July 31, 2019

What Is Hyper-V Nested Virtualization?

By Tobias Geisler Mesevage
Recovery & DRaaSDatto SIRIS

In the world of supported nested virtualization, there is VMware, and there is Hyper-V nested virtualization. Both provide excellent functionality in nested solutions, but Hyper-V provides greater flexibility and less overhead through its use of containers. Containers offer a new take on VMs and allow easy development and deployment of applications.

Nested virtualization refers to running a hypervisor “within” another hypervisor in a virtual instance. In other words, one hypervisor is effectively nested within another hypervisor. A hypervisor is a host of virtual machines that can hold as many virtual machines as resources are available. The hypervisor holds the data for the VMs in a data store.

Examples of Hypervisors:

  • VMWare; VSphere; ESXi
  • Microsoft Hyper-V
  • Citrix Hypervisor (XenServer)
  • Oracle VirtualBox
  • KVM

The “host” Hyper-V runs on the physical hardware, while the VM running on that Hyper-V is called the “outer guest.”

Why Hyper-V Nested Virtualization?

While VMware has been around longer than Hyper-V, Microsoft changed the game with the release of Hyper-V – essentially opening the world of nested virtualization capabilities using containers.

With nested virtualization, you can deploy VMs within VMs, and build labs containing virtualized infrastructures within a single computer.

TechTarget’s Brien Posy noted three potential uses for nested virtualization in the real world:

  • Use nested virtualization to create development or test instances. Rather than buy a dedicated physical server, provision a server with a hypervisor and build VMs as needed
  • Use nested virtualization for training/teaching new members about Hyper-V
  • Use nested virtualization as an alternative to a private cloud. Building a private cloud can be challenging and costly

Running a Hyper-V within a VM allows you to further optimize virtual environments, providing the following benefits:

  • Cost savings: Use more tools and run more workloads without the need for additional hardware
  • Gain flexibility: You can use different hypervisors on the same server
  • Work with older version software: Run software that requires an older version of Windows or non-Windows operating systems
  • Test configurations: Create and remove different operating systems to see what works best for your client’s organization
  • Supports containers: Combine the flexibility of containers with the security of VMs. Containers equal less overhead and more flexibility to develop and deploy applications

Operating Hyper-V Nested Virtualization

As noted above, Microsoft introduced support for nested virtualization with Hyper-V in Windows Server 2016. Currently, Hyper-V is available on 64-bit versions of Windows 10 Pro, Enterprise, and Education. It is not available on the Home edition.

According to Microsoft, for nested virtualization to work in Hyper-V, you must have:

  1. The Hyper-V host must be at least the Anniversary Edition version of Windows 10;
  2. Windows Server 2016, Hyper-V Server 2016;
  3. or Windows Server Semi-Annual Channel
  4. The Hyper-V host must be using Intel CPUs
  5. A virtual machine must be off to have its processor extensions changed

In its simplest form, the following command will enable you to run a Hyper-V nested virtualization:


Set-VMProcessor <VMName> -ExposeVirtualizationExtensions $true

The biggest challenge of nested virtualization is the network. Using nested networks means having to be aware of IP address conflicts and how to bridge to the outside world. When using nested networking, you must be mindful of potential complexities for communication between NAT (Network Address Translation) and internal L2 guests to the external networks and the internet. However, the challenge is far outweighed by the many uses of a Hyper-V nested virtualization.

Suggested Next Reads

What is a Zero-Day Vulnerability?

A zero-day vulnerability is a software flaw that is unknown to the vendor and subject to exploitation. Learn how to identify them and prevent zero-day attacks.