[AusNOG] The occurrence of duplicate MAC addresses
Mark Doorey
SBS.User at netmark.net.au
Fri Feb 8 13:24:30 EST 2013
The major thing that worries me about Huawei and the duplicate MAC
addressing of its NIC's, is that it is trying to push it's devices into
IP core. I'm sure if this lazy MAC manufacturing gets into this level
duplicates will occur.
I know this next subject is a little off topic, but with Huawei also
manufacturing a lot of Cel phone equipment and Telco equipment, a lot of
this has IP connectivity.
Mark Dooréy
On 6/02/2013 10:37 PM, Paul Gear wrote:
> On 02/06/2013 08:29 PM, Mark Smith wrote:
>> Hi,
>>
>> There's been a discussion over the last few days on the IETF IPv6 6man (IPv6 maintenance) mailing list regarding the use of MAC addresses to generate IPv6 Interface Identifiers. One of the issues relates to how unique MAC addresses are.
>>
>> Following on from "The Wild West" presentation I posted the other day, I emailed HD Moore to see if I could get some numbers regarding numbers of occurrences of duplication of individual MAC addresses. HD got back to me today, I've posted them at the following mailing list archive URLs. Make sure you're sitting down.
>>
>> https://www.ietf.org/mail-archive/web/ipv6/current/msg17105.html
>
> I guess this paves the way for a new SLAAC algorithm that uses a
> timestamp along with the MAC and hashes it into 32 bits so we can use
> sensible subnet lengths in IPv6-land. I for one welcome our new /96
> overlords. :-)
>
> Or then again, maybe it's not a problem:
>
> [Disclaimer: I'm sure smarter people than me have put more time and
> thought into the issue, so apologies if this is old news, but it was
> fun to spend a few minutes finding out how many /64s China already has
> and fiddling around with some big numbers.]
>
> If we assume that Huawei is the main vendor of concern (300,000-ish
> duplicate MACs, according to the graph in HD Moore's slide deck which
> you linked to on Saturday), and that 100% of their devices are in
> China (not a good assumption, but it makes the figures more
> conservative), and that duplicates are spread around evenly (an even
> worse assumption, but i'm not sure how to compensate for it), we can
> get an idea of how likely MAC address clashes are.
>
> The average number of duplicates per address must be dramatically less
> than 60,125 (#10 on the list in your post to the IETF list), because
> 300,000 * 60,125 = 18,037,500,000 = more Internet-capable devices than
> exist in the world today. But it's a small number (only about 3-4
> times the current number of deployed devices on the Internet, based on
> the last figures i read somewhere), so it's a good start for now.
>
> Then we can make some calculations:
>
> * There are 234 IPv6 delegations from APNIC to China
> (ftp://ftp.apnic.net/pub/stats/apnic/delegated-apnic-latest)
> * These delegations are of various lengths, totalling 7463 bits of
> subnet space, or 62,650,688,471,040 /64s
> * This gives a ratio of duplicates to subnets of 1:(2^7463 /
> 18,037,500,000) = 1:3473
>
> Those odds seem pretty reasonable to me, especially given that:
>
> * The number of IPv6 delegations will grow dramatically over the
> next few years, expanding the potential space.
> * We've assumed that Huawei is capable of producing 18 billion
> devices before fixing their duplicate MAC issue.
> * The next-closest vendor is a long way behind Huawei in terms of
> numbers of duplicates.
> * It assumes that all devices with duplicate MACs are concentrated
> in their country of origin.
>
> I downloaded the above APNIC delegation report, imported it into
> LibreOffice, filtered out everything but China, and made some
> calculations here if anyone cares to check:
> https://docs.google.com/spreadsheet/ccc?key=0An2Wre4MNFNHdG9aQl9Yb25tWUNDbUh6eURQVUFsT2c&usp=sharing
>
> Paul
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130208/475b6e6d/attachment.html>
More information about the AusNOG
mailing list