# [SOLVED]NetworkManager-1.14.0 keeps changing my MAC address

## Havin_it

Hi,

This may be a collision of two separate issues. For a while now, my laptop's wifi card (intel 7260 b/g/n/ac using iwlwifi MVM) has tended to drop off my home network periodically, usually after being idle for an hour plus. It also tends to drop off if I move from room to room. In both cases NetworkManager doesn't always detect that the connection has dropped, so I have to disconnect/reconnect to my AP manually. (Sometimes that causes a driver crash and requires a reboot, but that's another story.)

All this I have been quietly living with as a low-priority annoyance. However, I'm now finding that, when reconnecting, NM occasionally gives my card a new MAC address.

Here's a bit of /var/log/messages from a room-to-room dropout and manual reconnection. It shows the MAC being changed twice (neither of the addresses mentioned is the real hw address).

```
ov  3 15:07:27 happy NetworkManager[7214]: <info>  [1541257647.0808] device (wlp2s0): state change: activated -> deactivating (reason 'user-requested', sys-iface-state: 'managed')

Nov  3 15:07:27 happy NetworkManager[7214]: <info>  [1541257647.0817] manager: NetworkManager state is now DISCONNECTING

Nov  3 15:07:27 happy NetworkManager[7214]: <info>  [1541257647.1034] audit: op="device-disconnect" interface="wlp2s0" ifindex=2 pid=2626 uid=1000 result="success"

Nov  3 15:07:27 happy dbus-daemon[1415]: [system] Activating service name='org.freedesktop.nm_dispatcher' requested by ':1.36' (uid=0 pid=7214 comm="/usr/sbin/NetworkManager --pid-file /run/NetworkMa") (using servicehelper)

Nov  3 15:07:27 happy NetworkManager[7214]: <info>  [1541257647.1107] device (wlp2s0): state change: deactivating -> disconnected (reason 'user-requested', sys-iface-state: 'managed')

Nov  3 15:07:27 happy dhcpcd[7268]: received SIGTERM, stopping

Nov  3 15:07:27 happy dhcpcd[7268]: wlp2s0: removing interface

Nov  3 15:07:27 happy dbus-daemon[1415]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'

Nov  3 15:07:27 happy nm-dispatcher[8988]: req:1 'connectivity-change': new request (2 scripts)

Nov  3 15:07:27 happy nm-dispatcher[8988]: req:1 'connectivity-change': start running ordered scripts...

Nov  3 15:07:27 happy NetworkManager[7214]: <info>  [1541257647.6183] dhcp4 (wlp2s0): canceled DHCP transaction, DHCP client pid 7268

Nov  3 15:07:27 happy NetworkManager[7214]: <info>  [1541257647.6184] dhcp4 (wlp2s0): state changed bound -> done

Nov  3 15:07:27 happy kernel: wlp2s0: deauthenticating from 7c:11:cb:f2:d6:89 by local choice (Reason: 3=DEAUTH_LEAVING)

Nov  3 15:07:27 happy NetworkManager[7214]: <info>  [1541257647.7089] device (wlp2s0): set-hw-addr: set MAC address to E6:34:E1:B8:F3:2E (scanning)

Nov  3 15:07:27 happy NetworkManager[7214]: <info>  [1541257647.9645] manager: NetworkManager state is now DISCONNECTED

Nov  3 15:07:27 happy nm-dispatcher[8988]: req:2 'down' [wlp2s0]: new request (2 scripts)

Nov  3 15:07:27 happy nm-dispatcher[8988]: req:2 'down' [wlp2s0]: start running ordered scripts...

Nov  3 15:07:27 happy NetworkManager[7214]: <warn>  [1541257647.9782] sup-iface[0x5650c6e30220,wlp2s0]: connection disconnected (reason -3)

Nov  3 15:07:27 happy NetworkManager[7214]: <info>  [1541257647.9794] device (wlp2s0): supplicant interface state: completed -> disconnected

Nov  3 15:07:28 happy NetworkManager[7214]: <info>  [1541257648.0067] audit: op="statistics" arg="refresh-rate-ms" pid=2626 uid=1000 result="success"

Nov  3 15:07:28 happy NetworkManager[7214]: <warn>  [1541257648.0077] dhcp-listener: dhcp-event: (pid 7268) unhandled DHCP event for interface wlp2s0

Nov  3 15:07:32 happy NetworkManager[7214]: <info>  [1541257652.5949] device (wlp2s0): Activation: starting connection 'iauweh' (ccdedfe2-6fad-4439-915d-32a9b6ba5aa0)

Nov  3 15:07:32 happy NetworkManager[7214]: <info>  [1541257652.5960] audit: op="connection-activate" uuid="ccdedfe2-6fad-4439-915d-32a9b6ba5aa0" name="iauweh" pid=2626 uid=1000 result="success"

Nov  3 15:07:32 happy NetworkManager[7214]: <info>  [1541257652.5971] device (wlp2s0): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed')

Nov  3 15:07:32 happy NetworkManager[7214]: <info>  [1541257652.5990] manager: NetworkManager state is now CONNECTING

Nov  3 15:07:32 happy NetworkManager[7214]: <info>  [1541257652.6250] device (wlp2s0): set-hw-addr: reset MAC address to F2:50:E1:48:69:AC (preserve)
```

Why is this happening? It seems to have started when I upgraded to networkmanager-1.14.0, though I can't find anything in the changelog that might explain it. I did switch the DHCP backend from dhclient to dhcpcd at the same time as upgrading, but the messages above aren't from dhcpcd so I assume that's unrelated.

I have read about NM being able to randomise the macaddr for security purposes, but nowhere does it suggest that this is default behaviour.

Is this deliberate behaviour? If so, how do I prevent it?

I suspect it's not intentional (probably due to the lower-level issues with the driver or hardware making NM act incorrectly). In that case, can I force it to keep the MAC the same?

My network relies on consistent local DHCP/DNS that I control and this has driven a truck though it. Any help appreciated.Last edited by Havin_it on Sat Nov 03, 2018 10:52 pm; edited 1 time in total

----------

## ct85711

Well, doing a quick search, it seems since 1.4, this is supposedly a security "feature".  As far as it doing anything good, I have no clue.  The articles that I looked at, all say about the same thing as far as turning it off.

https://fedoramagazine.org/randomize-mac-address-nm/

https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/

----------

## Havin_it

Thanks  :Very Happy: 

If the change goes that far back then I guess I've had a "stable" spoofed mac all this time (this wifi card was installed aftermarket, a couple of years ago).

What I've been experiencing must be breakage (probably of something lower in the stack) rather than an intentional change, as the behaviour isn't consistent to any of the documented modes of this setting. Sometimes it'll set the true hw mac, sometimes the same spoofed mac as last time, or sometimes a brand-new one.

Anyway, I've dropped in the following conf file which seems to have bullied it into consistency.

```
#/etc/NetworkManager/conf.d/00leavemyfrigginmacalone.conf

[device-mac-randomization]

wifi.scan-rand-mac-address=no

[connection-mac-randomization]

ethernet.cloned-mac-address=permanent

wifi.cloned-mac-address=permanent
```

Happy days  :Very Happy: 

----------

## Princess Nell

https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/

----------

