Each host-only network should be confined to the host system on which it is set up. Packets that virtual machines send on this network should not leak out to a physical network attached to the host system. Packet leakage can occur only if a machine actively forwards packets.

If you use dial-up networking support in a virtual machine and packet forwarding is turned on, host-only network traffic might leak out through the dial-up connection. To prevent the leakage, turn off packet forwarding in the guest operating system.

If the host system has multiple network adapters, it might be intentionally configured to use IP forwarding. If that is the case, you do not want to turn off forwarding. To avoid packet leakage, you must turn on a packet filtering facility and specify that packets from the host-only network should not be sent outside the host system. See the operating system documentation for information on configuring packet filtering.