Skip to main content

what is a MAC (media access control ) address

What is a MAC Address?

A MAC address, or Media Access Control address, is a 48- or 64-bit address associated with a network adapter. While IP addresses are associated with software, MAC addresses are linked to the hardware of network adapters. For this reason, the MAC address is sometimes called the hardware address, the burned-in address (BIA), or the physical address. MAC addresses are expressed in hexadecimal notation in the following format: 01-23-45-67-89-AB, in the case of a 48-bit address, or 01-23-45-67-89-AB-CD-EF, in the case of a 64-bit address. Colons (:) are sometimes used instead of dashes (-).

MAC addresses are often considered permanent, but in some circumstances, they can be changed. There are two types of MAC addresses:

Universally Administered Address

The UAA, or Universally Administered Address, is the most commonly used type of MAC address. This address is assigned to the network adapter when it is manufactured. The first three octets define the manufacturer, while the second three octets vary and identify the individual adapter. All network adapter manufacturers have their own code, called the Organizationally Unique Identifier (OUI). For example, in the MAC address 00-14-22-01-23-45, the first three octets are 00-14-22. This is the OUI for Dell. Other common OUIs include 00-04-DC for Nortel, 00-40-96 for Cisco, and 00-30-BD for Belkin. Most large manufacturers of networking equipment have multiple OUIs.

Locally Administered Address

The LAA, or Locally Administered Address, is an address that changes an adapter's MAC address. The LAA is a type of administered MAC address, and it is possible to change the LAA of a network adapter to any address of allowed length. When the LAA is set, the network adapter uses the LAA as its MAC address. Otherwise, the network adapter uses the UAA as its MAC address. All devices on the same subnet must have different MAC addresses, however. MAC addresses are very useful in diagnosing network issues, such as duplicate IP addresses, so it is a good practice to allow devices to use their UAAs instead of assigning LAAs, unless there is a compelling reason to do so.

MAC addresses are useful for security purposes, as they are only rarely changed from the default. IP addresses can change dynamically, especially on networks using DHCP to assign IP addresses, so MAC addresses are often a more reliable way to identify senders and receivers of network traffic. On wireless networks, MAC address filtering is a common security measure to prevent unwanted network access. In MAC address filtering, a wireless router is configured to accept traffic from certain MAC addresses. In this way, as whitelisted devices are assigned new IP addresses through DHCP, they retain their ability to communicate on the network. Any intruder attempting to impersonate a valid user on the network by masquerading with a faked IP address will not be able to do so because the computer's MAC address will not match any of those in the whitelist. This security method is only minimally successful, however, as a determined intruder can fake a MAC address almost as easily as an IP address

Popular posts from this blog

UPGRADING EOS in the ARISTA Switches

UPGRADING EOS in the ARISTA Switches: EOS is the Firmware for Arista Switches whereas IOS for Cisco. This blog post shows the detailed procedures to follow and to upgrade the EOS in the Arista Switches. This Post was supports for any platform or the Version you are going to upgrade in the Arista Switches. This Post was divided into three parts : Pre-Upgrade Process Upgrade Process Post-Upgrade Process PRE-UPGRADING-PROCESS: 1       1)        Check the Upgrade Path tool by clicking the below link. https://www.arista.com/en/support/mlag-portal/mlaglist and confirm it is in mlag issu compatible 2)       Check if the  STP agent is restartable by giving the command switch-1# show spanning-tree bridge detail | grep agent Stp agent restartable                      :      ...

OSI Model in Telugu

Layer 2 Security Feature : Dynamic ARP inspection

 We all know about how the ARP works and the importance of it to send the traffic to the endhost, it translates the IP to the mac address. Before we know about the dynamic arp inspection we would need to understand about the ARP poisoining, it is an man in the middle attack works by poisoining the ARP cache database.  IP to mac address tables are stored in the arp cache database in the switch or router. Hacker can poison the arp database by rewriting his own mac address for the default gateway IP so all the users traffic will redirect to the hacker laptop which causes the successful man in the middle attack. Dynamic ARP inspection works by inspecting the ARP cache database with the help of dhcp snooping database. Yesterday I explained the dhcp snooping so you can look into the article to  know how it works. It records the assigned IP with the mac addresses in the dhcp snooping table so the arp inspection would use the dhcp snooping database to find the correct IP to MAC a...