[AusNOG] The occurrence of duplicate MAC addresses

Paul Gear ausnog at libertysys.com.au
Wed Feb 6 22:37:00 EST 2013


On 02/06/2013 08:29 PM, Mark Smith wrote:
> Hi,
>
> There's been a discussion over the last few days on the IETF IPv6 6man (IPv6 maintenance) mailing list regarding the use of MAC addresses to generate IPv6 Interface Identifiers. One of the issues relates to how unique MAC addresses are.
>
> Following on from "The Wild West" presentation I posted the other day, I emailed HD Moore to see if I could get some numbers regarding numbers of occurrences of duplication of individual MAC addresses. HD got back to me today, I've posted them at the following mailing list archive URLs. Make sure you're sitting down.
>
> https://www.ietf.org/mail-archive/web/ipv6/current/msg17105.html

I guess this paves the way for a new SLAAC algorithm that uses a 
timestamp along with the MAC and hashes it into 32 bits so we can use 
sensible subnet lengths in IPv6-land.  I for one welcome our new /96 
overlords. :-)

Or then again, maybe it's not a problem:

[Disclaimer: I'm sure smarter people than me have put more time and 
thought into the issue, so apologies if this is old news, but it was fun 
to spend a few minutes finding out how many /64s China already has and 
fiddling around with some big numbers.]

If we assume that Huawei is the main vendor of concern (300,000-ish 
duplicate MACs, according to the graph in HD Moore's slide deck which 
you linked to on Saturday), and that 100% of their devices are in China 
(not a good assumption, but it makes the figures more conservative), and 
that duplicates are spread around evenly (an even worse assumption, but 
i'm not sure how to compensate for it), we can get an idea of how likely 
MAC address clashes are.

The average number of duplicates per address must be dramatically less 
than 60,125 (#10 on the list in your post to the IETF list), because 
300,000 * 60,125 = 18,037,500,000 = more Internet-capable devices than 
exist in the world today.  But it's a small number (only about 3-4 times 
the current number of deployed devices on the Internet, based on the 
last figures i read somewhere), so it's a good start for now.

Then we can make some calculations:

  * There are 234 IPv6 delegations from APNIC to China
    (ftp://ftp.apnic.net/pub/stats/apnic/delegated-apnic-latest)
  * These delegations are of various lengths, totalling 7463 bits of
    subnet space, or 62,650,688,471,040 /64s
  * This gives a ratio of duplicates to subnets of 1:(2^7463 /
    18,037,500,000) = 1:3473

Those odds seem pretty reasonable to me, especially given that:

  * The number of IPv6 delegations will grow dramatically over the next
    few years, expanding the potential space.
  * We've assumed that Huawei is capable of producing 18 billion devices
    before fixing their duplicate MAC issue.
  * The next-closest vendor is a long way behind Huawei in terms of
    numbers of duplicates.
  * It assumes that all devices with duplicate MACs are concentrated in
    their country of origin.

I downloaded the above APNIC delegation report, imported it into 
LibreOffice, filtered out everything but China, and made some 
calculations here if anyone cares to check: 
https://docs.google.com/spreadsheet/ccc?key=0An2Wre4MNFNHdG9aQl9Yb25tWUNDbUh6eURQVUFsT2c&usp=sharing

Paul

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130206/ceda5aae/attachment.html>


More information about the AusNOG mailing list