Table of Contents Link to heading
- MAC Address Table or Content-Addressable Memory (CAM) Table
- MAC/Physical/Data Link Layer Address
- The Need for MAC Addressing
- Structure
- Special MAC Addresses
- Other Names of MAC Addresses
- Locally Administered Address (LAA)
- L2 Physical Addresses versus L3 Logical Addresses
MAC Address Table or Content-Addressable Memory (CAM) Table Link to heading
RAM is a type of volatile memory that can be accessed quickly by the switch. It is also where the switch stores its running configuration, routing tables, ARP tables, and other temporary data.
A switch examines its MAC address table to make a forwarding decision for each frame, which enables fast and efficient L2 switching.
MAC/Physical/Data Link Layer Address Link to heading
A physical network or a network segment is the connection of devices on a common media.
The Need for MAC Addressing Link to heading
It depends on the logical topology:
- Point-to-point topologies, with just two interconnected nodes, do not require addressing. After the frame is on the medium, it has only one place it can go.
- Ring and multiaccess topologies can interconnect many nodes over a common medium, so addressing is required for unique identification. When a frame reaches each node in the topology, the node examines the destination MAC address in the L2 header to determine whether it is the destination of the frame.
Structure Link to heading
Each NIC or Ethernet device is assigned a globally unique MAC address based on IEEE-enforced rules for vendors.
- Any vendor that sells any Ethernet NIC or interface must register with IEEE.
- A globally unique 3-byte code, called the Organisational Unique Identifier (OUI) that uniquely identifies a vendor, is assigned to the vendor.
- All MAC addresses assigned to a Ethernet NIC or interface must use that vendor’s assigned OUI as the first 3 bytes.
- All MAC addresses with the same OUI must then be assigned a unique value (vendor code or serial number) in the last 3 bytes by its vendor.
Information about the registered OUI codes can be view at ๐.
Image Source: HiTechMV
Representation Link to heading
| 48-bit/6-byte or EUI-48 address | Representation |
|---|---|
| Hyphen separated | 00-1B-63-84-45-E6 |
| Colon separated | 00:1B:63:84:45:E6 |
| Case insensitive | 00:1b:63:84:45:e6 |
| Dot separated in groups of 2 | 00.1B.63.84.45.E6 |
| Dot separated in groups of 3 | 001.B63.844.5E6 |
| Dot separated in groups of 4 | 001B.6384.45E6 |
Popular Registered Organisational Unique Identifiers (OUIs) Link to heading
| Organisation | Registered OUI |
|---|---|
| Xerox Corporation, USA | 00-00-00 - 00-00-09 |
| Omron Tateisi Electronics Co., Japan | 00-00-0A |
| Matrix Corporation, USA | 00-00-0B |
| Cisco Systems, Inc., USA | 00-00-0C |
| Fibronics LTD., Israel | 00-00-0D |
| Fujitsu Limited, Japan | 00-00-0E |
| Next, Inc., USA | 00-00-0F |
| Sytek Inc., USA | 00-00-10 |
| Normerel Systemes, France | 00-00-11 |
| Information Technology Limited, United Kingdom | 00-00-12 |
| Camex, USA | 00-00-13 |
| Netronix, USA | 00-00-14 |
| Datapoint Corporation, USA | 00-00-15 |
| Du Pont Pixel Systems, United Kingdom | 00-00-16 |
| Tekelec, USA | 00-00-17 |
| Webster Computer Corporation, USA | 00-00-18 |
| Applied Dynamics International, USA | 00-00-19 |
| Advanced Micro Devices, USA | 00-00-1A |
| Novell Inc., USA | 00-00-1B |
| Bell Technologies, USA | 00-00-1C |
Special MAC Addresses Link to heading
Unicast Link to heading
A unicast frame contains the MAC address of the destination receiver as the destination address, and the MAC address of the sender as the source address.
Broadcast Link to heading
When a source host communicates with another whose L3 address is known but the MAC address is not known. The ARP broadcasts frames at L2 to discover the MAC address of the host addressed in the IP packet header.
Dynamic Host Configuration Protocol (DHCP) for IPv4 is an example of a protocol that uses Ethernet and IPv4 broadcast addresses. However, not all Ethernet broadcasts carry IPv4 broadcast packets. For example, ARP requests do not use IPv4, but the ARP message is sent as an Ethernet broadcast.
Multicast Link to heading
A multicast frame contains the unique multicast MAC address of the group as the destination address, and the MAC address of the sender as the source address. A multicast frame is received only by the devices that belong to the group, and ignored by the others.
To have a NIC process a frame with a specific multicast address, this address must be stored in the RAM of the NIC in a similar way that the LAA is. This MAC address, along with the BIA and the MAC broadcast address, can then be compared to the destination MAC address in each incoming frame.
Routing protocols and other network protocols use multicast addressing. Applications such as video and imaging software may also use multicast addressing, although multicast applications are not as common.
Reserved Multicast Destination MAC Addresses Link to heading
Other Names of MAC Addresses Link to heading
Burned-in Address (BIA) Link to heading
However, when the computer starts up, the NIC copies the address into random-access memory (RAM), where it is used as the identifier for this node. When the receiving node is examining the frame, it is the address in RAM that is used as the source address to compare with the destination address.
Universally Administered Address (UAA) Link to heading
Locally Administered Address (LAA) Link to heading
This allows you to have a device with a new NIC or a replacement device to satisfy any network security rules based on the MAC address.
MAC masking is not a permanent change, and the original MAC address can be restored by resetting the network device or the operating system.
LAA Ranges Link to heading
Setting the second-least-significant bit of the first octet of an UAA to 1 (U/L bit) makes the address an LAA.
Thus, there are 4 ranges of LAA that can be used on a local network:
- x2-xx-xx-xx-xx-xx
- x6-xx-xx-xx-xx-xx
- xA-xx-xx-xx-xx-xx
- xE-xx-xx-xx-xx-xx
Use Cases Link to heading
One use case of LAA is when replacing a local device that is connected to an ISP that identifies or authenticates the client by the MAC address. An LAA can be used to allow a replacement device to appear to be the original device to the ISP.
Another use case is when a LAN switch is using security to allow only devices to connect that have specific MAC addresses. In this case, a configured LAA can allow the MAC address of a device to meet the MAC requirements of the security on the switch.
Another use case is for malicious purposes (MAC spoofing), such as hacking, identity theft, or network disruption.
L2 Physical Addresses versus L3 Logical Addresses Link to heading
Data Link Layer Link to heading
Although they provide unique addresses for the devices, physical addresses are nonhierarchical. MAC addresses are associated with a particular device, regardless of its location or the network to which it is connected.
These L2 addresses have no meaning outside the local network media. A L3 packet might have to traverse a number of different data-link technologies in LANs and WANs before it reaches its destination. A source device therefore has no knowledge of the technology used in intermediate and destination networks or of their L2 addressing and frame structures.
Network Layer Link to heading
However, as the packet is framed by the different data link layer protocols along the way, the L2 address it receives each time applies only to that local portion of the journey and its media