P Chaitra-A15829 wrote: > > Any help on this. > > Thanks, > > Chaitra > > ------------------------------------------------------------------------ > > *From:* vlan-bounces@xxxxxxxxxxxxxxx > [mailto:vlan-bounces@xxxxxxxxxxxxxxx] *On Behalf Of *P Chaitra-A15829 > *Sent:* Thursday, September 21, 2006 8:56 PM > *To:* vlan@xxxxxxxxxxxxxxx > *Subject:* [VLAN] RE: MAC Spoofing > > Resnding again.. > > Also, one more information is : > > The ARP Response from the host for the spoofed IP address (on spoofed > MAC address) is going with the main or primary MAC address. > Try: echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_filter echo 1 > /proc/sys/net/ipv4/conf/eth0.201/arp_filter You might also try googling for arp_filter. Ben > > On ?*_himadri_*? host : > > 20:38:38.767042 arp who-has 192.2.84.201 (Broadcast) tell himadri > ====== These are the snoop on the ?himadri? host from which ping was > done to IP ?192.2.84.201 ?. > > 20:38:38.767048 arp reply 192.2.84.201 is-at 00:11:11:29:78:26 ========= > > On *_arabhi_* host (VLANs are created here) : > > [root@arabhi aspect1]# ifconfig -a > > eth0 Link encap:Ethernet HWaddr 00:11:11:29:78:26 > > inet addr:192.2.84.91 Bcast:192.2.84.255 Mask:255.255.255.0 > > eth0.201 Link encap:Ethernet HWaddr 00:11:11:29:78:21 ==========? this > is spoofed MAC interface on ?arabhi? host. > > inet addr:192.2.84.201 Bcast:192.2.84.255 Mask:255.255.255.0 > > inet6 addr: fe80::211:11ff:fe29:7821/64 Scope:Link > > To add to this the eth0 on the ?arabhi? was set in promiscuous mode. > > Kindly let me know if I am missing here something. > > Thanks, > > Chaitra > > ------------------------------------------------------------------------ > > *From:* P Chaitra-A15829 > *Sent:* Thursday, September 21, 2006 2:22 PM > *To:* 'vlan@xxxxxxxxxxxxxxx' > *Subject:* RE: MAC Spoofing > > Hi, > > I am also getting this warning when I create vlan id for the first > time on this machine : > > vconfig add eth0 200 > > WARNING: Could not open /proc/net/vlan/config. Maybe you need to load > the 8021q module, or maybe you are not using PROCFS?? > > Added VLAN with VID == 200 to IF -:eth0:- > > But when I cat this file it shows this : > > cat /proc/net/vlan/config > > VLAN Dev name | VLAN ID > > Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD > > eth0.200 | 200 | eth0 > > Kindly let me know if I need any patch here !.. > > Thanks, > > Chaitra > > -----Original Message----- > From: Ben Greear [mailto:greearb@xxxxxxxxxxxxxxx] > Sent: Thursday, September 21, 2006 11:17 AM > To: P Chaitra-A15829 > Subject: Re: MAC Spoofing > > P Chaitra-A15829 wrote: > > > > > > Hi Ben, > > > > > > I have read through your pages (http://www.candelatech.com/~greear/) > > > to understand how to configure VLAN. > > > > > > Below is my need : > > > > > > 1. I have one network interface card with a primary (or default) > > > MAC address. > > > 2. I want to create multiple VLAN IDs on the same interface card > > > with different MAC and IP addresses. > > > 3. I would like to perform DHCP for individual MAC addresses. > > > > > > I understand that this is possible. > > > > > > To test this I just started by configuring the VLAN on the following > > > linux machine : > > > > > > Red Hat Enterprise Linux WS release 4 (Nahant Update 2) Kernel > > > 2.6.9-22.ELsmp on an i686 > > > > > > I have used the following command to configure the VLAN : > > > > > > vconfig add eth0 5 > > > > > > ifconfig eth0.5 hw ether 00:11:11:29:78:30 > > > > > > ifconfig eth0.5 inet 192.2.84.203 > > > > > > After this I am trying to ping from other host to this ?192.2.84.203? > > > IP address but I don?t see the corresponding MAC address being used in > > > the ethernet frame. > > > > > > Even the arp table on the host shows the default MAC address of this > > > machine rather than this MAC ?00:11:11:29:78:30? address. > > > > > > Looks like I am missing something here?? DO I need to configure the > > > switch for the vlan trunk?? > > > > > Probably so. You certainly need to be using tagged vlan traffic in order > > to talk to the > > eth0.5 VLAN that you created. > > Please send future email to the VLAN mailing list. If you can also > > include the output of: > > route -n > > ifconfig -a > > it will help us understand what you are trying to do. > > Thanks, > > Ben > > > Thanks and Regards, > > > > > > Chaitra > > > > > > +91 80 2601 2087 > > > > > -- > > Ben Greear <greearb@xxxxxxxxxxxxxxx> > > Candela Technologies Inc http://www.candelatech.com > > ------------------------------------------------------------------------ > > _______________________________________________ > Vlan mailing list > Vlan@xxxxxxxxxxxxxxx > http://www.candelatech.com/mailman/listinfo/vlan > -- Ben Greear <greearb@xxxxxxxxxxxxxxx> Candela Technologies Inc http://www.candelatech.com
