fbpx
Wikipedia

MAC address

May 15, 2023

This article is about a type of network address. For the Apple computers, see Macintosh. For other similar terms, see Mac.

A media access control address (MAC address) is a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment. This use is common in most IEEE 802 networking technologies, including Ethernet, Wi-Fi, and Bluetooth. Within the Open Systems Interconnection (OSI) network model, MAC addresses are used in the medium access control protocol sublayer of the data link layer. As typically represented, MAC addresses are recognizable as six groups of two hexadecimal digits, separated by hyphens, colons, or without a separator.

Label of a UMTS router with MAC addresses for LAN and WLAN modules

MAC addresses are primarily assigned by device manufacturers, and are therefore often referred to as the burned-in address, or as an Ethernet hardware address, hardware address, or physical address. Each address can be stored in hardware, such as the card's read-only memory, or by a firmware mechanism. Many network interfaces, however, support changing their MAC address. The address typically includes a manufacturer's organizationally unique identifier (OUI). MAC addresses are formed according to the principles of two numbering spaces based on extended unique identifiers (EUIs) managed by the Institute of Electrical and Electronics Engineers (IEEE): EUI-48—which replaces the obsolete term MAC-48—and EUI-64.

Network nodes with multiple network interfaces, such as routers and multilayer switches, must have a unique MAC address for each NIC in the same network. However, two NICs connected to two different networks can share the same MAC address.

Address details

 
The structure of a 48-bit MAC address. The b0 bit distinguishes multicast and unicast addressing and the b1 bit distinguishes universal and locally administered addressing.

The IEEE 802 MAC address originally comes from the Xerox Network Systems Ethernet addressing scheme.[1] This 48-bit address space contains potentially 248 (over 281 trillion) possible MAC addresses. The IEEE manages allocation of MAC addresses, originally known as MAC-48 and which it now refers to as EUI-48 identifiers. The IEEE has a target lifetime of 100 years (until 2080) for applications using EUI-48 space and restricts applications accordingly. The IEEE encourages adoption of the more plentiful EUI-64 for non-Ethernet applications.

The distinction between EUI-48 and MAC-48 identifiers is in name and application only. MAC-48 was used to address hardware interfaces within existing 802-based networking applications; EUI-48 is now used for 802-based networking and is also used to identify other devices and software, for example Bluetooth.[2][3] The IEEE now considers MAC-48 to be an obsolete term.[4] EUI-48 is now used in all cases. In addition, the EUI-64 numbering system originally encompassed both MAC-48 and EUI-48 identifiers by a simple translation mechanism.[2][a] These translations have since been deprecated.[2]

An Individual Address Block (IAB) is an inactive registry activity which has been replaced by the MA-S (MA-S was previously named OUI-36 and have no overlaps in addresses with IAB[5]) registry product as of January 1, 2014. The IAB uses an OUI from MA-L (MAC address block large) registry was previously named OUI registry, the term OUI is still in use, but not for calling a registry[5] belonging to the IEEE Registration Authority, concatenated with 12 additional IEEE-provided bits (for a total of 36 bits), leaving only 12 bits for the IAB owner to assign to their (up to 4096) individual devices. An IAB is ideal for organizations requiring not more than 4096 unique 48-bit numbers (EUI-48). Unlike an OUI, which allows the assignee to assign values in various different number spaces (for example, EUI-48, EUI-64, and the various context-dependent identifier number spaces, like for SNAP or EDID (VSDB field)), the Individual Address Block could only be used to assign EUI-48 identifiers. All other potential uses based on the OUI from which the IABs are allocated are reserved and remain the property of the IEEE Registration Authority. Between 2007 and September 2012, the OUI value 00:50:C2 was used for IAB assignments. After September 2012, the value 40:D8:55 was used. The owners of an already assigned IAB may continue to use the assignment.[6]

MA-S (MAC address block small) registry activity includes both a 36-bit unique number used in some standards and the assignment of a block of EUI-48 and EUI-64 identifiers (while owner of IAB cannot assign EUI-64) by the IEEE Registration Authority. MA-S does not include assignment of an OUI.

There is also another registry which is called MA-M (MAC address block medium). The MA-M assignment block provides both 220 EUI-48 identifiers and 236 EUI-64 identifiers (that means first 28 bits are IEEE assigned bits). The first 24 bits of the assigned MA-M block are an OUI assigned to IEEE that will not be reassigned, so the MA-M does not include assignment of an OUI.

Universal vs. local (U/L bit)

Addresses can either be universally administered addresses (UAA) or locally administered addresses (LAA). A universally administered address is uniquely assigned to a device by its manufacturer. The first three octets (in transmission order) identify the organization that issued the identifier and are known as the organizationally unique identifier (OUI).[2] The remainder of the address (three octets for EUI-48 or five for EUI-64) are assigned by that organization in nearly any manner they please, subject to the constraint of uniqueness. A locally administered address is assigned to a device by software or a network administrator, overriding the burned-in address for physical devices.

Locally administered addresses are distinguished from universally administered addresses by setting (assigning the value of 1 to) the second-least-significant bit of the first octet of the address. This bit is also referred to as the U/L bit, short for Universal/Local, which identifies how the address is administered.[7][self-published source?][8]: 20  If the bit is 0, the address is universally administered, which is why this bit is 0 in all UAAs. If it is 1, the address is locally administered. In the example address 06-00-00-00-00-00 the first octet is 06 (hexadecimal), the binary form of which is 00000110, where the second-least-significant bit is 1. Therefore, it is a locally administered address.[9] Even though many hypervisors manage dynamic MAC addresses within their own OUI, often it is useful to create an entire unique MAC within the LAA range.[10]

Universal addresses that are administered locally

In virtualisation, hypervisors such as QEMU and Xen have their own OUIs. Each new virtual machine is started with a MAC address set by assigning the last three bytes to be unique on the local network. While this is local administration of MAC addresses, it is not an LAA in the IEEE sense.

An historical example of this hybrid situation is the DECnet protocol, where the universal MAC address (OUI AA-00-04, Digital Equipment Corporation) is administered locally. The DECnet software assigns the last three bytes for the complete MAC address to be AA-00-04-00-XX-YY where XX-YY reflects the DECnet network address xx.yy of the host. This eliminates the need for DECnet to have an address resolution protocol since the MAC address for any DECnet host can be determined from its DECnet address.

Unicast vs. multicast (I/G bit)

The least significant bit of an address's first octet is referred to as the I/G, or Individual/Group, bit.[7][self-published source?][8]: 20  When this bit is 0 (zero), the frame is meant to reach only one receiving NIC.[11] This type of transmission is called unicast. A unicast frame is transmitted to all nodes within the collision domain. In a modern wired setting the collision domain usually is the length of the Ethernet cable between two network cards. In a wireless setting, the collision domain is all receivers that can detect a given wireless signal. If a switch does not know which port leads to a given MAC address, the switch will forward a unicast frame to all of its ports (except the originating port), an action known as unicast flood.[12][self-published source?] Only the node with the matching hardware MAC address will accept the frame; network frames with non-matching MAC-addresses are ignored, unless the device is in promiscuous mode.

If the least significant bit of the first octet is set to 1 (i.e. the second hexadecimal digit is odd) the frame will still be sent only once; however, NICs will choose to accept it based on criteria other than the matching of a MAC address: for example, based on a configurable list of accepted multicast MAC addresses. This is called multicast addressing.

The IEEE has built in several special address types to allow more than one network interface card to be addressed at one time:

  • Packets sent to the broadcast address, all one bits, are received by all stations on a local area network. In hexadecimal the broadcast address would be FF:FF:FF:FF:FF:FF. A broadcast frame is flooded and is forwarded to and accepted by all other nodes.
  • Packets sent to a multicast address are received by all stations on a LAN that have been configured to receive packets sent to that address.
  • Functional addresses identify one or more Token Ring NICs that provide a particular service, defined in IEEE 802.5.

These are all examples of group addresses, as opposed to individual addresses; the least significant bit of the first octet of a MAC address distinguishes individual addresses from group addresses. That bit is set to 0 in individual addresses and set to 1 in group addresses. Group addresses, like individual addresses, can be universally administered or locally administered.

Ranges of group and locally administered addresses

The U/L and I/G bits are handled independently, and there are instances of all four possibilities.[9] IPv6 multicast uses locally administered, multicast MAC addresses in the range 33‑33‑xx‑xx‑xx‑xx (with both bits set).[13]: sec. 2.3.1 

Given the locations of the U/L and I/G bits, they can be discerned in a single digit in common MAC address notation as shown in the following table:

Universal/Local and Individual/Group bits in MAC addresses
U/L
I/G
 Universally administered Locally administered
Unicast (individual) x0‑xxxxxxxxxx
x4‑xxxxxxxxxx
x8‑xxxxxxxxxx
xC‑xxxxxxxxxx 		x2‑xxxxxxxxxx
x6‑xxxxxxxxxx
xA‑xxxxxxxxxx
xE‑xxxxxxxxxx
Multicast (group) x1‑xxxxxxxxxx
x5‑xxxxxxxxxx
x9‑xxxxxxxxxx
xD‑xxxxxxxxxx 		x3‑xxxxxxxxxx
x7‑xxxxxxxxxx
xB‑xxxxxxxxxx
xF‑xxxxxxxxxx

Applications

The following network technologies use the EUI-48 identifier format:

Every device that connects to an IEEE 802 network (such as Ethernet and Wi-Fi) has an EUI-48 address. Common networked consumer devices such as PCs, smartphones and tablet computers use EUI-48 addresses.

EUI-64 identifiers are used in:

  • IEEE 1394 (FireWire)
  • InfiniBand
  • IPv6 (Modified EUI-64 as the least-significant 64 bits of a unicast network address or link-local address when stateless address autoconfiguration is used.)[14] IPv6 uses a modified EUI-64, treats MAC-48 as EUI-48 instead (as it is chosen from the same address pool) and inverts the local bit.[b] This results in extending MAC addresses (such as IEEE 802 MAC address) to modified EUI-64 using only FF-FE (and never FF-FF) and with the local bit inverted.[13]: sec. 2.2.1 
  • Zigbee / 802.15.4 / 6LoWPAN wireless personal-area networks
  • IEEE 11073-20601 (IEEE 11073-20601 compliant medical devices)[15]

Usage in hosts

On broadcast networks, such as Ethernet, the MAC address is expected to uniquely identify each node on that segment and allows frames to be marked for specific hosts. It thus forms the basis of most of the link layer (OSI layer 2) networking upon which upper-layer protocols rely to produce complex, functioning networks.

Many network interfaces support changing their MAC address. On most Unix-like systems, the command utility ifconfig may be used to remove and add link address aliases. For instance, the active ifconfig directive may be used on NetBSD to specify which of the attached addresses to activate.[16] Hence, various configuration scripts and utilities permit the randomization of the MAC address at the time of booting or before establishing a network connection.

