What’s in a Name? Mac, MAC, and IP

What is the network address of your Mac? Is that its MAC, IPv4, or IPv6 address, how is each assigned, and how do they relate to one another?

Macs and iOS devices all depend on several different addresses in order to communicate over networks, including the Internet. Data that are transferred across networks, whether web pages, downloaded files, email, or whatever, are divided up into chunks or packets, which have to be correctly addressed for them to be moved around. The best-known forms of address are those used by the Internet Protocol (IP), but these come in two varieties, for 4-byte addressing (IPv4), or for 16-byte addressing (IPv6).

Making sense of different systems of addressing is essential if you are to configure the Network pane in System Preferences correctly, use DHCP to automatically allocate addresses, or diagnose problems using tools such as packet sniffers. As the world is running out of old-style IPv4 addresses, you will increasingly see reference to new-style IPv6 ones, and making that transition requires clear understanding.

MAC

Every computer and other device that can be put onto a network has a built-in firmware serial number for each of its network interfaces known as its Media Access Control (MAC), ‘hardware’, or ‘physical’ address, which must be unique. It can be possible to change an interface’s MAC, but that is the preserve of specialist engineers and hackers: normally it will be fixed for the life of the device, although hackers can spoof MAC addresses when desired.

By convention, MAC addresses are given as a series of six hexadecimal digits, such as 00:19:e3:f9:47:7e, of which the first three identify the manufacturer, in this case Apple. When you inspect packets that have been transferred over a network, for example by ‘sniffing’ them using a tool such as Cocoa Packet Analyzer, the first part of the header information contains the MAC addresses of the source and destination network interfaces. You can inspect the MAC address for each of your Mac’s network interfaces using the Info tab in Network Utility.

IP address: IPv4

Every computer and addressable device that is connected to a network must also have a locally unique identifier by which it can be addressed using the network protocol, almost invariably IP, hence each network port has an associated IP address. Unlike MAC addresses, IP addresses are configured in software, either by setting an address manually in the Network pane of System Preferences, for example, or assigned by another networked device, such as a Dynamic Host Configuration Protocol (DHCP) server.

IP addresses can be very dynamic, changing every hour if necessary, and provided that they remain unique to that local network, should be reliable. If you have ever inadvertently assigned the same IP address to two different devices on one network, you will appreciate the chaos that ensues. However most networks operate privately, so that local IP addresses are not exposed to the grand network, the Internet. Thus your Mac may have a local IP address of 192.168.1.2, but will appear to the Internet with an IP address assigned by your ISP to your router, perhaps 81.100.200.41.

Most Western networks connected to the Internet still use traditional IPv4 addresses, which are conventionally given as a sequence of four single-byte digits in decimal form, such as 192.168.1.1. These are masked for the purposes of visibility: popular configurations use a mask of 255.255.255.0, which allows a device to see all others with IP addresses in the range 192.168.1.0 to 192.168.1.255, but not those with IP addresses like 192.168.2.1 or 192.169.1.1, for example. On larger networks, masks that allow devices to see and address a wider range may be used, such as 255.255.0.0, but unless you need to support more than around 200 devices, you should stick to the standard mask of 255.255.255.0.

Certain blocks of IP addresses are reserved for specific purposes, and are not allocated for use over the Internet as a whole. Private networks should use addresses in the blocks of 10.0.0.0-10.255.255.255 (used by some DHCP servers), 172.16.0.0-172.31.255.255, and the most popular 192.168.0.0-192.168.255.255 (for both DHCP and manual allocation).

These reserved blocks reduce the number of available IPv4 addresses to considerably less than its theoretical maximum of nearly 4.3 billion, and some areas of the world have already run out of global IP addresses to allocate to systems using the old IPv4 convention. They have therefore had to switch over to the much more capacious IPv6 standard, as we will do in the future.

IP address: IPv6

IPv6 addresses are 16 bytes long, such as fe80:0000:0000:0000:0217:f2ff:fe4d:2f70. Although these look so ungainly as to be impossible to use, they provide the effectively unlimited address space that we need for the future. Because this space is so large, there is no longer any need for private IP addresses, Network Address Translation (NAT), or even DHCP: every network-capable device can have its own IPv6 addresses, much as they already have MAC addresses.

Itinerant network users such as mobile wireless devices can still be assigned temporary IPv6 addresses where necessary using DHCPv6, and there are techniques for hiding a local network that offer the benefits of traditional NAT. Hosts can autoconfigure when connected to a routed IPv6 network, using a broadcast (link-local multicast) request, for instance, in which case they will have a link-local address starting with fe80:, with IPsec encryption and authentication as standard features.

