Thursday, September 10, 2015

How are MAC Addresses Unique?

With the huge volume of Internet connected devices that have been and will continue to be produced, how is the uniqueness of any ‘given’ MAC address enforced? A Network user asked, "Again and again I have read that devices are uniquely identified by their MAC addresses, but how are MAC addresses determined? And do they tell us anything about the devices they represent? How is the uniqueness of MAC addresses enforced?


How are MAC Addresses Determined?
Vendors are given a range of MAC Addresses that can be assigned to their products by the IEEE (Institute of Electrical and Electronics Engineers). MAC Address are assigned to Vendors in various sized blocks as appropriate.
  • The IEEE offers Registration Authority programs or registries which maintain lists of unique identifiers under standards and issue unique identifiers to those wishing to register them. The IEEE Registration Authority assigns unambiguous names to objects in a way which makes the assignment available to interested parties.
You can go to Vendor/Ethernet/Bluetooth MAC Address Lookup and Search to find the vendor given a particular MAC Address or find a MAC Address Range given to a vendor.
Devices are Uniquely Identified by Their MAC Addresses
This is incorrect. Devices are not uniquely identified by their MAC addresses.
  1. In the past vendors have intentionally or by mistake assigned the same MAC Address to multiple devices.
  2. It is possible to change the MAC Address presented by most hardware to the OS, an action often referred to as MAC spoofing:
  • MAC spoofing is a technique for changing a factory-assigned Media Access Control (MAC) Address of a network interface on a networked device. The MAC Address is hard-coded on a network interface controller (NIC) and cannot be changed. However, there are tools which can make an operating system believe that the NIC has the MAC Address of a user’s choosing.

Duplicate MAC Addresses
  • Manufacturers re-use MAC Addresses and they ship cards with duplicate addresses to different parts of the United States or the world so that there is only a very small chance two computers with network cards with the same MAC Address will end up on the same network.
  • MAC Addresses are ‘burned’ into the Network Interface Card (NIC) and cannot be changed. See ARP and RARP on how IP addresses are translated into MAC Addresses and vice versa.
  • In order for a network device to be able to communicate, the MAC Address it is using must be unique. No other device on that local network subnet can use that MAC Address. If two devices have the same MAC Address (which occurs more often than network administrators would like), neither computer can communicate properly. On an Ethernet LAN, this will cause a high number of collisions. Duplicate MAC Addresses on the same LAN are a problem. Duplicate MAC Addresses separated by one or more routers is not a problem since the two devices won’t see each other and will use the router to communicate.
Source: Media Access Control
Further Reading
FAQs: The Registration Authority

No comments: