From owner-freebsd-questions@FreeBSD.ORG Fri Feb 6 14:51:42 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 53FB1106574A for ; Fri, 6 Feb 2009 14:51:41 +0000 (UTC) (envelope-from nvass@freemail.gr) Received: from smtp.freemail.gr (smtp.freemail.gr [81.171.104.132]) by mx1.freebsd.org (Postfix) with ESMTP id BC1AA8FC1C for ; Fri, 6 Feb 2009 14:51:40 +0000 (UTC) (envelope-from nvass@freemail.gr) Received: from [192.168.1.120] (adsl110-64.ath.forthnet.gr [79.103.113.64]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.freemail.gr (Postfix) with ESMTP id C1610338820; Fri, 6 Feb 2009 16:51:38 +0200 (EET) Message-ID: <498C4E61.7060501@freemail.gr> Date: Fri, 06 Feb 2009 16:51:13 +0200 From: Nikos Vassiliadis User-Agent: Thunderbird 2.0.0.19 (Windows/20081209) MIME-Version: 1.0 To: =?UTF-8?B?RnLDqWTDqXJpYyBQZXJyaW4=?= References: <863aeunkj0.fsf@chameau.maisel.enst-bretagne.fr> <498AABCC.4090809@gmx.com> <86ocxfeoqn.fsf@chameau.maisel.enst-bretagne.fr> In-Reply-To: <86ocxfeoqn.fsf@chameau.maisel.enst-bretagne.fr> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Cc: FreeBSD Questions Subject: Re: Multiple MAC on a single (physical) interface X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Feb 2009 14:51:43 -0000 Frédéric Perrin wrote: > Le Jeudi 5 à 10:05, Nikos Vassiliadis a écrit : >> Frédéric Perrin wrote: >>> I need to be able >>> to send and receive using several MAC addresses, as if I had several >>> NIC (which I of course don't have). >>> >>> [...] >>> >> Yes, you could use a netgraph bridge to bridge several >> ethernet interfaces together. Luckily, there is also a >> pseudo-ethernet-like interface you can attach to this >> bridge and of course you get to treat the pseudo-ethernet >> as a regular ethernet interface, that is, change its >> MAC address. >> >> The process is described here: >> http://www.bsdatwork.com/2004/06/19/mac_spoofing_on_freebsd/ > > Oh, yes, I actually remember trying that. However, on the first ngctl(8) > invocation I do (even a 'ngctl list' after a clean reboot), the kernel > says : > >> WARNING: attempt to net_add_domain(netgraph) after domainfinalize() > > I can reproduce this by doing a 'kldload ng_socket'. kldstat(8) says > that the module is loaded anyway. > > A quick googling says that this message is harmless. A 2006 post says > that it was silenced in 6-STABLE ; it lokks like this haven't made its > way to the 7.1-RELEASE I'm using. This warning appeared on 7-CURRENT. > However ; > > On the next step, when I create the bridge, I have : > > # ngctl -dd mkpeer ngeth0: bridge lower link0 > [...] > ngctl: sendto(ngeth0:): No such file or directory > ngctl: send msg: No such file or directory > > I guess I have to read more in details about how netgraph works in > recent releases of FreeBSD before goiing on. Unfortunately, I will soon > be physically away from my FreeBSD box for a week, and fiddling with net > interfaces is tipically something I'm afraid of doing through SSH. > > Thanks anyway from the pointer. > You can create the pseudo ethernets using 'ngctl mkpeer . eiface hook ether' and bridge them using if_bridge. You don't have to use the ng_bridge, if_bridge will work fine with the virtual ethernet interfaces. But there are other limitations that came up when I tried this setup... Apparently you'll want to use IP addresses from the same network. For example: fxp0 10.0.0.1/24 ether 00:00:00:01:01:01 ngeth0 10.0.0.2/32 ether 00:00:00:02:02:02 ngeth1 10.0.0.3/32 ether 00:00:00:03:03:03 etc Since there is not much sense in saying that network 10.0.0.0/24 is attached to more than one interfaces, you'll have to use /32 masks for all the aliases, and a /24 for the fxp0 one, right? FreeBSD will then know that network 10.0.0.0/24 is attached to fxp0 and will use fxp0's IP and MAC address to do the ARP query... So, in short, if you use such a setup: fxp0 10.0.0.1/24 ether 00:00:00:01:01:01 ngeth0 10.0.0.2/32 ether 00:00:00:02:02:02 ngeth1 10.0.0.3/32 ether 00:00:00:03:03:03 The IP address in use will be the 10.0.0.1 one and the MAC address will be the 00:00:00:01:01:01 one. But you can use this one: fxp0 10.0.0.1/24 ether 00:00:00:01:01:01 ngeth0 10.0.1.2/24 ether 00:00:00:02:02:02 ngeth1 10.0.2.3/24 ether 00:00:00:03:03:03 As far as I know, the only way to achieve this (having the same network on different interfaces and many many other features) is the VIMAGE way: http://imunes.tel.fer.hr/virtnet/ In a few days VIMAGE will be in the SVN repository. Sorry for the noise... Nikos