Lecture Notes: Understanding MAC Addresses in Networking

What is a MAC Address?

• MAC stands for Media Access Control.
• It's the hardware address of the Ethernet adapter in a device.
• Unique Identifier: Each MAC address is unique to ensure that information is sent specifically to the intended device.

Format of a MAC Address

• Length: 48 bits or 6 bytes long.
• Display Format: Typically shown in hexadecimal (e.g., 8C:2D:AA:4B:98:A7).
• Delimiters: Bytes separated by colons, periods, or other delimiters.

Structure of a MAC Address

• First 3 Bytes (OUI): Organizationally Unique Identifier, indicating the manufacturer of the network adapter.
• Last 3 Bytes: Network Interface Controller specific value, similar to a serial number.
• Storage: Stored in the ROM of the network adapter, often referred to as the "burned-in address."

Role of MAC Addresses in Networking

• Ethernet Switching: Utilizes MAC addresses to forward information to the correct device.
• MAC Address Table: Switches keep a temporary table of MAC addresses and their associated interfaces.

Learning and Aging Process

• Learning: Switches learn MAC addresses from inbound traffic and store them in a table.
  • Example: If a new MAC address is detected, it is added to the MAC address table.
• Aging: MAC addresses have a limited storage time (e.g., 5 minutes) and need to be re-learned if not used.

Scenario Example

• Sam's Device: Sends data with source MAC 1:111111111.
• SGC Server: Destination MAC 1:55555555.
• Switch Behavior: Updates MAC address table with new source and destination MAC addresses.

Challenges with MAC Address Tables

• Limited Capacity: Only a certain number of MAC addresses can be stored.
• MAC Flooding Attack:
  • Attackers can fill the MAC address table with false entries.
  • Causes the switch to behave like a hub, broadcasting all incoming frames to all interfaces.

Countermeasures

• Port Security Configurations: Used in modern switches to limit flooding capabilities and enhance security.