Virtual network interface in Mac OS X

Question

I know that you can make a virtual network interface in Windows  see here   and in Linux it is also pretty easy with ip-aliases  but does something similar exist for Mac OS X  I ve been looking for loopback adapters  virtual interfaces and couldn t find a good solution    You can create a new interface in the networking panel  based on an existing interface  but it will not act as a real fully functional interface  if the original interface is inactive  then the derived one is also inactive    This scenario is needed when working in a completely disconnected situation  Even then  it makes sense to have networking capabilities when running servers in a VMWare installation  Those virtual machines can be reached by their IP address  but not by their DNS name  even if I run a DNS server in one of those virtual machines  By configuring an interface to use the virtual DNS server  I thought I could test some DNS scenario s  Unfortunately  no interface is resolving DNS names if none of them are inactive

User · Answer

Take a look at this tutorial  it s for FreeBSD but also applies to OS X  http   people freebsd org  arved vlan vlan en html

User · Answer

ifconfig interfacename create will create a virtual interface

User · Answer

What do you mean by       but it will not act as a real fully functional interface  if the original interface is inactive  then the derived one is also inactive       I can make a new interface  base it on an already existing one  then disable the existing one and the new one still works  Making a second interface does however not create a real interface  when you check with ifconfig   it will just assign a second IP to the already existing one  however  this one can be DHCP while the first one is hard coded for example    So did I understand you right  that you want to create an interface  not bound to any real interface  How would this interface then be used  E g  if you disconnect all WLAN and pull all network cables  where would this interface send traffic to  if you send traffic to it  Maybe your question is a bit unclear  it might help a lot if rephrase it  so it s clear what you are actually trying to do with this  virtual interface  once you have it   As you mentioned  alias IP  in your question  this would mean an alias interface  But an alias interface is always bound to a real interface  The difference is in Linux such an interface really IS an interface  e g  an alias interface for eth0 could be eth1   while on Mac  no real interface is created  instead a virtual interface is created  that can configured and used independently  but it is still the same interface physically and thus no new named interface is generated  you just have two interfaces  that are both in fact en0  but both can be enabled disabled and configured independently

User · Answer

i have resorted to running PFSense  a BSD based router firewall to achieve this goal      why   because OS X Server gets so FREAKY without a Static IP     so after wrestling with it for DAYS to make NAT and DHCP and firewall and      I m trying this is parallels     will let ya know how it goes

User · Answer

In regards to  bmasterswizzle s BRILLIANT answer - more specifically - to  DanRamos  question about how to force the new interface s link-state to  up    I use this script  of whose origin I cannot recall  but which works fabulously  in coordination with  bmasterswizzles  Mona Lisa  of answers         bin zsh       UID  -ne  0      amp  amp  echo  You must be root  Goodbye      amp  amp  exit 1 echo  starting  exec 4 lt  gt  dev tap0 ifconfig tap0 10 10 10 1 10 10 10 255 ifconfig tap0 up ping -c1 10 10 10 1 echo  ending  export PS1  tap interface gt   dd of  dev null  lt  amp 4  amp    continuously reads from buffer and dumps to null   I am NOT quite sure I understand the alteration to the prompt at the end  or        dd of  dev null  lt  amp 4  amp    continuously reads from buffer and dumps to null   but WHATEVER  it works   link light  green    loves it

User · Answer

In regards to  bmasterswizzle s BRILLIANT answer - more specifically - to  DanRamos  question about how to force the new interface s link-state to  up    I use this script  of whose origin I cannot recall  but which works fabulously  in coordination with  bmasterswizzles  Mona Lisa  of answers         bin zsh       UID  -ne  0      amp  amp  echo  You must be root  Goodbye      amp  amp  exit 1 echo  starting  exec 4 lt  gt  dev tap0 ifconfig tap0 10 10 10 1 10 10 10 255 ifconfig tap0 up ping -c1 10 10 10 1 echo  ending  export PS1  tap interface gt   dd of  dev null  lt  amp 4  amp    continuously reads from buffer and dumps to null   I am NOT quite sure I understand the alteration to the prompt at the end  or        dd of  dev null  lt  amp 4  amp    continuously reads from buffer and dumps to null   but WHATEVER  it works   link light  green    loves it

