Virtual interfaces with different MAC addressesSetting up Windows network on XenStatic virtual IP in debian...
Create chunks from an array
Can one live in the U.S. and not use a credit card?
Graphic representation of a triangle using ArrayPlot
How can a demon take control of a human body during REM sleep?
Logistic regression BIC: what's the right N?
ESPP--any reason not to go all in?
Why aren't there more Gauls like Obelix?
How do you make a gun that shoots melee weapons and/or swords?
What will happen if my luggage gets delayed?
How do I raise a figure (placed with wrapfig) to be flush with the top of a paragraph?
Is divide-by-zero a security vulnerability?
Finding the minimum value of a function without using Calculus
"If + would" conditional in present perfect tense
Is there a logarithm base for which the logarithm becomes an identity function?
Boss Telling direct supervisor I snitched
Are small insurances worth it?
Does the US political system, in principle, allow for a no-party system?
What is the purpose of a disclaimer like "this is not legal advice"?
Does an unused member variable take up memory?
Rationale to prefer local variables over instance variables?
Smooth vector fields on a surface modulo diffeomorphisms
Why does this boat have a landing pad? (SpaceX's GO Searcher) Any plans for propulsive capsule landings?
Short scifi story where reproductive organs are converted to produce "materials", pregnant protagonist is "found fit" to be a mother
What do you call someone who likes to pick fights?
Virtual interfaces with different MAC addresses
Setting up Windows network on XenStatic virtual IP in debian 6.0.4KVM/Libvirt bridged/routed networking not working on newer guest kernelssome nodes in a cluster has higher frame value in ifconfigAssign individual NIC to KVM guestVirtual interface gets static IP, actual interface doesn't?KVM Network configuration + VLAN truncktcpdump on bridge interface (virbr) does not receive any packets destined for one of its addressesVRRP: Linux is sending ARP requests / replies on real interfaces instead of virtual interfaceCentos 7 pptp(ppp0) on openvpn
I try to figure out how to set up two logical network interfaces (at one physical interface) with separate MAC addresses on a Linux machine.
My first attempt was to use macvlan which seemed to work at first:
[root@localhost ~]# ip link add link enp0s3 name veth0 type macvlan
[root@localhost ~]# ip link set veth0 up
[root@localhost ~]# dhclient veth0
[root@localhost ~]# ifconfig
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.6 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::a00:27ff:fe3b:d08b prefixlen 64 scopeid 0x20<link>
ether 08:00:27:3b:d0:8b txqueuelen 1000 (Ethernet)
RX packets 356 bytes 58787 (57.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 210 bytes 24203 (23.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.11 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::2462:42ff:fecb:5090 prefixlen 64 scopeid 0x20<link>
ether 26:62:42:cb:50:90 txqueuelen 0 (Ethernet)
RX packets 83 bytes 9099 (8.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 34 bytes 3871 (3.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
However, when scanning the local network from another machine, both interfaces (192.168.1.6 and 192.168.1.11) are shown to have the same MAC address 08:00:27:3b:d0:8b.
Any ideas if this is possible? What is the use of macvlan if I cannot use it for this purpose?
Thanks.
EDIT:
As suggested by Otheus, I tried the same as before with the settings
sysctl -w net.ipv4.conf.all.arp_ignore=1
sysctl -w net.ipv4.conf.all.arp_announce=2
This apparently makes interfaces to reply only to those arp requests explicitely directed to them.
In my setup, this led to failing DHCP requests to assign an IP address to veth0. With a static IP address on veth0, I could not reach this address from other hosts in the network (I tried arp/nmap/ping).
My (preliminary) conclusion is that it is not possible to have a virtual interface with a different MAC address on the same subnet. However, I still wonder what is the exact purpose of macvlan then, and why I see the virtual interface with its own MAC address on the local machine (where I set up the virtual interface), but not from other machines.
networking linux-networking ethernet nic mac-address
asked Apr 13 '15 at 11:41
chwonchwon
163
bumped to the homepage by Community♦ 12 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
I try to figure out how to set up two logical network interfaces (at one physical interface) with separate MAC addresses on a Linux machine.
