# After changing mac address network don't working (in Freebsd 13)



## alex-t (Jun 12, 2021)

Hi!

I have fanless pc like this. I install FreeBSD 13 on it, and very quickly make simple router from it. It has 2 ethernet ports, re0 and re1 (realtek devices). I want permanently change mac address of re0, in my rc.conf:

```
ifconfig_re0="ether 00:11:22:33:44:55"
```
And it applied:

`ifconfig re0`

Result (after reboot):


```
re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500

        options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
        ether 00:11:22:33:44:55
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
```

But network not works completely, I cannot receive ip address from dhcp. If I don't change mac - all works fine.
I try to `ifconfig re0 down` and `ifconfig re0 up` and then `dhclient re0`, but no luck.

Just for fun I run Kali linux from usb device, and on Kali do this:

`sudo ifconfig eth0 hw ether 00:11:22:33:44:55`

And it works, network works fine, other devices see 00:11:22:33:44:55 in their arp tables.

What wrong in freebsd?


----------



## Alain De Vos (Jun 12, 2021)

Try in /etc/rc.conf

```
ifconfig_re0="DHCP"
ifconfig_re0_ipv6="inet6 accept_rtadv"
```


----------



## Vull (Jun 12, 2021)

You can't really change a MAC address because it's burned into the device. It's a unique identifier which can't be changed. What you are trying to do is called spoofing your MAC address. It's like lying about who the machine really is. Nothing is wrong with FreeBSD, it just won't let you spoof your MAC address.


----------



## alex-t (Jun 12, 2021)

```
ifconfig_re0="DHCP ether 00:11:22:33:44:55"
ifconfig_re0_ipv6="inet6 accept_rtadv"
```

No changes - network not works completely.


----------



## Alain De Vos (Jun 12, 2021)

The MAC address is produced by software. Anything produced by software can be changed.
Normally the software takes the MAC-address from the information it receives from hardware driver, it includes for instance the manufacturer.
A link,








						set MAC address at boot
					

I cannot figure out how to set MAC at boot.  Any help please.  I've all sorts in rc.conf:  #ifconfig_em0="link be:ef:be:ef:be:ef" #ifconfig_em0="inet 193.35.157.168  netmask 255.255.255.0" #ifconfig_em0="inet 193.35.157.168 netmask 255.255.255.0 link 2b:3b:4b:5b:6b:7b"  Can't set link and inet...




					forums.freebsd.org
				



/etc/rc.conf

```
ifconfig_re0_alias0="link 2b:3b:4b:5b:6b:7b"
```
or
/etc/start_if.re0

```
lladdr be:ef:be:ef:be:ef
```


----------



## alex-t (Jun 12, 2021)

Vull said:


> You can't really change a MAC address because it's burned into the device. It's a unique identifier which can't be changed. What you are trying to do is called spoofing your MAC address. It's like lying about who the machine really is. Nothing is wrong with FreeBSD, it just won't let you spoof your MAC address.


You want to say that it is impossible in FreeBSD? It has commands, but some part of FreeBSD prevents spoofing mac address?
For example, if my ISP allow me access by MAC address, if I change router - I want to change outer mac, visible by ISP.
In my case I need go to ISP office for new contact (mac address fitted into contract), or change my mac (this is simple for me).


----------



## alex-t (Jun 12, 2021)

I run virtual machine, FreeBSD guest on Linux host, and changing mac address works for virtual network cards. Heh, may be problems in drivers or kernel...


----------



## SirDice (Jun 12, 2021)

Vull said:


> You can't really change a MAC address because it's burned into the device. It's a unique identifier which can't be changed.


No, it's not. You can change it to anything you like. Whether or not this is actually useful is debatable.


----------



## SirDice (Jun 12, 2021)

alex-t said:


> You want to say that it is impossible in FreeBSD?


It's not. But it does beg the question _why_ do you want to change the MAC address?



alex-t said:


> In my case I need go to ISP office for new contact (mac address fitted into contract),


A simple phone call or email usually suffices and they'll change the registered MAC address (some ISPs do indeed lock this). You don't need to get a new contract, that's ridiculous.


----------



## Vull (Jun 12, 2021)

SirDice said:


> No, it's not. You can change it to anything you like. Whether or not this is actually useful is debatable.