User · Answer

A few others seemed to hint at this  but the following demonstrates using ifconfig to create a vlan and test DNS on the virtual interface  using minidns  on OS X 10 9 5     sw vers -productVersion 10 9 5   sudo ifconfig vlan169 create  amp  amp  echo vlan169 created vlan169 created   sudo ifconfig vlan169 inet 169 254 169 254 netmask 255 255 255 255  amp  amp  echo vlan169 configured vlan169 configured   sudo   minidns py 169 254 169 254  amp   1  35125   miniDNS      60 IN A 169 254 169 254     dig  169 254 169 254  short test host Request  test host  - gt  169 254 169 254 Request  test host  - gt  169 254 169 254 169 254 169 254   sudo kill 35125     1    Exit 143                sudo   minidns py 169 254 169 254   sudo ifconfig vlan169 destroy  amp  amp  echo vlan169 destroyed vlan169 destroyed

User · Answer

Replying in particular to      You can create a new interface in the networking panel  based on an existing interface  but it will not act as a real fully functional interface  if the original interface is inactive  then the derived one is also inactive     This can be achieved using a Tun Tap device as suggested by psv141  and manipulating the  Library Preferences SystemConfiguration preferences plist file to add a NetworkService based on either a tun or tap interface  Mac OS X will not allow the creation of a NetworkService based on a virtual network interface  but one can directly manipulate the preferences plist file to add the NetworkService by hand  Basically you would open the preferences plist file in Xcode  or edit the XML directly  but Xcode is likely to be more fool-proof   and copy the configuration from an existing Ethernet interface  The place to create the new NetworkService is under  NetworkServices   and if your Mac has an Ethernet device the NetworkService profile will also be under this property entry  The Ethernet entry can be copied pretty much verbatim  the only fields you would actually be changing are    UUID UserDefinedName IPv4 configuration and set the interface to your tun or tap device  i e  tun0 or tap0   DNS server if needed    Then you would also manipulate the particular Location you want this NetworkService for  remember Mac OS X can configure all network interfaces dependent on your  Location    The default location UUID can be obtained in the root of the PropertyList as the key  CurrentSet   After figuring out which location  or set  you want  expand the Set property  and add entries under Global IPv4 ServiceOrder with the UUID of the new NetworkService  Also under the Set property you need to expand the Service property and add the UUID here as a dictionary with one String entry with key   LINK   and value as the UUID  use the other interfaces as an example    After you have modified your preferences plist file  just reboot  and the NetworkService will be available under SystemPreferences- Network  Note that we have mimicked an Ethernet device so Mac OS X layer of networking will note that  a cable is unplugged  and will not let you activate the interface through the GUI  However  since the underlying device is a tun tap device and it has an IP address  the interface will become active and the proper routing will be added at the BSD level   As a reference this is used to do special routing magic   In case you got this far and are having trouble  you have to create the tun tap device by opening one of the devices under  dev   You can use any program to do this  but I m a fan of good-old-fashioned C myself    include  lt stdio h gt   include  lt fcntl h gt   include  lt unistd h gt  int main        int fd   open   dev tun0   O RDONLY      if  fd  lt  0             printf  Failed to open tun tap device  Are you root  Are the drivers installed  n          return -1          while  1             sleep 100000           return 0

User · Answer

ifconfig interfacename create will create a virtual interface

User · Answer

Go to Network Preferences   At the bottom of the list of network adapters  click the   icons   Select the existing interface that you want to arp  say Ethernet 1   and give the Service Name that you want for the new port  say Ethernet 1 1   then press create   Now you have the new virtual interface in the gui and can manage IP addresses etc it in the normal way   ifconfig -a will confirm that you have multiple IPs on the interface   and these will still be there when you reboot   Its a Mac   Don t fight it  do it the easy way

User · Answer

ifconfig interfacename create will create a virtual interface

User · Answer

if you are on a dev environment and want access some service already running on localhost host machine  in docker for mac you have another option use docker for mac localhost instead of localhost in docker container  docker for mac host internal should be used instead of docker for mac localhost from Docker Community Edition 17 12 0-ce-mac46 2018-01-09  this allows you to connect to service running on your on mac from within a docker container please refer below links  understanding the docker for mac localhost behavior  release notes

User · Answer

It s possible to use TUN TAP device  http   tuntaposx sourceforge net

User · Answer

Here s a good guide  https   web archive org web 20160301104014 http   gerrydevstory com 2012 08 20 how-to-create-virtual-network-interface-on-mac-os-x   Basically you select a network adapter in the Networks pane of system preferences  then click the gear to  Duplicate Service   After the service is duplicated  you manually assign an IP in one of the private address ranges  Then ping it to make sure

