How does Network Isolation in VS Lab Management work?

MTMIconThe other day I had a client ask me to describe how Network Isolation is accomplished in Visual Studio 2010 Lab Management.  Of course I had never looked that deep, so I quickly responded (in my best Consultant voice) “Why, it’s magic!”

That wasn’t a satisfactory answer for my client so I did some digging and found some emails that I have along with an article on MSDN that describes what’s happening.

Lab Manager adds a second NIC to each of the VMs in your lab and also creates a Private virtual network.  It attaches the new NIC on each machine to the Private network.  The other NIC is attached to the external network.

On the Private NIC, the MAC address, machine name and IP address are held constant.  This gives us a safe and static means of communicating between our test machines, say our Web server and our DB server.  Since these are static, we can use the same .config file for any deployed lab deployed from the network isolated environment.

The external NIC is given a unique IP address, MAC address and alias (like Lab_[GUID].myCompany.com).  Lab Manager also disables NetBIOS and DNS registration on the external NIC. The external NIC’s unique alias is explicitly registered in DNS by Lab Manager.  This configuration along with the unique alias, MAC and IP address prevents conflicts between multiple environments deployed from this template while allowing all of the machines to be managed by the Test Controller.

In a nutshell, when the machines in the environment need to communicate among themselves, the traffic is routed over the Private NIC.  When they need to communicate with the “real world” or the Test Controller, they use the external NIC.  Since all of the naming on the inside is well-known, everything is consistent, even if we have more than one copy of the environment running at the same time.

Here’s a snapshot from the MSDN article (linked above) showing how it hooks together.

image