youtube.

com/c/TECHVORTEXX 09/04/2021

136

BY AHMED EL HEFNY
136

THE MAC ADDRESS

• Media Access control address, or mac address, is logical address
associated with Network interface card (NIC), it is the tag we was talking
about.
• The address is static, fixed, and does not change automatically, it identify
the endpoints, switch use special table to document this address and the
port number where it came from, this table is called MAC address table.
• To grant huge address space to fit with future needs, the mac address
formed from 48 bits, which possibility of 2^48 different mac addresses
“Review Binary math video”
• The first mac address value is 0, and maximum is 281,474,976,710,656
• Nearly 40,000 MAC address for each person on earth.
• Memorizing mac address in this way in inefficient, storing it in this way
also is not standardized (First is only single integer, and last is 15) 137

137

Ahmed Elhefny - linkedin.com/in/hefny91 1

youtube.com/c/TECHVORTEXX 09/04/2021

THE MAC ADDRESS CONT.

• To simplify and unify the way that mac address can be written, we could
use the dotted decimal way to represent the mac address.
• by adopting dotted decimal, the first mac can be:-
000.000.000.000.000.000 and last could be 255.255.255.255.255.255 ->
remember each 255 is 8 bits, 48/8 = 6 “255s”
• The above way, although it is better than writing in decimal way, though, it
is not fully efficient in writing or processing, the Hexadecimal way came
to address this issue.
• Mac addresses are written in Hexadecimal, Hex start with 0-9 then a-f,
total of 16 value, each character represent 4 bits (As max value of 4 bits
is 15 (1+2+4+8)) and of course the zero as well.
• MAC addresses are written using EUI-48 format (Extended Unique identifier) 138

138

THE MAC ADDRESS

FORMATION
• Mac address consist of 48 bits (6 Bytes), organized to 6 octets (8 bits),
the first (3 octets) 24 bits (From left) are called OUI, and the rest are
called serial, or client identifier or (Burned in Address = BIA)

• OUI are assigned per manufacturer, which means you can from the mac
address know what is the type of this device (Apple, Dell, Lenovo, HP)
• BIA is assigned per NIC (Wired or Wireless, it is like serial for produced
devices by manufacturer.
139

139

Ahmed Elhefny - linkedin.com/in/hefny91 2

youtube.com/c/TECHVORTEXX 09/04/2021

140

BY AHMED EL HEFNY
140

UAA AND LAA

• There are many types of MAC addresses, Unicast, Multicast, Broadcast.
• Unicast/Multicast MAC addresses can be Universally or locally assigned.
• UAA (Universally assigned) MAC are assigned globally per device, it
should not be duplicated anywhere, it can be called Global/Universal.
• IEEE Registration Authority manage UAA assignment globally.
• Locally assigned addresses are assigned locally, example for it is the
virtual interfaces MAC addresses in Network or Servers.
• U/L bit in mac address (Second bit from right) in first octet (From left) is
what define UAA from LAA, if “Zero” then it is UAA, if “One” then it is LAA

141

141

Ahmed Elhefny - linkedin.com/in/hefny91 3

youtube.com/c/TECHVORTEXX 09/04/2021

U\L BIT

OCTET1 OCTET2 OCTET3 OCTET4 OCTET5 OCTET6

? ? ? ? ? ? U/L ?

Global Address - UAA

Local Address - LAA

142

142

UNICAST & MULTICAST MAC

• As we discussed, MAC is the tag that switch used to decide where to
send the traffic.
• To communicate with multicast group, fake or virtual mac need to be
used as destination. -> review communication types.
• Unicast and Multicast MAC address are defined by I/G bit (Individual or
Group), which is the first bit from the right at the first octet from left.

143

143

Ahmed Elhefny - linkedin.com/in/hefny91 4

youtube.com/c/TECHVORTEXX 09/04/2021

I/G BIT

OCTET1 OCTET2 OCTET3 OCTET4 OCTET5 OCTET6

? ? ? ? ? ? U/L ?
I/G

Unicast MAC
Multicast MAC

144

144

MAC ADDRESSES
ORGANIZATION

IEEE Registration

FF-FF-FF-FF-FF-FF is called Broadcast MAC address

145

145

Ahmed Elhefny - linkedin.com/in/hefny91 5

youtube.com/c/TECHVORTEXX 09/04/2021

146

BY AHMED EL HEFNY
146

LAST NOTE (WHY MAC?)

