Create a virtual network interface using the iproute2 "ip link" command with a spoofed MAC address

linux ethernet mac-address iproute2

32,064

Solution 1

I want to set the MAC addresses to test my DHCP server's configuration

There is (at least?) two ways you can achieve this under linux.

The simplest and straigthforward, but highly risky way, is to modify the mac-address of the physical interface. However to do so you have to put the interface down so it is not the safest way, and surely a highly risky way if operating remotely! If you have physical access to the host or alike it can be an option.

The more safe way is to define a macvlan link on your physical interface with the proper mac-address. You can always change this mac-adress using a similar command than the one you would use to change the mac-adress of your physical interface. This is convenient to test multiple IP/MAC couples without having to create/delete many interfaces for example.

I say "more safe" because depending of the security measures on your network you risks to loose your connection too with a macvlan link if for exemple your network prohibits the use of a different mac-address on your physical link. In some case, the network device your host is connected to might consider you are tempering with security and put the link down.

For the following commands, you need the iproute2 utils under linux.

PLEASE READ THE TEXT ABOVE BEFORE USING THE FOLLOWING COMMANDS ON REMOTE HOSTS!

To add a macvlan link, you can use:

ip link add link eth0 type macvlan

The interface will be named macvlanX where X is the first number such as no interface by that name exists.

You can name the interface (to vif0 for example) at creation using something like

ip link add name vif0 link eth0 type macvlan

to have an interface named vif0.

Once you have the interface, you can change its mac-adress (to 00:11:22:33:44:55 for example) using:

ip link set address 00:11:22:33:44:55 dev macvlan0

This same command can be used to change the mac-adress of other interfaces. This is the one you can use to change the mac-address of your physical link.

Of course you can add the macvlan link and set its address in one shot:

ip link add name vif0 address 00:11:22:33:44:55 link eth0 type macvlan

Do not forget to put the interface up once mac-address are configured. With interface named vif0:

ip link set dev vif0 up

Note that some parts of those commands are options and can be put in different orders, others are part of the syntax and are required to be put in the correct place. Morevover some part can be omitted given that it does not compromised the meaning¹. In the above command for example, dev can be omitted.

The default type of macvlan created is VEPA which prevent direct communications between the physical and virtual interface. It should be suitable for this use case. Others mode are availables, see the chapter on macvlan in this RedHat "Introduction to Linux interfaces for virtual networking".

Hope it'll helps... ...someone else passing by here.

1: it cannot be omitted if you had the (very) bad idea to name an interface dev for example.

Solution 2

Have you tried...

ip link add type veth addr 00:01:02:aa:bb:cc

ip link set dev veth0 addr 00:01:02:aa:bb:cc

32,064

nelaaro

Linux admin, tech enthusiast. opensource evangelist.

Updated on September 18, 2022

Comments

nelaaro over 1 year

How can I create a virtual interface similar to the following ifconfig command?

$ sudo ifconfig eth1 hw ether 00:01:02:aa:bb:cc  
SIOCSIFHWADDR: No such device

This does not work. I want to set the MAC addresses to test my DHCP server's configuration.

How would I do that with the iproute2 suite using the ip link command?

$ sudo ip link add type veth

This works, but it randomly assigns a MAC address. This is still useful, but I would like to test my dhcpd server with some specific MAC addresses in order to see how it handles the classes I have set up.

My current setup ¹:

$ ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 60:eb:69:1b:a0:88 brd ff:ff:ff:ff:ff:ff
    inet 172.16.0.93/24 brd 172.16.0.255 scope global eth0
    inet6 fe80::62eb:69ff:fe1b:a088/64 scope link 
       valid_lft forever preferred_lft forever
7: vboxnet0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether 0a:00:27:00:00:00 brd ff:ff:ff:ff:ff:ff
8: veth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether 3a:50:38:2e:24:c4 brd ff:ff:ff:ff:ff:ff

[1]: Note that this setup does not results from the execution of the above commands. In particular ip link add type veth would have resulted in the creation of a pair veth1@veth2 / veth2@veth1 numbered this way because veth0 exists.

nelaaro over 12 years

$ sudo ip link add type veth addr 00:01:02:aa:bb:cc Usage: ip link <options> type veth [peer <options>] To get <options> type 'ip link add help' But the second one does work to modify the virtual device to change its ip.
sillyMunky about 11 years

You've probably solved it already, but if you look at the help from 'ip link help' you'll see this answer is missing the NAME of the interface (which follows the set of options).