MAC Address Rewrite
Media Access Control (MAC) address rewrite converts the incoming traffic’s MAC address (source leader in a bidirectional clock relationship (formerly master) , destination, or both) with a user configured MAC address. The modified packets are then delivered as per flow mapping configurations. This allows the user to maintain confidentiality of the outgoing MAC address.
MAC address rewrite can be enabled in two ways:
Rule based- The MAC address rewrite functionality is enabled for traffic that qualifies a specific rule in a map. This can be enabled only for pass rules. Rule based MAC address re-write allows modifying the rule, source, and destination MAC address. |
Map Based- The MAC address rewrite functionality is enabled for traffic that qualifies any of the rules configured in regular by-Rule maps and shared collectors. The configuration applies to all the rules that are part of the map except for drop rules. Map based MAC address re-write allows modifying the source and destination MAC address and can also be applied to a deployed map. Refer to Map MAC Address Source and Destination Compatibility Matrix for more information. |
Table 1: Map MAC Address Source and Destination Compatibility Matrix
Source |
Destination |
Supported |
---|---|---|
Network |
Tool/Hybrid, Tool GigaStream/Hybrid GigaStream, Tool with Egress VLAN strip/Tool with Egress Port filters. |
Yes |
Network |
L2 Circuit Encapsulation Tunneling |
No |
Hybrid |
Tool/Hybrid, Tool GigaStream/Hybrid GigaStream, Tool with Egress VLAN strip/Tool with Egress Port filters. |
Yes |
Network /Hybrid |
Port-group(without smart-lb enabled). |
Yes |
IP interface (De-encapsulation Tunnel) |
Tool/Hybrid |
Yes |
L2GRE/VXLAN |
L2GRE/VXLAN Encapsulation tunnel. |
No |
VXLAN Header/MPLS Header stripping |
Tool/Hybrid |
No |
Network Port with Ingress VLAN tag |
Tool/Hybrid |
Yes |
L2-Circuit Tunnel |
Tool/Hybrid/GigaStream |
Yes |
VXLAN/L2GRE Tunnel de-encapsulation with IP interface |
Tool/Hybrid/GigaStream |
No |
Port-Group |
Tool/Hybrid/GigaStream |
Yes |
Note: If you have configured both map level and rule level MAC address rewrite functionality in the same map, then rule-based configuration takes priority.
Configuring MAC Address Re-write
Media Access Control address is a six byte hardware identification field with 12 hexadecimal digits that uniquely identifies a device in the network. You can rewrite the MAC source and destination fields to configurable MAC address as follows:
1. | To enable MAC address rewrite functionality through GigaVUE-FM: |
a. | Map based Configuration- To configure MAC address rewrite based on maps follow the below steps: |
• | Navigate to > Nodes >Maps ->New Map. |
• | Enable the checkbox ‘Address Rewrite’. |
• | Select either MAC Source , Mac Destination, or both . |
• | Specify the MAC Source and Destination. |
• | Click on OK to complete the configuration. |
b. | Rule based Configuration- To configure MAC address rewrite based on map rules follow the below steps |
• | Navigate to > Nodes >Maps ->New Map. |
• | Enable the checkbox ‘Address Rewrite’. |
• | From Map Rules section select either MAC Source , Mac Destination, or both. |
• | Specify the MAC Source and Destination. |
• | Click on OK to complete the configuration. |
2. | To enable MAC address rewrite through GigaVUE-OS -CLI enter the map prefix mode with the command config map alias<map> and then enter any one of the following commands such as: |
rewrite-dstmac xx:xx:xx:xx:xx:xx
rewrite-srcmac xx:xx:xx:xx:xx:xx
no rewrite-dstmac
no rewrite-srcmac
Refer to GigaVUE-OS CLI Reference Guide for more information.
License
You do not need a license to enable this feature for GigaVUE H Series. To enable this feature for GigaVUE-TA Series ensure you have Advanced Features License.
Limitations
The following are the limitations of MAC Address rewrite.
Pass-all maps are not supported. |
GSOP enabled maps are not supported. |
VXLAN/L2GRE Encapsulation tunnels are not supported |
Inline, Flex Inline maps and OOB copy maps are not supported. |
First level ,second level and transit maps are not supported. |
This feature is not supported with Fabric Maps ,L2 Circuit Tunnel Encapsulation ,VXLAN/L2GRE Tunnel Decapsulation ,MPLS and VXLAN header stripping enabled-port configurations. |
MAC address functionality will not be supported, if the map source ports are from GigaVUE-TA25 and destination ports belong to other nodes in cluster. In this scenario, use a hybrid port enabled with two level maps. However, the MAC rewrite functionality can be configured in a cluster with source ports in other devices and destination ports in GigaVUE TA25 devices. This functionality can be configured with both source and destination in the same GigaVUE TA25 device as well. |