Things have changed since I worked in this area. It's a complex issue now involving privacy as well as security angles. It's also possible for me to change my social security number. Yes it is debatable but I'm not here to debate it.  My apologies. Carry on.


----------



## Alain De Vos (Jun 12, 2021)

Vull, IPV6 is interesting in this regards .
And the "ipv6_privacy" setting in rc.conf


----------



## Vull (Jun 12, 2021)

Alain De Vos said:


> Vull, IPV6 is interesting in this regards .
> And the "ipv6_privacy" setting in rc.conf


I guess I just didn't know it was going to be that kind of a party. xD


----------



## alex-t (Jun 12, 2021)

I'm not understand how related ipv6 settings in my case. I use ipv4 only.


----------



## alex-t (Jun 12, 2021)

```
arp -ad
```
 does not help too.


----------



## alex-t (Jun 12, 2021)

On my old asus laptop changing mac in FreeBSD 13 livecd works fine.
On my new router changing mac from FreeBSD 13 livecd not works too.


----------



## Alain De Vos (Jun 12, 2021)

Maybe you are mac-locked by your telco-provider.
Can you login into the dhcp-server and check verify the ip-distribution.
Many times there is a web interface to do so.
As last resort you can install wireshark and analyse the protocol.


----------



## alex-t (Jun 12, 2021)

Alain De Vos said:


> Maybe you are mac-locked by your telco-provider.
> Can you login into the dhcp-server and check verify the ip-distribution.
> Many times there is a web interface to do so.
> As last resort you can install wireshark and analyse the protocol.


Now this computer connected to another router, with local DHCP server. Not to ISP directly. And I cannot get address from dhcp, or make any other network activity.
My local router does not blocks anything, for example if I boot into Kali linux, I can change MAC and all works fine.

And if I change MAC address on my old laptop on FreeBSD in liveCD mode - all works fine too.

Seems problem is deeper, in kernel or network drivers.


----------



## Alain De Vos (Jun 12, 2021)

Serious ?
The network stack is thoroughly tested.
PS : If the DHCP server is under your control, you can put in the DHCP server the mac adres of the client and a fix ip to test.


----------



## alex-t (Jun 12, 2021)

DHCP is under my control, it is simple DIR-615 

Problem that is network completely not works after change mac address.

Both ethernet devices on this pc are same, both are Realtek Semiconductor Co., Ltd., RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller.


----------



## alex-t (Jun 13, 2021)

I'm trying to build my own kernel, with only network devices that I have. No luck again.


----------



## Alain De Vos (Jun 13, 2021)

Why do you want to change your MAC-address ?


----------



## Crivens (Jun 13, 2021)

The mac./.ip relation can also be cached by a device. Maybe you need to power cycle the parts dpwnlink from your machine in order to make them forget that at that line once was a different mac. And maybe plug in the network once the machine has booted.


----------



## alex-t (Jun 13, 2021)

Alain De Vos said:


> Why do you want to change your MAC-address ?


Now it is simple interesting for me


----------



## alex-t (Jun 13, 2021)

And last very interesting thing. I'm trying to `tcpdump -ni re0` on second console, in first I `dhclient re0`.

AND IT WORKS!!!
All network activity works now, any protocols, routing and so on.

But how? What doing tcpdump to make it working?
May be other ifconfig command to reinitialize network interface or something similar? `ifconfig re0 down` and `ifconfig re0 up` does not help.


----------



## SirDice (Jun 13, 2021)

alex-t said:


> What doing tcpdump to make it working?


tcpdump(1) switches the interface to promiscuous mode.


----------



## alex-t (Jun 13, 2021)

Hmmm... Can it be done by some other command that can be placed in startup scripts?


----------



## SirDice (Jun 13, 2021)

From ifconfig(8):

```
promisc
             Put interface into permanently promiscuous mode.
```

So, `ifconfig_re0="DHCP ether de:ad:be:ef:f0:0d promisc"`


----------



## alex-t (Jun 13, 2021)

SirDice said:


> From ifconfig(8):
> 
> ```
> promisc
> ...


Thank you, SirDice!
Yes, it is an answer 

Looks like network device filters frames on 2 OSI level by himself. And I need to enable directly promisc mode to disable that filtering on NIC level.

May be in linux this mode is auto-enabled when I change MAC.


----------

