Faking multiple physical adapters for DHCPDISCOVER

John Nielsen lists at jnielsen.net
Wed Apr 12 18:27:12 UTC 2006

On Wednesday 12 April 2006 13:08, Terrence Koeman wrote:
> > -----Original Message-----
> > From: Chuck Swiger [mailto:cswiger at mac.com]
> > Sent: Tuesday, April 11, 2006 6:17 PM
> > Subject: Re: Faking multiple physical adapters for DHCPDISCOVER
> >
> > Terrence Koeman wrote:
> > [ ... ]
> >
> > > I need to 'clone' the xl1 adapter to appear as three adapters, each
> > > with a distinct MAC address. This because my provider has assigned me
> > > three semi-static addresses of which I want to use 1 for outbound
> > > NAT-traffic and two for static NAT.
> > >
> > > These addresses are semi-static because they are basically MAC-based
> > > reservations on the providers DHCP server, and it happens to be that
> > > I'm required to aquire a DHCP lease for all three addresses for
> > > routing to work properly. If I configure the addresses statically the
> > > connectivity 'disappears' after a while.
> >
> > The reason why your ISP has configured their system in such a fashion is
> > to
> prevent people from claiming multiple static IPs from a single machine.
> > If you're not happy with their AUP, use another provider, or pay for a
> dedicated IP allocation of whatever size you need.
> > --
> > -Chuck
> That's not the case here, I'm actually trying to use less IP's. And besides
> that my ISP allows up to 16 IP's to be used in their AUP.
> I have about 5 clients that can share 1 IP with NAT and I have 2 other
> clients that need to have an IP of their own.
> If I can have all IP's bound to the server then I can simply NAT the 5
> clients and static-NAT the remaining 2. Otherwise I'd need to bridge/route
> and do NAT at the same time, which is not possible here, because then the 5
> NAT-ed clients would need to get their IP's from the local DHCP server and
> the 2 bridged clients would need to get them from the ISP DHCP server. I
> could block DHCP from being bridged and do DHCP proxying for the other 2
> clients, but it'd make it all much more complicated.

One approach could be to create multiple vlan(4) interfaces and make them all 
children of the outward-facing interface.  You could then assign a different 
ethernet address to each one.  Of course, you would also need to either use a 
switch that supports vlans in between your outward-facing interface and your 
provider or use something like if_bridge(4) to tie all the vlans back into 
the parent interface.  You could then run dhclient on each vlan and either 
leave it at that or harvest the addresses, destroy the vlans, and add the 
addresses back as aliases on the parent interface.

Granted, this may be at least as complicated as your other workaround above, 
but it could be made to work.

Another possibility would be to get the DHCP leases sequentially by 
alternately setting the ethernet address on your outward-facing interface and 
running dhclient.  You would of course have to store the results in between 
and add them all back in as aliases when you were done.

Finally, you could build your own program or script that crafts DHCP packets 
manually and handles the results appropriately for your situation. (The ports 
collection contains net/p5-Net-DHCPClient, which might serve your purposes.)

Have fun...


More information about the freebsd-questions mailing list