My first attempt was to use macvlan which seemed to work at first:
[root@localhost ~]# ip link add link enp0s3 name veth0 type macvlan
[root@localhost ~]# ip link set veth0 up
[root@localhost ~]# dhclient veth0
[root@localhost ~]# ifconfig
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.6 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::a00:27ff:fe3b:d08b prefixlen 64 scopeid 0x20<link>
ether 08:00:27:3b:d0:8b txqueuelen 1000 (Ethernet)
RX packets 356 bytes 58787 (57.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 210 bytes 24203 (23.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.11 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::2462:42ff:fecb:5090 prefixlen 64 scopeid 0x20<link>
ether 26:62:42:cb:50:90 txqueuelen 0 (Ethernet)
RX packets 83 bytes 9099 (8.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 34 bytes 3871 (3.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
However, when scanning the local network from another machine, both interfaces (192.168.1.6 and 192.168.1.11) are shown to have the same MAC address 08:00:27:3b:d0:8b.
Any ideas if this is possible? What is the use of macvlan if I cannot use it for this purpose?
Thanks.
EDIT:
As suggested by Otheus, I tried the same as before with the settings
sysctl -w net.ipv4.conf.all.arp_ignore=1
sysctl -w net.ipv4.conf.all.arp_announce=2
This apparently makes interfaces to reply only to those arp requests explicitely directed to them.
In my setup, this led to failing DHCP requests to assign an IP address to veth0. With a static IP address on veth0, I could not reach this address from other hosts in the network (I tried arp/nmap/ping).
My (preliminary) conclusion is that it is not possible to have a virtual interface with a different MAC address on the same subnet. However, I still wonder what is the exact purpose of macvlan then, and why I see the virtual interface with its own MAC address on the local machine (where I set up the virtual interface), but not from other machines.
networking linux-networking ethernet nic mac-address
asked Apr 13 '15 at 11:41
chwonchwon
163
bumped to the homepage by Community♦ 12 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
I think there exist a driver calledmacvlandesigned for that exact purpose.
– kasperd
Apr 13 '15 at 12:01
I tried macvlan in the first place.
– chwon
Apr 18 '15 at 21:36
add a comment |
I try to figure out how to set up two logical network interfaces (at one physical interface) with separate MAC addresses on a Linux machine.
My first attempt was to use macvlan which seemed to work at first:
[root@localhost ~]# ip link add link enp0s3 name veth0 type macvlan
[root@localhost ~]# ip link set veth0 up
[root@localhost ~]# dhclient veth0
[root@localhost ~]# ifconfig
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.6 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::a00:27ff:fe3b:d08b prefixlen 64 scopeid 0x20<link>
ether 08:00:27:3b:d0:8b txqueuelen 1000 (Ethernet)
RX packets 356 bytes 58787 (57.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 210 bytes 24203 (23.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.11 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::2462:42ff:fecb:5090 prefixlen 64 scopeid 0x20<link>
ether 26:62:42:cb:50:90 txqueuelen 0 (Ethernet)
RX packets 83 bytes 9099 (8.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 34 bytes 3871 (3.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
However, when scanning the local network from another machine, both interfaces (192.168.1.6 and 192.168.1.11) are shown to have the same MAC address 08:00:27:3b:d0:8b.
Any ideas if this is possible? What is the use of macvlan if I cannot use it for this purpose?
Thanks.
EDIT:
As suggested by Otheus, I tried the same as before with the settings
sysctl -w net.ipv4.conf.all.arp_ignore=1
sysctl -w net.ipv4.conf.all.arp_announce=2
This apparently makes interfaces to reply only to those arp requests explicitely directed to them.
In my setup, this led to failing DHCP requests to assign an IP address to veth0. With a static IP address on veth0, I could not reach this address from other hosts in the network (I tried arp/nmap/ping).
My (preliminary) conclusion is that it is not possible to have a virtual interface with a different MAC address on the same subnet. However, I still wonder what is the exact purpose of macvlan then, and why I see the virtual interface with its own MAC address on the local machine (where I set up the virtual interface), but not from other machines.
networking linux-networking ethernet nic mac-address
asked Apr 13 '15 at 11:41
chwonchwon
163
I try to figure out how to set up two logical network interfaces (at one physical interface) with separate MAC addresses on a Linux machine.
