Understanding MAC Addresses
<span class="bsf-rt-reading-time"><span class="bsf-rt-display-label" prefix="Reading Time"></span> <span class="bsf-rt-display-time" reading_time="9"></span> <span class="bsf-rt-display-postfix" postfix="mins"></span></span><!-- .bsf-rt-reading-time -->

Understanding MAC Addresses

In the vast and interconnected world of computer networks, communication between devices is a fundamental aspect. Each device connected to a network, be it a computer, Smartphone, or any other hardware, requires a unique identifier to facilitate communication and data exchange. One such crucial identifier is the MAC address. In this article, we’ll explore what MAC addresses are, their significance, how they work, and their role in network communication.

What is a MAC Address?

MAC, which stands for Media Access Control, is a unique identifier assigned to each network interface for communication on a network. Every device that connects to a network, whether wired or wireless, is equipped with a network interface card (NIC) or a similar component. The MAC address is a hardware address associated with this network interface and serves as a distinctive label for that specific device.

Media Access Control (MAC) 12-digit hexadecimal number

A device can have multiple MAC address. It operates at data link layer the OSI model’s

Structure of a MAC Address

A MAC address, or Media Access Control address, is a 48-bit alphanumeric((0-9 and A-F) identifier commonly represented as six pairs of hexadecimal digits separated by colons(Six Octet, One Octet equals six bits) or hyphens (e.g., 00:1A:2B:3C:4D:5E). that serves as a unique hardware address for network interfaces. Written in six pairs of hexadecimal digits, the structure of a MAC address provides essential information about the device.

OUI (Organizationally Unique Identifier): The first three octets ,first half of the MAC address (24 Bits), typically the initial three pairs of hexadecimal digits, indicates the OUI, which identifies the manufacturer of the network interface card. This aspect aids in device recognition and troubleshooting.

Device Identifier: The last three octets, second half of the MAC address (24 Bits) represents a unique identifier assigned by the manufacturer to the specific network interface. NIC/vendor-specific information. Also called Universally Administered Address (UAA). This ensures global uniqueness among MAC addresses, preventing conflicts within a network.

For example, in the MAC address “00:04:23:10:5D:3F,” the “00:04:23” portion might identify the manufacturer, while the “10:5D:3F” portion uniquely identifies the device.

IEEE Registration Authority Committee assigns these MAC prefixes to its registered vendors.

Media Access Control, also known as Physical Address, Hardware Address, or BIA, is an acronym for Media Access Control (Burned In Address)

Here are OUIs for some well-known manufacturers:

Cisco Systems, Inc.: 00:00:0C
Hewlett Packard (HP): 00:04:23
Microsoft Corporation: 00:15:5D
Intel Corporation: 00:1C:C0
Apple, Inc.: 00:1C:BA
Dell Inc.: 00:26:B9
Juniper Networks: 00:05:85

You can find an official and updated list of OUI assignments from the Institute of Electrical and Electronics Engineers (IEEE).

The MAC address can be represented in one below formats:

You can find one of the above format MAC address.
Colon-Hexadecimal notation is used by Linux OS (00:1A:2B:3C:4D:5E)
Period-separated Hexadecimal notation is used by Cisco Systems  (001.A2B.3C4.D5E)

Significance of MAC Addresses

1. Uniqueness: The most critical aspect of MAC addresses is their uniqueness. No two devices on a network should have the same MAC address. This ensures that data is sent to the correct device, preventing confusion and ensuring the integrity of network communication.

2. Device Identification: MAC addresses play a crucial role in identifying and differentiating devices on a network. Whether it’s a computer in a local area network (LAN) or a smart phone connecting to a Wi-Fi network, the MAC address helps routers and switches determine the destination of data packets.

3. Network Security: MAC addresses are also used in network security protocols. Access control lists (ACLs) can be configured on routers and switches to allow or deny access based on the MAC address of a device. This feature is commonly employed in enterprise networks to enhance security.

The MAC address belongs to the data link layer of the Open Systems Interconnection (OSI) model.The data Link layer is divided into two sublayers.

1.Logical Link Control (LLC) Sublayer
2.Media Access Control (MAC) Sublayer

Media Access Control (MAC) Sublayer which encapsulates the MAC address of the source and destination in the header of each data frame to ensure node-to-node communication.

How Do I Find the MAC Address?

Types of MAC Address

MAC addresses, or Media Access Control addresses, can be categorized into several types based on their characteristics and usage. Here are the primary types of MAC addresses used in layer 2:

Unicast MAC Address:

This is the most common type of MAC address. It represents a unique identifier for a specific network interface card (NIC) or network interface controller (NIC).

Usage: Unicast addresses are used for point-to-point communication between two devices on a network. When a device wants to send data to another specific device, it uses the unicast MAC address of the destination device.

A network  switch fill mac address table it actually adds unicast mac addresses and maps them to specific port when it receive some frame from different port.

In above figure host(H1) with IPv4 address (Source) and corresponding MAC address 00:04:23:34:5F:F2 request a service from host(H3) at IPv4 unicast address and corresponding MAC address 00:04:23:10:5D:5F .At L2 layer  switch Lookup its CAM/MAC Table for exit interface( GE0/3) and forward the ethernet frame.

We put IP address on host how host find corresponding MAC address?

A Source host determine the destination host MAC  address associated with an IPv4 address is known as ARP(Address Resolution Protocol)
The process that a source host uses to determine the destination MAC address associated with an IPv6 address is known as Neighbor Discovery(ND).

The MAC address table consists of two types of entries.
Dynamic and Static MAC Addresses

  1. Dynamic MAC Addresses (Learned Addresses): In dynamic environments, devices are often assigned dynamic MAC addresses during network interactions. This dynamic assignment is common in DHCP (Dynamic Host Configuration Protocol) scenarios, where devices receive temporary MAC addresses for the duration of their connection.
  2. Static MAC Addresses (Configured Addresses): For critical networking infrastructure and security protocols, static MAC addresses are manually assigned and remain constant. This stability is advantageous in scenarios where specific devices need consistent addressing, such as in virtualization environments.

If the LSB (least significant bit) of the first octet of an address is set to zero, the frame is meant to reach only one receiving NIC.

MAC Address of the source machine is always Unicast

The 2nd bit(b1) (least significant bit) of the first octet of a MAC (Media Access Control) address, also known as the U/L (Universal/Local) bit, signifies whether the MAC address is universally administered (globally unique) or locally administered (locally assigned). This bit is located in the first octet (most significant byte) of the MAC address.

U/L Bit Value 0 (Unicast):
If the U/L bit is set to 0, it indicates that the MAC address is universally administered. This means that the MAC address is globally unique and assigned by the IEEE Registration Authority to a specific hardware manufacturer.

U/L Bit Value 1 (Locally Administered):
If the U/L bit is set to 1, it indicates that the MAC address is locally administered. This means that the MAC address is assigned by the network administrator or user and may not be globally unique. Locally administered MAC addresses are often used in testing or in cases where the device doesn’t have a permanent, globally unique MAC address.

Example of Locally Administered: Simulator interface of switches and router are Locally administrated

EUI-64 is a specific format commonly used in IPv6 addressing for interface ID where 2nd bit (LSB) converted to 1

Understanding the U/L bit is important for recognizing the origin and uniqueness characteristics of MAC addresses, especially in networking contexts where the uniqueness of MAC addresses is crucial for proper device identification and communication.

Multicast Address:

Multicast addresses are used for communication with a group of devices. Frames sent to a multicast address are received by all devices in the multicast group.

Usage: Multicast addresses are often used in multimedia streaming, online gaming, and other applications where data needs to be sent to multiple devices simultaneously. That reduces the  waste of bandwidth.

In such case several devices may register to receive specific stream and sender may send only one stream to destination multicast mac address of course in such case destination IP address will be also multicast and it will be actually mapped to destination multicast mac address

In above figure Host(H1) with IPv4 address (Source) and corresponding MAC address 00:04:23:34:5F:F2 .Service request from group of device i.e. Host(H3),Host(H4) at IPv4 multicast address and corresponding multicast MAC address 01:00:5E:00:00:C8

It broadcast all the ethernet switch port (Here, GE0/2, GE0/3, GE0/4) except incoming port(GE0/1) if multicast is not enable(Multicast snooping).Also multicast packet is not forwarded by router unless multicast enabled.

Here, Switch is Multicast enable(IGMP Snooping) then it broadcast to interested group (GE0/2,GE0/3) port.

Multicast MAC address 33-33 are reserved for IPv6 (Range 33:33:00:00:00:00 to 33:33:FF:FF:FF:FF) and range of IPv6 multicast address begin with ff00::/8. It can only be used as the destination of packet, Source packet is always unicast.

Here demonstrated some kind of multicast mac address here it is always start with 01:00:5e first bit in second section is always 0

Here, is an example of multicast MAC address 01:00:5e:3C:22:01

Of course multicast mac address can be only used as destination Mac address if switch will detect source mac address set to multicast address of course such frame will be simply discarded.

