Dealing with MAC address pool duplication in Hyper-V
Windows Server 2008 Hyper-V provides virtual machines with a pool of Media Access Control (MAC) addresses when Hyper-V is installed. Hyper-V has an algorithm to deal with duplicate MAC addresses on a single host, but not across multiple hosts. This article describes how MAC address pools work in Hyper-V, how it is possible to accidentally deploy hosts with duplicate MAC address pools, how to modify the default pool, how to detect if you are experiencing a duplicate MAC address situation with virtual machines, and how using SCVMM 2008 to manage your Hyper-V hosts can prevent duplicate MAC addresses.
Introduction to MAC address pools
Hyper-V allows a virtual machine to be created with a static or dynamic MAC address. A static MAC address is one that the Hyper-V administrator assigns to the virtual machine. A dynamic address is one that Hyper-V assigns from its MAC address pool.
When Hyper-V is installed, a MAC address pool is created and stored in the registry at
It is stored as a range of 256 values defined by two key values: MinimumMacAddress and MaximumMacAddress.
A MAC address has two parts to it, the OEM identifier and the unique value. To provide MAC addresses, Microsoft had to register to obtain its own identifier (00-15-5d), so all Hyper-V MAC address ranges start with these three octets. The remaining three octets are generated by using the last two octets of the IP address of the first enumerated NIC in the Hyper-V host, converted to hexadecimal. So if the IP address of the first enumerated NIC was 192.168.1.133, the last two octets are converted to hexadecimal 1.133 becomes 01-85 and used as the next two octets in the MAC address. This gives 00-15-5d-01-85 as the first five octets. To set the range of 256 addresses, the last octet of the MinimumMacAddress is set to 00 and the last octet of the MaximumMacAddress is set to FF. This sets the MAC address pool range from 00-15-5d-01-85-00 to 00-15-5d-01-85-FF.
The first time a virtual machine is powered on and it is configured for using a dynamic MAC address, it is assigned the next available value in the MAC address pool range. If the virtual machine had multiple active network adapters, then each adapter receives a MAC address from the pool. In addition, when internal virtual networks are created the virtual adapter created on the Hyper-V host uses a MAC address from the pool. By default, there can only be a total of 256 devices using MAC addresses from the dynamic pool. This means that you could have 256 virtual machines with a single network adapter, 128 virtual machines with two network adapters, 126 virtual machines with two network adapters and 4 internal networks defined, and any other combination that equals 256 devices. Once a dynamic MAC address has been assigned it is not changed.
As the MAC addresses are assigned, eventually the 256 MAC addresses in the pool are handed out to virtual machines. If a virtual machine is deleted, the MAC address becomes available for reuse. When the end of the 256 MAC addresses are handed out, the search for an available address starts back at the first address in the pool. If the address is actively being used, it will be skipped and the next available address is used. If the search for a MAC address goes through a complete cycle without finding an available address, an error will be given that there are no available MAC addresses.
Modifying the MAC address pool on a Hyper-V host
Having 256 active MAC addresses available on a single host will meet most deployment needs. If you think that you will be exceeding the MAC address limit, you can modify the registry values to extend the range. You can use an additional octet or part of an octet to increase the number of available addresses. To use a partial octet, modify the MinimumMacAddress and MaximumMacAddress values to use the last three hex digits for the address range.
MinimumMacAddress = 00-15-5d-01-80-00
MaximumMacAddress = 00-15-5d-01-8F-FF
Making this change will provide a pool of 4096 MAC addresses. You will want to do this before you create any virtual machines or create internal networks.
Deployment mistakes that cause duplicate MAC address pools
Since the MAC address pool is created when the Hyper-V role is installed, attempting to install the role and image the physical machine will cause each Hyper-V server deployed using the image to have the same MAC address pool. Even if you sysprep the machine before you image it, the registry values are not reset.
There are a couple of ways to get around this issue:
Do not install the Hyper-V role before you sysprep the machine, but have it install as part of the post mini-setup process.
Before you sysprep the machine, delete the following two key values under HKLM\Software\Microsoft\Windows NT\CurrentVersion\Virtualization
Using option one will force unique values for the MAC address pool as the Hyper-V role is installed. Using option two will force the keys to be recreated when the VMMS service starts during boot.
SCVMM 2008 and Global Static MAC address Pools
System Center Virtual Machine Manager 2008 takes a different approach when managing virtual machines and MAC addresses by using static MAC addresses from a defined pool. This pool is used across all hosts that it manages regardless of host type (Virtual Server 2005 R2 SP1, Hyper-V, or VMware). By default the pool is in the range of 00-1D-D8-B7-1C-00 to 00-1D-D8-F4-1F-FF for 3,998,719 available MAC addresses. You can define your own range if you like, but you must follow these rules:
The first three octets must be the same for the Minimum and Maximum addresses.
You cannot use octets that are already in use by Microsoft or VMware.
To modify the default range in System Center Virtual Machine Manager 2008, follow these steps:
- Open up the SCVMM Administration console.
- Click on the Administration view button.
- Click Networking.
- Click Global Static MAC address Range.
- In the actions pane, click Modify.
- Change the range values.
- Click OK.
Now all virtual machines deployed using the System Center Virtual Machine Manager 2008 administration console or using SCVMM PowerShell cmdlets will get a static MAC address from the global pool.
If you deploy a virtual machine using the Hyper-V Manager MMC on a host managed by SCVMM, the virtual machine will not use the SCVMM static MAC address pool, but will use the locally defined dynamic MAC address pool on the Hyper-V host.
Detecting MAC Address Collisions
MAC address collisions are strange beasts to detect. If you are deploying virtual machines from different hosts and you experience inconsistent behavior while pinging between machines, you might have duplicate MAC addresses in your virtual machines. Typically a MAC address collision will result in request timeouts during pings, destination host unreachable errors, and inconsistent results to log on or file share access. For example, you might be able to ping a few times with no issue, then immediately followed by timeouts.
To determine if you have duplicate MAC addresses, you can inspect values from the Hyper-V host, or from within the guests. To inspect from the Hyper-V host, view the virtual machine settings for both virtual machines, select the network adapter, and compare the MAC address that is shown in the UI.
To inspect from the guest OS, open a command prompt within the guest OS and run the ipconfig /all command. You can see the MAC address for the network adapter. Compare these values with the other virtual machines to determine if there is a duplicate MAC address.
Deploying Hyper-V hosts using an image approach requires that you either install the Hyper-V role after you have deployed the image to the physical machines, or to delete the MinimumMacAddress and MaximumMacAddress keys from the registry and restart the VMMS service to ensure that each host gets a unique MAC address range. Using SCVMM to manage the farm of hosts and provision new virtual machines eliminates the need to manage the MAC address range created by Hyper-V.