• MAC address is used for communication inside layer 2 (Datalink), MAC
stand for Media Access control
• This does not mean we can use MAC address to connect with internal
application in same LAN.
• Layer 2 frame purpose is to carry layer 3 packet between same local
area network nodes, Layer 3 carry layer 4 which carry application data.
• Switches read frame to understand what is the targeted destination
(From mac address field), switches cannot read IP (Layer 2 Switches)
• Layer 3 packet cannot be sent to switch without envelop that switch can
read, this envelop is the layer 2 frame
• Similar to that Layer 4 segment or datagram carry application data, it
cannot be sent without being encapsulated in Layer 3, and so on, it is
stack, you may read the term protocol stack. 147

147

Ahmed Elhefny - linkedin.com/in/hefny91 6

youtube.com/c/TECHVORTEXX 09/04/2021

LAST NOTE
(MAC, DHCP, APIPA, IPV6)
• Before having IP address, in case we are using what is known as
Dynamic Host configuration protocol or DHCP to dynamically allocate IP
address in network, MAC address of client (Requester) is used by DHCP
server in unicast communication on layer 2 level to offer IP address.
• In case no DHCP server in network, clients try to generate random IP
addresses to their selves, this IP addresses cannot be randomly choses
as it could be duplicated, client machines machine apply algorithms to
generate IPv4 or IPv6 Link local address based on client MAC address
• As MAC address is unique, then the created address should be
somehow unique as well (in most cases) – consider 2^24 if all machines
was for same vendor and 2^16 for client addresses in APIPA process. 148

148

LAST NOTE
(THINK MORE)
• How to know you machine MAC address? (CMD/getmac) or run/ncpa.cpl
• How to write MAC address ( xx:xx or xx-xx or xxxx. )
• Can MAC address by changed? Yes, via tools or registry or NIC
properties, Android offer ability to change MAC address for privacy.
• Is there a possibility to find duplicated MAC addresses inside same
network? (10Mb/s cards)
• is there a problem when two duplicate MAC found?
• MAC address understanding is important for security people, as we
understood from the context, devices in same LAN can reach each other
using MAC address, what could happen if someone faked up his MAC
address instead of valuable server? Do you remember Net-cut program?
149

149

Ahmed Elhefny - linkedin.com/in/hefny91 7

youtube.com/c/TECHVORTEXX 09/04/2021

LAST NOTE
(MAC ADDRESS EUI-64)
• The IEEE created the EUI-64 (extended unique identifier) standard for 64-bit
MAC addresses.
• The OUI is still 24 bits, but the BIA or serial address or device identifier
became 40 bits.
• This allow for more devices under the same vendor OUI (2^40)
• Soon in IPv6 section, you will understand that IPv6 auto-config address is
derived from MAC address with EUI-64 format, and it do a little enhancement
to convert EUI-48 to EUI-64
• As far I know, switching based on EUI-64 MAC address does not yet exist as
for 2021.
• Predications suggest MAC addresses based on EUI-48 may be exhausted by
year 2080, recycling old MACs may increase the life span of EUI-48. 150

150

151

BY AHMED EL HEFNY
151

Ahmed Elhefny - linkedin.com/in/hefny91 8

youtube.com/c/TECHVORTEXX 09/04/2021

LAB TIME
WHAT WILL WE DO?
• SOHO -> Small Office/Home offices
• SMB -> Small medium business
• Packet tracer layer 1 and layer 2 devices
• Adding devices to packet tracer
• Physical medium types and how to connect devices
• The role of server in packet tracer, how to setup quick DHCP using
packet tracer
• The Hub operation in broadcast, and how switch is smart
• Using simulation mode and packet capturing to inspect frame
• And so on.. 152

152

LAB TIME!
• Use packet tracer to create basic network using switch and 3 PCs
• Add server assign static IP address to it (10.0.0.1) and enable DHCP
service on it ( distribute range 10.0.0.100-10.0.0.200)
• Make sure the 3 PCs are acquiring DHCP IP address not static

153

153

Ahmed Elhefny - linkedin.com/in/hefny91 9

youtube.com/c/TECHVORTEXX 09/04/2021

LAB TIME!

154

154

LAST NOTE ~
• Ping (Packet internet groper) is simple network reachability test, it use
ICMP echo
• There is a service called DHCP, it distribute network information such as
what is called IP address
• Unicast is working on the switch, when PC0 tried to ping PC1, the ping
request reached the intended receiver.
• Through the switching part, we will learn how to deal with Cisco switches
mac address table, how to show entries, add static entries, and find
endpoints in network using mac address table search.
• Apply in packet tracer, explore it, simulation mode is great!!!
• In Packet tracer, crossover cable is needed to connected similar devices
-> still apply the old school “no Auto-MDIX” 155

155

Ahmed Elhefny - linkedin.com/in/hefny91 10