logologo
Ai badge logo

This article was created with the support of artificial intelligence.

ArticleDiscussion

MAC (Media Access Control)

Information And Communication Technologies
fav gif
Save
viki star outline

A MAC address (Media Access Control Address) is a 48-bit fixed identifier assigned at the physical layer to a network device. It is essential for enabling communication between network hardware components and typically consists of six binary bytes (a total of 6 bytes). Each byte carries 8 bits of data in binary form and is written in hexadecimal notation. An example MAC address appears as follows: 00-1A-2B-3C-4D-5E.


A MAC address is divided into two main parts:

  • OUI (Organizationally Unique Identifier) – The first 3 bytes (24 bits); a vendor-specific identifier assigned by IEEE.
  • NIC (Network Interface Controller) Identifier – The next 3 bytes (24 bits); assigned by the manufacturer and unique to each device.


IEEE ensures global uniqueness by allocating OUI numbers to vendors, allowing the same manufacturer to generate distinct MAC addresses for different devices.


Representative image of the MAC address layer (Generated by Artificial Intelligence)

Function and Usage Areas

A MAC address operates at the data link layer and serves as an address that enables devices to identify and communicate with each other—especially within limited network topologies like local area networks (LAN). During data transmission, every frame sent over the network includes both the source and destination MAC addresses. This structure allows network devices (such as switches and routers) to recognize the origin and destination of the data and forward it accordingly.


MAC addresses serve as physical identifiers for communication on a network and are typically resolved before IP addresses. While IP addresses are logical (software-based), MAC addresses are physical (hardware-based). Therefore, protocols like ARP (Address Resolution Protocol), which translate IP addresses into MAC addresses, operate at this level.

Address Types: Unicast, Multicast, Broadcast

MAC addresses are classified into three categories based on the type of transmission:

  • Unicast MAC Address: Targets a specific single device. If the least significant bit of the first byte is set to '0', it is a unicast address.
  • Multicast MAC Address: Refers to communication with a group of devices. The least significant bit is set to '1'. This is often seen in IPv6 multicast scenarios.
  • Broadcast MAC Address: Used to send data to all devices on the network. Universally defined as FF-FF-FF-FF-FF-FF and accepted by all NICs.

Universal and Local MAC Addresses

The second least significant bit of a MAC address, known as the U/L (Universal/Local) bit, defines how the address was assigned:

  • If set to 0, the address was universally assigned by the manufacturer and is globally unique.
  • If set to 1, it may have been locally assigned by an administrator or user. These addresses are often used for temporary purposes, virtualization (VMs), security testing, or privacy concerns.


Local addresses are structured under the IEEE 802c standard. Through the SLAP (Structured Local Address Plan) system, administrators can assign non-conflicting local MAC addresses. This type of addressing is common in virtual network interfaces, IoT devices, and wireless clients.

MAC Address Spoofing

A device's MAC address can be altered through software—a process known as MAC spoofing. In networks that rely on MAC filtering for access control, a user can impersonate another device’s MAC address to gain unauthorized access. While sometimes used legitimately (e.g., for testing or development), spoofing can pose serious security risks.


Operating systems like Linux, Windows, and macOS allow temporary MAC address changes. For instance, Linux users can assign temporary MAC addresses via commands like ifconfig or ip link, though these changes revert after a system reboot.


MAC spoofing can also be used for identity obfuscation, bypassing network bans, or evading tracking mechanisms in certain internet services.

MAC Address Randomization and Privacy

MAC address randomization is a privacy feature developed for mobile devices. During Wi-Fi scans, the device broadcasts a temporary MAC address instead of the actual one, making tracking and location surveillance more difficult.


However, studies have shown that many devices implement this feature improperly. For example:

  • Devices often revert to using their real (global) MAC address once they connect to an access point.
  • Some devices may still expose themselves through protocol behavior even when using randomized addresses.

Thus, while MAC address randomization theoretically enhances privacy, it has practical vulnerabilities, and users may still be subject to tracking.

