0

I'm running a CentOS 5.4 box for which I need to spoof a MAC address in order to make a certain software work (nothing illegal going on, before you ask).

Problem: Whenever I try to change the MAC, I no longer can connect to the network, not even the gateway.

I've used:

ip link set eth0 address <mac>

My ifcfg-eth0 file:

# Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller
DEVICE=eth0
BOOTPROTO=none
IPADDR=192.168.0.34
NETMASK=255.255.255.0
NETWORK=192.168.0.0
GATEWAY=192.168.0.36
ONBOOT=yes
NM_CONTROLLED=yes
TYPE=Ethernet
DNS1=<hidden>
DNS2=<hidden>
DOMAIN=<hidden>

Whenever I restore the original MAC address, I regain connectivity.

Perhaps it's related to the NIC brand/model? I'm at a loss, and would like to rule out software-related issues before buying a new NIC.

Any help is appreciated. Thanks in advance!

victorantunes
  • 141
  • 7
  • 2
    How long did you wait? Did you try clearing arp on the routers/switches in your broadcast domain? Did you try to use arping to send gratuitous arp once you had your new MAC? What type of switch/router are you using? – Aaron Jan 30 '17 at 15:10
  • Spoofing an existing MAC address will really mess up a network. If you are trying to make up your own MAC address, did you make sure the U/L and I/G bits are set correctly? – Ron Maupin Jan 30 '17 at 15:18
  • +1 to what Aaron said, use arping to advertise your new MAC address. – Mugurel Jan 30 '17 at 15:29
  • @Mugurel how would I go about advertising that? – victorantunes Jan 30 '17 at 16:25
  • @RonMaupin I'm actually cloning the MAC from a production environment box, so I guess we can assume the bits are fine, no? – victorantunes Jan 30 '17 at 16:27
  • Actually, if you are not using the BIA MAC address on the interface, you are supposed to flip the U/L bit to Local to identify that it is locally assigned, not from the interface manufacturer. – Ron Maupin Jan 30 '17 at 16:29
  • @Aaron I've been on this for a few days now. How would I go about clearing the arp caches? I tried using `arping -U ` with no success. I'm using Cisco SG300-52. – victorantunes Jan 30 '17 at 16:29
  • Switches don't use ARP, routers do. A switch will have a MAC address table, but ARP resolves a layer-3 address to a layer-2 address, and switches don't care about layer-3 at all. If it is a layer-3 switch, it is first a layer-2 switch with a MAC address table with a router module that has an ARP cache. – Ron Maupin Jan 30 '17 at 16:32
  • @RonMaupin my issue is: I need to use exactly that MAC, in order to match the one that's registered on the license. That MAC is originated from another machine, in which said software works fine. I'm now configuring a failover machine, but the MAC has to be an exact copy. Any hints? – victorantunes Jan 30 '17 at 16:32
  • What if the software looks at the BIA MAC address instead of the one you assign? You cannot overwrite the BIA address. – Ron Maupin Jan 30 '17 at 16:34
  • @RonMaupin That's a good point. Perhaps I'll have better luck migrating to a VM then? – victorantunes Jan 30 '17 at 19:25

2 Answers2

0

Are you connected via ethernet cable to a cisco switch ? if yes, check the Switchport security settings if they are enabled and if they are allowing only 1 MAC address (the original one).

Ottootto
  • 11
  • 1
  • 5
0

unfortunately I do not have sufficient reputation to comment... So I'm posting this as an answer. Whilst I have no experience of changing the MAC address on CentOS 5, I have done it on CentOS 6, which had a similar issue, no network after changing the MAC address.

I discovered that CentOS 6 persists the current MAC in a net rules file and if the hardware disagrees with the settings you get failure. So in order to fix simply delete the file and reboot, as if the file is missing CentOS 6 will re-create it.

The command used to fix CentOS 6 is

sudo rm /etc/udev/rules.d/70-persistent-net.rules
MNB
  • 101
  • 3