Using the Hyper-V DHCP Guard Feature

Learn what the Windows Server 2012 Hyper-V DHCP Guard feature does and how you should use it.

John Savill

January 29, 2013

1 Min Read
Using the Hyper-V DHCP Guard Feature

Q: What does the Windows Server 2012 Hyper-V DHCP Guard feature do, and how should I use it?

A: Windows Server 2012 Hyper-V allows a DHCP Guard option to be enabled on each network adapter of a virtual machine (VM) by using the Advanced Features of the network adapters, as the screen shot below shows.

What this option does is for the network adapters configured with the DHCP guard option, any DHCP reply packets from the VM will be dropped by the Hyper-V switch. This means if the VM is pretending to be a DHCP server when it shouldn't be, although the server still sees the DHCP request from clients and responds, those responses never get to the network.

Consider a multi-tenant environment--it's very important that one tenant shouldn't pretend it's a DHCP server and affect the others. The best practice is to enable this feature on all virtual machine (VM) network adapters and only disable the feature on the servers that are known DHCP servers.

To enable this feature on all VMs, you can use the following Windows PowerShell command--but remember to turn it off on your actual DHCP servers.

Get-VM | Set-VMNetworkAdapter -DhcpGuard On

 

About the Author

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like