Q. Why do all my ethernet interfaces have the same ether MAC address?
How do I modify the interfaces to have unique ethernet MAC addresses?A. Explanation/discussion:
I have multiple interfaces, but they show up as the same ethernet MAC
address as my built-in interface. Setting NVRAM parameter
local-mac-address?=true does not seem to affect the address?
IEEE leaves it up to the vendor to use the station address approach vs.
per port approach. Sun used the concept of a host-based MAC identity prior
to the newer network interface cards (NICs).
Usually this does not present a problem. Only systems on the same subnet
(connected to same switch/hub) are required to have unique hardware address
(arp entries).
If you are configuring a multi-homed host with more than one interface on the
same physical subnet (connections to same hub), choosing and configuring a
unique ether address that is different from the primary host-based assigned
ethernet Mac address may be necessary.
The older network interface drivers in Sun systems get the MAC address for the
ethernet interface from the PROM on the system. The MAC address does not come from
the ethernet chip or interface hardware. There is just one ethernet MAC address for all
interfaces on a system. The intel (i.e.), lance (le) ethernet interfaces along with the
SunSwift[TM] (hme) and SunFastEthernet[TM] 1.0 (be) and 2.0 Adapters (hme) use the host assigned
address of the CPU OpenBoot PROM.
Sun Microsystems uses reserved OUI reserved ethernet ranges of
08:00:20:#:#:# or 00:03:ba:#:#:# and assigns unique numbers for each OBP and
NIC that support local-mac-address.
The ones with local MAC addresses today are:
--------------------------------------------
TRI/P (4/16mbps UTP/STP Token Ring) x1039a
FreshChoice light (PCI) FastEthernet x1033a
FreshChoice (PCI) FW-scsi/FastEthernet combo x1032a
QFE/Sbus (4 MAC addresses) x1042a, x1049a
QFE/PCI (4 MAC addresses) x1034a
QFE/cPCI (4 MAC addresses) x1234
GEM/Sbus (Gigabit v2.0) x1140a
GEM/PCI (Gigabit v2.0) x1141a
GBE/PCI (Gigaswift v1.0) x1151a
GBE/PCI(copper) (Gigaswift v1.0) x1150a
GBE/PCI(combo) (Gigaswift v1.0 and FC-AL PCI combo) X2069
GBE/cPCI (Gigaswift v1.0) x1261a
Dual Fastethernet/cPCI (2 MAC addr) Dual Gigaswift v1.0@100Mb and dual SCSI) x2222a
VGE/SBus (Gigabit v1.0) x1045a
VGE/PCI (Gigabit v1.0) x1144a
FDDI/S 3.0, 4.0, 5.0 SAS and DAS For fddi-5.0: x1025a, x1026a
FDDI/P 1.0 x1035a, x1036a
ATM 155 2.0/2.1 Sbus (2.1 has 16 MAC addr, 2.0 only one) x1060a, x1061a
ATM 622 2.1 SBus (16 MAC addresses) x1064a
ATM 155/622 3.0 PCI (16 MAC addresses) x1066a, x1067a, x1068a
+ all NEW Sun network adapters from now on.
The Sun Adapters with local MAC addresses (machine access code) have
addresses encoded in the Fcode Prom. The local-mac-address property in eeprom
is used to enable this feature.
ok local-mac-address?
(Defaults to false = use system defined mac address).
This can be set for true, which allows network drivers to use their own MAC
address, not the system default. This is for use with the QFE (QuadFastEthernet)
or newer ethernet NICs listed above.
To set from the eeprom on the command line:
# eeprom local-mac-address?=true
Note: Section 3.2.3(4) of the IEEE 802.3 specification defines a reserved bit in the Ethernet
Address that can be used to administer a universally assigned ethernet
addresses. A locally administered address (LAA) can be implemented to ensure
a unique HW address.
Setting the LAA bit can be done by using a 0A hex (second bit set 1010, add 2)
as the first digit instead of 08 (1000). 8:00:20:x:x:x is Sun's universal
assignment. (1010) a:00:20:x:x:x would be a locally administered address.
The first bit is the"individual/group" bit and used by multicasting (1001 = 09,
odd number) and should be avoided.
You could also select a unique address from valid address ranges x00000000001 to x0007FFFFFFF where x can be 4, 5, 6, or 7.
To manually change the ether address, use the ifconfig "ether" option if this is needed
on a NIC that does not implement local-mac-address.
