Table of Contents:

• Introduction
• Supported Hyper-V versions
• Drivers incorporated into Gaia OS
• Network interfaces
• Non-supported features
• Related solutions

 

Introduction

Check Point Gaia OS can be deployed (ISO image) over Hyper-V infrastructure in Windows Server:

Software	Supported Versions
Security Gateway, ClusterXL	R77.30 R80.10 R80.20 R80.30 R80.40 R81 R81.10
Security Management Server, Multi-Domain Security Management Server	R77.10 R77.20 R77.30 R80.10 R80.20 R80.30 R80.40 R81 R81.10

Note: Refer to Check Point Hardware Compatibility List - go to tab "Virtual Machines".

Hyper-V provides software infrastructure and basic management tools to create and manage a virtualized server computing environment. Hyper-V in Windows Server 2012 R2 enables the creation of a virtualized server computing environment. You can use a virtualized computing environment to improve the efficiency of your computing resources by utilizing more of your hardware resources. This is possible because you use Hyper-V to create and manage virtual machines and their resources. Each virtual machine is a virtualized computer system that operates in an isolated execution environment. This allows you to run multiple operating systems simultaneously on one physical computer.

 

Supported Hyper-V versions

Version	Status
Windows 2019 Server	Supported (***)
Windows 2016 Server	Supported (**)
Windows 2012 Server R2	Supported (*)
Windows 2012 Server	Not supported
Windows 2008 Server R2	Not supported
Windows 2008 Server	Not supported

^(*) Refer to Check Point Hardware Compatibility List - go to tab "Virtual Machines".

^(**) R80.30 Management is supported only with Windows 2016 server.

(***) R80.40 and higher versions are supported on Windows 2019 server.

 

Drivers incorporated into Gaia OS

Driver Type	Driver Name	Description
Hyper-V vmbus driver	hv_vmbus	Provides the infrastructure for other Hyper-V drivers to communicate with the hypervisor
Utility driver	hv_utils	Provides Hyper-V integration services such as shutdown, time synchronization, heartbeat and Key-Value Pair Exchange
Network driver	hv_netvsc	Provides network performance improvements
Storage driver	hv_storvsc	Increases performance when accessing storage (IDE and SCSI) devices
Mouse driver	hid_hyperv	Improves user experience by allowing mouse focus changes for a virtualized guest
Clocksource driver		Provides a stable clock source running within the Hyper-V platform

Notes:

• In a rare scenario. Hyper-V Time Synchronization doesn't correct the system clock in the virtual machine.
• For more details, refer to https://docs.microsoft.com/en-us/troubleshoot/windows-server/virtualization/virtual-machine-time-not-synced.

Network interfaces

Hyper-V supports two types of network interfaces:

Interface Type	Notes
Synthetic network interface	Jumbo frames are supported VLAN tagging is supported VLAN trunking is supported from R80.40 Live Migration is supported Static IP Injection is not supported vRSS (Virtual Receive Side Scaling) is not supported TCP Segmentation and Checksum Offloads is supported
Emulated networks interfaces	VLAN trunking is not supported NOTE: It is recommended to use a synthetic network interface.

Notes:

• When setting up the machine, it is recommended to assign it with a static MAC address. This should ensure that the VM retains its MAC address in case it is moved to another host. You can configure the MAC address by editing the settings of the virtual machine in Hyper-V Manager.
• For more details, refer to Supported CentOS and Red Hat Enterprise Linux virtual machines on Hyper-V.

 

Non-supported features

For more details, refer to Supported CentOS and Red Hat Enterprise Linux virtual machines on Hyper-V - "RHEL/CentOS 5.x Series".

• Generation 2 virtual machines

• Hyper-V clocksource does not work on 64-bit kernel

  Refer to sk105862 - In a Hyper-V environment, the Virtual Machine's clock moves faster than the hardware time.

File system freeze/thaw

Some operating systems support the notion of freezing and thawing the file system (refer to http://rwmj.wordpress.com/2010/06/09/freezing-filesystems/)

• vRSS (Virtual Receive Side Scaling)

  Hyper-V can support the notion of multi-queue. This is done by a feature in Windows called RSS (Receive Side Scaling).
  Gaia Multi-Queue on on hv_netvsc interfaces are not supported. 

• coreXL - affinity
  hv_netvsc interfaces are automatically affined by hyper-v to all cores.
  This behavior cannot be controlled from the VM.
  there for you can't assign hv_netvsc interfaces to specific CPU cores

• SCSI
  SCSI disks are currently not supported (at least not for the main installation disk).
  Attempting to use SCSI disks may cause the image installation to fail in unexpected ways.

• Dynamic Disk
  Dynamic Disk should never be used in a production environment. Dynamic Disks is not suitable for for VM's with a long life span.
  • Prone to fragmentation issues that can potential causes the VM to become unresponsive.
  • Slower read rates
  • Performance decreases overtime
  • Unpredictable storage utilization patterns

• SR-IOV (Single Root I/O Virtualization)

  SR-IOV, designed to provide VMs more direct access to the physical host's hardware, is currently not certified for use on Hyper-V.

• lsvmbus command

• Hyper-V Sockets

• TRIM support

• Dynamic Memory - Hot-Add

• Runtime Memory Resize

• PCI Passthrough/DDA

• Boot using UEFI

• Secure boot

• Microsoft Converged Storage

• Live Migration
  
•  
• Related solutions

• sk105862 - In a Hyper-V environment, the Virtual Machine's clock moves faster than the hardware time

• sk110349 - Output of "date" command shows wrong date and time on R77.30 Gaia OS deployed over Hyper-V infrastructure in Windows Server

• sk105278 - Endpoint Security Client support for Microsoft Hyper-V VDI

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.