I have the following setup:
- Hyper-V host with 2 network cards (Windows 2012 core)
- One network card is for management only, with private IP address accessible locally. Called "Management".
- The other is configured with "Allow management operating system to share this network adapter" not checked. Called "Public".
- All virtual machines that I am creating have only one network card in the Public network.
Provisioning of VMs and limitations:
- Virtual machines are provisioned from syspreped images.
- Unattend.xml contains everything I need and that is: network configuration, expanding the root partition, password, enabling remote desktop and so on.
- After a VM is powered on it will be managed by some one else. Meaning that I will not have access to that VM.
No my question is: The one administrating the VMs can configure any IP address inside the guest. Is there a way to bind a specific IP address to a VM? Filtering on the host maybe?
For instance in linux with bridges this can be done with:
ebtables -A FORWARD -i ${DEVICE} -s ! ${MACADDR} -j DROP
ebtables -A FORWARD -s ${MACADDR} -p IPv4 --ip-src ! ${IPADDR} -j DROP
On Hyper-V I found: http://msdn.microsoft.com/en-us/library/windows/hardware/hh598161(v=vs.85).aspx But I can't figure it out, how it works and if it can be used for what I need.