Friday, March 5, 2010

How to configure MAC Address Spoofing for Virtual Network Adapters

In order to enable the Spoofing Of MAC Address in the virtual network adapter settings, there is a new option available in Windows Server 2008 R2 Hyper-V and Hyper-V Server 2008 R2. Consider, if you’re not interested to select the option and disallow MAC Address Spoofing, the following rules will be enforced.

• The Virtual Switch Port that is able to connect the Virtual Network Adapter can send and receive the packets that have any valid MAC address.
• MAC address of the Virtual Network Adapter can’t be moved or associated with another Virtual Switch Port.
• The Virtual Switch Port wont forward unicast flooded packets to the Virtual Network Adapter.
• Moreover, it is not possible to override the Virtual Network Adapter MAC Address configuration by using the Network Address Key in the Virtual Machine Registry.



You can find the MAC Address Value that contains the Configuration of a Virtual Network Adapter including the Network Address Key from the following key HKEY_LOCAL_MAChINE\System\CurrentControlSet\Control\Class\{ 4D36e972-e325-11Ce-BFC1-08002Be10318}. Here, each of the four-digits numbers 0000, 0001and so on are the subkeys and the tree represents a particular network adapter that you can easily identify through its DriveDesc value.
You can learn the MAC Address on other ports by selecting the option in to enable MAC Address Spoofing.

• The Virtual Switch Port that is able to connect the Virtual Network Adapter can send and receive the packets that have any valid MAC address.
• This Virtual Switch Port dynamically learns the new MAC Addresses and the Virtual Switch is able to add them in its forwarding table.
• Then, the Virtual Switch port will be able to receive and forward unicast flooded packets to the Virtual Network Adapter.
• You can override the virtual network adapter MAC address configuration using the NetworkAddress key in the virtual machine registry.
• Now, you can override the Virtual Network Adapter MAC Address configuring by using the Network Address Key in the Virtual Machine Registry.

Therefore, the Virtual Network Adapter will be permitted to receive the Unicast Flooded packets, if you place the Virtual Network Adapter in promiscuous mode and enable MAC address spoofing.


Taken