My first attempt was to use macvlan which seemed to work at first:
[root@localhost ~]# ip link add link enp0s3 name veth0 type macvlan
[root@localhost ~]# ip link set veth0 up
[root@localhost ~]# dhclient veth0
[root@localhost ~]# ifconfig
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.6 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::a00:27ff:fe3b:d08b prefixlen 64 scopeid 0x20<link>
ether 08:00:27:3b:d0:8b txqueuelen 1000 (Ethernet)
RX packets 356 bytes 58787 (57.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 210 bytes 24203 (23.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.11 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::2462:42ff:fecb:5090 prefixlen 64 scopeid 0x20<link>
ether 26:62:42:cb:50:90 txqueuelen 0 (Ethernet)
RX packets 83 bytes 9099 (8.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 34 bytes 3871 (3.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
However, when scanning the local network from another machine, both interfaces (192.168.1.6 and 192.168.1.11) are shown to have the same MAC address 08:00:27:3b:d0:8b.
Any ideas if this is possible? What is the use of macvlan if I cannot use it for this purpose?
Thanks.
EDIT:
As suggested by Otheus, I tried the same as before with the settings
sysctl -w net.ipv4.conf.all.arp_ignore=1
sysctl -w net.ipv4.conf.all.arp_announce=2
This apparently makes interfaces to reply only to those arp requests explicitely directed to them.
In my setup, this led to failing DHCP requests to assign an IP address to veth0. With a static IP address on veth0, I could not reach this address from other hosts in the network (I tried arp/nmap/ping).
My (preliminary) conclusion is that it is not possible to have a virtual interface with a different MAC address on the same subnet. However, I still wonder what is the exact purpose of macvlan then, and why I see the virtual interface with its own MAC address on the local machine (where I set up the virtual interface), but not from other machines.
networking linux-networking ethernet nic mac-address
networking linux-networking ethernet nic mac-address
asked Apr 13 '15 at 11:41
chwonchwon
163
asked Apr 13 '15 at 11:41
chwonchwon
163
edited Apr 18 '15 at 21:34
chwon
asked Apr 13 '15 at 11:41
chwonchwon
163
asked Apr 13 '15 at 11:41
chwonchwon
163
asked Apr 13 '15 at 11:41
chwonchwon
163
163
bumped to the homepage by Community♦ 12 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
bumped to the homepage by Community♦ 12 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
I think there exist a driver calledmacvlandesigned for that exact purpose.
– kasperd
Apr 13 '15 at 12:01
I tried macvlan in the first place.
– chwon
Apr 18 '15 at 21:36
add a comment |
I think there exist a driver calledmacvlandesigned for that exact purpose.
– kasperd
Apr 13 '15 at 12:01
I tried macvlan in the first place.
– chwon
Apr 18 '15 at 21:36
I think there exist a driver called
macvlan designed for that exact purpose.– kasperd
Apr 13 '15 at 12:01
I think there exist a driver called
macvlan designed for that exact purpose.– kasperd
Apr 13 '15 at 12:01
I tried macvlan in the first place.
– chwon
Apr 18 '15 at 21:36
I tried macvlan in the first place.
– chwon
Apr 18 '15 at 21:36
add a comment |
1 Answer
1
active
oldest
votes
The fact that dhclient was able to assign an IP address to veth0 indicates the separate MAC address is working as intended. How did you "Scan the network"? A better test would be this: from the second host, sniff the packets (I'm old-school and use "tcpdump -e icmp". Then from this above host, ping via each interface (ping -I lets you do this), and look at the sniffed packets's MAC addresses.
Meanwhile, there are some sysctl variables for dealing with ARP packets on virtual IP interfaces. A related post here points to this page which discusses the topic at-length. The solution may be confounded by the network switch and how it chooses to deal with one port having several directly-connected MACs.
edited Apr 13 '17 at 12:37
Community♦
1
answered Apr 13 '15 at 11:55
OtheusOtheus
339111
I'm still not convinced it wasn't working in the first place. How did you determine that the 2nd MACs weren't getting used? Are you sure it's not a routing problem? Again, how are you scanning the network?
– Otheus
Apr 19 '15 at 8:52
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f682311%2fvirtual-interfaces-with-different-mac-addresses%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
The fact that dhclient was able to assign an IP address to veth0 indicates the separate MAC address is working as intended. How did you "Scan the network"? A better test would be this: from the second host, sniff the packets (I'm old-school and use "tcpdump -e icmp". Then from this above host, ping via each interface (ping -I lets you do this), and look at the sniffed packets's MAC addresses.