Standards and Administration

MAC address allocation is managed by the IEEE (Institute of Electrical and Electronics Engineers), which assigns OUI blocks to manufacturers to ensure global uniqueness. The IEEE 802c standard defines local MAC address usage. Under the SLAP model, the address space is divided into subcategories such as AAI (Administratively Assigned Identifier), ELI (Extended Local Identifier), and SAI (Standard Assigned Identifier). This framework allows multiple administrators to configure non-conflicting address schemes within the same LAN.


Additionally, standardized group MAC addresses (e.g., the 01-80-C2-00-00-00 block) are allocated by IEEE for specific protocol uses and are commonly seen in Ethernet frames. The MAC address is a foundational element in networking, ensuring the unique identification of hardware devices. It plays a vital role in data transmission, network management, access control, and security mechanisms, while also posing potential risks related to privacy and tracking.


In modern systems, the role of the MAC address has expanded beyond simple traffic forwarding, becoming a core component of digital identity, network policies, and privacy strategies.


Bibliographies

IEEE. Local MAC Addresses in the Overview and Architecture Based on IEEE Std 802c. IEEE Std 802c-2017. IEEE 802 Tutorial, November 6, 2017. Accessed July 16, 2025.

https://mentor.ieee.org/802-ec/dcn/17/ec-17-0174-00-00EC-ieee-802-tutorial-of-2017-11-06-local-mac-addresses-in-the-overview-and-architecture-based-on-ieee-std-802c.pdf.

Martin, Jeremy, Travis Mayberry, Collin Donahue, Lucas Foppe, Lamont Brown, Chadwick Riggins, Erik C. Rye, and Dane Brown. “A Study of MAC Address Randomization in Mobile Devices and When It Fails.” Proceedings on Privacy Enhancing Technologies 2017, no. 4 (2017): 365–383. Accessed July 16, 2025. https://web.archive.org/web/20180822145628/https://www.degruyter.com/downloadpdf/j/popets.2017.2017.issue-4/popets-2017-0054/popets-2017-0054.pdf.

T.C. Millî Eğitim Bakanlığı. Ethernet. Bilişim Teknolojileri Alanı Öğrenim Materyali, Module Code 481BB0030. Ankara, 2011. Accessed July 16, 2025.

https://megep.meb.gov.tr/mte_program_modul/moduller_pdf/Ethernet.pdf.

T.C. Millî Eğitim Bakanlığı. Ağ Güvenliği ve Ağ Protokolleri. Elektrik-Elektronik Teknolojisi Alanı, Module Code 481BB0007. Ankara, 2011. Accessed July 16, 2025.

https://megep.meb.gov.tr/mte_program_modul/moduller_pdf/a%C4%9F%20g%C3%BCvenli%C4%9Fi%20ve%20a%C4%9F%20protokolleri.pdf.

T.C. Millî Eğitim Bakanlığı. Temel Bilgisayar Ağları 2. Endüstriyel Otomasyon Teknolojileri Alanı, Module Code 481BB0078. Ankara, 2007. Accessed July 16, 2025.

https://megep.meb.gov.tr/mte_program_modul/moduller_pdf/Temel%20Bilgisayar%20A%C4%9Flar%C4%B1%202.pdf.

Siberguvenlik.web.tr. “MAC Adresi Neden ve Nasıl Değiştirilir?” Published November 13, 2019. Accessed July 16, 2025.

https://web.archive.org/web/20200115200656/https://www.siberguvenlik.web.tr/index.php/2019/11/13/mac-adresi-neden-ve-nasil-degistirilir/.

University of Pittsburgh IT. “What is a MAC Address?” Information Technology Knowledge Base. Accessed July 16, 2025.

https://services.pitt.edu/TDClient/33/Portal/KB/ArticleDet?ID=1773.

You Can Rate Too!

0 Ratings

Author Information

Avatar
Main AuthorSamet ŞahinJuly 16, 2025 at 1:52 PM
Ask to Küre