97

I want to assign my virtual machines MAC addresses so that I can configure DHCP reservations for them so that they always get the same IP address regardless of which host hypervisor they are running on or operating system they are running.

What I need to know is what range of MAC addresses can I use without fear that one day some device may be connected to our network with that MAC?

I have read the Wikipedia article on MAC addresses and this section seems to indicate that if I create an address with the form 02-XX-XX-XX-XX-XX then it is considered a locally administered address.

I would assume this means that no hardware manufacturer would ever use an address starting with 02 so I should be safe to use anything that starts with 02 for my virtual machines?

Thanks for the help.

stukelly
  • 1,015
  • 13
  • 18
Chris Magnuson
  • 3,701
  • 9
  • 40
  • 45

6 Answers6

138

There are actually 4 sets of Locally Administered Address Ranges that can be used on your network without fear of conflict, assuming no one else has assigned these on your network:

x2-xx-xx-xx-xx-xx
x6-xx-xx-xx-xx-xx
xA-xx-xx-xx-xx-xx
xE-xx-xx-xx-xx-xx

Replacing x with any hex value.

Andy Finkenstadt
  • 209
  • 1
  • 7
Sam Cogan
  • 38,158
  • 6
  • 77
  • 113
  • 26
    Useful translation of the wikipedia version: "Universally administered and locally administered addresses are distinguished by setting the second least significant bit of the most significant byte of the address. If the bit is 0, the address is universally administered. If it is 1, the address is locally administered. In the example address 02-00-00-00-00-01 the most significant byte is 02h. The binary is 00000010 and the second least significant bit is 1. Therefore, it is a locally administered address.[3] The bit is 0 in all OUIs." – Adam Brand Jul 14 '09 at 21:11
  • 5
    There are several OUIs starting with 02 in the IEEE OUI listing. For example 3COM 02-60-8C. I wonder what that means. Seems a bit contradicting that the same address space would be both reserved and free-for-all. – cyberixae Mar 27 '21 at 17:22
12

The complete list of assigned mac prefixes can be found here:

http://standards-oui.ieee.org/oui/oui.txt

There are several prefixes marked private on that list, 02 is not one of them. If you use one of those, you should be relatively safe. Keep in mind that other devices, software, etc. may also use that prefix, in which case your chance of a conflict goes up slightly.

If you are using randomly generated suffixes, your odds of collision are pretty astronomical.

Paul McMillan
  • 1,209
  • 1
  • 8
  • 17
  • I have seen this list but given that those listed as private may still conceivably end up on our network I wanted to find an a range of MACs that were explicitly not going to be used by any company. – Chris Magnuson Jul 14 '09 at 21:34
  • Just keep in mind that "complete" lists have a habit of becoming incomplete rather quickly within the IT industry. – John Gardeniers Jul 15 '09 at 02:39
  • 6
    The IEEE only lists *public* OUIs. A much more exhaustive list can be found at http://anonsvn.wireshark.org/wireshark/trunk/manuf among other places. The comments about locally administered addresses are otherwise correct. If you *really* care about such things you could take an existing VM-related OUI, e.g. VMWare's 00:05:69 and make it locally administered: 02:05:69. – Gerald Combs Jul 14 '09 at 21:27
  • 2
    Of course the LAA ranges are not listed in there. They aren't managed by the IEEE (or in fact anyone). – Falcon Momot Jun 13 '14 at 22:17
  • 1
    Note that 'private' means that the company requested not to disclose their name (and paid extra for it). I imagine this is used by manufacturers for secret experimental devices. – konrad Nov 10 '17 at 12:09
11

In case you are using VMware products (ESXi / Workstation / vCenter / ...), the valid range of manually assigned MAC addresses is:

00:50:56:00:00:00 - 00:50:56:3F:FF:FF
Jossef Harush Kadouri
  • 451
  • 5
  • 11
geeklin
  • 518
  • 2
  • 10
  • 1
    We are using Hyper V. Interesting to note that VMWare specifically carves out a range of its MAC addresses for manually assigned MACs. Thank you for the info. – Chris Magnuson Jul 14 '09 at 21:29
  • Your answer implies that MAC addresses with OUI outside of `00:50:56` would be invalid on VMware products. I do not think that is the case - I'm using a Locally Administered Address of `02:c0:c9` for some time now without issues (ESXi 6.7). It's just that VMware claimed the whole block of `00:50:65` per https://www.macvendorlookup.com/search/00:50:56:00:00:00. – SaeX Jan 19 '21 at 08:45
5

For Xen virtual machines you can use anything starting with 00:16:3E, and that's the default which many management tools will generate.

Kamil Kisiel
  • 11,946
  • 7
  • 46
  • 68
5

It seems Virtualbox version 5 uses locally administered addresses beginning with 0A-00-27 ( while in previous versions it was using 08-00-27 ).

By the way when assigning MAC addresses manually just keep in mind that 00-03-FF is used by Virtual-PC VMs like mentioned here: http://blogs.technet.com/b/medv/archive/2011/01/24/how-to-manage-vm-mac-addresses-with-the-globalimagedata-xml-file-in-med-v-v1.aspx and 00-15-5D is used by Hyper-V VMs like mentioned here: http://technet.microsoft.com/en-us/library/jj590655.aspx

zdzich
  • 83
  • 1
  • 6
4

I know this is old, but the way I read this is like so (as I am doing this now for Hyper-V 2012 and in an MSP environment....)

The order of the Hexadecimal digits is transmitted in pairs in reverse order on the ethernet wire. Thus, A3:xx:xx:xx:xx:xx is transmitted as 1100 0101:xx:xx:xx:xx:xx The 3 is transmitted before the A, making the two least significant bits transmitted first both 1's. This is according to http://standards.ieee.org/develop/regauth/tut/macgrp.pdf

Therefore, it appears that the above is correct. I understand the wiki article referenced above as well, but believe 06 is a poor example and not the way the bits are transmitted on the wire.
Here is a screen capture of the relevant piece of the above linked PDF: enter image description here

This would make the ranges start as follows for Unicast: x2:, x6:, xA:, xE: And as follows for Multicast: x3, x7,xF.

Thomas Mekeel
  • 41
  • 2