Changing MAC addresses is necessary in network virtualization. In MAC spoofing, this is practiced in exploiting security vulnerabilities of a computer system. Some modern operating systems, such as Apple iOS and Android, especially in mobile devices, are designed to randomize the assignment of a MAC address to network interface when scanning for wireless access points to avert tracking systems.[17][18]

In Internet Protocol (IP) networks, the MAC address of an interface corresponding to an IP address may be queried with the Address Resolution Protocol (ARP) for IPv4 and the Neighbor Discovery Protocol (NDP) for IPv6, relating OSI layer 3 addresses with layer 2 addresses.

Tracking

Randomization

According to Edward Snowden, the US National Security Agency has a system that tracks the movements of mobile devices in a city by monitoring MAC addresses.[19] To avert this practice, Apple has started using random MAC addresses in iOS devices while scanning for networks.[17] Other vendors followed quickly. MAC address randomization during scanning was added in Android starting from version 6.0,[18] Windows 10,[20] and Linux kernel 3.18.[21] The actual implementations of the MAC address randomization technique vary largely in different devices.[22] Moreover, various flaws and shortcomings in these implementations may allow an attacker to track a device even if its MAC address is changed, for instance its probe requests' other elements,[23][24] or their timing.[25][22] If random MAC addresses are not used, researchers have confirmed that it is possible to link a real identity to a particular wireless MAC address.[26][27]

Randomized MAC addresses can be identified by the "locally administered" bit described above.[28]

Other information leakage

Using wireless access points in SSID-hidden mode (network cloaking), a mobile wireless device may not only disclose its own MAC address when traveling, but even the MAC addresses associated to SSIDs the device has already connected to, if they are configured to send these as part of probe request packets. Alternative modes to prevent this include configuring access points to be either in beacon-broadcasting mode or probe-response with SSID mode. In these modes, probe requests may be unnecessary or sent in broadcast mode without disclosing the identity of previously known networks.[29]

Anonymization

Main article: MAC address anonymization

Notational conventions

The standard (IEEE 802) format for printing EUI-48 addresses in human-friendly form is six groups of two hexadecimal digits, separated by hyphens (-) in transmission order (e.g. 01-23-45-67-89-AB). This form is also commonly used for EUI-64 (e.g. 01-23-45-67-89-AB-CD-EF).[2] Other conventions include six groups of two hexadecimal digits separated by colons (:) (e.g. 01:23:45:67:89:AB), and three groups of four hexadecimal digits separated by dots (.) (e.g. 0123.4567.89AB); again in transmission order.[30]

Bit-reversed notation

The standard notation, also called canonical format, for MAC addresses is written in transmission order with the least significant bit of each byte transmitted first, and is used in the output of the ifconfig, ip address, and ipconfig commands, for example.

However, since IEEE 802.3 (Ethernet) and IEEE 802.4 (Token Bus) send the bytes (octets) over the wire, left-to-right, with the least significant bit in each byte first, while IEEE 802.5 (Token Ring) and IEEE 802.6 (FDDI) send the bytes over the wire with the most significant bit first, confusion may arise when an address in the latter scenario is represented with bits reversed from the canonical representation. For example, an address in canonical form 12-34-56-78-9A-BC would be transmitted over the wire as bits 01001000 00101100 01101010 00011110 01011001 00111101 in the standard transmission order (least significant bit first). But for Token Ring networks, it would be transmitted as bits 00010010 00110100 01010110 01111000 10011010 10111100 in most-significant-bit first order. The latter might be incorrectly displayed as 48-2C-6A-1E-59-3D. This is referred to as bit-reversed order, non-canonical form, MSB format, IBM format, or Token Ring format.[31]

See also

Notes

  1. ^ To convert a MAC-48 into an EUI-64, copy the OUI, append the two octets FF-FF and then copy the organization-specified extension identifier. To convert an EUI-48 into an EUI-64, the same process is used, but the sequence inserted is FF-FE.[2] In both cases, the process could be trivially reversed when necessary. Organizations issuing EUI-64s were cautioned against issuing identifiers that could be confused with these forms.
  2. ^ With local identifiers indicated with a zero bit, locally assigned EUI-64 begin with leading zeroes and it is easier for administrators to type locally assigned IPv6 addresses based on the modified EUI-64

