KB2970215 – Microcode Update For WS2012 and WS2012R2 Running On Intel CPUs

Microsoft released a hotfix that includes a microcode update for Intel processors to improve the reliability of Windows Server. It affects Windows Server 2012 R2, Windows Server 2012 and Windows Server 2008 R2 Service Pack 1 (SP1). The fix also solves a reliability problem for Hyper-V running on Ivy Bridge, Ivy Town, and Haswell processors.

A supported hotfix is available from Microsoft.

Note hotfix for Windows Server 2008 R2 SP1 will be available in September, 2014.

This update reminds me of a similar update that was released soon after the RTM of W2008 R2 to deal with issues in the Nehalem CPU. Without the fix, there were random BSODs. I got tired of telling people, so called expert consultants, to install the fix. Note this fix, test it if you want to deploy immediately, or wait one month and then install it. But make sure you install it – set something in your calendar NOW to remind yourself.

KB2989384 – Hyper-V Best Practice Analyzer (BPA) Does Not Close

Microsoft published a KB article to help you when the Hyper-V Best Practice Analyzer (BPA) does not exit or appears to hang/crash.

Symptoms

Hyper-V Best Practice Analyzer (BPA) does not exit under the following conditions:

  • A virtual machine already exists.
  • The virtual machine is connected to a vhd or vhdx as the hard disk drive. However, the vhd or vhdx file itself is renamed or deleted, and does not exist in reality.

Cause

The PowerShell script as seen here runs internally when running the Hyper-V BPA:

C:\Windows\System32\BestPractices\v1.0\Models\Microsoft\Windows\Hyper-V\Hyper-V.ps1

However, due to a defect in the script, the information retrieval process goes into a loop, and the BPA does not exit until timeout.

Workaround

You need to delete the non-existing vhd or vhdx from the virtual machine settings, and then rerun BPA for Hyper-V by following these steps:

  1. Start Hyper-V Manager.
  2. Select the virtual machine that is connected to a non-existing vhd or vhdx, then right-click and open Settings.
  3. From the virtual machine settings window, click on the non-existing hard drive, and then click Delete.
  4. Click OK to close the virtual machine setting window.
  5. Rerun BPA for Hyper-V from Server Manager.

The article claims to apply to Windows Server 2012 (WS2012).

KB2986895 – VMs Lose Network Connection on WS2012 or WS2012 R2 Hyper-V When Using Broadcom 1GbE NICs

If you’re affected by this issue then you should have read this post. Microsoft posted a KB article for when virtual machines lose network connectivity when you use Broadcom NetXtreme 1-gigabit network adapters on Windows Server 2012 Hyper-V or Windows Server 2012 R2 Hyper-V.

Symptoms

When you have Hyper-V running on Microsoft Windows Server 2012 or Windows Server 2012 R2 together with Broadcom NetXtreme 1-gigabit network adapters (but not NetXtreme II network adapters), you may notice one or more of the following symptoms:

  • Virtual machines may randomly lose network connectivity. The network adapter seems to be working in the virtual machine. However, you cannot ping or access network resources from the virtual machine. Restarting the virtual machine does not resolve the issue.
  • You cannot ping or connect to a virtual machine from a remote computer.

These symptoms may occur on some or all virtual machines on the server that is running Hyper-V. Restarting the server immediately resolves network connectivity to all the virtual machines.

Cause

This is a known issue with Broadcom NetXtreme 1-gigabit network adapters that use the b57nd60a.sys driver when VMQ is enabled on the network adapter. (By default, VMQ is enabled.)

The latest versions of the driver are 16.2 and 16.4, depending on which OEM version that you are using or whether you are using the Broadcom driver version. Broadcom designates these driver versions as 57xx-based chipsets. They include 5714, 5715, 5717, 5718, 5719, 5720, 5721, 5722, 5723, and 5780.

These drivers are also sold under different model numbers by some server OEMs. HP sells these drivers under model numbers NC1xx, NC3xx, and NC7xx.

Workaround

Broadcom is aware of this issue and will release a driver update to resolve the issue. In the meantime, you can work around the issue by disabling VMQ on each affected Broadcom network adapter by using the Set-NetAdapterVmq Windows PowerShell command. For example, if you have a dual-port network adapter, and if the ports are named NIC 1 and NIC 2 in Windows, you would disable VMQ on each adapter by using the following commands:

Set-NetAdapterVmq -Name “NIC 1” -Enabled $False
Set-NetAdapterVmq -Name “NIC 2” -Enabled $False

You can confirm that VMQ is disabled on the correct network adapters by using the Get-NetAdapterVmq Windows PowerShell command.

