Hi, On Wed, 2018-08-08 at 08:24 -0400, Robert Moskowitz wrote:
On 08/07/2018 09:07 AM, Thomas Haller wrote:On Tue, 2018-08-07 at 08:43 -0400, Robert Moskowitz wrote:I hope this is the right list for nmcli. I want to set MACADDR in ifcfg-eth0 I thought it was: nmcli con mod eth0 mac "02:67:15:00:81:0B" but this sets HWADDR, which has a totally different use. I could then change HWADDR to MACADDR with: sed -i -e "s/HWADDR/MACADDR/w /dev/stdout" /etc/sysconfig/network-scripts/ifcfg-eth0 But that is a hack. It would be nice to be able to directly set MACADDR, but I cannot find any documentation that states how to do this. thanksHi, $ nmcli connection modify "$PROFILE" ethernet.cloned-mac-address "$MAC"I wonder what the history of naming this object 'cloned' mac address? Perhaps because we were cloning the address of the broken card for the new card so the licensed software would work? :)
Historical reasons. I agree, the name is suboptimal. But changing it now, would be too much hazzle.
I did that a lot in my early days with 3com cards and VAX ethernet adapters. Now we use it for ARM boards (and others) that come without a MAC address and the uboot or OS has to invent some local scope address.
Oh, btw, you might like setting it to "stable". The property can also be configured with a system-wide default value (see `man NetworkManager.conf`). That is, drop a file /etc/NetworkManager/conf.d/90-mac-addr.conf with [connection-mac-addr] ethernet.cloned-mac-address=stable and it will be used by default in all profiles (which don't specify the cloned-mac-address option explicitly). If you'd like some details, see `man nm-settings` or [1]. [1] https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/
Theoretically, this is documented in `man nm-settings`. However, the manual is generated and for cloned-mac-address the generated documentation is confusing. It's confusing, because `man nm- settings` is undecided whether it documents libnm GObject properties or D-bus API. Especially, since you care about nmcli syntax. In most cases, there is little difference between libnm API, D-Bus API and nmcli, so "nm-settings" manual does apply. For "cloned-mac-address" it's different. And as you seem concerned about ifcfg files, see also `man nm-settings-ifcfg-rh`. But usually, you would not concern yourself with the details of ifcfg files.You do for ARM based servers. No GUI typically. Fixed IP addressing and the like and a predictable MAC addr. Sometimes the uboot is consistent for a given board on how it computes the MAC address. Of course a new version of uboot may compute it differently. So perhaps there is a more modern method than using ifcfg files for servers. I have not encountered it. I have at least switched from hand coding my ifcfg to using nmcli in scripts.
The modern way is NetworkManager ;-)
If you look at `man nmcli` it has a table: PROPERTY ALIASES Table 3. Wired Ethernet options ┌───────────┬──────────────────────────┐ │Alias │ Property │ ├───────────┼──────────────────────────┤ │mtu │ wired.mtu │ ├───────────┼──────────────────────────┤ │mac │ wired.mac-address │ ├───────────┼──────────────────────────┤ │cloned-mac │ wired.cloned-mac-address │ └───────────┴──────────────────────────┘And you have to realize that mac maps to HWADDR to link the ifcfg to a specific card. While cloned-mac maps to MACADDR to set the MAC address actually used for an interface. I had to read a lot to tease that distinction out.
The details of ifcfg syntax, are only relevant if you want to switch between NetworkManager and initscripts, and use the same ifcfg files in both setups. If you use NetworkManager exclusively, it is not necessary to concern yourself with ifcfg syntax. For $MACADDR variable, this is relatively straight forward. But how $IPV6INIT, $IPV6FORWARDING, $IPV6_AUTOCONF, and $DHCPV6C work together to result in ipv6.method setting, is far from obvious. It's less error- prone to just set ipv6.method via nmcli. But if you want to pre-deploy profiles and copy them around, you are indeed concerned with the files. Sure, that works. Maybe you'd want to use keyfiles for that however. best, Thomas
Attachment:
signature.asc
Description: This is a digitally signed message part