References

  1. ^ IEEE Std 802-2001 (PDF). The Institute of Electrical and Electronics Engineers, Inc. (IEEE). 2002-02-07. p. 19. ISBN 978-0-7381-2941-9. Retrieved 2011-09-08. The universal administration of LAN MAC addresses began with the Xerox Corporation administering Block Identifiers (Block IDs) for Ethernet addresses.
  2. ^ a b c d e f "Guidelines for Use of Extended Unique Identifier (EUI), Organizationally Unique Identifier (OUI), and Company ID (CID)" (PDF). IEEE Standards Association. IEEE. Retrieved 5 August 2018.
  3. ^ "IEEE-SA - IEEE Registration Authority". standards.ieee.org. Retrieved 2018-09-20.
  4. ^ . Archived from the original on 2021-04-18. Retrieved 2019-02-24.
  5. ^ a b "IEEE-SA - IEEE Registration Authority". standards.ieee.org. Retrieved 2018-11-27.
  6. ^ "IEEE-SA - IEEE Registration Authority". standards.ieee.org. Retrieved 2018-09-20.
  7. ^ a b "Ethernet frame IG/LG bit explanation - Wireshark". networkengineering.stackexchange.com. Retrieved 2021-01-05.
  8. ^ a b R. Hinden; S. Deering (February 2006). IP Version 6 Addressing Architecture. Network Working Group. doi:10.17487/RFC4291. RFC 4291. Draft Standard. Obsoletes RFC 3513. Updated by RFC 5952, 6052, 7136, 7346, 7371 and 8064.
  9. ^ a b "Standard Group MAC Addresses: A Tutorial Guide" (PDF). IEEE-SA. Retrieved 2018-09-20.
  10. ^ "Generating a New Unique MAC Address". RedHat. Retrieved 2020-06-15.
  11. ^ "Guidelines for Fibre Channel Use of the Organizationally Unique Identifier (OUI)" (PDF). IEEE-SA. Retrieved 2018-10-11.
  12. ^ "Overview of Layer 2 Switched Networks and Communication | Getting Started with LANs | Cisco Support Community | 5896 | 68421". supportforums.cisco.com. 2011-07-23. Retrieved 2016-05-17.
  13. ^ a b D. Eastlake 3rd; J. Abley (October 2013). IANA Considerations and IETF Protocol and Documentation Usage for IEEE 802 Parameters. Internet Engineering Task Force (IETF). doi:10.17487/RFC7042. ISSN 2070-1721. BCP 141. RFC 7042. Best Common Practice. Obsoletes RFC 5342. Updates RFC 2153.
  14. ^ S. Thomson; T. Narten; T. Jinmei (September 2007). IPv6 Stateless Address Autoconfiguration. Network Working Group. doi:10.17487/RFC4862. RFC 4862. Draft Standard. Obsoletes RFC 2462. Updated by RFC 7527.
  15. ^ IEEE P11073-20601 Health informatics—Personal health device communication Part 20601: Application profile—Optimized Exchange Protocol
  16. ^ . Archived from the original on 14 January 2020. Retrieved 16 October 2016.
  17. ^ a b Mamiit, Aaron (2014-06-12). "Apple Implements Random MAC Address on iOS 8. Goodbye, Marketers". Tech Times. Retrieved 2014-12-01.
  18. ^ a b "Android 6.0 Changes". Android developers. Retrieved 2018-08-22.
  19. ^ Bamford, James (2014-08-13). "The Most Wanted Man in the World". Wired. p. 4. Retrieved 2014-12-01.
  20. ^ Winkey Wang. "Wireless networking in Windows 10".
  21. ^ Emmanuel Grumbach. "iwlwifi: mvm: support random MAC address for scanning". Linux commit effd05ac479b. Retrieved 2018-08-22.
  22. ^ a b Célestin Matte (December 2017). Wi-Fi Tracking: Fingerprinting Attacks and Counter-Measures. 2017 (Theses). Université de Lyon. Retrieved 2018-08-22.
  23. ^ Vanhoef, Mathy; Matte, Célestin; Cunche, Mathieu; Cardoso, Leonardo; Piessens, Frank (10 June 2016). "Why MAC address randomization is not enough: An analysis of Wi-Fi network discovery mechanisms". HAL-Inria. doi:10.1145/2897845.2897883. S2CID 12706713. Retrieved 3 May 2022.
  24. ^ Martin Jeremy and Mayberry Travis and Donahue Collin and Foppe Lucas and Brown Lamont and Riggins Chadwick and Rye Erik C and Brown Dane. (PDF). 2017. Archived from the original (PDF) on 2018-08-22. Retrieved 2018-08-22.
  25. ^ Matte Célestin and Cunche Mathieu and Rousseau Franck and Vanhoef Mathy (2016-07-18). "Defeating MAC address randomization through timing attacks". Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks. pp. 15–20. doi:10.1145/2939918.2939930. ISBN 9781450342704. S2CID 2625583. Retrieved 2018-08-22.
  26. ^ Cunche, Mathieu. "I know your MAC Address: Targeted tracking of individual using Wi-Fi" (PDF). 2013. Retrieved 19 December 2014.
  27. ^ Muhammad Hassan. "How to Find iPhone MAC Address".
  28. ^ Nayak, Seema (14 March 2022). "Randomized and Changing MAC (RCM)". Cisco Blogs. To improve end-user privacy, various operating system vendors (Apple iOS 14, Android 10 and Windows 10) are enabling the use of the locally administered mac address (LAA), also referred to as the random mac address for WIFI operation. When wireless endpoint is associated with random mac address, the MAC address of the endpoint changes over time.
  29. ^ "Hidden network no beacons". security.stackexchange.com. Retrieved 16 October 2016.
  30. ^ . Configuration Guide for Cisco Secure ACS 4.2. Cisco. February 2008. Archived from the original on 2016-08-02. Retrieved 2015-09-19. You can enter the MAC address in the following formats for representing MAC-48 addresses in human-readable form: six groups of two hexadecimal digits, separated by hyphens (-) in transmission order,[...]six groups of two separated by colons (:),[...]three groups of four hexadecimal digits separated by dots (.)...
  31. ^ T. Narten; C. Burton (December 1998). A Caution On The Canonical Ordering Of Link-Layer Addresses. Network Working Group. doi:10.17487/RFC2469. RFC 2469. Informational.