Meanwhile, there are some sysctl variables for dealing with ARP packets on virtual IP interfaces. A related post here points to this page which discusses the topic at-length. The solution may be confounded by the network switch and how it chooses to deal with one port having several directly-connected MACs.
edited Apr 13 '17 at 12:37
Community♦
1
answered Apr 13 '15 at 11:55
OtheusOtheus
339111
I'm still not convinced it wasn't working in the first place. How did you determine that the 2nd MACs weren't getting used? Are you sure it's not a routing problem? Again, how are you scanning the network?
– Otheus
Apr 19 '15 at 8:52
add a comment |
The fact that dhclient was able to assign an IP address to veth0 indicates the separate MAC address is working as intended. How did you "Scan the network"? A better test would be this: from the second host, sniff the packets (I'm old-school and use "tcpdump -e icmp". Then from this above host, ping via each interface (ping -I lets you do this), and look at the sniffed packets's MAC addresses.
Meanwhile, there are some sysctl variables for dealing with ARP packets on virtual IP interfaces. A related post here points to this page which discusses the topic at-length. The solution may be confounded by the network switch and how it chooses to deal with one port having several directly-connected MACs.
edited Apr 13 '17 at 12:37
Community♦
1
answered Apr 13 '15 at 11:55
OtheusOtheus
339111
I'm still not convinced it wasn't working in the first place. How did you determine that the 2nd MACs weren't getting used? Are you sure it's not a routing problem? Again, how are you scanning the network?
– Otheus
Apr 19 '15 at 8:52
add a comment |
The fact that dhclient was able to assign an IP address to veth0 indicates the separate MAC address is working as intended. How did you "Scan the network"? A better test would be this: from the second host, sniff the packets (I'm old-school and use "tcpdump -e icmp". Then from this above host, ping via each interface (ping -I lets you do this), and look at the sniffed packets's MAC addresses.
Meanwhile, there are some sysctl variables for dealing with ARP packets on virtual IP interfaces. A related post here points to this page which discusses the topic at-length. The solution may be confounded by the network switch and how it chooses to deal with one port having several directly-connected MACs.
edited Apr 13 '17 at 12:37
Community♦
1
answered Apr 13 '15 at 11:55
OtheusOtheus
339111
The fact that dhclient was able to assign an IP address to veth0 indicates the separate MAC address is working as intended. How did you "Scan the network"? A better test would be this: from the second host, sniff the packets (I'm old-school and use "tcpdump -e icmp". Then from this above host, ping via each interface (ping -I lets you do this), and look at the sniffed packets's MAC addresses.
Meanwhile, there are some sysctl variables for dealing with ARP packets on virtual IP interfaces. A related post here points to this page which discusses the topic at-length. The solution may be confounded by the network switch and how it chooses to deal with one port having several directly-connected MACs.
edited Apr 13 '17 at 12:37
Community♦
1
answered Apr 13 '15 at 11:55
OtheusOtheus
339111
edited Apr 13 '17 at 12:37
Community♦
1
edited Apr 13 '17 at 12:37
Community♦
1
edited Apr 13 '17 at 12:37
Community♦
1
1
answered Apr 13 '15 at 11:55
OtheusOtheus
339111
answered Apr 13 '15 at 11:55
OtheusOtheus
339111
answered Apr 13 '15 at 11:55
OtheusOtheus
339111
339111
I'm still not convinced it wasn't working in the first place. How did you determine that the 2nd MACs weren't getting used? Are you sure it's not a routing problem? Again, how are you scanning the network?
– Otheus
Apr 19 '15 at 8:52
add a comment |
I'm still not convinced it wasn't working in the first place. How did you determine that the 2nd MACs weren't getting used? Are you sure it's not a routing problem? Again, how are you scanning the network?
– Otheus
Apr 19 '15 at 8:52
I'm still not convinced it wasn't working in the first place. How did you determine that the 2nd MACs weren't getting used? Are you sure it's not a routing problem? Again, how are you scanning the network?
– Otheus
Apr 19 '15 at 8:52
I'm still not convinced it wasn't working in the first place. How did you determine that the 2nd MACs weren't getting used? Are you sure it's not a routing problem? Again, how are you scanning the network?
– Otheus
Apr 19 '15 at 8:52
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f682311%2fvirtual-interfaces-with-different-mac-addresses%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
I think there exist a driver called
macvlandesigned for that exact purpose.– kasperd
Apr 13 '15 at 12:01
I tried macvlan in the first place.
– chwon
Apr 18 '15 at 21:36