XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    NIC Passthrough with mac spoofing

    Scheduled Pinned Locked Moved Hardware
    6 Posts 3 Posters 239 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • FionnF Offline
      Fionn
      last edited by

      Hi 🙂

      I have a VM (opnsense) with multiple NICs passed through:

      vm-param-get param-name=other-config uuid=9573800d-e20d-151d-23ff-0fe0b1c22565
bla: {blabla}; pci: 0/0000:07:00.0,0/0000:06:00.0,0/0000:05:00.0,0/0000:04:00.0,0/0000:03:00.0; blablabla; bla

      And it works perfectly fine absolutely happy with it!

      Checking on the xcp-ng host: ip a

      8: xenbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
    link/ether 88:01:5b:bl:ab:la brd ff:ff:ff:ff:ff:ff

      it lists the desired NIC with its real mac address. This is also reflected in opnsense and the same address is shown in the webui.

      I would like to change the mac to a custom one and on opnsense i can set it just fine, however the connection with the custom mac do not work.
      Found this https://xcp-ng.org/forum/topic/9351/pcie-nic-passing-through-dropped-packets-no-communication but I'm not sure if "pci=realloc=on" helps in this case.

      https://xcp-ng.org/docs/networking.html#full-mesh-network tells me how to change the mac on a non-passthrough device but cant see anything on passthrough
      Or shall I just simply pif-forget & pif-introduce with the new mac?
      pif-introduce host-uuid=host_uuid mac=mac_address_for_pif device=eth0 (or xenbr0?)

      Thanks for the inputs

      FionnF TeddyAstieT 2 Replies Last reply Reply Quote 0
      • FionnF Offline
        Fionn @Fionn
        last edited by

        /sad panda

        1 Reply Last reply Reply Quote 0
        • olivierlambertO Offline
          olivierlambert Vates 🪐 Co-Founder CEO
          last edited by

          I'm not sure this is even possible, but asking @TeddyAstie in case that rings a bell

          1 Reply Last reply Reply Quote 0
          • TeddyAstieT Offline
            TeddyAstie Vates 🪐 XCP-ng Team Xen Guru @Fionn
            last edited by

            @Fionn with NIC passthrough, the network card is fully controlled by the guest, so the host cannot do anything with it anymore.

            If you need to setup something for this network card (e.g MAC spoofing), it has to be done from within the guest.

            FionnF 1 Reply Last reply Reply Quote 0
            • olivierlambertO Offline
              olivierlambert Vates 🪐 Co-Founder CEO
              last edited by

              Out of curiosity, what about SRIOV in that case?

              1 Reply Last reply Reply Quote 0
              • FionnF Offline
                Fionn @TeddyAstie
                last edited by

                @TeddyAstie Thanks for the input.
                This is what I was afraid of somehow 🙂 In the meantime (a few months ago) I have done some tests with the machine.
                Installed opnsense as described in the opening post and directly to the device without xcp-ng just to see if there is any issue. The result is the same (i have used in both cases the same settings and same spoofed mac) the spoofing did work without xcp-ng, this is why I was hoping that something can be done via xcp.

                @olivierlambert said in NIC Passthrough with mac spoofing:

                Out of curiosity, what about SRIOV in that case?

                Regarding SRIOV right now its not possible for me to check if thats enabled/supported in the bios but its a good point, thanks 🙂 Will take about 3-4 weeks to check.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post