Recently I have been asked a lot about networking under Hyper-V so I thought a quick explanation might help.
There are 3 type of virtual networks under Hyper-V, External, Internal and Private.
External: This connection allows connectivity between the host, VM and external network through the physical NIC it has been assigned to. When an External network connection is created the physical NIC is converted into a virtual switch, this allows multiple VMs to access the same NIC and send and receive traffic to each other and out onto the physical network. If the “allow management operating system to share this network adaptor” is selected then a new network connection is created on the host allowing the host to use the virtual switch aswell.
Internal: An internal virtual network allows connectivity between the Host and VMs only. It is not bound to a physical adaptor and is usually used to pass files between the Host and the VMs
Private: Private virtual networks allow connectivity between VMs only. There is no access to the external network or host.
It is good for security to not allow any connectivity between the Host machine and either VMs or external networks (especially the internet). If the host is isolated in this way it hugely reduces the risk from viruses, malware, updates etc. The Microsoft recomended way is to have a isolated management domain which contains only Host machines and a management workstation. If you only have a single or small number of Hosts then leaving them in their own workgroup isolated from any other network. this achives the same aim. It is not reccomended to join the Host to any other than a management domain. Apart from the security access there can be problems if the host is running a DC as a VM. If there is any sort of issue with the DC then there is a good possibility that you will not be able to login to the Host to sort things out!