address adress apple brainpower change computer cs2400 danny docs dr_cain ethernet firewall hacking hardware ieee interesting linux mac mac-address macaddress net network networking networks osx security tech wireless

My tags:

From Wikipedia, the free encyclopedia

In computer networking, a Media Access Control address (MAC address), Ethernet Hardware Address (EHA), hardware address, adapter address or physical address is a quasi-unique identifier assigned to most network adapters or network interface cards (NICs) by the manufacturer for identification. If assigned by the manufacturer, a MAC address usually encodes the manufacturer's registered identification number.

Three numbering spaces, managed by the Institute of Electrical and Electronics Engineers (IEEE), are in common use for formulating a MAC address: MAC-48, EUI-48, and EUI-64. The IEEE claims trademarks on the names "EUI-48" and "EUI-64", where "EUI" stands for Extended Unique Identifier.

Although intended to be a permanent and globally unique identification, it is possible to change the MAC address on most of today's hardware, an action often referred to as MAC spoofing. Unlike IP address spoofing, where a sender spoofing their address in a request tricks the other party into sending the response elsewhere, in MAC address spoofing (which takes place only within a local area network), the response is received by the spoofing party.

A host cannot determine from the MAC address of another host whether that host is on the same OSI Layer 2 network segment as the sending host, or on a network segment bridged to that network segment.

In TCP/IP networks, the MAC address of a subnet interface can be queried with the IP address using the Address Resolution Protocol (ARP) for Internet Protocol Version 4 (IPv4) or the Neighbor Discovery Protocol (NDP) for IPv6. On broadcast networks, such as Ethernet, the MAC address uniquely identifies each node and allows frames to be marked for specific hosts. It thus forms the basis of most of the Link layer (OSI Layer 2) networking upon which upper layer protocols rely to produce complex, functioning networks.

Contents 1 Notational conventions 2 Address details 2.1 Individual address block 3 Bit-reversed notation 4 See also 5 References 6 External links

[edit] Notational conventions

The standard (IEEE 802) format for printing MAC-48 addresses in human-friendly form is six groups of two hexadecimal digits, separated by hyphens (-) or colons (:), in transmission order, e.g. 01-23-45-67-89-ab, 01:23:45:67:89:ab. This form is also commonly used for EUI-64. Other less common conventions use three groups of four hexadecimal digits separated by dots (.), e.g. 0123.4567.89ab; again in transmission order.

[edit] Address details

The original IEEE 802 MAC address comes from the original Xerox Ethernet addressing scheme.^[1] This 48-bit address space contains potentially 2⁴⁸ or 281,474,976,710,656 possible MAC addresses.

All three numbering systems use the same format and differ only in the length of the identifier. Addresses can either be "universally administered addresses" or "locally administered addresses."

A universally administered address is uniquely assigned to a device by its manufacturer; these are sometimes called "burned-in addresses" (BIA). The first three octets (in transmission order) identify the organization that issued the identifier and are known as the Organizationally Unique Identifier (OUI).^[2] The following three (MAC-48 and EUI-48) or five (EUI-64) octets are assigned by that organization in nearly any manner they please, subject to the constraint of uniqueness. The IEEE expects the MAC-48 space to be exhausted no sooner than the year 2100; EUI-64s are not expected to run out in the foreseeable future.

A locally administered address is assigned to a device by a network administrator, overriding the burned-in address. Locally administered addresses do not contain OUIs.

Universally administered and locally administered addresses are distinguished by setting the second least significant bit of the most significant byte of the address. If the bit is 0, the address is universally administered. If it is 1, the address is locally administered. The bit is 0 in all OUIs. For example, 02-00-00-00-00-01. The most significant byte is 02h. The binary is 00000010 and the second least significant bit is 1. Therefore, it is a locally administered address.^[3]

If the least significant bit of the most significant byte is set to a 0, the packet is meant to reach only one receiving NIC. This is called unicast. If the least significant bit of the most significant byte is set to a 1, the packet is meant to be sent only once but still reach several NICs. This is called multicast.

The following technologies use the MAC-48 identifier format:

• Ethernet
• 802.11 wireless networks
• Bluetooth
• IEEE 802.5 token ring
• most other IEEE 802 networks
• FDDI
• ATM (switched virtual connections only, as part of an NSAP address)
• Fibre Channel and Serial Attached SCSI (as part of a World Wide Name)
• The ITU-T G.hn standard, which provides a way to create a high-speed (up to 1 Gigabit/s) Local area network using existing home wiring (power lines, phone lines and coaxial cables). The G.hn Application Protocol Convergence (APC) layer accepts Ethernet frames that use the MAC-48 format and encapsulates them into G.hn MAC Service Data Units (MSDUs).

