Are MAC addresses free

MAC address

The IEEE 802.1 standard defines Media Access Control (MAC). Among other things, the physical address for network interfaces is specified here. And that regardless of the transmission technology. The so-called MAC addresses apply, for example, to Ethernet (IEEE 802.3), Bluetooth (IEEE 802.15) and WLAN (IEEE 802.11).

Each host in an Ethernet-based network has its own 48-bit address. This address should uniquely identify the host worldwide. This address is known as the MAC address, hardware address, Ethernet address or physical address. The different names come from the fact that the MAC address addresses the physical connection or network access point of a host. The physical connection is the hardware. For example a network card or network adapter. The term Ethernet address comes from the fact that MAC addresses are usually assigned to Ethernet network cards, but also to WLAN and Bluetooth adapters. Each network card has its own, individual MAC address. It is configured once by the manufacturer on the hardware side and, as a rule, cannot be changed.

The MAC addresses of the sender (source) and receiver (destination) are located in each Ethernet frame (data packet). When a frame is received, the receiving unit of the receiving station compares the destination MAC address with its own MAC address. Only when the addresses match, the receiving unit forwards the content of the frame to the higher layer. If there is no match, then the frame is discarded.

Structure of a MAC address

All known access methods with a MAC layer (IEEE 802.1), for example WLAN, Bluetooth, Ethernet, Token Bus, Token Ring or FDDI, use the same MAC address format with 48-bit MAC addresses.

descriptionI / GU / LOUIOUA
bit1.2.3. - 24.25. - 48.
importanceManufacturer identificationDevice identifier

The first two bits of the MAC address identify the type of address. The first bit has a special meaning. If it is set, then it is a group of computers (multicast). An address consisting of all ones is a broadcast address. This means that all computers are addressed.

  • I / G = 0: Individual address (Unicast Address), address for a network adapter
  • I / G = 1: Group address (Multicast Address), destination address for a group of stations
  • U / L = 0: universal, globally unique and unchangeable address
  • U / L = 1: locally changeable address

The manufacturer of the network card is identified from the 3rd to the 24th bit. This bit sequence is called an Organizationally Unique Identifier (OUI). Since the first two bits of universal individual addresses are set to "0", they are often included in the OUI.
IEEE assigns the address ranges of the first 24 bits to requesting organizations. For example hardware manufacturers.
The last 24 bits, i.e. from the 25th to the 48th bit, are called the Organizationally Unique Address (OUA). The manufacturer may assign this to the devices he produces. He just has to make sure that he only assigns each MAC address once.
It is currently assumed that the 48-bit addresses will extend into the year 2100.

Representation of a MAC address

The 48 bits of the MAC address can be represented as a bit sequence or in canonical form. Because the representation as a bit sequence is too long, the 48 are divided into 6 octets (8 bits each). Each octet is then represented as a two-digit hexadecimal number. It is important that the octet is reversed (mirrored) before converting the dual into the hexadecimal representation.
In the hexadecimal representation, the hexadecimal character pairs are separated by hyphens. The representation with colons is also common. This can lead to confusion with IPv6 addresses.

Example of a forming: 00110101 -> 10101100 = [1010] [1100] = AC (hex)

 Bit sequenceCanonical form
example 100110101 01111011 00010010 00000000 00000000 00000001AC-DE-48-00-00-80
Example 201001000 00101100 01101010 00011110 01011001 0011110112-34-56-78-9A-BC

MAC multicast and MAC broadcast addresses

Occasionally it happens that an Ethernet frame should be sent to several stations (multicast) or all stations (broadcast) of a network. There is a corresponding multicast and broadcast address for this purpose. They only exist as destination addresses. There are standardized multicast addresses for special applications. However, there is only one address for broadcasts (Ethernet frames to all stations). It is:

 Bit patternCanonical form
Broadcast address11111111 11111111 11111111 11111111 11111111 11111111FF-FF-FF-FF-FF-FF

Broadcasts can put a heavy load on a network, since in this case the entire network is occupied with a single data packet for a moment. In the event of a broadcast storm, a network can even come to a standstill. If possible, broadcasts across network boundaries are avoided.

MAC addresses and privacy

A MAC address is permanently assigned to a hardware interface and is therefore a unique identifier for a specific hardware interface. The hardware interface can be a network card or a WLAN adapter.
Because the MAC address consists of the manufacturer and device ID, the device can be derived from it.
It would be conceivable that devices and thus users can be identified using the MAC address. With smartphones you can even create motion profiles if you operate several WLAN access points and collect the MAC addresses (WLAN tracking).

One solution would be for the smartphone to use a randomly generated MAC address instead of the real MAC address to scan the available WiFi networks. The correct MAC address is only used when the user connects to the access point. This prevents the user of a smartphone from leaving an identification feature while passing a third-party access point.

MAC Randomization / Random MAC Addresses

To make it more difficult to identify devices and users via WLAN access points, randomly selected MAC addresses are used when a device is actively searching for WLAN networks (probe requests). This makes tracking more difficult and restores users' privacy. The correct MAC address of the network interface is only used when the device actually connects to a WLAN network.
This function exists from Windows 10, from iOS 8 and from Android 6.

In the context of the IEEE-802 standards, it is generally permissible that IEEE-802 devices can use randomly generated MAC addresses that only remain constant for the duration of a session. It only needs to be implemented by the hardware manufacturer.
The problem here is that the probability of address collisions increases in large local networks. Because two hosts happen to have the same MAC address. However, the operation of a local network requires that each MAC address is unique.

For this reason, the proposal is being discussed to use almost the entire address space for locally administered MAC addresses in order to keep the probability of address conflicts as low as possible. The problem with this is that various procedures rely on fixed MAC addresses in middle boxes (e.g. switches, firewalls, routers, deep packet inspection systems).

It is clear that random MAC addresses are less useful and not necessary for stationary devices. This is not the case with mobile devices that log into changing networks and use WLAN tracking here. A Locally Administered Address Space could provide more privacy here.
A Locally Administered Address Space can also equip virtual machines with MAC addresses that do not have their own hardware interface.

Overview: Ethernet

Other related topics:

Product recommendations

Everything you need to know about networks.

Network technology primer

The network technology primer is a book about the basics of network technology, transmission technology, TCP / IP, services, applications and network security.

I want that!

Everything you need to know about networks.

Network technology primer

The network technology primer is a book about the basics of network technology, transmission technology, TCP / IP, services, applications and network security.

I want that!