Of virtual machines and things…
Posted by BPuhl on March 16, 2008
We’ve got our fair share of smart people working at Microsoft. So when one of them calls you up in near desperation with a problem, you know it’s gotta be a good one. This happened to me the other day, a co-worker on the networking team, who’s been there for longer than I can remember, calls up asking for any ideas that could save corpnet from the evil virtual machines. Was there anything Active Directory could do.
Unfortunately for her, the answer was no, I didn’t really have any great ideas because there are hundreds of thousands of machines on our network which aren’t joined to a production domain anyway, so I couldn’t help. but I was really intrigued by the problem.
It seems that in several of the buildings, the number of virtual machines that are popping up – in some cases, on the order of hundreds – are sucking all of the DHCP scopes dry, and on machines which have wireless NIC’s, they are killing the wireless AP’s. Even better, is the same people who are setting up these massive VM farms (usually for testing purposes), are the people who are calling help desk and the network team complaining that wireless is down, or that they can’t get an IP.
To put this a bit into perspective, one of the buildings that she was describing, has already been allocated 2 /21 networks. So for approximately 400 people in the building, they have over 4,000 IP addresses – and are still running out.
The obvious answer is to explain the miracles of NAT’ing virtual machines, or using private networks, etc…. but for some reason it’s just not happening (I have to assume, that it’s the “other” half, not the “smart people” referenced above).
I hadn’t actually thought about it though, we usually take things like ping/power/pipe for granted as “just working”. And this is coming from the AD guy, who is usually at the other end, where everyone else assumes that authentication is “just working”. But I suppose it’s good to remember that if you’re not doing NAT’s for your VM’s, then you very likely could be causing a network admin somewhere to pull her hair out and scream expletives at you.