Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 04 Feb 2009 19:07:15 +0100
From:      =?utf-8?Q?Fr=C3=A9d=C3=A9ric_Perrin?= <frederic.perrin@resel.fr>
To:        FreeBSD Questions <freebsd-questions@freebsd.org>
Subject:   Multiple MAC on a single (physical) interface
Message-ID:  <863aeunkj0.fsf@chameau.maisel.enst-bretagne.fr>

Next in thread | Raw E-Mail | Index | Archive | Help
Hello,

I live in a network where it is pretty much assumed that one machine ==
one MAC address == one IP address. Therefore, in order to play with
jails, some having of course access to the network, I need to be able to
send and receive using several MAC addresses, as if I had several NIC
(which I of course don't have).

I first describe the setup I have come up with, then ask the list a
couple of questions.

rl0 (my only physical interface) is made promiscous, and its otherwise
fine configuration is not touched (it still has it MAC and IP address) :
# ifconfig rl0 promisc

Create a bridge, and attach it rl0 :
# ifconfig bridge0 create
# ifconfig bridge0 addm rl0 up

Create 2 interfaces : the first one will be connected to the
bridge, the other will be the one we really want to use.

# ifconfig tap0 create
# ifconfig bridge0 addm tap0 up
# ifconfig tap1 create

Link tap0 to tap1, I have been using the br_select.c example that
comme with the generic tap/tun driver on vtun.sf.net (basically, what
it does is :
@ open(/dev/tap0); open(/dev/tap1);
@ for ever:
@     if there is data in tap0, copy it to tap1
@     if there is data in tap1, copy it to tap0
@ end for

Then, configure tap1 as wanted, as in :
# ifconfig tap0 up ; ifconfig tap1 up
# dhclient tap1

Then start a jail with the IP given to tap1, with a network service in
it (sshd will do). Check that ssh'ing to the jail works.

It should be possible to create use n tap devices, by doing :
@ for ever:
@     if there is data in tap0, copy it to tap1, ... tapn
@     if there is data in tap1 or ... tapn, copy it to tap0
@ end for

Also, while researching my problem, I see that it shouldn't be very
hard to add hooks to rc.conf to automate all this process.

Questions :

It seems quite a convoluted setup (especially having to make a tunnel
from tap0 to tap1 ... tapn). Is there an easier way ? Comments ?

When googling for this, I was surprised not to find explanations on
how to do that. Is my google fu lacking and me missing the obvious ?

If this solution is a valid one, where can I post it for all to see ?
(I thought about wiki.f.o, but it is developer-only it seems.
forums.f.o ?)

I'm not subscribed to the list, CC me in your answer, please.

-- 
Fred



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?863aeunkj0.fsf>