• Article

Tip: Configure MAC Address Spoofing for Virtual Network Adapters

Follow Our Daily Tips

Twitter | Blog | RSS | Facebook

In Windows Server 2008 R2 Hyper-V and Hyper-V Server 2008 R2, there is a new option (Enable Spoofing Of MAC Addresses) in the virtual network adapter settings to enable, as you can probably guess, spoofing of MAC addresses.

If you do not select this option and disallow MAC address spoofing, the following rules are enforced:

  • The virtual switch port that connects the virtual network adapter sends and receives packets that contain any valid MAC address.
  • The virtual network adapter MAC address cannot be moved or associated with another virtual switch port.
  • The virtual switch port does not forward unicast flooded packets (packets that are forwarded to all switch ports if the destination MAC address is not found in the switch forwarding table) to the virtual network adapter.
  • You cannot override the virtual network adapter MAC address configuration using the NetworkAddress key in the virtual machine registry.

Note that the configuration of a virtual network adapter, including the NetworkAddress key that contains the MAC address value, is found under HKEY_LOCAL_MAChINE\System\CurrentControlSet\Control\Class\{ 4D36e972-e325-11Ce-BFC1-08002Be10318} key. Each of the four-digit numbers (0000, 0001, and so on) in the subkey tree represents a particular network adapter that you can easily identify through its DriverDesc value.

If you select the option to enable MAC address spoofing, the MAC address can be learned on other ports, and the following actions will be allowed:

  • The virtual switch port that connects the virtual network adapter can send and receive packets that contain any MAC address.
  • The virtual switch port dynamically learns of new MAC addresses and the virtual switch can add them in its forwarding table.
  • The virtual switch port will receive and forward unicast flooded packets to the virtual network adapter.
  • You can override the virtual network adapter MAC address configuration using the NetworkAddress key in the virtual machine registry.

If you place the virtual network adapter in promiscuous mode and enable MAC address spoofing, the virtual network adapter will be allowed to receive unicast flooded packets. –Keith Mange, Software Design engineer

From the Microsoft Press book Windows Server 2008 Hyper-V Resource Kit by Robert Larson and Janique Carbone with the Windows Virtualization Team at Microsoft.

Looking for More Tips?

For more tips on using Microsoft products and technologies, visit the TechNet Magazine Tips library.