Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Changing the WAN VLAN MAC Address

    Scheduled Pinned Locked Moved Routing and Multi WAN
    8 Posts 3 Posters 2.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      arduino
      last edited by

      Is it possible to change a VLAN address without changing the parent interface MAC?

      I have we just got another internet line and a mini-itx board with only two interfaces and no room for expanding.

      I have a managed switch capable of tagging each line but when I put the parent interface in promiscuous mode using Shellcmd and change the VLAN MAC addresses it changes the parent and other VLAN.

      1 Reply Last reply Reply Quote 0
      • DerelictD Offline
        Derelict LAYER 8 Netgate
        last edited by

        What, exactly, are you trying to do?

        I don't know if you can set different MAC addresses on different VLAN interfaces.  Try it?

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • A Offline
          arduino
          last edited by

          Sorry , I will try to define my question clearly.

          I want to know if I can add a VLAN to an interface and then change that VLANs MAC address WITHOUT changing the parent interface MAC.

          I have tried and it does not work. I want to do this so I can get two DHCP leases. I can't use proxy arp.

          1 Reply Last reply Reply Quote 0
          • DerelictD Offline
            Derelict LAYER 8 Netgate
            last edited by

            So that still doesn't tell us what you're trying to do.  You have two connections to the same ISP and that ISP identifies each connection by MAC address?  So like two cable modem connections into the same residence and they want to see two MACs?  You might need two physical interfaces.  I would have to ask for some bitcoin fraction if I was to lab it in the next 48 hours to see if it's even possible, but I'd rather see you toss the coin at ESF who could answer your questions more promptly.

            I see the ability to set a MAC address for different VLAN interfaces.  If you were to, say, get a managed switch and set two WAN VLANs, 100 and 101, then create an untagged port on vlan 100 and connect isp modem A, and an untagged port on vlan 101 and cconnect isp modem b, then a tagged port for vlan 100 and 101 to pfsense WAN.  Then go to  pfSense interfaces->assign and create vlan 100 and vlan 101.  Then create two interfaces and assign them to lan0_vlan100 and lan0_vlan101. Then edit one of them and change the MAC address, it might work.  Can't tell, can't test it, but that's what I'd try.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • A Offline
              arduino
              last edited by

              Thanks for the quick reply!

              Im not sure how much more specific I can be when I ask "I want to know if I can add a VLAN to an interface and then change that VLANs MAC address WITHOUT changing the parent interface MAC."

              Your suggestion is exactly what I said I have tried already.

              1 Reply Last reply Reply Quote 0
              • A Offline
                arduino
                last edited by

                00:00:00:00:00:00 < PARENT INTERFACE EM0

                00:00:00:00:00:01 < VLAN 100 / ON EM0

                I cannot do this. It changed it to this:

                00:00:00:00:00:01 < PARENT INTERFACE EM0

                00:00:00:00:00:01 < VLAN 100 / ON EM0

                1 Reply Last reply Reply Quote 0
                • DerelictD Offline
                  Derelict LAYER 8 Netgate
                  last edited by

                  Worth a shot.  Get another interface, I guess.

                  Chattanooga, Tennessee, USA
                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                  1 Reply Last reply Reply Quote 0
                  • M Offline
                    mikeisfly
                    last edited by

                    arduino what you have done is slightly different then what Derelict suggest: in your senario all untagged traffic will go to your parent interface and only the tagged traffic will go to vlan 100. What I would then try is tagging both WANS like Derelict suggest. Not a good idea to have both tagged and untagged traffic on the same interface I have seen undesired effects with PfSense like with Captive portal. This should work as I have don't this in my lab setup using a switch as a WAN focal point so I can then bring 1 connection into my pfSense Box. I guess it might depend on the kind of NIC that you are using too. I try to use Intel or Broadcom if possible.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.