Application | |
Presentation | |
Session | |
Transport | |
Network | |
Data Link | LLC |
MAC | |
Physical |
The Media Access Control is often said to be a sub-layer of the OSI data Link layer. On every network interface adaptor card there is a set of computer chips that handle communication with the physical media (copper wire, fiber optic cable or the air) by controlling the communication signal (electricity, light or radio frequencies) over the physical media. In plain english, the computer chips that control the electricity transmitted and received on a copper wire are MAC-related hardware.
The MAC sublayer provides the means to access the the physical medium used for communication. The MAC sublayer also communicates with the Logical Link Control (LLC) sub-layer above it allowing it to access and speak to the upper layer network protocols such as IP.
MAC Addresses
The IEEE 802.3 Ethernet and 802.5 Token Ring protocols specify that the MAC sub-layer must supply a 48-bit (6 byte) address. The MAC address is most frequently represented as 12 hexadecimal digits. The MAC address uniquely identifies a specific network device and MAC addresses must be unique on a given LAN (a network of computing devices in a single subnet of IP addresses). The first 12-bit portion of the MAC address identifies the vendor of the network device, the last 12-bit portion identifies the unique id of the device itself. When looking at a hexadecimal representation of the MAC address, the first six hexadecimal digits identify the vendor and the last six hexadecimal digits identify the specific network interface card.
Here are some examples of what a MAC address looks like. There is some difference in how they are displayed on different types of computers. The hexadecimal digits are the same, but they are separated or grouped differently when displayed. Different companies like to show MAC addresses different ways.
Display Pattern | As Displayed by | Command(s) Used |
---|---|---|
0000.0C12.B1CF | Cisco | show interface sh int |
0:1:5D:12:B1:CF |
Unix/Oracle Sun | ifconfig -a |
Red Hat Linux | ||
001F28-12B1CF | HP ProCurve Switches | show bridge |
00-03-FF-12-B1-CF | Microsoft Systems | ipconfig /all |
Manufacturers of network interface adaptor cards 'burn' a MAC address into the memory of the chips on every card they produce. The pattern of bits in the first set of 24 bits of the MAC address is assigned to a specific vendor as the Organizationally Unique Identifier (OUI). Cisco was assigned the hexadecimal prefix '00000C' to use on their first set of network interface adaptors.
In the case of the protocols specified in the IEEE's 802.x series of documents, the first 24 bits of a MAC address identify the vendor-manufacturer of the network interface card and the last 24 bits identify the card itself, or more precisely, the last 24 bits identifies the specific host the network inteface card is attached to. The 24 bits used to identify a host allows for up to 16.7 million unique card addresses on one network. Since there are more than 16.7 million computers in the world, this clearly isn't enough addresses for every computer on earth, is it?
Duplicate MAC Addresses
Manufacturers re-use MAC addresses and they ship cards with duplicate addresses to different parts of the United States or the World so that there is only a very small chance two computers with network cards with the same MAC address will end up on the same network.
MAC addresses are 'burned' into the Network Interface Card (NIC), and cannot be changed. See ARP and RARP on how IP addresses are tranlated into MAC addresses and vice versa.
In order for a network device to be able to communicate, the MAC address it is using must be unique. No other device on that local network subnet can use that MAC address. If two devices have the same MAC address (which occurs more often than network administrators would like), neither computer can communicate properly. On an Ethernet LAN, this will cause a high number of collisions. Duplicate MAC addresses on the same LAN are a problem. Duplicate MAC addresses separated by one or more routers is not a problem since the two devices won't see each other and will use the router to communicate.
MAC Frame Format
Since there are various types of Network Interfaces (Ethernet, Token Ring, FDDI etc.) the MAC frame format differs by protocol according to it's design. However most will have at a minimum the following fields:
MAC CONTROL |
DESTINATION MAC ADDR |
SOURCE MAC ADDR |
LLC PDU | CRC |
MAC Control Field
The MAC control field contains all information used for flow control, connection establishment and teardown as well as error control. Not all protocols provide for establishment/teardown, flow control and error recovery. The content of this field is dependent upon the specified standards for that particular data link layer protocol (Ethernet, Token Ring, FDDI etc.)
DESTINATION / SOURCE MAC Fields
The source MAC address field contains the MAC address of the source machine--the transmitting device (since some computers with MAC addresses aren't called computers--cell phones have MAC addresses), and the destination device is the receiver. The destination MAC is closer to the 'front' (left side in the diagram) of the frame for easier scanning, mostly because it is the destination device that is important as that is the device we are trying to reach.
When the receiver responds to the frame, it will use the source address to generate the destination portion of the frame it sends out. In other words, the source MAC in the frame received becomes the destination MAC in the frame transmitted as a response.
LLC PDU Field
When talking about network communication protocols such as Ethernet or FDDI or Token Ring, they are described as being Physical and Data Link layer protocols--they perform functions that are said to be Physical and Data Link Layer functions as listed in the OSI Model of networking. For Ethernet and Token Ring the Data Link layer is described as being broken into two sub-layers, the MAC sublayer (for the MAC address and Media Access Control functions) and the Logical Link Control sublayer LLC.
The Logical Link Control Packet Data Unit field (LLC PDU) contains data from the from the LLC sub-layer of the data link layer protocol (eg. Ethernet, FDDI, Token Ring etc.). The LLC information is used to keep track of which piece of data is sent to which IP address and application. For example, the LLC information helps a web browser keep track of which data being received is part of an image in a web page, and which data is the text in the body of the web page itself.
CRC Checksum Field
This field contains what is called a 'checksum' that is the product of a Cyclic Redundancy Check (CRC check). A CRC check is a mathematical forumula that uses the data as input and produces a numeric result that is almost as unique as the input data. Using the CRC checksum value it is possible to verify the the integrity of the frame. Before transmitting the frame, the source computer calculates the checksum and places the checksum value in this field. The receiving computer looks at the same data in the frame and also calculates the checksum. If the CRC it calculates is different from the CRC checksum in the CRC checksum field, the CRC check has failed. Frames that fail this checksum test are discarded because there is a near certainty that the frame is damaged.
Questons & Answsers
Q. What is the difference between a MAC address and an IP or IPX address?
A. MAC addresses are a physical address and cannot be changed. MAC addresses are 'burned in' to the network interface card's MAC hardware. MAC addresses cannot be changed until the NIC is changed. An IP or IPX address is a logical address--it canbe changed by the network administrator or by DHCP/BootP. Computers can be moved and reassigned new IP addresses at any time without changing the computer's hardware or network interface card (NIC).
Q. When does something use my MAC address to talk to my computer?
A. Only computing devices that have an address in the same network address range as your computer and are on your local LAN can use your MAC address to talk to your computer.
Q. How do two computers talk to each other across a router? Don't they just talk to each other directly using their MAC addresses?
A. NO! NO! NO! NO! NO! Please see our LAN-to-LAN communication tutorial.