0

TLDR: How do you add persistent promiscuous mode in Debian 12?

I'm running a Proxmox server with a few virtual machines and each VM is running separate Docker containers for different tasks. Previously I've had no problem with promiscuous mode in Debian 11 cloudinit image, but Debian 12 seems to work differently. I've tested this behaviour also in Debian 12 "normal" installation, so problem is probably not cloudinit related.

For cloudinit template creation I used this guide from OchoaProjects

Debian 11 allowed automatic promiscuous mode with this line in /etc/network/interfaces:

up ip link set eth0 promisc on
down ip link set eth0 promisc off

Also, ip link set eth0 promisc on still works on Debian 12.

So, how do you add persistent promiscuous mode in Debian 12?

OP found the solution, check below!

samumoil
  • 11
  • 3

1 Answers1

1

Debian 12 Bookworm cloudinit uses systemd-networkd

Turns out systemd-networkd completely bypasses /etc/network/interface and changes in that file do not propagate. You can solve this by disabling systemd-networkd, but I suspect they have a reason to use it. Thus, I solved the problem using a modified version of a systemd service from this post.

Solution

We'll add a service to activate command ip link set eth0 promisc on at boot:

  1. Add this service file promisc.service in /etc/systemd/system/
[Unit]
Description=Control promiscuous mode for interface eth0
After=network.target

[Service]
Type=oneshot
ExecStart=/usr/bin/ip link set eth0 promisc on
ExecStop=/usr/bin/ip link set eth0 promisc off
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target

  1. Enable the service with sudo systemctl enable promisc.service

  2. Reboot and ip a should show "PROMISC"

2: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
samumoil
  • 11
  • 3