Each host-only network should be confined to the host system on which it is set up. Packets that virtual machines send on this network should not leak out to a physical network attached to the host system. Packet leakage can occur only if a machine actively forwards packets.

If you use dial-up networking support in a virtual machine and packet forwarding is enabled, host-only network traffic might leak out through the dial-up connection. To prevent the leakage, disable packet forwarding in the guest operating system.

If the host system has multiple network adapters, it might be intentionally configured to use IP forwarding. If that is the case, you do not want to disable forwarding. To avoid packet leakage, you must enable a packet filtering facility and specify that packets from the host-only network should not be sent outside the host system. See the operating system documentation for information on configuring packet filtering.