The distinction between EUI-48 and MAC-48 identifiers is purely semantic: MAC-48 is used for network hardware; EUI-48 is used to identify other devices and software. (Thus, by definition, an EUI-48 is not in fact a "MAC address", although it is syntactically indistinguishable from one and assigned from the same numbering space.)

The IEEE now considers the label MAC-48 to be an obsolete term which was previously used to refer to a specific type of EUI-48 identifier used to address hardware interfaces within existing 802-based networking applications and should not be used in the future. Instead, the term EUI-48 should be used for this purpose.

EUI-64 identifiers are used in:

• FireWire
• IPv6 (as the least-significant 64 bits of a unicast network address or link-local address when stateless autoconfiguration is used)
• ZigBee / 802.15.4 wireless personal-area networks

The IEEE has built in several special address types to allow more than one network interface card to be addressed at one time:

• Packets sent to the broadcast address, all one bits, are received by all stations on a local area network. In hexadecimal the broadcast address would be "FF:FF:FF:FF:FF:FF".
• Packets sent to a multicast address are received by all stations on a LAN that have been configured to receive packets sent to that address.
• Functional addresses identify one or more Token Ring NICs that provide a particular service, defined in IEEE 802.5.

These are "group addresses", as opposed to "individual addresses"; the least significant bit of the first octet of a MAC address distinguishes individual addresses from group addresses. That bit is set to 0 in individual addresses and 1 in group addresses. Group addresses, like individual addresses, can be universally administered or locally administered.

In addition, the EUI-64 numbering system encompasses both MAC-48 and EUI-48 identifiers by a simple translation mechanism. To convert a MAC-48 into an EUI-64, copy the OUI, append the two octets "FF-FF", and then copy the organization-specified part. To convert an EUI-48 into an EUI-64, the same process is used, but the sequence inserted is "FF-FE". In both cases, the process can be trivially reversed when necessary. Organizations issuing EUI-64s are cautioned against issuing identifiers that could be confused with these forms. The IEEE policy is to discourage new uses of 48-bit identifiers in favor of the EUI-64 system.

IPv6—one of the most prominent standards that uses EUI-64—treats MAC-48 as EUI-48 instead (as it is chosen from the same address pool). This results in extending MAC addresses (such as IEEE 802 MAC address) to EUI-64 using "FF-FE" rather than "FF-FF."

[edit] Individual address block

An Individual Address Block comprises a 24-bit OUI managed by the IEEE Registration Authority, followed by 12 IEEE-provided bits (identifying the organization), and 12 bits for the owner to assign to individual devices. An IAB is ideal for organizations requiring fewer than 4097 unique 48-bit numbers (EUI-48).^[4]

[edit] Bit-reversed notation

The standard transmission order notation for MAC addresses, as seen in the output of the ifconfig/ipconfig command for example, is also called canonical format.

However, since IEEE 802.3 (Ethernet) and IEEE 802.4 (Token Bus) send the bits over the wire with least significant bit first, while IEEE 802.5 (Token Ring) and IEEE 802.6 send the bits over the wire with most significant bit first, confusion may arise where an address in the latter scenario is represented with bits reversed from the canonical representation. So for instance, an address whose canonical form is 12-34-56-78-9A-BC would be transmitted over the wire as bits 01001000 00101100 01101010 00011110 01011001 00111101 in the standard transmission order (least significant bit first). But for Token Ring networks, it would be transmitted as bits 00010010 00110100 01010110 01111000 10011010 10111100 in most significant bit first order. If care is not taken to translate correctly and consistently to the canonical representation, the latter might be displayed as 482C6A1E593D, which could cause confusion. This would be referred to as "Bit-reversed order", "Non-canonical form", "MSB format", "IBM format", or "Token Ring format" as explained by RFC 2469. Canonical form is preferred, generally because the more modern implementations do not use non-canonical form.

[edit] See also

• NSAP address, another endpoint addressing scheme.
• Cisco Hot Standby Router Protocol or standard alternative VRRP Virtual Router Redundancy Protocol, which allows multiple routers to share one IP address and MAC address to provide router redundancy. The OpenBSD project has an open source alternative, the Common Address Redundancy Protocol (CARP).
• Internet Protocol version 6

[edit] References

1. ^ IEEE Std 802-2001
2. ^ IEEE OUI and Company_id Assignments
3. ^ Standard Group MAC Addresses: A Tutorial Guide
4. ^ "What is an Individual Address Block?". http://standards.ieee.org/faqs/OUI.html#q2. Retrieved on 2006-07-09. 

[edit] External links

Wikibooks has a book on the topic of Changing Your MAC Address

• IEEE OUI and Company_id Assignments
• Michael Patton's "Ethernet Codes Master Page"
• MAC Address Lookup (Both OUI and IAB)