Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    "Spoof" MAC VLAN not Parent

    General pfSense Questions
    2
    4
    1172
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      NOYB last edited by

      Is it possible to "spoof" a VLAN interface MAC without the parent and/or other VLAN's of parent being "spoofed" also?

      1 Reply Last reply Reply Quote 0
      • W
        wallabybob last edited by

        I suggest you try it. I suspect it might be driver dependent. In some cases it might be necessary to set the VLAN parent interface into promiscuous mode.

        1 Reply Last reply Reply Quote 0
        • N
          NOYB last edited by

          I did try it.  And it changed MAC for both physical (parent) and the VLAN.  That's reason for the question.

          Was expecting that spoofing the MAC on the VLAN interface would enable promiscuous mode and only use the spoofed MAC for the VLAN.  NIC is Broadcom 440x 10/100 (bfe0).

          1 Reply Last reply Reply Quote 0
          • W
            wallabybob last edited by

            @NOYB:

            I did try it.  And it changed MAC for both physical (parent) and the VLAN.  That's reason for the question.

            Can you try on a different type of NIC?

            @NOYB:

            Was expecting that spoofing the MAC on the VLAN interface would enable promiscuous mode and only use the spoofed MAC for the VLAN.  NIC is Broadcom 440x 10/100 (bfe0).

            Some NICs don't need to enable promiscuous mode to see frames directed to a "non-standard" MAC address. I think (but its a long time since a looked at this) one way that was done was for the NIC to have a number of programmable MAC address hash registers and a receive frame was accepted if the hash of the destination MAC address matched a value in one of the MAC address hash registers. It was then up to software to determine if there was an exact match between destination MAC address in the frame and "acceptable" MAC addresses.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy