185

I am reading up on TCP/IP and other related protocols and technologies. MAC addresses are described as being (reasonably :) unique, and as having a large possibility space (several hundred trillions), while also being assigned to all network interfaces. What are the historical and technical reasons why IPv4 or IPv6 addresses are used instead of MAC addresses for internetwork communication?

Am I missing something fundamental or is it just a silly reason (e.g. building on top of legacy tech)?

Félix Saparelli
  • 1,373
  • 2
  • 10
  • 10
  • 55
    Pedantic correction: *reasonably* unique; cards with identical HW MAC addresses have been sighted in the wild - this is a "fun" network issue to debug. – Piskvor left the building Jul 24 '12 at 13:42
  • 11
    I personally witnessed a buggy driver which actually *assigned* the same MAC address to different network cards on different machines (which had unique HW addresses before installing that driver). Well, that was *painful*. – Massimo Jul 24 '12 at 15:08
  • 3
    Massimo, I have seen the exact same thing. That's not uncommon for a driver to do that in development and the programmers to forget to turn that component of when it goes production. @Felix, it is also common for manufacturers to reuse MACs over time and in different parts of the world. A card sold in 2005 in the US might have the same MAC as one sold in China in 2013, for example. – Robert Kaucher Jul 24 '12 at 15:17
  • 30
    Addressing a packet with a MAC address would be like addressing a letter with a social security number. – Mikey Jul 24 '12 at 17:35
  • 14
    How would you _know_ where a specific MAC-address is right now? Up front, without needing to have every node on the internet notified when you move to another net? – Thorbjørn Ravn Andersen Jul 25 '12 at 13:43
  • 1
    @Piskvor It is the responsibility of each vendor to ensure that they do not re-use a MAC address. A vendor is issued a prefix which is not given to anyone else, and that vendor issues MAC addresses within that range. If there are legitimate duplicates (i.e. not manually-assigned) then it is the mistake of the associated vendor. – tylerl Jul 25 '12 at 23:44
  • 3
    @tylerl: Yes. So what? Are you saying "hardware vendors are known to be infallible, therefore this cannot happen"? It *has* happened, multiple times, in the wild. We could be rightfully upset about this, it *should* never happen, but it does happen. We need to cope with an imperfect world, not throw our hands up in frustration and say "this should have never happened, and it's not my fault anyway." – Piskvor left the building Jul 26 '12 at 07:46
  • 2
    Sometimes you want one host to have multiple IPs and don't want to add more ethernet cards. Mac addresses map directly to one unique (reasonably) piece of hardware, whereas one network interface may have N addresses. Just using the mac address would be a bad idea for this reason alone. Not only that the mac address is used fairly heavily in switching to determine where a frame goes. Disclosing a mac address can have bad consequences if someone on your network decides to ARP spoof. – hsanders Jul 26 '12 at 15:47
  • In theory you could, but it'd be an enormous routing table! – hookenz Sep 04 '13 at 00:38
  • 1
    @RobM: how is this question not constructive? Let alone the hundreds of upvotes, it challenges a fundamental networking assumption. – Dan Dascalescu Oct 27 '14 at 03:12
  • @Matt Good luck finding a switch with a CAM that big. A million CAM entries already sounds unrealistic to me. – kasperd Aug 23 '15 at 19:54

13 Answers13

351

The MAC address might be unique, but there's nothing special about the number that would indicate where it is. MAC 00-00-00-00-00-00 might be on the other side of the planet from 00-00-00-00-00-01.

IP is an arbitrary numbering scheme imposed in a hierarchical fashion on a group of computers to logically distinguish them as a group (that's what a subnet is). Sending messages between those groups is done by routing tables, themselves divided into multiple levels so that we don't have to keep track of every single subnet. For instance, 17.x.x.x is within the Apple network. From there, Apple will know where each of its thousands of subnets are located and how to get to them (nobody else needs to know this information, they just need to know that 17.anything goes to Apple).

It's also pretty easy to relate this to another pair of systems. You have a State Issued ID Number, why would you need a mailing address if that ID number is already unique to just you? You need the mailing address because it's an arbitrary system that describes where the unique destination for communications to you should go.

chicks
  • 3,639
  • 10
  • 26
  • 36
Chris S
  • 77,337
  • 11
  • 120
  • 212
  • 25
    This is a great answer. I would have added that MAC addresses are ultimately used in IP communications once the computers determine they're on the same subnet; that's why ARP poisoning works as an attack. The same thing with a default gateway, the computer addresses packets destined for another subnet to the MAC address returned by the ARP lookup for the default gateway IP. Layer-3 / IP addressing is mostly used by routers and only used by the host to determine if the destination is on the same subnet. – Sean C. Jul 24 '12 at 13:38
  • 7
    @SeanC, MAC addresses are ultimately used in IP communications over 802.1 based line protocols (Ethernet, WiFi, Token Ring, etc). But not over ATM protocols, such as PoSDH and IPoATM. – Chris S Jul 24 '12 at 14:06
  • 1
    You're right, I should have clarified that I was talking about LANs and not WANs. Sorry. – Sean C. Jul 24 '12 at 14:08
  • 25
    Also, you can keep the same IP address when your network card (or whole computer) needs replacing. Imagine how annoying it would be without the IP abstraction. – OrangeDog Jul 24 '12 at 14:10
  • 1
    MAC addresses are **not** unique, they are duplicated very often, they are part of a finite pool, they just need to be unique on a given segment. –  Jul 24 '12 at 15:02
  • 1
    @JarrodRoberson The MAC addresses burnt into Ethernet (et al) chips are supposed to be unique and have not been repeated. VM and administratively assigned MACs may have duplicates, but such is the risk when someone is supposed to be intelligently configuring those. I've heard of repeats as well, but it doesn't change the fact that they're supposed to be unique... – Chris S Jul 24 '12 at 15:06
  • 3
    @ChrisS I have a friend who as a sys admin, received a batch of cards from a single vendor and the cards only had one MAC address in the entire palette. The vendor said that the cards did not get mixed in to the retail distribution correctly so that there were duplicates, since the order was a direct drop from the factory. Before the cards went to retail distribution, they were supposed to get mixed together to spread the dupes around. So for a given vendor, MAC addressees aren't unique, much less across vendors. –  Jul 24 '12 at 15:09
  • @ChrisS see http://superuser.com/questions/268006/are-mac-addresses-unique-when-coming-out-of-the-factory, I have actually had problems with having a Cable Modem ( Motorola Surfboard ) that was conflicting with another user on my provider, took 3 months to figure out that their modem had the same MAC address as my modem. –  Jul 24 '12 at 15:14
  • 4
    There are a variety of historical reasons for duplicate mac-address occurances [**including vendor firmware bugs**](http://osdir.com/ml/network.dhcp.isc.dhcp-client/2006-09/msg00141.html). – Mike Pennington Jul 24 '12 at 15:54
  • @JarrodRoberson Wait, what the what?! "Yeah, we know what we're selling technically isn't valid, but that's ok because you weren't supposed to notice" – 3Doubloons Jul 25 '12 at 14:26
  • 2
    @AlexBrault, if a corner can be cut you can be sure somebody somewhere is going to cut it. – Mark Ransom Jul 25 '12 at 19:26
  • Good answer! However, only a small part of the 24 class A subnet belongs to Comcast so your example is not ideal. You could replace 24.x.x.x with 17.x.x.x and Comcast with Apple, to keep it simple but more correct. – Mike Pelley Jul 25 '12 at 20:49
  • @MikePelley - no such thing as a Class A network... – Mark Henderson Jul 26 '12 at 00:58
  • 1
    @MikePelley Classful network addresses went out of style at about the same time as parachute pants. – Joel E Salas Jul 26 '12 at 01:00
  • There is no specific requirement that your network addressing system be hierarchical. That is to say it would be possible to design a networking system that uses non hierarchical addresses. The reason that IP uses hierarchical addresses comes out of the original requirement for ARPANET - Fault Tolerance. That means that there can be no single master server telling you how to get from A to B IP achieves this by using an intelligent address, that allows routing to be devolved. – Neil Jul 26 '12 at 17:23
  • @MarkHenderson Are you pointing out that I used the term class A subnet to refer to the 24.x.x.x addresses instead of class A block? If so, bravo, you got me. – Mike Pelley Jul 27 '12 at 02:00
  • @JoelESalas True, but I guess my point was that Comcast doesn't own all of 24.x.x.x. Sorry for my outdated reference, but apparently my point got across since the answer has been edited to match. – Mike Pelley Jul 27 '12 at 02:01
  • Chris S answer falls short; Why if a hierarchical system like IP is so good even with IPv6 do we really need MAC address at all? He fails telling us that while the TCP/IP protocol is good for routing packets around the world it still a Level 3 protocol when the packet has to touch the wire on a Ethernet segment the levels 1/2 of the communication on the Ethernet are handled by MAC addresses. Imagine this as a postal system your letter travels the world by the address on the envelope but within the post office it probably moves with a different addressing schema based on some i.e. barcode. – Pat Feb 14 '13 at 15:47
  • @Pat That makes absolutely no sense. And you might want to decode that bar-code on envelopes sometime - I've got the feeling you think it's something other than the address. If you're going to try to annoy me with critiques, at least get it right. – Chris S Feb 14 '13 at 15:57
  • Sorry but the one that makes no sense is you; You cannot tell the difference between a Level 3 and a Level 1/2 (MAC Layer) addressing schema. That is serious conceptual error that someone like you that claims to know something about networking should fix quickly... – Pat Feb 14 '13 at 16:05
  • @Pat Where have I claimed to know anything about networking? – Chris S Feb 14 '13 at 16:07
  • I read it on your profile, but if you do not know about networking I wonder how you dare giving this kind of answers when you definitely cannot tell the difference between L3 and L1/2 addressing schema?? you will be convinced my answers are not spam... they never were. – Pat Feb 14 '13 at 16:12
75

Because the routing tables would become impossibly large.

IP addresses are allocated hierarchically, so a router can group routes by address prefixes. The number of autonomous systems present on the net now is reasonable enough to fit in today's hardware.

On the other hand, the distribition of MAC addresses across the network is random and completely unrelated to topology. Routes grouping would be impossible, every router would need to keep track of routes for every single device that relays traffic trough it. That is what layer 2 switches do, and that does not scale well beyond a certain number of hosts.

b0fh
  • 3,313
  • 1
  • 20
  • 32
  • Can you elaborate on this? Why would they? Why is that not the case with IPv*? – Félix Saparelli Jul 24 '12 at 12:53
  • 3
    There's no intrinsic reason that router tables using a MAC-formatted address would be "impossibly large" compared to IPv4/6 formats. The problem is that allocation of IP addresses is tied up with a hierarchy that makes WAN routing feasible. MAC addresses are assigned for Ethernet devices by manufactures (and can be changed in software), and as the hardware device moves around, making those ad hoc revisions to WAN routing tables would be an "impossibly large" task. – hardmath Jul 24 '12 at 14:41
35

The world doesn't run exclusively on ethernet(at least historically). The IP layer is independant of the hardware layer beneath it.

PPP nodes don't have Mac addresses. Neither do arcnet, token ring, fddi, hppi. Those other standards may not be as relevent today, but ethernet may be replaced with other technologies in the future and it would be transparent to the IP layer.

There's a longer discussion about how we keep inventing new hardware protocols and calling them ethernet, but I digress...

Jeff Sacksteder
  • 927
  • 8
  • 15
  • 5
    Token Ring does have MAC addresses. – Chris S Jul 24 '12 at 17:22
  • You mean they can't switch to ipv6 either because the PPP node doesn't have a v6 address? (Or at least didn't have one 5-10 years ago). As far as i can tell that never stopped the deployment of ipv6 today. This doesn't make a difference for MAC either. – Dorus Jul 25 '12 at 21:00
  • 6
    @Dorus: Your comment does not make sense. PPP nodes can have both IPv4 and IPv6 addresses, precisely becauses IP builds on the underlying protocols, such as Ethernet or PPP. However, PPP nodes do not have a MAC address (because the PPP standard does not have them). – sleske Jul 26 '12 at 07:30
  • 3 years on (and a bit more knowledgeable), I would love to read that "longer discussion about how we keep inventing new hardware protocols and calling them ethernet." ;P – Félix Saparelli Dec 20 '15 at 08:47
  • This is a good start - http://standards.ieee.org/events/ethernet/history.html – Jeff Sacksteder Jan 25 '16 at 01:52
  • I like the Sybex Encyclopedia of Networking for fun reading as well. – Jeff Sacksteder Jan 25 '16 at 01:53
30

Further to the hierarchical routing of IP, having them separate from MAC addresses allows you to change your network card or whole computer while retaining the same IP address (and thus logical network topology).

This abstraction allows for much more flexible and maintainable networking.

OrangeDog
  • 519
  • 4
  • 20
22

Take a look at the OSI model: http://en.wikipedia.org/wiki/OSI_model

This explains why it doesn't make sense to make routing, a layer 3 concept, decisions based on a physical, layer 2, mechanism.

Modern networking is broken into many different layers to accomplish your end to end communication. Your network card (what is addressed by the mac address [physical address]) needs to only be responsible for communicating with peers on it's physical network.

The communication that you are allowed to accomplish with your MAC address is going to be limited to other devices that reside within physical contact to your machine. On the internet, for example, you are not physically connected to each machine. That's why we make use of TCP/IP (a layer 3, logical address) mechanism when we need to communicate with a machine that we are not physically connected to.

barancw
  • 331
  • 1
  • 6
7

b0fh is right - but also because MAC addresses are not always unique.

See for example in virtualization scenarios. Here multiple hosts can serve virtual machines with the same MAC addresses.

Frederik
  • 3,293
  • 3
  • 30
  • 46
4

Routing tables for MAC addresses would need almost every single device with a MAC address listed. Routing to the Internet for IP is a single entry 0.0.0.0/0. For networks classes they break down as 10.0.0.0/8 172.16.0.0/16 and 192.168.0.0/24. Many of these can be aggregated like 172.16.0.0/12 and 192.168.0.0/16 further reducing the routing table size.

Routes are searched in reverse order in to the number of one bits in their mask. This makes routing to 192.168.100.0/24 work when there is a route for 192.168.0.0/16 and another for 0.0.0.0/0 (default route).

EDIT: Originally, the IP range was broken into several classes; A, B, and C being the most significant. The A class made up the first half of the address range, the B range the next quarter, and the C range the next eight of the range. These classes had masks of 8, 16, and 24 bits respectively. Later the strict usage of these masks was dropped and address allocation were done in a variety of sizes.

The size of the allocation is always a power of 2 and the lowest and highest address in each allocation are reserved. Each allocation will also have an address for a router. This is often the lowest or highest non-reserved address. The smallest practical allocation is a /30 address.

IPv6 uses the same form of allocation with a /64 the smallest allocation that can appear on the Internet. Typically, and ISP will be given much larger allocation, which is all the Internet routers would need to know about. Expected allocations are specified in the RFCs. The ISP would need to know how to route its own subnet, and what addresses to route to which interconnect routers. This is significantly simpler than knowing how to route each mac address.

BillThor
  • 27,354
  • 3
  • 35
  • 69
  • 7
    There are no *Classes* in networking anymore and haven't been since 1994. =[ – Chris S Jul 24 '12 at 13:51
  • @ChrisS IPv4 PTR lookups are still done by class, although delegation is possible. The aggregations still apply with or without classes, and B and C aggregations still applied even before classless networks. – BillThor Jul 25 '12 at 02:37
  • 2
    PTR lookups are done by Octet, there are no classes. See RFC 1517 to 1520. – Chris S Jul 26 '12 at 01:27
  • 2
    @ChrisS Among the people I work with, the classes are used to refer to the number of octets in the netmask A=1, B=2, and C=3. We don't associate them with there historical ranges, and will break the A class 10.0.0.0 into B and C chunks. Classes live on in tradition, if not their original meaning. – BillThor Jul 26 '12 at 03:16
2

I think the main point they're trying to put across is that MAC addresses are determined by vendors, so there is no coherent addressing scheme that could be adhered to in a local subnet due to the huge variety of manufacturers that make interfaces.

MAC addresses are used when the destination address is in the local subnet (192.168.0.x, for example). When traffic does not match the local subnet, the computer refers to the routing table. Generally the routing table will tell any traffic that does not match the local subnet (0.0.0.0) to head to the local gateway, at which point any affiliation to MAC addresses are stripped entirely. The only way MAC addresses could be used globally would be to have one, huge, flat subnet, which would be wholly unworkable.

Alex Berry
  • 2,307
  • 13
  • 23
2

The MAC address can be the same on different ethernet adapters on the same machine. SUN had one uniqe MAC address for each machine. So the ethernet cards for SUN computers didn't have any unique MAC address, the machine did.

So when you connected the machine to two different networks, it had the same MAC address on both networks.

Anders
  • 167
  • 1
  • 8
2

MAC addresses are the addresses of the link layer(2n) in ISO/OSI model and TCP/IP model. It means MAC addresses are used to connect nodes inside a local network (point to point). IP addresses are the addresses of the network layer(3rd) inside Internet (end to end).

Both addresses are used in their layer only and are not intended to be used outside it.

logoff
  • 255
  • 1
  • 3
  • 12
1

MAC address of a target IP-address is only useful, for packet delivery, within a single local broadcast domain.

Vishwanath Dalvi
  • 153
  • 6
1

People here stated that the problem of using MAC addresses instead of IPv4 addresses is the routing, because the routing tables would grow large -- however, that assumes IPv4 routers. It is possible to have small routing tables, and if you're interested how, look for Flat namespace routing. One of the papers describing that technique is this one: http://www.cs.uiuc.edu/~caesar/papers/rofl.pdf

Nikola Knezevic
  • 111
  • 3
  • 2
    ROFL proposes that every router within as AS keep track of every single host within that AS... And use cryptographic hashes for host identifiers... So not only will there be millions of entries in the routing tables and monstrous transfer/upkeep requirements, but cryptographic algorithms are required to interpret the table. The author is out of his mind. IP might have shortcomings, but at least there aren't insane assumptions in the basic design. – Chris S Jul 25 '12 at 23:12
  • In ROFL only first hop routers need to keep the set of connected nodes, not of all nodes in the AS. Section #2 mentions caching, but that is an optimization. Crypto is only necessary when nodes are joining the router, not for the interpretation of the routing table. Routing is done on a DHT, which is much more resilient than hierarchical routing. – Nikola Knezevic Aug 15 '12 at 09:23
1

My recollection is that MAC addresses are really Ethernet addresses. Ethernet addresses are divided into two parts: a vendor part - which identifies the vender of the ethernet card and an address part which is assigned by the vendor. It is up to the vendor to make them unique - or not.

So the 48 bit MAC address space isn't used efficiently nor - as mentioned several times above - hierarchically.

The address is designed to have unique addresses on a local, CSMA network network.

At least, to the best I recall.

IP addresses are designed to scale much more generally and to solve a different problem.

Mike Howard
  • 11
  • 1
  • MAC Addresses are required to be unique - it doesn't always happen as other have noted, but it is a requirement. Manufacturers can get more than one Vendor ID. There are about 4 million possible vendor IDs (in the MAC48 address space, there's also an upcoming MAC64 address space) and less than a tenth have been assigned. Within each Vendor ID there are 16 million device IDs, it takes a while for a even large vendors to run out. – Chris S Jul 26 '12 at 01:20