Cloud Server HostingDedicated Server Hostingvps hosting

Hyper-V: Protection against malicious DHCP with DHCP Guard


Note: this option is available on Windows Server 2012

The service DHCP is ever present in networks of companies to distribute a network configuration to clients’ computers and even servers. Generally, multiple servers are present in order to make sure the availability and stability of the service. These servers manage a lot of things along with synchronization and avoid duplication.

Now just imagine that unknown DHCP server just connects to your network for malicious activity, without knowing its presence you may distribute the bad IP configuration and that will greatly disrupts your network. Especially, the operation of the DHCP protocol, a client negotiates with the first DHCP server that therefore address him simply responds as malicious DHCP server before yours and before you know it.

Moreover, one can imagine a non-production environment as a test virtual machine running a DHCP server, if it’s found accidentally connected to the network, disruption will also take place.

For this, Hyper-V provides a feature called as DHCP Guard or DHCP Protection, which when activates on the virtual machines, prevents you from sending frames type DHCP offer and therefore makes a suggestion for IP configuration to a potential customer.

So, how to enable cookies? How to enable it by default? How can you quickly configure multiple virtual machines? Today, we will try to find these questions answer.

Enabling this option

The option can be set on each virtual machine step by step and case by case basis, see how:

Note: Do not enable this option on a virtual machine which is a legitimate DHCP server, otherwise it will not deal with customer demand.

Start by opening the Hyper-V and select one of your virtual machines that do not have to send DHCP offer type frames, i.e. machine which does not act as a DHCP server on your network.

  1. Right click on your VM in the inventory and click on the settings.
  2. On the left side, click on + sign at Network Adapter and select Advanced Features option, then the right side displays the advanced available options, there is a section called as DHCP Guard. Click on check box to enable DHCP protection and apply the settings. The configuration of that VM is complete.

It remains only to repeat the process on the other VMs on which you want to enable this protection.

Note: To activate the default DHCP Guard, you must specify this parameter in a template when you use System Center Virtual Machine Manager.

Activation on multiple machines

With the GUI, it can become quickly look long and tedious to perform the configuration on each of your VMs. To counter this, you can go through PowerShell. Start by opening a PowerShell console and load the Hyper-V module:

Import-Module Hyper-V

Then start listing all the VMs listed in the inventory of your Hyper-V server, adding a column that lets you know the status of DHCP Guard setting.

get-vmnetworkadapter * | select vmname, dhcpguard vmname

To enable the DHCP Guard on all the VMs:

set-vmnetworkadapter * -dhcpguard on

To disable it on all the machines

set-vmnetworkadapter * -dhcpguard off

If just want to make these changes on one or two VMs, then replace the sign * with the name of specific VMs; in case there are several names to be specified, then you can use commas.

Incoming searches related to hyper-v dhcp guard

  1. hyper v dhcp server
  2. hyper v active directory
  3. hyper v static ip
  4. hyper v vlan
  5. vmware dhcp
  6. virtual pc dhcp
  7. server 2008 dhcp