Today’s organizations are equipped with some of the most powerful network communications links that have ever existed. Additionally, most businesses are utilizing resources that exist both on-premises as well as in the cloud. Most organizations today are looking to connect resources that exist in both places, on-premises and public cloud such as Azure, together in a way that they operate as one single entity. These networks allow employing an “intelligent cloud” that functions and operations seamlessly and in a way that allows organizations to use resources anywhere they exist.
Windows Server 2019 contains the most powerful networking capabilities that have ever shipped in a Windows Server release. It makes being able to connect resources together between on-premises and Azure public cloud extremely easy. This allows building intelligent cloud and edge environments.
In this post, we will take a look at the New Windows Server 2019 Hybrid Network Features.
New Windows Server 2019 Hybrid Network Features
Microsoft has done a lot of work with Windows Server 2019 networking and especially with the core networking features that are included to support Hybrid Cloud environments such as with Microsoft Azure public cloud.
What are the networking components for an intelligent network for the intelligent Cloud and Edge consist of?
There are four main components that enable hybrid network connectivity and the ability for hybrid connectivity to be reliable, fast, and resilient.
- Hybrid connectivity
- Host networking
- Server networking
- High accuracy time
There is a whole slew of Azure hybrid cloud functionality that is natively built into Windows Server 2019 that allows easily making connections and extending networking features to Azure from on-premises nodes.
Let’s consider the following hybrid cloud network features included in Windows Server 2019.
- Azure Network Adapter
- Much improved VPN performance
- Flexible Container Hybrid Networking
- Precision Time Protocol
Each of the above Windows Server 2019 enhancements greatly improves the ability of the platform to facilitate hybrid networking between on-premises and cloud, specifically Azure environments.
Let’s take a closer look at each new enhancement and how it enables much more powerful hybrid networking.
Azure Network Adapter
More and more on-premises workloads are communicating across on-premises and cloud networks. There may be requirements for an on-premises server to communicate with a virtual machine running on an Azure network. When thinking about the traditional means of connecting to Microsoft Azure from on-premises, there are several ways this is accomplished.
These include:
- Public IP – Accessible from anywhere, low cost
- P2S VPN Gateway – Individual machines into Azure via the Internet
- S2S VPN Gateway – Network to Azure over Internet
- Express Route (ER) – Dedicated MPLS connection to Azure. This can be expensive!
One of the great new features included in Windows Server 2019 by way of Windows Admin Center is the new Azure Network Adapter.
The Azure Network Adapter allows creating a Point-to-Site network connection from individual servers that allows effectively extending the server’s ability to communicate with Azure networks. The Azure Network Adapter functionality allows a single-click experience to connect Windows Server 2019 with your Azure Virtual Network by using Point-to-Site functionality.
The Azure Network Adapter makes the entire process extremely easy to configure and contains the following configuration that is handled automatically:
- Takes care of Azure Virtual Gateway creation
- Handles self-signed certificates, or user-generated
- Auto-reconnect is enabled by default
- Connection is persistent when not logged in
The new Windows Admin Center is the new management dashboard utility that allows a powerful way to interact with Windows Server. It provides access to some of the new platform features such as Azure Network Adapter and allows adding these new services and features. Below, we have connected to a Windows Server 2019 server with Windows Admin Center. Navigate to Network > Add Azure Network Adapter to add the new Azure Network Adapter to the Windows Server 2019 installation.
You will be prompted if you need to add Windows Admin Center to Azure before installing the Azure Network Adapter. The Windows Admin Center utilizes an existing connection to Azure that has already been established to install and integrate the Azure Network Adapter.
Much Improved VPN Performance
When thinking about Remote Access performance with and without SDN, Windows Server 2019 has drastic improvements to the throughput achievable with VPN technologies. For IPSEC VPNs, performance has been improved by 3X.
Site-to-site VPN enables many connections between clients and servers. It requires a VPN endpoint, routing configuration on-premises, Remote Access Server (RAS) Role in Windows Server, Azure Virtual Gateway to SDN Virtual Gateway, and requires an Internet routable gateway IP.
Flexible Container Hybrid Networking
Today’s fast-paced development environments and methodologies are making a considerable shift to using container architecture. Containers are allowing organizations to shift from a traditional 3-tier app logic to one that is more focused on microservices. Today’s businesses making use of container technology have the need for flexible container networking moving from tightly-coupled to loosely-coupled components. Containers can be consumed in a variety of ways including Windows containers that use process isolation to make boundaries and also Hyper-V containers that add further boundaries to security isolation using nested virtualization.
Microsoft is providing a huge amount of support for today’s container technologies that are providing organizations with the tools and abilities they need with flexible container networking. Microsoft is providing tremendous support for container scheduling and orchestration technologies such as Kubernetes in both on-premises and Azure-based containers. Additionally, they are providing support for multiple container network interface (CNI) plugins and topologies.
- Azure CNI (container network interface plugin)
- Flannel meta-plugin with win-l2bridge CNI (host-GW)
- Flannel meta-plugin with win-overlay CNI (Overlay) (Beta)
- Kubernetes-OVN CNI (Overlay) – maintained by cloudbase solutions
Windows Server 2019 also provides support for network policy enforcement with Tigera Calico on Windows and container deployments. Network Policies – allow limiting network connectivity between services that need to talk to each other. The flexibility provided by the new Windows Server 2019 container capabilities provides easy load-balancing, service discovery, and security for modernizing existing Windows Server applications with containers (lift-and-shift) or rearchitecting or building new applications using microservice architectures. Organizations can start either on-premises or in the Azure cloud with containers.
Start on-premises:
- service fabric
- docker enterprise edition v1.x
- Vanilla Upstream K8s v1.11
- RedHat OpenShift
Start in Azure:
- Azure Service Fabric
- Azure Container Instance (ACI)
- ACS for Kubernetes
- Azure App Service
- Service Fabric Mesh
Precision Time Protocol
Time is generally not thought of as being related to the network or networking capabilities, however, the network has a direct impact on accurate timekeeping. Active Directory has long been the primary source of time dependency. Nodes in a domain synchronize time from domain controllers. When thinking about hybrid environments where some resources are housed on-premises and other are housed in the cloud, time synchronization becomes a greater challenge.
With Windows Server 2019, time accuracy has been greatly improved. Precision time protocol has been introduced. On the network, there are things that interfere with the accuracy of time (switches, routers, firewalls, etc). PTP allows switches to participate and insert the latency they have added into their measurement. A Software timestamp is used when packets come in and when they leave which also removes latency when introduced by Windows. Windows Server 2019 also has true Leap Second support. If you are in a regulated industry that has extremely aggressive time requirements, even a one second time skew can put you past the time dependency.
Concluding Thoughts
Today’s often very complex and multi-homed organizations are making use of hybrid network topologies that often extend between on-premises resources and those housed in public cloud environments such as Azure. Windows Server 2019 introduces powerful new features that enable organizations to be better equipped for making use of these hybrid cloud environments. Such features as the Azure Network Adapter, improved VPN tunnel performance, flexible container networking, and more precise timekeeping are allowing organizations to have better-equipped platforms that are able to meet the demands of today’s hybrid network environments. Windows Server 2019 is the most hybrid aware Server OS released by Microsoft to date. By adding it to the mix, businesses are empowered to create intelligent, flexible, and heterogeneous networks.
Follow our Twitter and Facebook feeds for new releases, updates, insightful posts and more.