Tag: Hyper-V

System Center Virtual Machine Manager ports and protocols.

Port and protocol exceptions

Connect Port/protocol Details Configure
VMM server to VMM agent on Windows Server-based hosts/remote library server 80: WinRM; 135: RPC; 139: NetBIOS; 445: SMB (over TCP) Used by the VMM agent

Inbound rule on hosts

 Can’t modify
VMM server to VMM agent on Windows Server-based hosts/remote library server 443:HTTPS BITS data channel for file transfers

Inbound rule on hosts

 Modify in VMM setup
VMM server to VMM agent on Windows Server-based hosts/remote library server 5985:WinRM Control channel

Inbound rule on hosts

 Modify in VMM setup
VMM server to VMM agent on Windows Server-based hosts/remote library server 5986:WinRM Control channel (SSL)

Inbound rule on hosts

 Can’t modify
VMM server to VMM guest agent (VM data channel) 443:HTTPS BITS data channel for file transfers

Inbound rule on machines running the agent

The VMM guest agent is a special version of the VMM agent. It’s is installed on VMs that are part of a service template, and on Linux VMs (with or without a service template).

 Can’t modify
VMM server to VMM guest agent (VM control channel) 5985:WinRM Control channel

Inbound rule on machines running the agent

 Can’t modify
VMM host to host 443:HTTPS BITS data channel for file transfers

Inbound rule on hosts and VMM server

 Modify in VMM setup
VMM server to VWware ESXi servers/Web Services 22:SFTP

Inbound rule on hosts

 Can’t modify
VMM server to load balancer 80:HTTP; 443:HTTPS Channel used for load balancer management Modify in load balancer provider
VMM server to remote SQL Server database 1433:TDS SQL Server listener

Inbound rule on SQL Server

 Modify in VMM setup
VMM server to WSUS update servers 80/8530:HTTP; 443/8531:HTTPS Data and control channels

Inbound rule on WSUS server

 Can’t modify from VMM
VMM library server to Hyper-V hosts 443:HTTPS BITS data channel for file transfers

Inbound rule on hosts – 443

 Modify in VMM setup
VMM console to VMM WCF:8100 (HTTP); WCF:8101 (HTTPS); Net.TCP: 8102 Inbound rule on VMM console machine Modify in VMM setup
VMM server to storage management service WMI Local call
Storage management service to SMI-S provider CIM-XML Provider-specific
VMM server to Baseboard Management Controller (BMC) 443: HTTP (SMASH over WS-Management) Inbound rule on BMC device Modify on BMC device
VMM server to Baseboard Management Controller (BMC) 623: IPMI Inbound rule on BMC device Modify on BMC device
VMM server to Windows PE agent 8101:WCF; 8103:WCF 8101 is used for control channel, 8103 is used for time sync Modify in VMM setup
VMM server to WDS PXE provider 8102: WCF Inbound rule on PXE server
VMM server to Hyper-V host in untrusted/perimeter domain 443:HTTPS (BITS) BITS data channel for file transfers

Inbound rule on VMM server
Library server to Hyper-V host in untrusted/perimeter domain 443:HTTPS BITS data channel for file transfers

Inbound rule on VMM library
VMM server to Windows file server 80: WinRM; 135: RPC; 139: NetBIOS; 445: SMB (over TCP) Used by the VMM agent

Inbound rule on file server
VMM server to Windows file server 443:HTTPS BITS used for file transfer

Inbound rule on file server
VMM server to Windows file server 5985/5986:WinRM Control channel

Inbound rule on file server

For more information read the Microsoft docs here: https://docs.microsoft.com/en-us/system-center/vmm/plan-ports-protocols?view=sc-vmm-2019

Hyper-V Updating Integration components for Windows Server 2016

The way to do things before was painful – you had to use Windows Update to update the VMGuest.ISO which then you had to mount inside the guest and run the update from the VMGuest.ISO and reboot the VM. This had to be done manually on each VM.

You could use System Center Virtual Machine Manager (SCVMM) which allowed for batch reboots.

In Windows Server 2016 things have changed for the better – Windows Update will automatically update the integration components inside the VM if you are running any of the OSes below:

  • Windows Server 2016
  • Windows 10
  • Windows Server 2012 R2
  • Windows 8.1

If you are running an older OS like below you need to enable the Data Exchange Integration service and make sure it is running:

  • Windows Server 2012
  • Windows 8
  • Windows 7
  • Windows Vista SP2

But now we have another scenario – what if I live migrated my VMs from Windows Server 2012 /2012 R2 to Windows Server 2016? Will Windows update work from the start ? Well, not really. So what we need to do is to update manually the integration services by downloading the latest version of the integration services as a cab file from the Microsoft Download Center here: https://support.microsoft.com/en-us/help/3071740/hyper-v-integration-components-update-for-windows-virtual-machines-tha and run a PowerShell cmdlet:

Add-WindowsPackage -Online –PackagePath <path to .CAB file>

This can now be automated via Powershell to be done in batches on all VMs.