[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: over riding a NIC's MAC address



On Tue, May 18, 2004 at 07:30:25PM +0200, Tim wrote:
> i read about a tool that should be able to accomplish what you want in
> "building firewalls with openbsd and pf". try sea.c, available at
> http://www.devguide.net/books/openbsdfw-02-ed/sea.c
> 
Thanks, that indeed works for my fxp cards. 

So. looks like I can acomplish what I want to do soething like this:

Now I have all the tools I need to make this work, but
it will be a bit complex to implement.

One problem is that the tool to change the MAC address must run on boot
before the kernel securelevel is change.

So, here's what I think I have to do.

1. Set the MAC address to the "prefered" one when the backup machine boots,
but don't configure that interface.

2. transfer teh dhcp lease fill from the primary to the backup, when it
changes, or when communications is initaly estabeshe (internal net) between
the machines.

3. Dtetect loss of communication with the peimary machine (from the
backup), and bring up the interface to the cablemode.

4. delete the default route on the backup machine (which will point to the
virtual address on the inernal ney), and add a default rout as specifed in
the lease.

Maybe there is a way that I can just run dhclient and force it to use the
lease, instead of querying?



-- 
"They that would give up essential liberty for temporary safety deserve
neither liberty nor safety."
						-- Benjamin Franklin

-- 
"They that would give up essential liberty for temporary safety deserve
neither liberty nor safety."
						-- Benjamin Franklin