External links

  • IEEE Registration Authority Tutorials
  • IEEE Registration Authority - Frequently Asked Questions
  • IEEE Public OUI and Company ID, etc. Assignment lookup
  • IEEE Public OUI/MA-L list
  • IEEE Public OUI-28/MA-M list
  • IEEE Public OUI-36/MA-S list
  • IEEE Public IAB list
  • IEEE IAB and OUI MAC Address Lookup Database and API

Parameters]

  • IANA list of Ethernet Numbers
  • Wireshark's OUI Lookup Tool and MAC address list

May 15, 2023
address, this, article, about, type, network, address, apple, computers, macintosh, other, similar, terms, media, access, control, address, unique, identifier, assigned, network, interface, controller, network, address, communications, within, network, segment. This article is about a type of network address For the Apple computers see Macintosh For other similar terms see Mac A media access control address MAC address is a unique identifier assigned to a network interface controller NIC for use as a network address in communications within a network segment This use is common in most IEEE 802 networking technologies including Ethernet Wi Fi and Bluetooth Within the Open Systems Interconnection OSI network model MAC addresses are used in the medium access control protocol sublayer of the data link layer As typically represented MAC addresses are recognizable as six groups of two hexadecimal digits separated by hyphens colons or without a separator Label of a UMTS router with MAC addresses for LAN and WLAN modules MAC addresses are primarily assigned by device manufacturers and are therefore often referred to as the burned in address or as an Ethernet hardware address hardware address or physical address Each address can be stored in hardware such as the card s read only memory or by a firmware mechanism Many network interfaces however support changing their MAC address The address typically includes a manufacturer s organizationally unique identifier OUI MAC addresses are formed according to the principles of two numbering spaces based on extended unique identifiers EUIs managed by the Institute of Electrical and Electronics Engineers IEEE EUI 48 which replaces the obsolete term MAC 48 and EUI 64 Network nodes with multiple network interfaces such as routers and multilayer switches must have a unique MAC address for each NIC in the same network However two NICs connected to two different networks can share the same MAC address Contents 1 Address details 1 1 Universal vs local U L bit 1 1 1 Universal addresses that are administered locally 1 2 Unicast vs multicast I G bit 1 3 Ranges of group and locally administered addresses 2 Applications 3 Usage in hosts 3 1 Tracking 3 1 1 Randomization 3 1 2 Other information leakage 3 2 Anonymization 4 Notational conventions 4 1 Bit reversed notation 5 See also 6 Notes 7 References 8 External linksAddress details Edit The structure of a 48 bit MAC address The b0 bit distinguishes multicast and unicast addressing and the b1 bit distinguishes universal and locally administered addressing The IEEE 802 MAC address originally comes from the Xerox Network Systems Ethernet addressing scheme 1 This 48 bit address space contains potentially 248 over 281 trillion possible MAC addresses The IEEE manages allocation of MAC addresses originally known as MAC 48 and which it now refers to as EUI 48 identifiers The IEEE has a target lifetime of 100 years until 2080 for applications using EUI 48 space and restricts applications accordingly The IEEE encourages adoption of the more plentiful EUI 64 for non Ethernet applications The distinction between EUI 48 and MAC 48 identifiers is in name and application only MAC 48 was used to address hardware interfaces within existing 802 based networking applications EUI 48 is now used for 802 based networking and is also used to identify other devices and software for example Bluetooth 2 3 The IEEE now considers MAC 48 to be an obsolete term 4 EUI 48 is now used in all cases In addition the EUI 64 numbering system originally encompassed both MAC 48 and EUI 48 identifiers by a simple translation mechanism 2 a These translations have since been deprecated 2 An Individual Address Block IAB is an inactive registry activity which has been replaced by the MA S MA S was previously named OUI 36 and have no overlaps in addresses with IAB 5 registry product as of January 1 2014 The IAB uses an OUI from MA L MAC address block large registry was previously named OUI registry the term OUI is still in use but not for calling a registry 5 belonging to the IEEE Registration Authority concatenated with 12 additional IEEE provided bits for a total of 36 bits leaving only 12 bits for the IAB owner to assign to their up to 4096 individual devices An IAB is ideal for organizations requiring not more than 4096 unique 48 bit numbers EUI 48 Unlike an OUI which allows the assignee to assign values in various different number spaces for example EUI 48 EUI 64 and the various context dependent identifier number spaces like for SNAP or EDID VSDB field the Individual Address Block could only be used to assign EUI 48 identifiers All other potential uses based on the OUI from which the IABs are allocated are reserved and remain the property of the IEEE Registration Authority Between 2007 and September 2012 the OUI value 00 50 C2 was used for IAB assignments After September 2012 the value 40 D8 55 was used The owners of an already assigned IAB may continue to use the assignment 6 MA S MAC address block small registry activity includes both a 36 bit unique number used in some standards and the assignment of a block of EUI 48 and EUI 64 identifiers while owner of IAB cannot assign EUI 64 by the IEEE Registration Authority MA S does not include assignment of an OUI There is also another registry which is called MA M MAC address block medium The MA M assignment block provides both 220 EUI 48 identifiers and 236 EUI 64 identifiers that means first 28 bits are IEEE assigned bits The first 24 bits of the assigned MA M block are an OUI assigned to IEEE that will not be reassigned so the MA M does not include assignment of an OUI Universal vs local U L