What is a MAC Address?

MAC Address ( English: Media Access Control Address) , which is literally translated into a Media Access Control Address , also known as a LAN Address, MAC Address , Ethernet Address, or Physical Address. It Is an address used to confirm the location of a network device. In the OSI model, the third network layer is responsible for the IP address, and the second data link layer is responsible for the MAC address ^[1] . The MAC address is used to uniquely identify a network card in the network. If a device has one or more network cards, each network card needs and will have a unique MAC address ^[2] .

Chinese name: MAC address
Foreign name: Media Access Control Address
nickname: MAC address, hardware address

Function: Used to define the location of network devices
Features: Uniqueness
Field: computer technology

Introduction to MAC address

The MAC address is also called a physical address and a hardware address. It is an EPROM (a type of flash memory chip that can be erased and written by a program) that is burned into a network card when it is produced by a network equipment manufacturer. IP addresses and MAC addresses are expressed in binary in computers. IP addresses are 32 bits, while MAC addresses are 48 bits. ^[3]

The length of a MAC address is 48 bits (6 bytes), which is usually expressed as 12 hexadecimal numbers, such as: 00-16-EA-AE-3C-40 is a MAC address, in which the first 6 digits are hexadecimal 00-16-EA represents the number of the network hardware manufacturer, which is assigned by the IEEE (Institute of Electrical and Electronics Engineers), and the last 6 hexadecimal numbers AE-3C-40 represents a network product manufactured by the manufacturer (such Network card). As long as you do not change your own MAC address, the MAC address is unique in the world. Graphically speaking, the MAC address is just like the ID number on the ID card, which is unique ^[3] .

MAC address structure

Each device in the network has a unique network identification. This address is called the MAC address or network card address. It is written in the hardware when it is produced by the network equipment manufacturer. The MAC address is 48 bits (6 bytes), which is usually expressed as 12 hexadecimal digits. Each 2 hexadecimal digits are separated by a colon, such as 08: 00: 20: 0A: 8C: 6D Is a MAC address. The details are shown in the figure below. The first 3 bytes indicate OUI (Organizationally Unique Identifier), which is a code assigned by the IEEE registration management agency to different manufacturers.

Differentiate between different manufacturers. The last 3 bytes are allocated by the manufacturer ^[2] .

The lower second bit (LSb) of the most significant byte (MSB) of the MAC address indicates whether the MAC address is global or local, that is, U / L (Universal / Local) bit. If it is 0, it indicates a global address. All OUI bits are 0.

The least significant bit (LSb) of the most significant byte (MSB) of the MAC address indicates whether the MAC address is unicast or multicast. 0 means unicast. ^[4]

MAC address working process

The data packet on the network starts from the initial point and passes through the intermediate nodes to reach the target node. How does the data packet identify the intermediate nodes from the initial node and finally find the target node? In fact, the initial node is based on the address of the target node. , Map the IP address of the target node to the MAC address of the intermediate node, and find the first intermediate node. Starting from the first intermediate node, it is mapped to the MAC address of the second intermediate node according to the IP address of the target node, so as to find the second intermediate node ... and so on, until the last intermediate node is found, from the last An intermediate node starts and maps the destination node's MAC address to the destination node's MAC address so as to transmit the data packet to the destination host. Therefore, the data packet transmission process is: continuously mapping the address of the target node to the MAC address of each intermediate node, and then proceeding from each intermediate node until the final destination node is found ^[5] .

The key to data packet transmission is to map the IP address of the target node to the MAC address of the intermediate node. The mapping of IP address and MAC address should be completed through ARP address resolution protocol. It can map the IP address in the network to the MAC address of the host. For example, the switch can find the MAC address of the local host according to the IP address in the network. The specific process is: when the switch receives a data packet from the Internet, it will check whether there is a MAC address corresponding to the IP address inside the switch according to the destination IP address of the packet, and if there is a corresponding MAC address reserved last time , It will forward the packet to the host with the corresponding MAC address. If there is no MAC address corresponding to the destination address in the switch, the switch will map the destination IP address to the MAC address according to the correspondence in the "table" according to the ARP protocol, and the data packet will be forwarded to the host with the corresponding MAC address. ^[5] .