There are some notational conventions that make IPv6 addresses a little less awkward. You can elide four-digit groups consisting of zeroes, so that fe80:0000:0000:0000:0217:f2ff:fe4d:2f70 can be written more succinctly as fe80::0217:f2ff:fe4d:2f70. When given as a literal address in a URL, IPv6 addresses should be enclosed in brackets, for example http://%5Bfe80::0217:f2ff:fe4d:2f70]:8080/ Even so there is a small additional overhead to using IPv6, as each address required has an extra 12 bytes to add to the packet length.

Mac OS X has supported IPv6 since release 10.2, with full features built in since 10.4, although most Macs remain configured to use it ‘automatically’ until their Internet connection requires change.

Domains

We humans struggle to remember and use all these numbers, so tend to work with local and Internet addresses based on domain names, like apple.com, guardian.co.uk, or the shorthand for the same system, ‘localhost’. Conversion from a name to an IP address (IPv4 or IPv6) is performed by a name service, and is known as ‘lookup’, whilst translating from an IP address back to a name is ‘reverse lookup’, both standard functions of a Domain Name Server (DNS).

Thus the iMac used to write this article might have a MAC address of 00:19:e3:f9:47:7e for the Ethernet interface that connects it to its local network, a private and local IPv4 address of 192.168.1.2 but a public IPv4 address seen over the Internet as 81.100.200.41, and a matching IPv6 address of fe10:0000:0000:0000:0217:f2ff:fe4d:2f70. When using its own services via loopback, it can be referred to as ‘localhost’, which translates to 127.0.0.1 in IPv4 and 0:0:0:0:0:0:0:1 in IPv6, or on the local network by its Bonjour name of HowardsiMac.local.

Techniques: Bonjour and Addressing

Macs, other Apple and many additional products support a more modern method for automatic allocation of IP addresses, that is often preferable to DHCP. Part of Bonjour (formerly Rendezvous) is an ingenious technique known as link-local address allocation, and features in IPv6 as well as IPv4. This works particularly well on small and ad hoc networks, but can also be a valuable fallback in the event that a DHCP server fails.

If you connect a Mac with Bonjour enabled but without a fixed IP address to a network that lacks a DHCP server or other means of automatic allocation of IP addresses, it uses a pseudo-random process to pick an address within the specially allocated IPv4 block of 169.254.1.0 to 169.254.254.255. The Mac then broadcasts a request seeking whichever device already owns that address. If no other device admits to owning the address, the Mac assumes that IP address and announces itself as its owner.

These exchanges are accomplished using broadcast packets under the Address Resolution Protocol (ARP), making them easy to spot using a packet sniffer. Bonjour also provides multicast DNS (mDNS) to avoid relying on a DNS server to resolve references to local domains that are distinguished by a .local suffix. Queries to resolve mDNS names by reverse lookup are sent to the standard IP address of 224.0.0.251, another hallmark seen in network traffic.

The other main feature provided by Bonjour is DNS Service Discovery (DNS-SD), which allows a networked computer to discover which services of a given type, such as printing, music, photo, and other sharing services, are available on other networked systems; this can be extended onto the Internet in wide-area Bonjour. The combination of link-local IP allocation, mDNS and DNS-SD is far more sophisticated than plain old DHCP.

Your Mac’s Bonjour .local name is set in the Sharing pane of System Preferences, then resolved by multicast DNS, one of Bonjour’s powerful features.

Techniques: Flexible IPv4 Addressing

If you cannot use Bonjour to manage local IP addresses and network services, and prefer to remain with DHCP, you can mix fixed and dynamic IP addressing on the same network. The essential requirements are that your DHCP server and network are protected from the outside world by an effective firewall, and that you can configure the server to allocate addresses in a segment of the 256 addresses available with a standard mask of 255.255.255.0. Most modem-routers have the features to support this.

Allocate the device running the DHCP server a high fixed IP address in the block that you wish to use. Most administrators now opt for 192.168.x.x addresses, but feel free to be more adventurous than using the lowest block at 192.168.0.x. Instead opt for something like 192.168.100.253 for the DHCP server, your modem-router. Give other network devices and appliances, excluding computers and printers, fixed addresses below that, down to around 192.168.100.240 as necessary. Then allocate fixed addresses to all your static computers, printers, NAS devices, and so on, starting from 192.168.100.1 upwards.

This should then leave a gap between about 192.168.100.50 up to 192.168.100.239. Configure your DHCP server so that it will only allocate dynamic IP addresses from within that range. This provides plenty of scope for visitors, and makes it very easy for you to identify the type of device by its IP address.

If you have network problems, then you can ping easily between the fixed devices with their addresses below 192.168.100.50, knowing what should be at each of those fixed addresses. When visitors wish to connect to your network, you simply need to advise them to switch their network configuration to obtain a dynamically allocated IP address from your DHCP server, and their laptops should then appear at 192.168.100.50 and above.

Updated from the original, which was first published in MacUser volume 26 issue 17, 2010.