Examples (use for qe, le and hme devices):
ifconfig -a shows that hme0 is 8:0:20:77:dc:7b
Command to change ether number on additional hme interfaces:
(using first 3 bytes of 0a:0:20 and last 3 bytes of host-assigned address)
ifconfig hme1 ether 0a:0:20:77:dc:7b
ifconfig hme2 ether 0c:0:20:77:dc:7b
Sequential numbering:
ifconfig hme1 ether 0a:0:20:00:00:1
ifconfig hme2 ether 0a:0:20:00:00:2
Numbering scheme based on part of IP address:
(hme1 =192.9.200.2 hme2 = 192.9.200.16;
using 0a:0:20 for first 3 bytes and last 3 octets of IP number):
ifconfig hme1 ether 0a:0:20:09:c8:2
ifconfig hme2 ether 0a:0:20:09:c8:10
This change can be permanently added in /etc/rcS.d/S30network.sh (Solaris 8 and above)
or in /etc/rcS.d/S30rootusr.sh (Solaris 7 and below). You could also create a new script.
The token ring manual provides an example for creating /etc/rcS.d/S20trLAA.
To add ifconfig command to inetsvc:
# vi /etc/rc2.d/S72inetsvc (/etc/init.d/inetsvc startup script in Solaris 8)
Add line 67:
66 /usr/sbin/ifconfig -auD4 netmask + broadcast +
67 /usr/sbin/ifconfig hme1 ether 0a:0:20:09:c8:2
To implement the /etc/rcS.d/S20trLAA script:
# /sbin/sh
case "$1" in
'start')
echo "Configuring Interface LAA..."
/sbin/ifconfig tr0 either 0a:00:20:09:c8:02
;;
'stop')
echo "Stop of LAA is not implemented."
;;
*)
echo "Usage: $0 { start stop }"
;;
esac
To implement /etc/ether.IFACE# method in Solaris 8:
# vi /etc/rcS.d/S30network.sh (Add lines 96-99)
95 /sbin/ifconfig $1 plumb
96 if [ -f /etc/ether\.$1 ]
97 then
98 /sbin/ifconfig $1 ether `cat /etc/ether\.$1`
99 fi
# more /etc/ether.hme1
a:0:20:9:c8:88
To implement /etc/ether.IFACE# method in Solaris 7:
# vi /etc/rcS.d/S30rootusr.sh (Add lines 50-53):
49 /sbin/ifconfig $1 plumb
50 if [ -f /etc/ether\.$1 ]
51 then
52 /sbin/ifconfig $1 ether `cat /etc/ether\.$1`
53 fi
# more /etc/ether.hme1
a:0:20:9:c8:99
A crude method that is sometimes used to select a address is to ping the broadcast address and
randomly choose a number that is not being used on the network in the form of 8:0:20:XX:XX:XX.
Notes: Do not use an odd number (such as "09:") for the first byte due to the
fact that if you are implementing multicasting, the 1st bit transmitted
("individual/group" bit) of a 1 represents a multicast address.
See INFODOC ID: 15572 SYNOPSIS: Can I configure two Ethernet interfaces on the subnet?
Additional notes: For security and network isolation, you can set ip_forwarding
off and ip_strict_dst_multihoming on, if you are trying to prevent access to
the other interfaces.
"ndd /dev/ip ip_forwarding" determines if the workstation will route packets.
"ndd /dev/ip ip_strict_dst_multihoming" determines whether to use Strict
Destination Multihoming. If this variable is set to True, and ip_forwarding is
turned off, then the machine will not accept packets destined for a different
interface (RFC1122).
If you need information on determining the actual ethernet address, see:
Infodoc ID 43462 How do I find the ethernet MAC address in OBP or local-mac-address of an individual Network Interface Card?
For a quick method to determine if local-mac-address is implemented on the NIC, use prtconf to examine
local-mac-address value:
(for on-board le or hme = host assigned HW address)
$ prtconf -pv grep idprom
idprom:
01800800.208d7e88.00000000.8d7e88a9.00000000.00000000.00000000.00000000
^^^^^^^^^^^^^
(New NICs have unique addresses as in the following qfe example)
$ prtconf -pv grep local-mac-address
local-mac-address?: 'true'
local-mac-address: 0800208d.7828
local-mac-address: 0800208d.7829
local-mac-address: 0800208d.782a
local-mac-address: 0800208d.782b
Caution: This infodoc only applies to ethernet interfaces. For token ring, atm, fddi
refer to the documentation for these cards. For example, fddi has a "nf_macid nf
on-board ethernet number.
No comments:
Post a Comment