Red Hat Summit Red Hat SummitSupportoConsoleSviluppatoriInizia una provaContatti

Questo contenuto non è disponibile nella lingua selezionata.

Chapter 46. Configuring network devices to accept traffic from all MAC addresses

Network devices usually intercept and read packets that their controller is programmed to receive. You can configure the network devices to accept traffic from all MAC addresses in a virtual switch or at the port group level.

You can use this network mode to:

  • Diagnose network connectivity issues
  • Monitor network activity for security reasons
  • Intercept private data-in-transit or intrusion in the network

You can enable this mode for any kind of network device, except InfiniBand.

46.1. Temporarily configuring a device to accept all traffic
Copia collegamento

You can use the ip utility to temporarily configure a network device to accept all traffic regardless of the MAC addresses.

Procedure

  1. Optional: Display the network interfaces to identify the one for which you want to receive all traffic: 

    # ip address show
1: enp1s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
    link/ether 98:fa:9b:a4:34:09 brd ff:ff:ff:ff:ff:ff
...
    Copy to Clipboard Toggle word wrap

  2. Modify the device to enable or disable this property:

    • To enable the accept-all-mac-addresses mode for enp1s0: 

      # ip link set enp1s0 promisc on
      Copy to Clipboard Toggle word wrap

    • To disable the accept-all-mac-addresses mode for enp1s0: 

      # ip link set enp1s0 promisc off
      Copy to Clipboard Toggle word wrap

Verification

  • Verify that the accept-all-mac-addresses mode is enabled: 

    # ip link show enp1s0
1: enp1s0: <NO-CARRIER,BROADCAST,MULTICAST,PROMISC,UP> mtu 1500 qdisc fq_codel state DOWN mode DEFAULT group default qlen 1000
    link/ether 98:fa:9b:a4:34:09 brd ff:ff:ff:ff:ff:ff
    Copy to Clipboard Toggle word wrap

    The PROMISC flag in the device description indicates that the mode is enabled.

You can use the nmcli utility to permanently configure a network device to accept all traffic regardless of the MAC addresses.

Procedure

  1. Optional: Display the network interfaces to identify the one for which you want to receive all traffic: 

    # ip address show
1: enp1s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
    link/ether 98:fa:9b:a4:34:09 brd ff:ff:ff:ff:ff:ff
...
    Copy to Clipboard Toggle word wrap

    You can create a new connection, if you do not have any.

  2. Modify the network device to enable or disable this property.

    • To enable the ethernet.accept-all-mac-addresses mode for enp1s0: 

      # nmcli connection modify enp1s0 ethernet.accept-all-mac-addresses yes
      Copy to Clipboard Toggle word wrap

    • To disable the accept-all-mac-addresses mode for enp1s0: 

      # nmcli connection modify enp1s0 ethernet.accept-all-mac-addresses no
      Copy to Clipboard Toggle word wrap

  3. Apply the changes, reactivate the connection: 

    # nmcli connection up enp1s0
    Copy to Clipboard Toggle word wrap

Verification

  • Verify that the ethernet.accept-all-mac-addresses mode is enabled: 

    # nmcli connection show enp1s0
...
802-3-ethernet.accept-all-mac-addresses:1     (true)
    Copy to Clipboard Toggle word wrap

    The 802-3-ethernet.accept-all-mac-addresses: true indicates that the mode is enabled.

Use the nmstatectl utility to configure a device to accept all traffic regardless of the MAC addresses through the Nmstate API. The Nmstate API ensures that, after setting the configuration, the result matches the configuration file. If anything fails, nmstatectl automatically rolls back the changes to avoid leaving the system in an incorrect state.

Prerequisites

  • The nmstate package is installed.
  • The enp1s0.yml file that you used to configure the device is available.

Procedure

  1. Edit the existing enp1s0.yml file for the enp1s0 connection and add the following content to it: 

    ---
interfaces:
  - name: enp1s0
    type: ethernet
    state: up
    accept -all-mac-address: true
    Copy to Clipboard Toggle word wrap

    These settings configure the enp1s0 device to accept all traffic.

  2. Apply the network settings: 

    # nmstatectl apply ~/enp1s0.yml
    Copy to Clipboard Toggle word wrap

Verification

  • Verify that the 802-3-ethernet.accept-all-mac-addresses mode is enabled: 

    # nmstatectl show enp1s0
interfaces:
  - name: enp1s0
    type: ethernet
    state: up
    accept-all-mac-addresses:     true
...
    Copy to Clipboard Toggle word wrap

    The 802-3-ethernet.accept-all-mac-addresses: true indicates that the mode is enabled.

Red Hat logoGithubredditYoutubeTwitter

Formazione

Prova, acquista e vendi

Community

Informazioni sulla documentazione di Red Hat

Aiutiamo gli utenti Red Hat a innovarsi e raggiungere i propri obiettivi con i nostri prodotti e servizi grazie a contenuti di cui possono fidarsi. Esplora i nostri ultimi aggiornamenti.

Rendiamo l’open source più inclusivo

Red Hat si impegna a sostituire il linguaggio problematico nel codice, nella documentazione e nelle proprietà web. Per maggiori dettagli, visita il Blog di Red Hat.

Informazioni su Red Hat

Forniamo soluzioni consolidate che rendono più semplice per le aziende lavorare su piattaforme e ambienti diversi, dal datacenter centrale all'edge della rete.

Theme

© 2026 Red HatTorna in cima