If 2nd Hexa decimal number is Even then Mac address is Unicast
If 2nd Hexa decimal number is odd then Mac address is Multicast

How to Convert Multicast IP Address into Multicast MAC Address?

Broadcast Address:

The broadcast MAC address is a special type that is used for communication with all devices on a network.

Usage: When a device sends data to the broadcast address, the information is broadcasted to all devices within the same network. This is commonly used for tasks like network discovery or when a device needs to communicate with all devices on the local network.

In above figure host(H1) with IPv4 address (Source) and corresponding MAC address 00:04:23:34:5F:F2 and destination MAC address(FF:FF:FF:FF:FF:FF) in hexadecimal or 48 1’s in binary and destination IP address(  that has 1’s(binary) in host portion (255 in decimal) are both broadcast address.

It broadcast all the ethernet switch port (Here, GE0/2, GE0/3, GE0/4) except incoming port(GE0/1). It is not forwarded by router.

Anycast Address:

Anycast is a communication paradigm where data is sent to the nearest of a group of potential receivers, all identified by the same destination address.

Usage: While more commonly associated with IPv6 addressing, this directly doesn’t involve a specific anycast MAC address rather, the MAC address would be the unicast MAC address associated with the particular network interface.  In specific context or application  Anycast can also be applied at the MAC layer for certain specialized purposes, typically in large-scale and distributed network architectures.

Promiscuous Mode Address:

This is a special mode in which a network interface card accepts all frames on the network, regardless of the destination MAC address.

Usage: Promiscuous mode is often used for network monitoring and packet sniffing. It allows a network analyzer to capture and analyze all network traffic passing through a network interface.

How to Find MAC Table?

Why do we need both an IP address and a MAC address ?  

Both IP addresses and MAC addresses play crucial roles in networking, and they serve different purposes. Having both addresses is necessary for the proper functioning and communication within a network. Here’s why both IP addresses and MAC addresses are required:

  1. Addressing at Different Layers:
    MAC Address (Data Link Layer – Layer 2): Used for local addressing within the same network segment. MAC addresses are hardware addresses associated with network interfaces and are used to deliver frames within the local network.
    IP Address (Network Layer – Layer 3): Used for logical addressing and routing across different networks. IP addresses are assigned to devices and enable communication between devices on different networks.

  2. Routing and Network Layer Functionality:
    MAC Address: Primarily used for frame delivery within the same local network segment. Routers operate at the Network Layer (Layer 3) and use IP addresses to route packets between different networks.
    IP Address: Enables communication between devices on different networks. IP addresses facilitate logical addressing, subnetting, and routing, allowing data to traverse multiple network segments.

  3. Scalability and Flexibility:
    MAC Address: Tied to the physical network interface and assigned by the manufacturer. Not easily changed and doesn’t scale well for large networks or network reconfigurations.
    IP Address: Dynamically assigned using protocols like DHCP, allowing for easier scalability, network management, and adaptability to changes in network topology.

  4. Device Identification and Communication:
    MAC Address: Identifies network interfaces uniquely within the same local network. Necessary for delivering frames to the correct device on the local segment.
    IP Address: Identifies devices globally on the Internet and facilitates communication across different networks. Essential for end-to-end communication in a larger network environment.

  5. Protocols and Network Stack:
    MAC Address:
    Pertinent to the data link layer protocols, such as Ethernet.
    IP Address: Integral to the network layer protocols, including IPv4 and IPv6.

  6.  Communication on the Internet:
    MAC Address:
    Not used for communication across the Internet. MAC addresses are specific to local network segments.
    IP Address: Essential for communication across the Internet. Packets are routed based on IP addresses, allowing global connectivity.
  7. Layered Networking Model:
    MAC Address:
    Corresponds to the Data Link Layer (Layer 2) in the OSI model.
    IP Address: Corresponds to the Network Layer (Layer 3) in the OSI model.

In summary, the combination of IP addresses and MAC addresses ensures efficient and flexible communication within and between networks. While MAC addresses are crucial for local frame delivery within the same network, IP addresses enable end-to-end communication across diverse networks, providing the scalability and flexibility needed for modern networking.

What is the difference between a MAC address vs. IP address ?

MAC addresses and IP addresses serve different purposes in networking, and they operate at different layers of the OSI model. Here are the key differences between MAC addresses and IP addresses:

This table summarizes the key differences between MAC addresses and IP addresses in terms of their layer of operation, scope of use, address format, assignment process, functionality, and examples.

Leave a Reply