New VM MAC address restriction
-
Maybe this has been answered somewhere else and my quick search couldn't work out the keywords.
I'm looking to restrict (or at least set a default) for MAC address usage in XO/XCP-ng. In VMware, MAC addresses were limited to 00:50:56 (vCenter created) or 00:0c:29 (ESXi created) as a default. We currently use those first 6 octets to distinguish VMs from baremetal resources discovered on our network. I'm curious if there is a means of doing something like that as a default, in a template, etc. I understand individuals may be able to change it after the fact, but if I can set a standard for those first 6 inside XO/XCP-ng, it will make our VM create processes work better with our existing network discovery processes.
-
Hey
Thanks for your feedback, asking around
-
That's the part we need to change:
https://github.com/xapi-project/xen-api/blob/master/ocaml%2Fxapi%2Fxapi_vif_helpers.ml#L209But I think using the Xen OUI by default (
00:16:3e) could leak information on the hypervisor used
So we need to make it configurable. A XAPI issue will come next week and we'll see how to work with it -
Pinging @BenjiReis as a reminder so we can discuss this somewhere next week
-
@olivierlambert Did anything ever come of this?
-
It's doable but it's not yet on top priority list to our work on getting 8.3 released. But IIRC it's in our backlog, right @BenjiReis ?
-
It's in the backlog indeed but I don't know when the ETA to start this.
I guess an issue in the xen-api repo would be a good first step to see what the XAPI team think of the feature. -
I'm in the same boat -- this totally-random-MAC system is causing serious problems with my system inventory. Can we get this moved up on the priority list somehow? It seems like a pretty simple change.
-
It is not a problem at all.
You can always set MAC manually, or create VIF with certain MAC via XAPI or cli.
Link to XAPI https://xapi-project.github.io/xen-api/classes/vif.html
check create method.Cli command
xe vif-create vm-uuid=<VM UUID> network-uuid=<NETWORK UUID> device=<ETHERNET INTERFACE NUMBER> mac=<MAC ADDRESS>
Devicecould be in range 0-15
MACin format XX:XX:XX:XX:XX:XXAfter you need "activate" new VIF by command
xe vif-plug uuid=<VIF UUID>
If VM does not runningxe-guest-toolsyou have to switch off VM and power it on again to activate new VIF. -
@splastunov -- not a problem if you have the time and can train all your people (and have them remember each time) to do this manual workaround and independently select a unique MAC, which will require having a list they can easily check (and keep updated!) so they don't duplicate a MAC. On the other hand, every other virtualization platform I've used has either had a fixed OUI or a settable OUI, so I don't think this is ridiculous to ask for.
-
@mdraugh sure.
As workaround you can create simple table with MAC-IP-VM fields, and simple script to deploy new VM with first "free" MAC. Yes, it sounds like to develop your own XO, but I belive it should help alot.
-
It's not ridiculous, but it's always things to manage in our backlog. I would love to do everything at once (even if we grow fast, the backlog is still larger than our workforce). At least, it's planned.
-
FYI, Xen has a registered OUI:
00:16:3Eedit: I didn't read @olivierlambert previous post mentioning the OUI
Source: https://www.macvendorlookup.com
