To communicate or transfer data from one computer to another, we need an address. In computer networks, various types of addresses are introduced; each works at a different layer. A MAC address, which stands for Media Access Control Address, is a physical address that works at the Data Link Layer. In this article, we will discuss addressing a DLL, which is the MAC Address.
What is MAC (Media Access Control) Address?
The MAC address is used by the Media Access Control (MAC) sublayer of the Data-Link Layer. MAC Address is worldwide unique since millions of network devices exist and we need to uniquely identify each.
- Logical Link Control (LLC) Sublayer
- Media Access Control (MAC) Sublayer
Format of MAC Address
To understand what is MAC address is, it is very important that first you understand the format of the MAC Address. So a MAC Address is a 12-digit hexadecimal number (6-bit binary number), which is mostly represented by Colon-Hexadecimal notation.
The First 6 digits (say 00:40:96) of the MAC Address identify the manufacturer, called the OUI (Organizational Unique Identifier). IEEE Registration Authority Committee assigns these MAC prefixes to its registered vendors.
Here are some OUI of well-known manufacturers:
CC:46:D6 - Cisco 3C:5A:B4 - Google, Inc. 3C:D9:2B - Hewlett Packard 00:9A:CD - HUAWEI TECHNOLOGIES CO.,LTD
Types of MAC Address
Unicast
A Unicast-addressed frame is only sent out to the interface leading to a specific NIC. If the LSB (least significant bit) of the first octet of an address is set to zero, the frame is meant to reach only one receiving NIC. The MAC Address of the source machine is always Unicast.
Multicast
The multicast address allows the source to send a frame to a group of devices. In Layer-2 (Ethernet) Multicast address, the LSB (least significant bit) of the first octet of an address is set to one. IEEE has allocated the address block 01-80-C2-xx-xx-xx (01-80-C2-00-00-00 to 01-80-C2-FF-FF-FF) for group addresses for use by standard protocols.
Broadcast
Similar to Network Layer, Broadcast is also possible on the underlying layer( Data Link Layer). Ethernet frames with ones in all bits of the destination address (FF-FF-FF-FF-FF-FF) are referred to as the broadcast addresses. Frames that are destined with MAC address FF-FF-FF-FF-FF-FF will reach every computer belonging to that LAN segment.
Why MAC and IP is needed ?
The reason for having both IP and MAC addresses lies in the way the Internet works, specifically in the structure of the OSI Model. This model is a conceptual framework that describes how data is sent and received over a network. It’s divided into seven layers, each performing specific functions.
- Layer 2 uses MAC addresses and is responsible for packet delivery from hop to hop.
- Layer 3 uses IP addresses and is responsible for packet delivery from end to end.
Layer 2 (Data Link Layer) uses a MAC (Media Access Control) address. These are unique identifiers assigned to network interfaces for communications at the data link layer. The primary function of MAC addresses is to manage how data is transported from one network node to another on a direct, physical basis – this is also referred to as “hop to hop” delivery.
On the other hand, Layer 3 ( Network Layer ) uses an IP (Internet Protocol) address. These IP addresses are used to identify devices on a network and to route traffic between networks. The IP addresses ensure that the data gets from its original source reaches its final destination and it is also called “end-to-end” delivery of data.
Examples:
When a computer sends data, it first wraps it in an IP header, which includes the source and destination IP addresses. This IP header, along with the data, is then encapsulated in a MAC header, which includes the source and destination MAC addresses for the current “hop” in the path.
As the data travels from one router to the next, the MAC address header is stripped off and a new one is generated for the next hop. However, the IP header, which was generated by the original computer, remains intact until it reaches the final destination. This process illustrates how the IP header manages the “end to end” delivery, while the MAC headers handle the “hop to hop” delivery.
So, Both IP and MAC addresses are essential for the functioning of the Internet. While MAC addresses facilitate the direct, physical transfer of data between network nodes, IP addresses ensure that the data reaches its final destination.
MAC Filtering in Computer Network
There are two kinds of network Adapters. A wired adapter allows us to set up a connection to a modem or router via Ethernet in a computer whereas a wireless adapter identifies and connects to remote hot spots. Each adapter has a distinct label known as a MAC address which recognizes and authenticates the computer. Mac address is shown in the format of 00:00:00:00:00:00 or 00-00-00-00-00-00.
Steps for Mac filtering
- Set a list of allowed devices. Only those MAC addresses which are on the list will be provided services by the DHCP.
- Set a list of denied devices. The MAC addresses which are on the denied list will not be granted server by DHCP.
- If the MAC address is on both the allowed and denied list then it will be denied the service.
For enabling a list of allowed, denied or both devices follow the steps given below.
- Go to the DHCP console, right-click the IPv4 node, and click properties.Use the current filter configuration details on the filter tab and use an allow list by selecting enable allow list and
- Use a denied list by selecting enable deny list.Click OK and save changes.
Updating Mac filtering:
Note that if MAC Filtering is enabled on a wireless router and the MAC address is not entered then the wireless device connected to the router will not be able to connect
We do not need to enable MAC Filtering if this is already disabled for troubleshooting purposes. Router manufacturers are more knowledgeable in this field.
What to Do –
- Go to your router settings.
In the router’s settings locate the tab or setting “MAC Filtering.” This is found within a router’s “Wireless” or “Wireless Security” options. In some routers, MAC Filtering may also be referred to as “MAC Address Control, “” Address Reservation, ” or “Wireless MAC Authentication.” - One needs to add the Nintendo system’s MAC Address to the list of allowed devices and save or apply this change if MAC Filtering is on or enabled. If you do not want MAC Filtering on for your network turn it off or disable it.
Applications of MAC filtering in computer networks:
- Access control: MAC filtering can be used to restrict access to a network by only allowing devices with authorized MAC addresses to connect. This can help prevent unauthorized access to the network and improve network security.
- Parental controls: MAC filtering can be used by parents to restrict access to the internet for their children by allowing only specific devices to connect to the network.
- BYOD policies: MAC filtering can be used to implement Bring Your Own Device (BYOD) policies in organizations. By allowing only authorized devices to connect to the network, organizations can ensure that only approved devices are used to access corporate resources.
- Guest access
- Wireless networks and Network monitoring
- Compliance and Traffic management,Troubleshooting
- Remote management and IOT.
Drawbacks:
- It is time-consuming and tedious especially if you have a lot of Wi-Fi-enabled devices as you will need to get the MAC to address every device. The list of allowed devices should be modified whenever we want to purchase a new computer or mobile device or whenever we want to grant permission to a new device.
- Two MAC addresses should be added for the PCs one being the wired adapter and one being the wireless adapter.
- It won’t protect against hackers who know what they are doing. But you can use it for kids to disallow access as they don’t have adequate knowledge.
- It can make the network less secure because now the hacker doesn’t have to crack your WPA2-encrypted password at all.
