on packets it sends to another MAC address. This would be necessary when using
network load balancing, for example, within virtual machines.
Enable DHCP Guard Network adapters configured with the DHCP Guard option
will have any DHCP reply packets from the VM dropped by the Hyper-V switch.
This means that if the VM is pretending to be a DHCP server when it shouldn’t be,
although the server still sees the DHCP request from clients and responds, those
responses never get to the network. Consider a multitenant environment. It’s
important that one tenant not pretend that it’s a DHCP server and affect the
others. The best practice is to enable this feature on all virtual machine network
adapters and disable it only on the virtual machines that are known DHCP servers.
Enable Router Advertisement Guard Very similar to DHCP Guard, but this
will block router advertisements and redirection messages. Again, enable this by
default unless a VM is acting as a router.
Protected Network This feature specifies that if the network to which the virtual
machine is connected becomes disconnected, then Failover Clustering will move
the virtual machine to another node in the cluster.
Port Mirroring There are three settings; None, Destination, and Source. This
allows network traffic from a vmNIC set as Source to be sent to vmNICs on other
virtual machines that are set as Destination. Essentially, this allows network traffic
from one virtual machine to be sent to another for analysis/monitoring.
NIC Teaming This allows the network adapter to be used within a NIC team
defined inside the virtual machine.
Device Naming Enables the name of the network adapter to be propagated into
the guest OS. This is useful when a VM has multiple network adapters that are
connected to different switches or have different configurations, and you want to
be able to identify each NIC from within the guest, which normally has a generic
name.All of these options can be set with the Set-VMNetworkAdapter PowerShell cmdlet in
addition to being set through Hyper-V Manager.
A common question arises when the network adapters inside the virtual machine are
inspected, which shows an actual speed for the virtual network adapter. Prior to
Windows Server 2016, this was always 10Gbps for the network adapter (synthetic) and
100Mbps for the legacy network adapter. People got confused. They would say, “But
my physical network card is only 1Gbps; how can it be 20Gbps?” The fact is that this
number was meaningless. Some number has to be displayed, so Hyper-V tells the
virtual machine a certain number. In Windows Server 2016, the synthetic NIC now
shows the actual speed of the NICs available to the switch. For example, in my
deployment with two 10Gbps NICs in SET, the VM shows its NIC at 20Gbps, as shown
in Figure 3.48.