Why are not all MAC addresses randomly assigned?

At 48 bits, this would seem reasonably safe: you would need 751 devices on a network to have a 1/1 billion probability of a collision, and 751 devices with entirely layer 2 connections are rare -- usually there is a layer 3 router in between somewhere. And a switch whose CAM table is limited to 25000 entries would not support more than a 1/1 million probability of collision, if it were ever used close to capacity.

What are the motivations behind the current scheme of MAC address administration that address a concern not solved by random MAC addresses?

Owen

Posted 2013-06-21T03:33:34.877

Reputation: 701

1Probability != Assured. As Spiff already said, PRNG can be a real pain. Relaying on a PRNG to always generate a new (unique(!)) number is a mistake, many people always confuse randomness with uniqueness or any guarantees that it does not repeat (at least many people with questions about PRNG on SO do that). – Bobby – 2013-06-21T07:58:38.370

@Bobby: Why can't we rely on PRNGs for that? Owen's math is accurate and indicates that we can assume the addresses to be unique with great certainty. – Marcks Thomas – 2013-06-21T10:01:21.080

1@MarcksThomas: Because randomness is not predictable (well, pseudo-randomness is, but that doesn't apply here) and does not carry a guarantee for uniqueness. The sequence 8 5 5 5 6 5 7 is as just random as the sequence 1 2 9 5 6 3 8. What I wanted to say is, that "unique with great certainty" is not "unique", you have a great certainty that it will not collide...but it is not guaranteed. Many people get this wrong and their systems fail afterwards because they did not take collisions into account. – Bobby – 2013-06-21T10:46:09.597

Answers

Because the IEEE knew better than to trust all vendors to get their pseudo-random number generators right.

Also, because when 48-bit MAC addresses were first used, in, like, the 1970's, it would have been too expensive to put a PRNG in every NIC, and there probably wouldn't have been a good enough entropy source for the seed.

Note that netbooting over Ethernet has been with us since the early days, so you needed your NIC hardware to be able to do everything it needed to do even before its host was booted. So no access to the host's processor capabilities or real time clock (like for a PRNG seed).

Update: Even if the random number generation was to be done at manufacturing time and burned into ROM, generating good random numbers probably wasn't a reasonable thing to expect a 1970's manufacturing line to do. It could have required buying an expensive minicomputer and installing it on the line, training people to use it, etc.

Spiff

Posted 2013-06-21T03:33:34.877

Reputation: 84 656

@Spiff They wouldn't have needed to. Choosing a random starting address and then incrementing for each subsequent one would have been about as good. And that's substantially identical to what they already do. – David Schwartz – 2016-09-07T09:29:32.123

@DavidSchwartz It's far, far safer to entrust the IEEE registrar staff to create those randomish starting points (OUIs) than to hope every manufacturer cares enough to get it right. Also, this way you can't increment your way into addresses that have the local or group bits set. – Spiff – 2016-09-08T16:51:26.813

Just to clarify, I was thinking randomly generated at manufacturing time, not at use time. Though I do see how even that would would cause problems if not done well. – Owen – 2013-06-21T04:03:46.153

@Owen I have a feeling that 1970's factories didn't have the ability to generate good random numbers effectively. Microcomputers (PCs) weren't common yet, so you'd be asking factories to add an expensive minicomputer to the production line, and train people to use it, etc. – Spiff – 2013-06-21T17:39:12.110

Ah I see. Maybe add that to the answer, too. – Owen – 2013-06-23T00:53:01.753

Using all 48 bits for the random address would lose the capability to identify the NIC manufacturers, 22 bits are used for that purpose. There are also two bits which have a specific meaning (multicast and locally assigned addresses).

That leaves 24 bits for the manufacturer to choose so the likelihood of a collision, even low, is not null. Having the manufacturers setting unique numbers and not random ones allow them to avoid taking that risk and the angry customers/press criticism that would result.

MAC addresses are here to stay for a while so assumptions made on current practical topological or sizing limitations might prove wrong in the future.

jlliagre

Posted 2013-06-21T03:33:34.877

Reputation: 12 469

What are the motivations behind the current scheme of MAC address administration that address a concern not solved by random MAC addresses?

Uniqueness.

ta.speot.is

Posted 2013-06-21T03:33:34.877

Reputation: 13 727

The whole point of his question was that the chance of an address collision with random 48-bit addresses is ridiculously small, so why bother trying to guarantee perfect uniqueness? – Spiff – 2013-06-21T17:22:53.677

Because MAC addresses are meant to be unique and it's not hard to do. – ta.speot.is – 2013-06-22T01:21:19.537