Hyper-V Nested Virtualization

Hyper-V: Nested Virtualization on Windows Server 2016

Nested virtualization allows you to run Hyper-V inside a virtual machine and create several more virtual machines in this nested Hyper-V server. Most often, nested virtualization is used in test environments.

Microsoft Hyper-V supports nested virtualization starting from Windows Server 2016. If you try to install the Hyper-V role inside the VM on the guest Hyper-V with Windows Server 2012 R2 (or older), you will get the install error:

Hyper-V can not be installed: The hypervisor is already running.

windows nested virtualization

This error is related to the fact that the Hyper- host V specifically masked the Intel VT-x and AMD-V Virtualization Extensions from the guest OS. In Windows Server 2016, the Hyper-V architecture has been redesigned. CPU requirements have also changed. Now, for nested virtualization to work, in addition to supporting Intel VT-x, the processor must support Intel EPT (provides virtual machines memory direct access, bypassing the hypervisor).

Other limitations when using nested virtualization:

  1. Host and guest Hyper-V must use Windows Server 2016/2019 or Windows 10;
  2. Hyper-V VM hardware version >=8.0;
  3. For nested virtual machines the following features are nor supported; dynamic memory, dynamic migration, VM checkpoints, and Save/Restore options.

How to Enable and Use Nested Virtualization in Windows Server 2016?

First of all, you need to update the version of the Hyper-V VM configuration (vm hardware) for which you want to enable nested virtualization to 8.0 or higher (the virtual machine must be turned off). To do this, run the Hyper-V Manager console, find the VM, right-click it and select Upgrade Configuration Version.

windows server 2016 nested virtualization

You can also upgrade the HW version of the virtual machine through PowerShell:

Update-VMVersion -Name ‘WinSrv2016Nested’

server 2016 nested virtualization

You can update all VMs on the host at once:

Get-VM | Update-VMVersion

Now you need to enable nested virtualization support for the selected virtual machine. By default, the hypervisor masks virtualization CPU instruction that are sent to the guest. To change this behavior, use the command:

Set-VMProcessor -VMName VMName -ExposeVirtualizationExtensions $true

Because dynamic memory is not supported for nested Hyper-V, you must disable this option in the VM settings (VM > Settings > Memory > uncheck Enable Dynamic Memory).

nested virtualization windows server 2016

Or you can disable dynamic memory through PowerShell:

Set-VMMemory "'WinSrv2016Nested' -DynamicMemoryEnabled $false

If you plan to provide access for nested virtual machines on an external network, the host Hyper-V can see several MAC addresses on a single network adapter of the virtual machine. Therefore, you need to enable MAC address spoofing for the VM network adapter.

Open the VM properties in the Hyper-V manager console, find the VM network adapter and in the Advanced features section enable the Enable MAC address spoofing option.

windows server 2016 enable nested virtualization

You can also enable this option via PowerShell:

Get-VMNetworkAdapter -VMName 'WinSrv2016Nested' | Set-VMNetworkAdapter -MacAddressSpoofing On

To quickly check VMs and enable nested virtualization memory, you can use a ready-made PowerShell script Enable-NestedVm.ps1. You can run it as follows:

Invoke-WebRequest https://raw.githubusercontent.com/Microsoft/Virtualization-Documentation/master/hyperv-tools/Nested/Enable-NestedVm.ps1 -OutFile ~/Enable-NestedVm.ps1 ~/Enable-NestedVm.ps1 -VmName 'WinSrv2016Nested'

Now you just have to install the Hyper-V role in the virtual machine (Install-WindowsFeature -Name Hyper-V -IncludeManagementTools -Restart) and you can create nested virtual machines.

You may also like:

Deploy Windows 10 with MDT 2013 and WDS In this article we will show you how to install and configure WDS role, MDT 2013 and Windows ADK on Windows Server 2012 R2 and use it to network PXE (...
Using IIS Manager for Remote Administration Managing multiple IIS servers over RDP can be quite inconvenient, especially if you need to administer dozens of such servers. It is much more conveni...
Installing WebDAV client on Windows Server 2016 WebDAV (Web Distributed Authoring and Versioning) is an extension of the HTTP/1.1 protocol. The WebDAV protocol allows to access files on the remote s...
Print Job Stuck in Queue on Windows Server 2016/20... Print servers running Windows Server can have a large number of network printers connected. With a large number of devices, the Windows print queue ma...
How to Configure Radius Server on Windows Server 2... RADIUS (Remote Authentication in Dial-In User Service) is a network protocol for the implementation of authentication, authorization and collection of...

Add Your Comment