Change interface MAC via commandline?
-
Is there any method, supported hopefully, to change an Interface's MAC address via command line?
Here is what I am trying to achieve.
I have HA/CARP setup on my LAN, IoT, DMZ, and GUEST but not my WAN because I don't have that option. I have AT&T Fiber and do passthrough to the MAC address of my igb0 on my primary firewall. When both firewalls are online the primary has the TRUE WAN IP (non-RFC1918) and the standby gets a DHCP assigned IP from the AT&T Router/Gateway device. I'd like to create a script to check for current CARP status on the firewalls and then adjust the WAN MAC address to the MAC the AT&T RG knows about to hand out the TRUE WAN IP only on the MASTER CARP firewall.
Here is the order of operations on the firewall I'd like to achieve.
- Checking CARP Status from BACKUP to MASTER
- If MASTER, down WAN
- If MASTER, spoof MAC of WAN to known MAC
- If MASTER, up WAN to get new REAL IP on WAN
- If BACKUP, down WAN
- If BACKUP, reset MAC to nothing, basically setting the MAC to the real MAC
- If BACKUP, up WAN to get RFC1918 IP on WAN
This would allow the MAC to float across WANs via automation and control the fail-over as needed. I could value in this for maintenance to force a fail-over or during the middle of the night if primary firewall fails.
Also bonus points if possible to enable/disable CARP maintenance mode via CLI.
Thanks for the insight folks!