Azure-VirtualMachines-Accelerated-Networking-Enabled

Owned by naveen
Last updated: Mar 15, 2022
2 min read

Severity : Medium

Description: This control ensures that accelerated networking is enable for Azure virtual machines. Accelerated Networking enables single root I/O virtualization (SR-IOV) to a VM, greatly improving its networking performance. The Accelerated Networking benefits the site recovery for Azure virtual machines that are failed over to a different Azure region.

Remediation Steps:

Perform following to enable accelerated networking for virtual machines :

Enable accelerated networking on existing VMs using Azure PowerShell

  1. Stop or deallocate the VM or, if an availability set, all the VMs in the set

    1. Stop-AzVM -ResourceGroup <resource group> -Name <vm name>

  2. Enable accelerated networking on the NIC of VM

    1. $nic = Get-AzNetworkInterface -ResourceGroupName <resource group> -Name <NIC Name>

    2. $nic.EnableAcceleratedNetworking = $true

    3. $nic | Set-AzNetworkInterface

  3. Restart VM or, if in an availability set, all the VMs in the set

    1. Start-AzVM -ResourceGroup <resource group> -Name <vm name>

Enable accelerated networking on existing VMs scale set using Azure PowerShell

  1. Stop or deallocate the VM or, if an availability set, all the VMs in the set

    1. Stop-AzVMss -ResourceGroup <resource group> -VMScaleSetName <scale set name>

  2. Enable accelerated networking on the NIC of VM

    1. $vmss = Get-AzVmss -ResourceGroupName <resource group> -VMScaleSetName <scale set name>

    2. $vmss.VirtualMachineProfile.NetworkProfile.NetworkInterfaceConfigurations[0].EnableAcceleratedNetworking = $true

    3. Update-AzVMss -ResourceGroup <resource group> `-VMScaleSetName <scale set name>` -VirtualMachineScaleSet $vmss

  3. Set the applied updates to automatic so that the changes are immediately applied

    1. vmss.UpgradePolicy.Mode = "Automatic"

    2. Update-AzVMss -ResourceGroup <resource group> `-VMScaleSetName <scale set name>` -VirtualMachineScaleSet $vmss

  4. Restart the scale set

    1. Start-AzVMss -ResourceGroup <resource group> -VMScaleSetName <scale set name>

Enable accelerated networking When creating VMs

  1. Login to Azure Portal using https://portal.azure.com.

  2. Navigate to Virtual machines.

  3. Click +Create. Then select +Virtual machine.

  4. On the VM tab, Select Networking.

  5. Under Network information, next to Accelerated networking label, select Enable.

Important:

  • To enable accelerated networking, the virtual machines must be of supported size.

  • The VM must be a supported Azure Gallery image (and kernel version for Linux)

  • All VMs in an availability set or a virtual machine scale set must be stopped or deallocated before you enable accelerated networking on any NIC.

Reference:

Blue Hexagon Proprietary