bit Edit Addresses can either be universally administered addresses UAA or locally administered addresses LAA A universally administered address is uniquely assigned to a device by its manufacturer The first three octets in transmission order identify the organization that issued the identifier and are known as the organizationally unique identifier OUI 2 The remainder of the address three octets for EUI 48 or five for EUI 64 are assigned by that organization in nearly any manner they please subject to the constraint of uniqueness A locally administered address is assigned to a device by software or a network administrator overriding the burned in address for physical devices Locally administered addresses are distinguished from universally administered addresses by setting assigning the value of 1 to the second least significant bit of the first octet of the address This bit is also referred to as the U L bit short for Universal Local which identifies how the address is administered 7 self published source 8 20 If the bit is 0 the address is universally administered which is why this bit is 0 in all UAAs If it is 1 the address is locally administered In the example address 06 00 00 00 00 00 the first octet is 06 hexadecimal the binary form of which is 00000110 where the second least significant bit is 1 Therefore it is a locally administered address 9 Even though many hypervisors manage dynamic MAC addresses within their own OUI often it is useful to create an entire unique MAC within the LAA range 10 Universal addresses that are administered locally Edit In virtualisation hypervisors such as QEMU and Xen have their own OUIs Each new virtual machine is started with a MAC address set by assigning the last three bytes to be unique on the local network While this is local administration of MAC addresses it is not an LAA in the IEEE sense An historical example of this hybrid situation is the DECnet protocol where the universal MAC address OUI AA 00 04 Digital Equipment Corporation is administered locally The DECnet software assigns the last three bytes for the complete MAC address to be AA 00 04 00 XX YY where XX YY reflects the DECnet network address xx yy of the host This eliminates the need for DECnet to have an address resolution protocol since the MAC address for any DECnet host can be determined from its DECnet address Unicast vs multicast I G bit Edit The least significant bit of an address s first octet is referred to as the I G or Individual Group bit 7 self published source 8 20 When this bit is 0 zero the frame is meant to reach only one receiving NIC 11 This type of transmission is called unicast A unicast frame is transmitted to all nodes within the collision domain In a modern wired setting the collision domain usually is the length of the Ethernet cable between two network cards In a wireless setting the collision domain is all receivers that can detect a given wireless signal If a switch does not know which port leads to a given MAC address the switch will forward a unicast frame to all of its ports except the originating port an action known as unicast flood 12 self published source Only the node with the matching hardware MAC address will accept the frame network frames with non matching MAC addresses are ignored unless the device is in promiscuous mode If the least significant bit of the first octet is set to 1 i e the second hexadecimal digit is odd the frame will still be sent only once however NICs will choose to accept it based on criteria other than the matching of a MAC address for example based on a configurable list of accepted multicast MAC addresses This is called multicast addressing The IEEE has built in several special address types to allow more than one network interface card to be addressed at one time Packets sent to the broadcast address all one bits are received by all stations on a local area network In hexadecimal the broadcast address would be FF FF FF FF FF FF A broadcast frame is flooded and is forwarded to and accepted by all other nodes Packets sent to a multicast address are received by all stations on a LAN that have been configured to receive packets sent to that address Functional addresses identify one or more Token Ring NICs that provide a particular service defined in IEEE 802 5 These are all examples of group addresses as opposed to individual addresses the least significant bit of the first octet of a MAC address distinguishes individual addresses from group addresses That bit is set to 0 in individual addresses and set to 1 in group addresses Group addresses like individual addresses can be universally administered or locally administered Ranges of group and locally administered addresses Edit The U L and I G bits are handled independently and there are instances of all four possibilities 9 IPv6 multicast uses locally administered multicast MAC addresses in the range 33 33 xx xx xx xx with both bits set 13 sec 2 3 1 Given the locations of the U L and I G bits they can be discerned in a single digit in common MAC address notation as shown in the following table Universal Local and Individual Group bits in MAC addresses U LI G Universally administered Locally administeredUnicast individual x0 xx xx xx xx xxx4 xx xx xx xx xxx8 xx xx xx xx xxxC xx xx xx xx xx x2 xx xx xx xx xxx6 xx xx xx xx xxxA xx xx xx xx xxxE xx xx xx xx xxMulticast group x1 xx xx xx xx xxx5 xx xx xx xx xxx9 xx xx xx xx xxxD xx xx xx xx xx x3 xx xx xx xx xxx7 xx xx xx xx xxxB xx xx xx xx xxxF xx xx xx xx xxApplications EditThe following network technologies use the EUI 48 identifier format IEEE 802 networks Ethernet 802 11 wireless networks Wi Fi Bluetooth IEEE 802 5 Token Ring Fiber Distributed Data Interface FDDI Asynchronous Transfer Mode ATM switched virtual connections only as part of an NSAP address Fibre Channel and Serial Attached SCSI as part of a World Wide Name The ITU T G hn standard which provides a way to create a high speed up to 1 gigabit s local area network using existing home wiring power lines phone lines and coaxial cables The G hn Application Protocol Convergence APC layer accepts Ethernet frames