Multiple MAC Addresses Over One Network Card

Good day,

I was looking to have Qubes route certain traffic with a different MAC address so that it could be identified by my other network equipment. I saw a discussion related to this, but sadly the only answer given was to use firewalls to route traffic instead of other network equipment.

I am well aware that this should be possible in general, since this is done on other OSs that use virtual machines, but I am not certain if it is possible on QubesOS.

The two possible solutions I have come up with but have not been able to implement are as follows:
Example 1: All traffic is routed to sys-net, then sys-net sorts traffic based on the firewall it came from.
Example 2: There are “mulitple sys-nets” that are specific to each MAC address. So you just point your firewall at the MAC address you want to use.

The key issue here is only using one network card.

I have created a little graphic to help illustrate what I am trying to accomplish.

example3343×1853 297 KB

Thank you very much! Any advice is appreciated!

Good day to you.

Either of the options you outline will work, although I cant see the
graphic, I can imagine what it looks like. (A description or ascii
outline would have helped.)

Example 1 will be easier to implement in Qubes.
Example 2 will work (even with a single card) - you can use macvlan to
create new MAC addresses on the card, or you could use nftables to mark
packets and a routing rule to send them via a specfici routing table.

You dont say what you did to implement 1, or in what way it did not
work. As always, some concrete details would help.

I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.