[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: MAC aliasing
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: MAC aliasing
- From: Mauro Calderara <mcalderara_(_at_)_phys_(_dot_)_ethz_(_dot_)_ch>
- Date: Wed, 2 Feb 2005 00:34:56 +0100
On Feb 1, 2005, at 11:52 PM, Per Engelbrecht wrote:
Mauro Calderara wrote:
I've a simple problem and not yet a proper solution, maybe someone
can give some pointers.
My cable-provider gives me 4 IPs via DHCP, but only one per MAC. The
question is whether it is possible to "fake" MACs on a NIC. Since by
concept this is something simple there might be a solution but it is
highly possible that I didn't find the right words to feed the search
Yes, you can change your MAC/ethernet address/hardware
But is it possible to have more than one on a single interface? With
what tool would I do something like this? ifconfig seems not to have an
option for it. Even if so, how would I have the dhcp-client use a
specific MAC to pass to the DHCP-Server?
I found this tool, respectively its source file "sea.c" somewhere on
the net, but since the devels didn't see any need for it to go into the
system I guess there is consensus among developers that changing MAC is
a bad thing or am I mistaken here?
Is the idea broken by concept? I know that a MAC is supposed to be
unique worldwide, but still it was cool if I could get all IPs. I
thought of a workaround but maybe you guys will just shake your heads
when reading it, if so, please tell me (and why):
Jugling around with MAC-addresses can cause a lot of trouble,
depending of course on the environment in which it is performed.
If I see a change of MAC in a public accessible environment (e.g.
hosting / datacenter) I'll call it an attempt of arp-spoofing or
arp-cache-poisoning and I'll annihilate the account. Periode.
well, I can understand that, given that the MACs of your customers are
known and static but I guess it was too much work for my provider to
have every customer register every new nic/router/host and it wouldn't
mache much sense either. From what I know they have a "primary" MAC for
some reason and the other three may change at will.
given that I have 5 NICs in the router, I thought that I could set up
a vlan-interface on those not directly connected to the cable-modem
(they were supposed to inherit their's parent's MAC, right?) and
bridge these vlans to the one NIC attached to the modem. Then I'd
just let the dhcp client try to configure them and hope the best.
From a firewalling point of view this would probably be not so nice,
but I guess that could be worked around with some added complexity to
pf.conf to prevent spoofing on those interfaces but that shouldn't be
much of a problem as far as I can see. Still it seems a bit hackish
and since I don't have PCI-Slots ad infinitum it wouldn't "scale"
well when adding another cable-modem :)
Any pointers, hints & flames appreciated
Visit your host, monkey.org