtual machines convenient. They don’t require configuration but are automatically available when a shielded VM is linked with a Hyper-V host running Windows 2019 Server version 1803 or later.

d) HTTP/2 integration

Windows 2019 integrates with HTTP/2, which improves coalescing of connections, thereby delivering an encrypted and uninterrupted browsing experience.

The upgraded HTTP/2’s server-side cipher suite negotiation is not only easy to deploy but also provides automatic connection failure mitigation.

Summary

Advancements in automatic connection to Azure, network performance optimization for virtual workloads, Software Defined Networking (SDN), and network security optimization are only the icing on the cake.

Microsoft is determined to continue improving cloud-based connectivity to optimize performance and save on-site storage costs.

We are set to see even more releases to augment Windows 2019 advanced networking functions.