Thursday, January 22, 2026

Simplifying Networking in Azure Local: A Deep Dive into Network ATC

    In the world of hybrid cloud infrastructure, managing networks in clustered environments like Azure Local can be a daunting task. Enter Network ATC—a powerful tool that's revolutionizing how administrators deploy and maintain host networking. Whether you're dealing with Azure Local or its Azure Local variant, Network ATC brings intent-based automation to the forefront, ensuring consistency, reducing errors, and enforcing best practices. In this blog post, we'll explore what Network ATC is, its core features, benefits, deployment steps, and some practical tips to get you started.

What is Network ATC?

Network ATC stands for a streamlined approach to networking configuration in Azure Local and Azure Local clusters. It's not just an acronym—it's a full-fledged tool that automates the deployment and operation of host networks using "intents." These intents define how physical network adapters should be used, specifying types like management, compute, storage, or even stretch for distributed setups.

At its core, Network ATC shifts from manual, error-prone configurations to an intent-based model. You declare your networking goals (e.g., "Use these adapters for storage traffic with specific VLANs"), and the system handles the rest: creating virtual switches, assigning IPs, setting VLANs, and more. This ensures symmetry across all cluster nodes, where adapters are configured identically based on make, model, and speed. It's mandatory in Azure Local 23H2 and later, and it's deeply integrated with tools like Windows Admin Center and PowerShell for ease of use.

In Azure Local contexts, Network ATC extends this to scenarios like stretched Storage Spaces Direct (S2D) clusters, where it handles storage replica networks without RDMA support, though you'll need to manually assign IPs in those cases.

Key Features of Network ATC

Network ATC packs a punch with features designed to make your life easier:

  • Intent-Based Configuration: Define intents with a name, adapters, and types (Management, Compute, Storage, Stretch). Adapters can only belong to one intent, but you can have multiple intents per cluster. For example, a single intent might group management and compute traffic on shared adapters via an Embedded Switch Team (SET).
  • Overrides for Customization: Not everything fits the defaults. Use overrides for adapters (e.g., RDMA, MTU like JumboPacket=9014), storage (e.g., disable auto IP generation), QoS, cluster settings, and proxies. This allows fine-tuning without breaking the automation.
  • Automation and Validation: It automatically configures Data Center Bridging, virtual adapters, VLANs, and even cluster network naming (e.g., "storage_compute_VLAN711"). Plus, it regularly validates setups and remediates drifts—like reverting unauthorized MTU changes.
  • Live Migration Optimization: Manages settings for maximum migrations, networks, and SMBDirect (RDMA) bandwidth, with overrides available.
  • Proxy and Stretch Support: Ensures consistent proxy configs across nodes and supports stretched S2D without assigning IPs automatically.
  • Networking Patterns: Choose from predefined patterns like grouping all traffic, management/compute together, or compute/storage, to guide your intents.

Starting from Azure Local 22H2, it even auto-detects cluster scopes and verifies adapter symmetry.

Benefits: Why Bother with Network ATC?

Adopting Network ATC isn't just about following trends—it's about real-world gains:

  • Reduced Complexity and Time: Say goodbye to manual setups that take hours. Intents automate everything, cutting deployment time dramatically.
  • Error Reduction and Consistency: Enforces Microsoft-validated best practices, ensuring no configuration drift. All nodes stay in sync, preventing mismatches that could cause outages.
  • Built-in Remediation: If someone tweaks an MTU outside the intent, Network ATC spots it and fixes it automatically.
  • Scalability for Hybrid Setups: Perfect for Azure Local's hybrid nature, with seamless integration for cloud deployments that auto-create intents based on patterns.

Compared to pre-Network ATC methods, which were manual and prone to inconsistencies, this is a game-changer—especially in versions 21H2 onward, maturing through 22H2 and becoming essential in 23H2+.

How to Deploy Network ATC: A Step-by-Step Guide

Ready to implement? Here's a practical guide based on proven steps.

Prerequisites

  • Run on Windows Server Datacenter with Failover Clustering enabled.
  • Install features on all nodes:
    text
    Install-WindowsFeature -Name NetworkATC, NetworkHUD, Hyper-V, 'Failover-Clustering', 'Data-Center-Bridging' -IncludeManagementTools
  • Ensure adapters are in the same PCI slots across nodes for consistency.

Creating Intents

Use PowerShell to add intents. For a management/compute setup:

text
$adapteroverrides = New-NetIntentAdapterPropertyOverrides
$adapteroverrides.NetworkDirect = $false
$adapteroverrides.JumboPacket = "9014"
Add-NetIntent -Name Management_Compute -Management -Compute -AdapterName pMGMT01, pMGMT02 -ManagementVlan 31 -AdapterPropertyOverrides $adapteroverrides

For storage:

text
$storageoverrides = New-NetIntentStorageOverrides
$storageoverrides.EnableAutomaticIPGeneration = $false
$adapteroverridesstorage = New-NetIntentAdapterPropertyOverrides
$adapteroverridesstorage.JumboPacket = "9014"
Add-NetIntent -Name Storage -Storage -AdapterName pSMB01, pSMB02 -StorageVlans 711,712 -StorageOverrides $storageoverrides -AdapterPropertyOverrides $adapteroverridesstorage

Monitoring and Validation

Check status:

text
Get-NetIntentStatus | sort host | ft Intentname,host,ConfigurationStatus,ProvisioningStatus

For SDN clusters, remove existing VMSwitches first:

text
Get-VMSwitch -Name | Remove-VMSwitch -force
``` But note challenges with running VMs.

## Best Practices and Troubleshooting

- **Consistency is Key**: Always match adapter placements and test in labs.
- **SDN Integration**: Wait for Arc-enabled SDN GA if using SDN.
- **Limitations to Watch**: No RDMA for stretch intents; manual IPs for stretched S2D; can't change SR-IOV post-switch creation.
- **Troubleshooting**: If a VMSwitch is deleted, Network ATC should recreate it, but monitor management IPs—they might fallback temporarily.

## Conclusion

Network ATC is a must-have for anyone managing Azure Local or Azure Local clusters. By automating configurations and enforcing standards, it frees you from networking headaches, letting you focus on what matters. If you're on 23H2 or later, it's not optional—it's essential. Dive in with the steps above, and you'll see the difference in no time. Happy networking!
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Microsoft's Sovereign Cloud Gets a Major Upgrade: AI, Productivity, and Governance in Fully Disconnected Mode

     Hey everyone, diving into the latest from the tech world. Microsoft just dropped some exciting updates to their Sovereign Cloud offerin...