that use the EUI 48 format and encapsulates them into G hn Medium Access Control Service Data Units MSDUs Every device that connects to an IEEE 802 network such as Ethernet and Wi Fi has an EUI 48 address Common networked consumer devices such as PCs smartphones and tablet computers use EUI 48 addresses EUI 64 identifiers are used in IEEE 1394 FireWire InfiniBand IPv6 Modified EUI 64 as the least significant 64 bits of a unicast network address or link local address when stateless address autoconfiguration is used 14 IPv6 uses a modified EUI 64 treats MAC 48 as EUI 48 instead as it is chosen from the same address pool and inverts the local bit b This results in extending MAC addresses such as IEEE 802 MAC address to modified EUI 64 using only FF FE and never FF FF and with the local bit inverted 13 sec 2 2 1 Zigbee 802 15 4 6LoWPAN wireless personal area networks IEEE 11073 20601 IEEE 11073 20601 compliant medical devices 15 Usage in hosts EditOn broadcast networks such as Ethernet the MAC address is expected to uniquely identify each node on that segment and allows frames to be marked for specific hosts It thus forms the basis of most of the link layer OSI layer 2 networking upon which upper layer protocols rely to produce complex functioning networks Many network interfaces support changing their MAC address On most Unix like systems the command utility ifconfig may be used to remove and add link address aliases For instance the active ifconfig directive may be used on NetBSD to specify which of the attached addresses to activate 16 Hence various configuration scripts and utilities permit the randomization of the MAC address at the time of booting or before establishing a network connection Changing MAC addresses is necessary in network virtualization In MAC spoofing this is practiced in exploiting security vulnerabilities of a computer system Some modern operating systems such as Apple iOS and Android especially in mobile devices are designed to randomize the assignment of a MAC address to network interface when scanning for wireless access points to avert tracking systems 17 18 In Internet Protocol IP networks the MAC address of an interface corresponding to an IP address may be queried with the Address Resolution Protocol ARP for IPv4 and the Neighbor Discovery Protocol NDP for IPv6 relating OSI layer 3 addresses with layer 2 addresses Tracking Edit Randomization Edit According to Edward Snowden the US National Security Agency has a system that tracks the movements of mobile devices in a city by monitoring MAC addresses 19 To avert this practice Apple has started using random MAC addresses in iOS devices while scanning for networks 17 Other vendors followed quickly MAC address randomization during scanning was added in Android starting from version 6 0 18 Windows 10 20 and Linux kernel 3 18 21 The actual implementations of the MAC address randomization technique vary largely in different devices 22 Moreover various flaws and shortcomings in these implementations may allow an attacker to track a device even if its MAC address is changed for instance its probe requests other elements 23 24 or their timing 25 22 If random MAC addresses are not used researchers have confirmed that it is possible to link a real identity to a particular wireless MAC address 26 27 Randomized MAC addresses can be identified by the locally administered bit described above 28 Other information leakage Edit Using wireless access points in SSID hidden mode network cloaking a mobile wireless device may not only disclose its own MAC address when traveling but even the MAC addresses associated to SSIDs the device has already connected to if they are configured to send these as part of probe request packets Alternative modes to prevent this include configuring access points to be either in beacon broadcasting mode or probe response with SSID mode In these modes probe requests may be unnecessary or sent in broadcast mode without disclosing the identity of previously known networks 29 Anonymization Edit Main article MAC address anonymizationNotational conventions EditThe standard IEEE 802 format for printing EUI 48 addresses in human friendly form is six groups of two hexadecimal digits separated by hyphens in transmission order e g 01 23 45 67 89 AB This form is also commonly used for EUI 64 e g 01 23 45 67 89 AB CD EF 2 Other conventions include six groups of two hexadecimal digits separated by colons e g 01 23 45 67 89 AB and three groups of four hexadecimal digits separated by dots e g 0123 4567 89AB again in transmission order 30 Bit reversed notation Edit The standard notation also called canonical format for MAC addresses is written in transmission order with the least significant bit of each byte transmitted first and is used in the output of the a href Ifconfig html title Ifconfig ifconfig a a href Iproute2 html title Iproute2 ip address a and a href Ipconfig html title Ipconfig ipconfig a commands for example However since IEEE 802 3 Ethernet and IEEE 802 4 Token Bus send the bytes octets over the wire left to right with the least significant bit in each byte first while IEEE 802 5 Token Ring and IEEE 802 6 FDDI send the bytes over the wire with the most significant bit first confusion may arise when an address in the latter scenario is represented with bits reversed from the canonical representation For example an address in canonical form 12 34 56 78 9A BC would be transmitted over the wire as bits 01001000 00101100 01101010 00011110 01011001 00111101 in the standard transmission order least significant bit first But for Token Ring networks it would be transmitted as bits 00010010 00110100 01010110 01111000 10011010 10111100 in most significant bit first order The latter might be incorrectly displayed as 48 2C 6A 1E 59 3D This is referred to as bit reversed order non canonical form MSB format IBM format or Token Ring format 31 See also EditHot Standby Router Protocol MAC filtering Network management Sleep Proxy Service which may spoof another device s MAC address during certain periods Transparent bridging Virtual Router Redundancy ProtocolNotes Edit