* Multiple MAC addresses for a single NIC using ebtables?
@ 2008-10-21 4:54 Rich Wales
2008-10-21 15:45 ` Grant Taylor
2008-10-21 16:30 ` Patrick McHardy
0 siblings, 2 replies; 3+ messages in thread
From: Rich Wales @ 2008-10-21 4:54 UTC (permalink / raw)
To: netfilter
Hi. I have four static IP addresses from my ISP. I'm using a firewall
(Shorewall/Ubuntu) to connect my home LAN to the Internet, and various
of my home machines are associated with various external IP addresses.
Since the firewall has only one external NIC, all external traffic uses
a single MAC address. This works -- but for various reasons, I would
like to try to configure the box so that each one of my four external
IP addresses will have its own separate MAC address.
Does anyone have a ready-made example for how to do this (presumably
using "ebtables")? I've been playing around with ebtables on a test
system, but I can't seem to get all the pieces together to make this
multi-MAC setup work.
Thanks for any help or suggestions.
--
Rich Wales === Palo Alto, CA, USA === richw@richw.org
http://www.richw.org === http://en.wikipedia.org/wiki/User:Richwales
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Multiple MAC addresses for a single NIC using ebtables?
2008-10-21 4:54 Multiple MAC addresses for a single NIC using ebtables? Rich Wales
@ 2008-10-21 15:45 ` Grant Taylor
2008-10-21 16:30 ` Patrick McHardy
1 sibling, 0 replies; 3+ messages in thread
From: Grant Taylor @ 2008-10-21 15:45 UTC (permalink / raw)
To: Mail List - Netfilter
On 10/20/08 23:54, Rich Wales wrote:
> Since the firewall has only one external NIC, all external traffic
> uses a single MAC address. This works -- but for various reasons, I
> would like to try to configure the box so that each one of my four
> external IP addresses will have its own separate MAC address.
Ok...
> Does anyone have a ready-made example for how to do this (presumably
> using "ebtables")? I've been playing around with ebtables on a test
> system, but I can't seem to get all the pieces together to make this
> multi-MAC setup work.
I don't have any ideas per say, at least in so far as to have multiple
MAC addresses on the external interface.
Of course there is bridging your external and internal interfaces
together and turning your system in to a bridging router. A BRouter
would allow your internal systems to have an external globally routable
IP address as well as an internal private IP. The external globally
routable traffic would be bridged through and any thing else would be
routed.
As far as assigning multiple MAC addresses to a single interface, I
don't know if that is possible. I know that you can change the MAC
address and do other nefarious things like having multiple VLANs that
are bridged together, but I think all of them will share the MAC address
of the common physical interface.
The first thing that comes to mind to have multiple MAC addresses is to
create some sort of virtual interface that has its own independent MAC
address. Then you could bridge the virtual interfaces together. But
I'm not sure how this would work. (UMLs and Xen come to mind...)
Another option would be to do some very nasty things with NATing in
EBTables to make things that talk to one ""virtual MAC address get NATed
to / from the real physical MAC address. Though I'm not sure how to go
about this either. In effect any thing that is ARPing for an IP on the
virtual interface would have to be replied to with a MAC address that is
NATed in both the ethernet frame and the ARP reply payload (which can be
done). Then you would have to have a NAT rule that would DNAT any
traffic going to the virtual MAC in to the real MAC. Correspondingly
any reply traffic from the virtual IP would have to have the MAC address
SNATed to that of the virtual interface. (Did I say that this would be
a mess?) In theory NATing the ethernet frames should be possible, but
I'd have to set up a system to test it. If you want to move forward and
have some help with this just say the word.
> Thanks for any help or suggestions.
*nod*
Grant. . . .
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Multiple MAC addresses for a single NIC using ebtables?
2008-10-21 4:54 Multiple MAC addresses for a single NIC using ebtables? Rich Wales
2008-10-21 15:45 ` Grant Taylor
@ 2008-10-21 16:30 ` Patrick McHardy
1 sibling, 0 replies; 3+ messages in thread
From: Patrick McHardy @ 2008-10-21 16:30 UTC (permalink / raw)
To: Rich Wales; +Cc: netfilter
Rich Wales wrote:
> Hi. I have four static IP addresses from my ISP. I'm using a firewall
> (Shorewall/Ubuntu) to connect my home LAN to the Internet, and various
> of my home machines are associated with various external IP addresses.
>
> Since the firewall has only one external NIC, all external traffic uses
> a single MAC address. This works -- but for various reasons, I would
> like to try to configure the box so that each one of my four external
> IP addresses will have its own separate MAC address.
>
> Does anyone have a ready-made example for how to do this (presumably
> using "ebtables")? I've been playing around with ebtables on a test
> system, but I can't seem to get all the pieces together to make this
> multi-MAC setup work.
>
> Thanks for any help or suggestions.
The macvlan driver allows you to add virtual ethernet devices
with different mac addresses:
ip link add link eth0 [ name ] type macvlan
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2008-10-21 16:30 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-10-21 4:54 Multiple MAC addresses for a single NIC using ebtables? Rich Wales
2008-10-21 15:45 ` Grant Taylor
2008-10-21 16:30 ` Patrick McHardy
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).