From owner-freebsd-questions@FreeBSD.ORG Wed Feb 4 18:30:04 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D3744106567E for ; Wed, 4 Feb 2009 18:30:04 +0000 (UTC) (envelope-from frederic.perrin@resel.fr) Received: from maisel-gw.enst-bretagne.fr (maisel-gw.enst-bretagne.fr [192.44.76.8]) by mx1.freebsd.org (Postfix) with ESMTP id 5F45B8FC25 for ; Wed, 4 Feb 2009 18:30:04 +0000 (UTC) (envelope-from frederic.perrin@resel.fr) Received: from localhost (localhost [127.0.0.1]) by maisel-gw.enst-bretagne.fr (Postfix) with ESMTP id E23FA19BF5 for ; Wed, 4 Feb 2009 19:07:25 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at resel.fr Received: from maisel-gw.enst-bretagne.fr ([127.0.0.1]) by localhost (mercure.adm.maisel.enst-bretagne.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z1AopD4VcPGw for ; Wed, 4 Feb 2009 19:07:19 +0100 (CET) Received: from chameau.maisel.enst-bretagne.fr (chameau.maisel.enst-bretagne.fr [172.22.209.241]) (Authenticated sender: fperrin) by maisel-gw.enst-bretagne.fr (Postfix) with ESMTP id C210019BF1 for ; Wed, 4 Feb 2009 19:07:19 +0100 (CET) Received: by chameau.maisel.enst-bretagne.fr (Postfix, from userid 1001) id 0C4ABB8BB; Wed, 4 Feb 2009 19:07:16 +0100 (CET) From: =?utf-8?Q?Fr=C3=A9d=C3=A9ric_Perrin?= To: FreeBSD Questions Organization: =?utf-8?Q?R=C3=A9seau?= des =?utf-8?B?w4lsw6h2ZXM=?= Date: Wed, 04 Feb 2009 19:07:15 +0100 Message-ID: <863aeunkj0.fsf@chameau.maisel.enst-bretagne.fr> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.60 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Multiple MAC on a single (physical) interface X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Feb 2009 18:30:05 -0000 Hello, I live in a network where it is pretty much assumed that one machine == one MAC address == one IP address. Therefore, in order to play with jails, some having of course access to the network, I need to be able to send and receive using several MAC addresses, as if I had several NIC (which I of course don't have). I first describe the setup I have come up with, then ask the list a couple of questions. rl0 (my only physical interface) is made promiscous, and its otherwise fine configuration is not touched (it still has it MAC and IP address) : # ifconfig rl0 promisc Create a bridge, and attach it rl0 : # ifconfig bridge0 create # ifconfig bridge0 addm rl0 up Create 2 interfaces : the first one will be connected to the bridge, the other will be the one we really want to use. # ifconfig tap0 create # ifconfig bridge0 addm tap0 up # ifconfig tap1 create Link tap0 to tap1, I have been using the br_select.c example that comme with the generic tap/tun driver on vtun.sf.net (basically, what it does is : @ open(/dev/tap0); open(/dev/tap1); @ for ever: @ if there is data in tap0, copy it to tap1 @ if there is data in tap1, copy it to tap0 @ end for Then, configure tap1 as wanted, as in : # ifconfig tap0 up ; ifconfig tap1 up # dhclient tap1 Then start a jail with the IP given to tap1, with a network service in it (sshd will do). Check that ssh'ing to the jail works. It should be possible to create use n tap devices, by doing : @ for ever: @ if there is data in tap0, copy it to tap1, ... tapn @ if there is data in tap1 or ... tapn, copy it to tap0 @ end for Also, while researching my problem, I see that it shouldn't be very hard to add hooks to rc.conf to automate all this process. Questions : It seems quite a convoluted setup (especially having to make a tunnel from tap0 to tap1 ... tapn). Is there an easier way ? Comments ? When googling for this, I was surprised not to find explanations on how to do that. Is my google fu lacking and me missing the obvious ? If this solution is a valid one, where can I post it for all to see ? (I thought about wiki.f.o, but it is developer-only it seems. forums.f.o ?) I'm not subscribed to the list, CC me in your answer, please. -- Fred