User · Answer

i have resorted to running PFSense  a BSD based router firewall to achieve this goal      why   because OS X Server gets so FREAKY without a Static IP     so after wrestling with it for DAYS to make NAT and DHCP and firewall and      I m trying this is parallels     will let ya know how it goes

User · Answer

Go to Network Preferences   At the bottom of the list of network adapters  click the   icons   Select the existing interface that you want to arp  say Ethernet 1   and give the Service Name that you want for the new port  say Ethernet 1 1   then press create   Now you have the new virtual interface in the gui and can manage IP addresses etc it in the normal way   ifconfig -a will confirm that you have multiple IPs on the interface   and these will still be there when you reboot   Its a Mac   Don t fight it  do it the easy way

User · Answer

The loopback adapter is always up   ifconfig lo0 alias 172 16 123 1 will add an alias IP 172 16 123 1 to the loopback adapter  ifconfig lo0 -alias 172 16 123 1 will remove it

User · Answer

if you are on a dev environment and want access some service already running on localhost host machine  in docker for mac you have another option use docker for mac localhost instead of localhost in docker container  docker for mac host internal should be used instead of docker for mac localhost from Docker Community Edition 17 12 0-ce-mac46 2018-01-09  this allows you to connect to service running on your on mac from within a docker container please refer below links  understanding the docker for mac localhost behavior  release notes

User · Answer

Here s a good guide  https   web archive org web 20160301104014 http   gerrydevstory com 2012 08 20 how-to-create-virtual-network-interface-on-mac-os-x   Basically you select a network adapter in the Networks pane of system preferences  then click the gear to  Duplicate Service   After the service is duplicated  you manually assign an IP in one of the private address ranges  Then ping it to make sure

User · Answer

What do you mean by       but it will not act as a real fully functional interface  if the original interface is inactive  then the derived one is also inactive       I can make a new interface  base it on an already existing one  then disable the existing one and the new one still works  Making a second interface does however not create a real interface  when you check with ifconfig   it will just assign a second IP to the already existing one  however  this one can be DHCP while the first one is hard coded for example    So did I understand you right  that you want to create an interface  not bound to any real interface  How would this interface then be used  E g  if you disconnect all WLAN and pull all network cables  where would this interface send traffic to  if you send traffic to it  Maybe your question is a bit unclear  it might help a lot if rephrase it  so it s clear what you are actually trying to do with this  virtual interface  once you have it   As you mentioned  alias IP  in your question  this would mean an alias interface  But an alias interface is always bound to a real interface  The difference is in Linux such an interface really IS an interface  e g  an alias interface for eth0 could be eth1   while on Mac  no real interface is created  instead a virtual interface is created  that can configured and used independently  but it is still the same interface physically and thus no new named interface is generated  you just have two interfaces  that are both in fact en0  but both can be enabled disabled and configured independently

User · Answer

A few others seemed to hint at this  but the following demonstrates using ifconfig to create a vlan and test DNS on the virtual interface  using minidns  on OS X 10 9 5     sw vers -productVersion 10 9 5   sudo ifconfig vlan169 create  amp  amp  echo vlan169 created vlan169 created   sudo ifconfig vlan169 inet 169 254 169 254 netmask 255 255 255 255  amp  amp  echo vlan169 configured vlan169 configured   sudo   minidns py 169 254 169 254  amp   1  35125   miniDNS      60 IN A 169 254 169 254     dig  169 254 169 254  short test host Request  test host  - gt  169 254 169 254 Request  test host  - gt  169 254 169 254 169 254 169 254   sudo kill 35125     1    Exit 143                sudo   minidns py 169 254 169 254   sudo ifconfig vlan169 destroy  amp  amp  echo vlan169 destroyed vlan169 destroyed

User · Answer

What do you mean by       but it will not act as a real fully functional interface  if the original interface is inactive  then the derived one is also inactive       I can make a new interface  base it on an already existing one  then disable the existing one and the new one still works  Making a second interface does however not create a real interface  when you check with ifconfig   it will just assign a second IP to the already existing one  however  this one can be DHCP while the first one is hard coded for example    So did I understand you right  that you want to create an interface  not bound to any real interface  How would this interface then be used  E g  if you disconnect all WLAN and pull all network cables  where would this interface send traffic to  if you send traffic to it  Maybe your question is a bit unclear  it might help a lot if rephrase it  so it s clear what you are actually trying to do with this  virtual interface  once you have it   As you mentioned  alias IP  in your question  this would mean an alias interface  But an alias interface is always bound to a real interface  The difference is in Linux such an interface really IS an interface  e g  an alias interface for eth0 could be eth1   while on Mac  no real interface is created  instead a virtual interface is created  that can configured and used independently  but it is still the same interface physically and thus no new named interface is generated  you just have two interfaces  that are both in fact en0  but both can be enabled disabled and configured independently