To convert a MAC 48 into an EUI 64 copy the OUI append the two octets FF FF and then copy the organization specified extension identifier To convert an EUI 48 into an EUI 64 the same process is used but the sequence inserted is FF FE 2 In both cases the process could be trivially reversed when necessary Organizations issuing EUI 64s were cautioned against issuing identifiers that could be confused with these forms With local identifiers indicated with a zero bit locally assigned EUI 64 begin with leading zeroes and it is easier for administrators to type locally assigned IPv6 addresses based on the modified EUI 64References Edit IEEE Std 802 2001 PDF The Institute of Electrical and Electronics Engineers Inc IEEE 2002 02 07 p 19 ISBN 978 0 7381 2941 9 Retrieved 2011 09 08 The universal administration of LAN MAC addresses began with the Xerox Corporation administering Block Identifiers Block IDs for Ethernet addresses a b c d e f Guidelines for Use of Extended Unique Identifier EUI Organizationally Unique Identifier OUI and Company ID CID PDF IEEE Standards Association IEEE Retrieved 5 August 2018 IEEE SA IEEE Registration Authority standards ieee org Retrieved 2018 09 20 MAC Address Block Small MA S Archived from the original on 2021 04 18 Retrieved 2019 02 24 a b IEEE SA IEEE Registration Authority standards ieee org Retrieved 2018 11 27 IEEE SA IEEE Registration Authority standards ieee org Retrieved 2018 09 20 a b Ethernet frame IG LG bit explanation Wireshark networkengineering stackexchange com Retrieved 2021 01 05 a b R Hinden S Deering February 2006 IP Version 6 Addressing Architecture Network Working Group doi 10 17487 RFC4291 RFC 4291 Draft Standard Obsoletes RFC 3513 Updated by RFC 5952 6052 7136 7346 7371 and 8064 a b Standard Group MAC Addresses A Tutorial Guide PDF IEEE SA Retrieved 2018 09 20 Generating a New Unique MAC Address RedHat Retrieved 2020 06 15 Guidelines for Fibre Channel Use of the Organizationally Unique Identifier OUI PDF IEEE SA Retrieved 2018 10 11 Overview of Layer 2 Switched Networks and Communication Getting Started with LANs Cisco Support Community 5896 68421 supportforums cisco com 2011 07 23 Retrieved 2016 05 17 a b D Eastlake 3rd J Abley October 2013 IANA Considerations and IETF Protocol and Documentation Usage for IEEE 802 Parameters Internet Engineering Task Force IETF doi 10 17487 RFC7042 ISSN 2070 1721 BCP 141 RFC 7042 Best Common Practice Obsoletes RFC 5342 Updates RFC 2153 S Thomson T Narten T Jinmei September 2007 IPv6 Stateless Address Autoconfiguration Network Working Group doi 10 17487 RFC4862 RFC 4862 Draft Standard Obsoletes RFC 2462 Updated by RFC 7527 IEEE P11073 20601 Health informatics Personal health device communication Part 20601 Application profile Optimized Exchange Protocol ifconfig 8 manual page Archived from the original on 14 January 2020 Retrieved 16 October 2016 a b Mamiit Aaron 2014 06 12 Apple Implements Random MAC Address on iOS 8 Goodbye Marketers Tech Times Retrieved 2014 12 01 a b Android 6 0 Changes Android developers Retrieved 2018 08 22 Bamford James 2014 08 13 The Most Wanted Man in the World Wired p 4 Retrieved 2014 12 01 Winkey Wang Wireless networking in Windows 10 Emmanuel Grumbach iwlwifi mvm support random MAC address for scanning Linux commit effd05ac479b Retrieved 2018 08 22 a b Celestin Matte December 2017 Wi Fi Tracking Fingerprinting Attacks and Counter Measures 2017 Theses Universite de Lyon Retrieved 2018 08 22 Vanhoef Mathy Matte Celestin Cunche Mathieu Cardoso Leonardo Piessens Frank 10 June 2016 Why MAC address randomization is not enough An analysis of Wi Fi network discovery mechanisms HAL Inria doi 10 1145 2897845 2897883 S2CID 12706713 Retrieved 3 May 2022 Martin Jeremy and Mayberry Travis and Donahue Collin and Foppe Lucas and Brown Lamont and Riggins Chadwick and Rye Erik C and Brown Dane A study of MAC address randomization in mobile devices and when it fails PDF 2017 Archived from the original PDF on 2018 08 22 Retrieved 2018 08 22 Matte Celestin and Cunche Mathieu and Rousseau Franck and Vanhoef Mathy 2016 07 18 Defeating MAC address randomization through timing attacks Proceedings of the 9th ACM Conference on Security amp Privacy in Wireless and Mobile Networks pp 15 20 doi 10 1145 2939918 2939930 ISBN 9781450342704 S2CID 2625583 Retrieved 2018 08 22 Cunche Mathieu I know your MAC Address Targeted tracking of individual using Wi Fi PDF 2013 Retrieved 19 December 2014 Muhammad Hassan How to Find iPhone MAC Address Nayak Seema 14 March 2022 Randomized and Changing MAC RCM Cisco Blogs To improve end user privacy various operating system vendors Apple iOS 14 Android 10 and Windows 10 are enabling the use of the locally administered mac address LAA also referred to as the random mac address for WIFI operation When wireless endpoint is associated with random mac address the MAC address of the endpoint changes over time Hidden network no beacons security stackexchange com Retrieved 16 October 2016 Agentless Host Configuration Scenario Configuration Guide for Cisco Secure ACS 4 2 Cisco February 2008 Archived from the original on 2016 08 02 Retrieved 2015 09 19 You can enter the MAC address in the following formats for representing MAC 48 addresses in human readable form six groups of two hexadecimal digits separated by hyphens in transmission order six groups of two separated by colons three groups of four hexadecimal digits separated by dots T Narten C Burton December 1998 A Caution On The Canonical Ordering Of Link Layer Addresses Network Working Group doi 10 17487 RFC2469 RFC 2469 Informational External links EditIEEE Registration Authority Tutorials IEEE Registration Authority Frequently Asked Questions IEEE Public OUI and Company ID etc Assignment lookup IEEE Public OUI MA L list IEEE Public OUI 28 MA M list IEEE Public OUI 36 MA S list IEEE Public IAB list IEEE IAB and OUI MAC Address Lookup Database and APIParameters IANA list of Ethernet Numbers Wireshark s OUI Lookup Tool and MAC address list Retrieved from https en wikipedia org w index php title MAC address amp oldid 1154264357, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.