MAC address role

IP addresses are based on logic, are flexible, are not limited by hardware, and are easy to remember. The MAC address is consistent with the hardware to a certain extent. It is based on the physical and can identify specific network nodes. These two kinds of addresses have their own advantages, and different addresses are used when using them. ^[6]

Most of the ways to access the Internet are to organize the hosts together through a local area network, and then connect to the Internet through devices such as switches or routers. In this way, the question arises of how to distinguish specific users and prevent the theft of IP addresses. Since the IP address is only a logical identification, anyone can modify it at will, so it cannot be used to specifically identify a user. The MAC address is not the case, it is fixed in the network card. Theoretically, unless the hardware is stolen, the network card cannot be replaced by an impostor. Based on this characteristic of the MAC address, the LAN uses a method of identifying specific users with the MAC address ^[6] .

In the specific communication process, the MAC address and the IP address are mapped one-to-one through the exchange table inside the switch. When there is a data packet sent to a host in the local LAN, the switch first receives the data packet, then maps the IP address in the data packet to the MAC address according to the corresponding relationship in the exchange table, and then forwards the data packet to the corresponding MAC address of the host. In this way, even if a host steals this IP address, because the host does not have a corresponding MAC address, it cannot receive data packets, and the sending process is similar to the receiving process ^[6] .

Therefore, when communicating between computers in a local area network or a wide area network, the data packet will eventually appear to start from an initial node on some form of link, pass from one node to another node, and finally to Destination node. Data packets are transmitted between these nodes by ARP (Address Resolution Protocol) is responsible for mapping IP addresses to MAC addresses ^[6] .

Identity cards are used to prove a person's identity. The role of identity cards on weekdays is not very great, but at some critical moments, it is necessary to have an identity card to explain everything about a person. Then, binding an IP address with a MAC address is like the relationship between a person and an identity card in daily life. Because the IP address can be arbitrary, but the MAC address is the only one to indicate the identity of the IP address. For example, in order to prevent IP address theft, usually switch port binding (the MAC table of the port uses static entries), you can prevent the theft of modified MAC addresses when only one host is connected to each switch port. Layer devices can also provide binding of switch ports, IP addresses, and MAC addresses ^[7] .

MAC address acquisition method

Enter the command "ipconfig / all" at the command prompt and press Enter to display some network information of the current computer. The item "Physical Address" is the MAC address of the network card in the current computer. Of course, if there are multiple network cards installed in the computer, there will be multiple "Physical Address" words ^[6] .

IP Difference between MAC address and IP address

IP addresses and MAC addresses are the same because they are both unique. The main differences are:

For a device on the network, such as a computer or a router, its IP address is designed based on the network topology. It is easy to change the IP address on the same device or computer (but it must be unique), while MAC is It is burned by the manufacturer and generally cannot be changed. We can assign an arbitrary IP address to a host as needed. For example, we can assign an IP address to 192.168.0.112 to a computer on the LAN, or we can change it to 192.168.0.200. Once any network device (such as a network card, router) is manufactured, its MAC address cannot be modified by the configuration in the local connection. If the network card of a computer is broken, the MAC address of the computer is changed after the network card is replaced ^[5] .
Different lengths. The IP address is 32 bits and the MAC address is 48 bits ^[5] .
The basis of allocation is different. The allocation of IP addresses is based on the network topology, and the allocation of MAC addresses is based on the manufacturer ^[8] .
The addressing protocol layers are different. IP addresses are used in OSI layer 3, the network layer, and MAC addresses are used in OSI layer 2, the data link layer. The data link layer protocol allows data to be transferred from one node to another node on the same link (via a MAC address), while the network layer protocol enables data to be transferred from one network to another (ARP based on the destination IP address Find the MAC address of the intermediate node and transmit it through the intermediate node to reach the destination network. ^[1]