Note By default, VMQ is disabled on the Hyper-V virtual switch for virtual machines that are using 1-gigabit network adapters. VMQ is enabled on a Hyper-V virtual switch only when the system is using 10-gigabit or faster network adapters. This means that by disabling VMQ on the Broadcom network adapter, you are not losing network performance or any other benefits because this is the default. However, you have to work around the driver issue.

Get-NetAdapterVmqQueue shows the virtual machine queues (VMQs) that are allocated on network adapters. You will not see any virtual machine queues that are allocated to 1-gigabit network adapters by default.

Sigh. I hope Broadcom are quicker about releasing a fix than Emulex (customers are waiting 10 or 11 months now?).

Microsoft News Summary – 17 July 2014

This week’s Microsoft news has been dominated by the cryptic letter by Satya Nadella and the pending (and obviously required) layoffs after the completion Nokia acquisition. Let’s stick to the techie stuff:

SQL Server Now Requires SA For A Cold Replica

When you replicate a virtual machine from site A to site B then typically the replica VM in site B is powered down. Note that I haven’t specified a hypervisor or replication method, so this article applies to Hyper-V and vSphere, and not just to Hyper-V Replica.

In the past, if you ran SQL Server in a VM in a production site, you could replicate that VM to a secondary site. If the replica VM was powered down, i.e. cold, then you were granted a free license for that cold VM. This has changed with the release of SQL Server 2014, as covered by this post. Now you must have Software Assurance (SA) to cover the cold VM’s license for SQL Server.

This brings SQL Server in line with Windows Server’s SA offsite cold replica benefit.

There are restrictions on failover in the secondary site:

  • You can perform a brief test failover (lasting 1 week) once every 90 days.
  • The production system in the primary site must be powered off to legally perform a failover.
  • You can power up the secondary site VM for a “brief time” during the disaster while the production system is running in the primary site.

Microsoft News Summary – 3 July 2014

After a month of neglect, I have finally caught up with all of my feeds via various sources. Here are the latest bits of news, mixed up with other Microsoft happenings from the last month.

Microsoft News Summary-2 July 2014

It’s been a long times since I posted one of these! I’ve just trawled my feeds for interesting articles and came up with the following. I’ll be checking news and Twitter for more.

Microsoft News Summary-29 April 2014

There is a lot of reading material this morning.

KB2927313–Hyper- VM Won’t Start Because The Security ID Structure Is invalid (0x80070539)

Microsoft posted a new support article for when a virtual machine cannot start – The security ID structure is invalid (0x80070539). This affects Hyper-V on WS2012, WS2012 R2, Windows 8 and Windows 8.1.

Symptoms

Starting an imported virtual machine under Hyper-V sometimes fails with an error message that states “The security ID structure is invalid (0x80070539)”.

Cause

This issue is caused when a virtual machine is moved from one environment to another, and Hyper-V cannot remove an invalid security ID from the virtual machine configuration as part of the import operation.

Resolution

A user can reset the state of security IDs in the virtual machine configuration by adding a new, valid user ID. To do this, you will need to:

  1. Open an administrative PowerShell command window
  2. Run: Grant-VMConnectAccess -VMName "Name of VM that is not starting" -UserName "Domain and username of the current user"

The virtual machine should now be able to start successfully.

 

KB2937634 – Hyper-V Host Unable To Reconnect To WS2012 SOFS After Unplanned Failover

Microsoft has released (another) update overnight (what a week!!!) that deals with a Hyper-V scenario. This one is for when a Hyper-V host may be unable to reconnect to the Windows Server 2012 Cluster Scale-Out File Server (SOFS) share after an unplanned failover of one of the SOFS nodes.

Once again, this is niche. I’ve done many graceful and ungraceful shutdowns of SOFS nodes (both virtual and physical) over the past 18 or so months and not seen this issue.

Symptoms

Consider the following scenarios.
Scenario 1

  • You deploy file storage by using Failover Clustering Scale-Out File Server shares in Windows Server 2012.
  • An unexpected error causes the Cluster service process (clussvc.exe) to stop.

In this scenario, you may receive I/O errors instead of failing over to a working cluster node.
Scenario 2

  • You deploy Windows Server 2012 Hyper-V hosts that run virtual machines that are stored on Failover Clustering Scale-Out File Server shares in Windows Server 2012.
  • An unplanned failover causes the Scale-Out File Server to move to another node.

In this scenario, the Hyper-V host may be unable to reconnect to the share. This causes the virtual machines to become unresponsive and to enter a critical state.

A supported hotfix is available from Microsoft Support.