Date: Wed, 28 Mar 2001 20:25:38 -0800 (PST) From: wpaul@FreeBSD.ORG (Bill Paul) To: ajh3@chmod.ath.cx (Andrew Hesford) Cc: jj.walker@auckland.ac.nz, ajh3@chmod.ath.cx, edward_gess@hotmail.com, freebsd-questions@FreeBSD.ORG Subject: Re: MAC Message-ID: <20010329042539.0450737B71A@hub.freebsd.org> In-Reply-To: <20010328184702.A13283@cec.wustl.edu> from Andrew Hesford at "Mar 28, 2001 06:47:02 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> On Thu, Mar 29, 2001 at 07:40:36AM +1200, Jamie Walker wrote: > > from the man pages - ifconfig(8) > > > > lladdr addr > > Set the link-level address on an interface. This can be used to > > e.g. set a new MAC address on an ethernet interface, though the > > mechanism used is not ethernet-specific. The address addr is > > specified as a series of colon-separated hex digits. If the in- > > terface is already up when this option is used, it will be > > briefly brought down and then brought back up again in order to > > insure that the receive filter in the underlying ethernet hard- > > ware is properly reprogrammed. > > > > This usually means the card must be placed in promiscuous mode. > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > This line confirms it... GRRRRR. This line was added by the person who cut & pasted this section from the man page. It's not actually *in* the ifconfig(8) man page, and like I went to great lengths to explain in an earlier post, it's *not* true. > What's happening here is a forgery. When the card is set in promiscuous > mode, there is no hardware-level filtration of data. FreeBSD stores a > new MAC address in memory, and monitors all data (frames? I don't know > my low-level networking) coming into the card. When it is destined for > the MAC address that FreeBSD keeps stored, it accepts them as if they > came to the interface. When data is sent out, the forged MAC address is > tacked on. The ethernet controller chip doesn't care what origin address appears in outbound frames, so technically there is no such thing as a "forged" address when transmitting. The host produces the entire ethernet header, including the source address, destination address and frame type (the frame type might be something else if this isn't an Ethernet II style frame). The controller *does* compute the frame checksum that gets appended to the data though, because letting the chip do it is faster than having the host do it in software. But for frame reception, *yes* there *is* hardware filtering going on. You do *not* put the chip in promiscous mode and let the network stack sort it all out. You simply program the the receive filter with a new address rather than the one that was read out of the EEPROM during driver load time. > This isn't technically changing the MAC address on the card, it's a > software sleight-of-hand along the lines of NAT in the IP world. No, uh-unh. Please try and understand: network cards have an EEPROM and an ethernet controller chip. The driver grabs the MAC address from the EEPROM and programs it into the ethernet controller's receive filter. There's no reason why the driver can't simply ignore what's in the EEPROM and program in a different value. You don't have to permanently change the card by storing a new address in the EEPROM, and you *do* get hardware filtering when you program the receive filter when a different address. The *only* exceptions are *really* old cards where the MAC address is automatically loaded from the EEPROM into the receive filter by the controller, and the controller doesn't provide a way for the filter to be updated by software. Cards like this don't exist anymore: any NIC you grab off the shelf at your local computer store now will have a programmable receive filter and you can brainwash it into using whatever MAC address you want. Unless of course you use Windows. -Bill To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010329042539.0450737B71A>