This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[utm9] SW appliance, Virtual MAC issue, adapter change from eth1 w/virtual mac to eth2 w/physical MAC

Hello,

UTM9 v 9.700-4

I assigned a virtual MAC to my eth1 adapter in order to replace my ISP box (which is identifeid by its MAC address)

Upon reboot after power loss, eth1 became eth2 so my external access was down as it was tied to eth1.

I found that :

/root # cat /etc/udev/rules.d/70-persistent-net.rules
# This file was automatically generated by the Astaro Installer, then
# possibly later on written by the /lib/udev/write_net_rules generator
# script.
#
# You can modify it, as long as you keep each rule on a single line.

# PCI device 0x10ec:0x8168 (r8169)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="fc:aa:14:2f:04:d1", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"

# PCI device 0x10ec:0x8168 (r8169)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="fc:aa:14:2f:04:d3", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"

 

# PCI device 0x10ec:0x8168 (r8169)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:1e:80:44:00:e9", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth2"

 

And in the UI, eth2 has the "virtual MAC" as a HW MAC.

So, can change eth2 to eth1 in /etc/udev/rules.d/70-persistent-net.rules (given that eth2 and eth1 are the same physical adapter anyway) ?

 

But most importantly, why did eth1 with a virtual MAC became eth2 with a physical MAC ????



This thread was automatically locked due to age.
Parents
  • Salut David,

    I'm not sure I understand the situation, but I think I would try restoring from a backup prior to setting up the virtual MAC.  If that doesn't work, you might need to re-image and then restore a backup.  After that, what does /etc/udev/rules.d/70-persistent-net.rules look like?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Thank you Bob.

    Basically what I did was:

    - get ISP box MAC address.

    - unplug ISP box from fiber to ethernet box

    - assign ISP box MAC to eth1 as Virtual MAC on UTM

    - plug UTM in fiber to ethernet box

    - internet connection established and eth1 gets proper IP

    - reboot UTM

    Upon reboot:

    - loss of internet access

    - eth1 disappeared

    - eth2, with physical MAC= Virtual MAC assigned to eth1 before, appeared.

    - I had to assign eth2 physical adapter to "external" interface in UTM UI.

    So my questions stands:

    Why did eth1 with a virtual mac didn't stick and UTM created an eth2 with a physical MAC matching the virtual MAC assigned to eth1 ?

    The rules file I posted in 1st post is post reboot.

  • I understood that, David, but not why it resulted in the creation of another entry in /etc/udev/rules.d/70-persistent-net.rules.  I assumed that you tried editing that file to correct it - did you?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Afterwards l did change the eth2 to eth1 in the last line.

     

    # PCI device 0x10ec:0x8168 (r8169)
    SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:1e:80:44:00:e9", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1

     

    but the fact remains that if I want to get my original eth1 with it's HW MAC address, how whould I do, apart from deleting that last line (maybe) since the virtual MAC doesn't appear in the UI anymore ....

     

  • What does 70-persistent-net.rules look like now, David?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Exactly as I said, I just changed the eth2 in the last line to eth1:

    /root # cat /etc/udev/rules.d/70-persistent-net.rules

    # This file was automatically generated by the Astaro Installer, then

    # possibly later on written by the /lib/udev/write_net_rules generator

    # script.

    #

    # You can modify it, as long as you keep each rule on a single line.

    # PCI device 0x10ec:0x8168 (r8169)

    SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="fc:aa:14:2f:04:d1", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"

    # PCI device 0x10ec:0x8168 (r8169)

    SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="fc:aa:14:2f:04:d3", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"

    # PCI device 0x10ec:0x8168 (r8169)

    SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:1e:80:44:00:e9", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"

    ===============

    Even if I left it as eth2, eth1 would not appear in the UI and I would have to assign eth2 to "external" interface.

    This way eth1 is the same physical port whether it has a physical MAc or a virtual one.

    However, I have no way in the UI to remove the virtual MAC as it doesn't appear as such, but as a new physical interface.  

  • Last year in my home lab, I replaced a UTM 220 with a UTM 320 that we got a good deal on.  I wanted to keep the same dynamic IP, so I used the old MAC address from the 220 as the Virtual MAC assigned on the 'Hardware' tab of 'Interfaces' and changed nothing else.  This worked perfectly from the beginning.  Here's what this looks like in WebAdmin:

    I have 8 available NICs, eth0 through eth7.  There are nine entries including the following two entries in rules.d/70-persistent-net.rules:

    # PCI device 0x8086:0x10d3 (▒   )
    SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:1a:8c:37:35:59", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"

    # PCI device 0x8086:0x10d3 (e1000e)
    SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:08:02:a4:99:5f", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth8"

    I've done this for clients and never had an issue, but this is the first time I've looked at 70-persistent-net.rules as I've never needed to play with that file to accomplish what I've shown in this post.  Did you perhaps modify 70-persistent-net.rules before trying things?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I have never modified the file before.

     

    All I did was check it after a reboot when my eth1 disapeared from the UI and eth2 appeared.

    Then I modified it so my eth2 would appear as eth1 in the UI as it was before.

    I have to be away for a couple of days, but I can modifiy it back to eth2 upon my return and reboot to see what happens (without much hope of seeing an eth1 with both physical and virtual MAC)

     

  • So I did the change before hitting the road.

     

    Here's my file:

     

    # This file was automatically generated by the Astaro Installer, then
    # possibly later on written by the /lib/udev/write_net_rules generator
    # script.
    #
    # You can modify it, as long as you keep each rule on a single line.

    # PCI device 0x10ec:0x8168 (r8169)
    SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="fc:aa:14:2f:04:d1", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"

    # PCI device 0x10ec:0x8168 (r8169)
    SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="fc:aa:14:2f:04:d3", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"

     

    # PCI device 0x10ec:0x8168 (r8169)
    SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:1e:80:44:00:e9", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth2"

     

    here's what it looks like in the UI:

     

     

    so still no eth1, and no Virtual MAC

  • What you have shouldn't happen, so I would get new and older Configuration backups off the box, re-image and restore,

    RealTeks?  You might want to consider #7 in Rulz (last updated 2019-04-17).

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply Children
No Data