"Spoof" MAC VLAN not Parent



  • Is it possible to "spoof" a VLAN interface MAC without the parent and/or other VLAN's of parent being "spoofed" also?



  • I suggest you try it. I suspect it might be driver dependent. In some cases it might be necessary to set the VLAN parent interface into promiscuous mode.



  • I did try it.  And it changed MAC for both physical (parent) and the VLAN.  That's reason for the question.

    Was expecting that spoofing the MAC on the VLAN interface would enable promiscuous mode and only use the spoofed MAC for the VLAN.  NIC is Broadcom 440x 10/100 (bfe0).



  • @NOYB:

    I did try it.  And it changed MAC for both physical (parent) and the VLAN.  That's reason for the question.

    Can you try on a different type of NIC?

    @NOYB:

    Was expecting that spoofing the MAC on the VLAN interface would enable promiscuous mode and only use the spoofed MAC for the VLAN.  NIC is Broadcom 440x 10/100 (bfe0).

    Some NICs don't need to enable promiscuous mode to see frames directed to a "non-standard" MAC address. I think (but its a long time since a looked at this) one way that was done was for the NIC to have a number of programmable MAC address hash registers and a receive frame was accepted if the hash of the destination MAC address matched a value in one of the MAC address hash registers. It was then up to software to determine if there was an exact match between destination MAC address in the frame and "acceptable" MAC addresses.


Log in to reply