User · Answer

ifconfig interfacename create will create a virtual interface

User · Answer

What do you mean by       but it will not act as a real fully functional interface  if the original interface is inactive  then the derived one is also inactive       I can make a new interface  base it on an already existing one  then disable the existing one and the new one still works  Making a second interface does however not create a real interface  when you check with ifconfig   it will just assign a second IP to the already existing one  however  this one can be DHCP while the first one is hard coded for example    So did I understand you right  that you want to create an interface  not bound to any real interface  How would this interface then be used  E g  if you disconnect all WLAN and pull all network cables  where would this interface send traffic to  if you send traffic to it  Maybe your question is a bit unclear  it might help a lot if rephrase it  so it s clear what you are actually trying to do with this  virtual interface  once you have it   As you mentioned  alias IP  in your question  this would mean an alias interface  But an alias interface is always bound to a real interface  The difference is in Linux such an interface really IS an interface  e g  an alias interface for eth0 could be eth1   while on Mac  no real interface is created  instead a virtual interface is created  that can configured and used independently  but it is still the same interface physically and thus no new named interface is generated  you just have two interfaces  that are both in fact en0  but both can be enabled disabled and configured independently

User · Answer

Replying in particular to      You can create a new interface in the networking panel  based on an existing interface  but it will not act as a real fully functional interface  if the original interface is inactive  then the derived one is also inactive     This can be achieved using a Tun Tap device as suggested by psv141  and manipulating the  Library Preferences SystemConfiguration preferences plist file to add a NetworkService based on either a tun or tap interface  Mac OS X will not allow the creation of a NetworkService based on a virtual network interface  but one can directly manipulate the preferences plist file to add the NetworkService by hand  Basically you would open the preferences plist file in Xcode  or edit the XML directly  but Xcode is likely to be more fool-proof   and copy the configuration from an existing Ethernet interface  The place to create the new NetworkService is under  NetworkServices   and if your Mac has an Ethernet device the NetworkService profile will also be under this property entry  The Ethernet entry can be copied pretty much verbatim  the only fields you would actually be changing are    UUID UserDefinedName IPv4 configuration and set the interface to your tun or tap device  i e  tun0 or tap0   DNS server if needed    Then you would also manipulate the particular Location you want this NetworkService for  remember Mac OS X can configure all network interfaces dependent on your  Location    The default location UUID can be obtained in the root of the PropertyList as the key  CurrentSet   After figuring out which location  or set  you want  expand the Set property  and add entries under Global IPv4 ServiceOrder with the UUID of the new NetworkService  Also under the Set property you need to expand the Service property and add the UUID here as a dictionary with one String entry with key   LINK   and value as the UUID  use the other interfaces as an example    After you have modified your preferences plist file  just reboot  and the NetworkService will be available under SystemPreferences- Network  Note that we have mimicked an Ethernet device so Mac OS X layer of networking will note that  a cable is unplugged  and will not let you activate the interface through the GUI  However  since the underlying device is a tun tap device and it has an IP address  the interface will become active and the proper routing will be added at the BSD level   As a reference this is used to do special routing magic   In case you got this far and are having trouble  you have to create the tun tap device by opening one of the devices under  dev   You can use any program to do this  but I m a fan of good-old-fashioned C myself    include  lt stdio h gt   include  lt fcntl h gt   include  lt unistd h gt  int main        int fd   open   dev tun0   O RDONLY      if  fd  lt  0             printf  Failed to open tun tap device  Are you root  Are the drivers installed  n          return -1          while  1             sleep 100000           return 0

User · Answer

The loopback adapter is always up   ifconfig lo0 alias 172 16 123 1 will add an alias IP 172 16 123 1 to the loopback adapter  ifconfig lo0 -alias 172 16 123 1 will remove it

User · Answer

Take a look at this tutorial  it s for FreeBSD but also applies to OS X  http   people freebsd org  arved vlan vlan en html

User · Answer

It s possible to use TUN TAP device  http   tuntaposx sourceforge net

[macos] Virtual network interface in Mac OS X

Examples related to macos

Examples related to networking