Configure weak host model commands

Common configuration for network hosts is to be multihomed with multiple network interfaces. A multihomed host provides enhanced connectivity because it can be simultaneously connected to multiple networks, such as an intranet or the Internet. However, since they can be connected to both an intranet and the Internet, services running on multihomed hosts can be vulnerable to attack.

In the weak host model, an IP host (IPv4) can send packets on an interface that is not assigned the source IP address of the packet being sent. This is known as weak host send behavior. An IP host can also receive packets on an interface that is not assigned the destination IP address of the packet being received. This is known as weak host receive behavior.

In order for Dynamic Source Routing (DSR) to work, the weak host model must be enabled on the server’s loopback interface, as well as the interface from which requests are received from.

To configure a multihomed server so the network interfaces can send or receive packets for addresses that they are not assigned, run the following commands from an Administrator command console. Replace the interface name in quotes with the names of your server interfaces.

For the VLAN interface:

netsh interface ipv4 set interface "Ethernet 2" weakhostreceive=enabled

For the Loopback interface:

netsh interface ipv4 set interface "Etherrnet 3" weakhostreceive=enabled

netsh interface ipv4 set interface "Ethernet 3" weakhostsend=enabled

For detailed description of weak host models refer to the following Microsoft article: https://technet.microsoft.com/en-us/library/ad9db381-1e1b-4077-be1c-bcefb11f1ea8