MAC Address chicanery

I use DHCP reservations to centrally manage IP addressing on my networks.

I placed a reservation for my Vera a long time ago. And every once in a while I’d see a ‘rogue’ mac address pop on my lan at random times when I know I’m not adding any new gear. I just happened to suspect the vera was the source after seeing the first few octets of the rogue match the first vew of my vera. So I did some digging today when the rogue came back…

I logged into the vera and found the rogue mac in the output of ip a:
root@MiOS_50022594:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000
link/ether 78:b2:13:de:c7:f9 brd ff:ff:ff:ff:ff:ff
inet6 fe80::7ab2:13ff:fede:c7f9/64 scope link
valid_lft forever preferred_lft forever
3: gre0: mtu 1476 qdisc noop state DOWN group default
link/gre 0.0.0.0 brd 0.0.0.0
4: gretap0: <BROADCAST,MULTICAST> mtu 1476 qdisc noop state DOWN group default qlen 1000
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
7: eth0.1@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 78:b2:13:de:c7:fa brd ff:ff:ff:ff:ff:ff
inet 192.168.37.69/24 brd 192.168.37.255 scope global eth0.1
valid_lft forever preferred_lft forever
inet6 fda8:170b:5a5e::1/60 scope global
valid_lft forever preferred_lft forever
inet6 fe80::7ab2:13ff:fede:c7fa/64 scope link
valid_lft forever preferred_lft forever
70: br-wan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 78:b2:13:de:c7:f9 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.74/24 brd 192.168.0.255 scope global br-wan
valid_lft forever preferred_lft forever
inet6 fe80::7ab2:13ff:fede:c7f9/64 scope link
valid_lft forever preferred_lft forever
71: eth0.2@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-wan state UP group default
link/ether 78:b2:13:de:c7:f9 brd ff:ff:ff:ff:ff:ff
72: ra0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br-wan state UNKNOWN group default qlen 1000
link/ether 78:b2:13:de:c7:fb brd ff:ff:ff:ff:ff:ff
inet6 fe80::7ab2:13ff:fede:c7fb/64 scope link
valid_lft forever preferred_lft forever
73: apcli0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 7a:b2:13:0e:c7:fb brd ff:ff:ff:ff:ff:ff
74: rai0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br-wan state UNKNOWN group default qlen 1000
link/ether 78:b2:13:de:c7:fc brd ff:ff:ff:ff:ff:ff
inet6 fe80::7ab2:13ff:fede:c7fc/64 scope link
valid_lft forever preferred_lft forever
75: apclii0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 7a:b2:13:de:c7:fc brd ff:ff:ff:ff:ff:ff
root@MiOS_50022594:~#

And obviously, I found a whole lot more there than I expected.

  1. Why are there so many ethernet interfaces there? What is each for (aside from lo and eth0 which I assume is the physical ethernet port)

  2. What’s with the vlan tagging? I wasn’t expecting my vera to do tagging.

  3. Does the vera plus hardware have an internal vlan-enabled switch perhaps, like many “wifi routers” do?

  4. Is it important that the different macs the vera has get different IP addresses?

I’m inclined to assign the same vera Ip to all listed macs. I do this with the wired and wireless interfaces of my laptops and that works a treat. Actually prevents connections from dropping when I plug and unplug ethernet in GNU+Linux!

I think I understand how it can flipflop. Bridge interfaces (br-wan in the above example) in linux take the mac address of the first interface you add to them. So if wifi goes down or lan gets unplugged and the bridge cycles it may pick up a different one. I’d kind of prefer to configure the bridge interface to always use the same mac. But I’m not sure making that change is worth it in case it could interfere with something else.

Anyone want to take a stab at my questions above?

I see that I’m not the first one to notice mac address mischeif going on here…

I fear my actual questions got lost i the mix so here goes a TLDR:

Why are there so many ethernet interfaces? What is each for (aside from lo and eth0 which I assume is the physical ethernet port)

What’s with the vlan tagging? I wasn’t expecting my vera to do tagging.

Does the vera plus hardware have an internal vlan-enabled switch perhaps, like many “wifi routers” do?

Is it important that the different macs the vera has get different IP addresses?