Date: Fri, 06 Feb 2009 16:51:13 +0200 From: Nikos Vassiliadis <nvass@freemail.gr> To: =?UTF-8?B?RnLDqWTDqXJpYyBQZXJyaW4=?= <frederic.perrin@resel.fr> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Multiple MAC on a single (physical) interface Message-ID: <498C4E61.7060501@freemail.gr> In-Reply-To: <86ocxfeoqn.fsf@chameau.maisel.enst-bretagne.fr> References: <863aeunkj0.fsf@chameau.maisel.enst-bretagne.fr> <498AABCC.4090809@gmx.com> <86ocxfeoqn.fsf@chameau.maisel.enst-bretagne.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
Frédéric Perrin wrote: > Le Jeudi 5 à 10:05, Nikos Vassiliadis a écrit : >> Frédéric Perrin wrote: >>> I need to be able >>> to send and receive using several MAC addresses, as if I had several >>> NIC (which I of course don't have). >>> >>> [...] >>> >> Yes, you could use a netgraph bridge to bridge several >> ethernet interfaces together. Luckily, there is also a >> pseudo-ethernet-like interface you can attach to this >> bridge and of course you get to treat the pseudo-ethernet >> as a regular ethernet interface, that is, change its >> MAC address. >> >> The process is described here: >> http://www.bsdatwork.com/2004/06/19/mac_spoofing_on_freebsd/ > > Oh, yes, I actually remember trying that. However, on the first ngctl(8) > invocation I do (even a 'ngctl list' after a clean reboot), the kernel > says : > >> WARNING: attempt to net_add_domain(netgraph) after domainfinalize() > > I can reproduce this by doing a 'kldload ng_socket'. kldstat(8) says > that the module is loaded anyway. > > A quick googling says that this message is harmless. A 2006 post says > that it was silenced in 6-STABLE ; it lokks like this haven't made its > way to the 7.1-RELEASE I'm using. This warning appeared on 7-CURRENT. > However ; > > On the next step, when I create the bridge, I have : > > # ngctl -dd mkpeer ngeth0: bridge lower link0 > [...] > ngctl: sendto(ngeth0:): No such file or directory > ngctl: send msg: No such file or directory > > I guess I have to read more in details about how netgraph works in > recent releases of FreeBSD before goiing on. Unfortunately, I will soon > be physically away from my FreeBSD box for a week, and fiddling with net > interfaces is tipically something I'm afraid of doing through SSH. > > Thanks anyway from the pointer. > You can create the pseudo ethernets using 'ngctl mkpeer . eiface hook ether' and bridge them using if_bridge. You don't have to use the ng_bridge, if_bridge will work fine with the virtual ethernet interfaces. But there are other limitations that came up when I tried this setup... Apparently you'll want to use IP addresses from the same network. For example: fxp0 10.0.0.1/24 ether 00:00:00:01:01:01 ngeth0 10.0.0.2/32 ether 00:00:00:02:02:02 ngeth1 10.0.0.3/32 ether 00:00:00:03:03:03 etc Since there is not much sense in saying that network 10.0.0.0/24 is attached to more than one interfaces, you'll have to use /32 masks for all the aliases, and a /24 for the fxp0 one, right? FreeBSD will then know that network 10.0.0.0/24 is attached to fxp0 and will use fxp0's IP and MAC address to do the ARP query... So, in short, if you use such a setup: fxp0 10.0.0.1/24 ether 00:00:00:01:01:01 ngeth0 10.0.0.2/32 ether 00:00:00:02:02:02 ngeth1 10.0.0.3/32 ether 00:00:00:03:03:03 The IP address in use will be the 10.0.0.1 one and the MAC address will be the 00:00:00:01:01:01 one. But you can use this one: fxp0 10.0.0.1/24 ether 00:00:00:01:01:01 ngeth0 10.0.1.2/24 ether 00:00:00:02:02:02 ngeth1 10.0.2.3/24 ether 00:00:00:03:03:03 As far as I know, the only way to achieve this (having the same network on different interfaces and many many other features) is the VIMAGE way: http://imunes.tel.fer.hr/virtnet/ In a few days VIMAGE will be in the SVN repository. Sorry for the noise... Nikos
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?498C4E61.7060501>