Re: netgraph ability

From: Ruslan Ermilov (ru_at_FreeBSD.org)
Date: 04/23/04

  • Next message: Muhammad Reza: "multiple provider" 
    Date: Fri, 23 Apr 2004 20:35:18 +0300
To: David Yeske <dyeske@yahoo.com>

    [ Redirected to -net ]

    On Thu, Apr 22, 2004 at 05:50:57PM -0700, David Yeske wrote:
    > I'm in a situation where I need to emulate multiple ethernet devices with
    > different mac addresses. I have gotten far enough to have this.
    >
    > I ran ngctl and then ran
    > "mkpeer . eiface hook ether"
    >
    > I then ran
    > ifconfig ngeth0 link '00:bd:03:11:21:11'
    > ifconfig ngeth0 192.168.20.5
    > ifconfig sis0 192.168.23.45
    >
    > So basically I want to be able to ping / connect to
    > 192.168.20.5 from another box on the 192.168.23.0/24 network, and have it see
    > the mac address that I have set rather than the mac address of my sis0 device.
    > I know I can do this with vmware, but I am trying to avoid that.
    >
    > Anyone know if this is possible? Is there a way to do this with the tap device
    > and or arpd?
    >
    Using Netgraph, you can emulate any number of Ethernet interfaces
    on one physical interface. Here's my recipe for you:

    1. Load the ng_ether(4) module.
    2. Create the required number of ng_eiface(4) nodes.
    3. Connect "lower" and "upper" of sis0: and all ngethX:
        ng_ether(4) nodes to one ng_bridge(4).
    4. Make sure to "ngctl msg <if>: setautosrc 0" to all
        ng_ether(4) nodes.
    5. Optionally set net.link.ether.inet.log_arp_wrong_iface=0.

    Here's my test (I've omitted obvious configuration steps):

    # ifconfig dc0 ether
    dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
            options=48<VLAN_MTU,POLLING>
            ether 00:10:a4:c0:c0:45

    # ifconfig ngeth0
    ngeth0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
            ether 00:00:00:01:02:03

    # ngctl show bridge:
      Name: bridge Type: bridge ID: 0000000b Num hooks: 4
      Local hook Peer name Peer type Peer ID Peer hook
      ---------- --------- --------- ------- ---------
      link4 ngeth0 ether 00000007 lower
      link3 ngeth0 ether 00000007 upper
      link2 dc0 ether 00000002 lower
      link1 dc0 ether 00000002 upper

    # ifconfig ngeth0 1.2.3.4

    # tcpdump -lenx -i dc0 ether host 0:0:0:1:2:3
    tcpdump: listening on dc0
    20:29:05.571179 0:0:0:1:2:3 ff:ff:ff:ff:ff:ff 0806 42: arp who-has 1.2.3.4 tell 1.2.3.4
                             0001 0800 0604 0001 0000 0001 0203 0102
                             0304 0000 0000 0000 0102 0304

    Cheers, 

    -- 
Ruslan Ermilov
ru@FreeBSD.org
FreeBSD committer

  • Next message: Muhammad Reza: "multiple provider"

    Relevant Pages

    • Re: netgraph ability
      ... > the mac address that I have set rather than the mac address of my sis0 device. ... dc0: flags=8843mtu 1500 ...
      (freebsd-hackers)
    • netgraph ability
      ... I ran ngctl and then ran ... ifconfig ngeth0 link '00:bd:03:11:21:11' ... ifconfig sis0 192.168.23.45 ... the mac address that I have set rather than the mac address of my sis0 device. ...
      (freebsd-hackers)
    • netgraph ability
      ... I ran ngctl and then ran ... ifconfig ngeth0 link '00:bd:03:11:21:11' ... ifconfig sis0 192.168.23.45 ... the mac address that I have set rather than the mac address of my sis0 device. ...
      (freebsd-questions)
    • RE: wierdness in my security report
      ... offending MAC address was found to be a Cisco router on my ISP's network. ... have not checked the MAC addresses of the other network cards on my network. ...
      (FreeBSD-Security)