RISC OS Open: Forum: Pi MAC address

Oct 27, 2020 3:42pm

On my BB -xM I placed a file in PreDesk to fix the machine’s MAC address which, IIRC, changed between OS updates. Do I need to do the same for the RPi 4? It’s a while back, I don’t remember the details.

Oct 27, 2020 4:16pm

Stuart Painting (5389) 714 posts

The last time I had to worry about a machine’s MAC address unexpectedly changing was back in the days of ICL mainframes. Yes, that long ago.

The EtherCPSW driver (on the Titanium) does have a facility for exposing multiple (or at least different) MAC addresses, but AFAIAA it is not active on the Pi 4.

Oct 28, 2020 12:01am

Frederick Bambrough (1372) 837 posts

If networking is not set up, you can still obtain the machine’s MAC address (except on Beagleboard, Pandaboard and IGEPv5 which do not have a MAC address, just a locally administered address). Even a model A Pi has a MAC address even though it has no network adapter.

I think this comment by Chris Hall in 2017 answers my question. I won’t need to create a MAC address.

Oct 28, 2020 8:30am

Steve Pampling (1551) 8170 posts

I won’t need to create a MAC address.

Possibly. The early developer boards (beagle etc) had a MAC set at first use IIRC.
Others had a setup that generated a MAC from a software setting. The prefix (6 chars) marked the “NIC” as ‘manufactured’ by Acorn the rest is supposedly unique in us with that prefix. See the RPCEmu Network bridging for a replicated ‘unique’ MAC = 06:02:03:04:05:06

It used to be that dropping those first 6 into a “MAC Vendor Lookup”: site would give you a response of Acorn – obviously so long gone that they’ve cleared that bit of the table.

Why is it important that they are different?
Ah, that’s L2 networking. Simple story –
routers (where IP ranges interact) are L3 and care about IP – your 192.168.2.3(private) vs. 82.165.2.13¹(real world)
Switches (and your devices PC, printer etc) don’t (the L3 layer handlers on them do)
Switches pass data from MAC address 06:02:03:04:05:06 on one port to 06:02:03:04:05:1A on another port.
OK, so if you have the same MAC on two different machines on switch port 1 and switch port 8, where exactly is the switch supposed to send the data?

I floods it out of ALL the ports, and that’s not efficient (damned inefficient in fact)²

Just make sure all your devices are different MACs and everything will be fine at that L2/L3 level.

Normal NIC devices are factory programmed with a Globally Unique value.

Yes, that was simple – I had a lecturer that spent 2 days covering the basics of the different layers in the OSI model (in which layer boundaries are sort of fuzzy…)

¹ Random address, but that translation could be true wherever 82.165.2.1 is located.
fn2. I actually had an instance where a manufacturer support guy cloned a licence by cloning the MAC³ onto another machine. On the days both were switched on (in the same network segment) neither machine worked properly if at all. No problem it was only the Cardiac Catheter suite video imaging…
fn3. Licence tied to MAC. For a new key he’d have to phone HQ support and wait about an hour.

Oct 28, 2020 6:11pm

Rick Murray (539) 13840 posts

The last time I had to worry about a machine’s MAC address unexpectedly changing was back in the days of ICL

Aren’t some devices trying to introduce MAC randomisation “for privacy”?

No problem it was only the Cardiac Catheter suite video imaging…

Uh… nothing major then.

Oct 28, 2020 6:47pm

Stuart Painting (5389) 714 posts

Aren’t some devices trying to introduce MAC randomisation “for privacy”?

If by “trying to introduce” you mean “did it 6 years ago” then yes they are. It’s sort-of OK provided that you have a big enough pool of addresses to choose from, otherwise you could have problems when two devices “randomly” choose the same MAC address.

The idea of a constantly-changing address is quite common in IPv6, but there it’s the IP address that is changing, not the MAC address. So a device would retrieve the web page using source address A, grab the stylesheet with source address B, grab the images with source addresses C through M and grab the adverts with source addresses N through Z. Someone monitoring from afar would have difficulty establishing who was requesting what; only the local router would “know” that all 26 addresses actually belonged to one device. A /64 subnet has nearly 2^64 addresses available for client use, so even if you had a million clients on that subnet it would still take quite a while to burn through all of the addresses.

Oct 28, 2020 7:00pm

Steve Pampling (1551) 8170 posts

Uh… nothing major then

He put the icing on the cake on the “fix” day by stating to everybody in the office “it’s OK they have different IP’s” and got the “networks don’t work like that” response from one of the server guys. I was, incredibly, incapable of speech…
Quick explanation of why he was wrong, and he went off to sort out the proper licence to sit on the machine back on its default MAC.

His manager later had the cheek to suggest that “no one in GE¹ would do that as it isn’t the correct procedure”²
I replied that only people in his company have access on the systems at the level required to do that. In which case was he blaming the data pixies or an act of god?

¹ Oh, sorry did I give away the name of the collection of clowns? Shame.

² If only I had a penny for every instance of one of their employees quoting procedure for a work method or system setting that was different to the last machine they or any of their colleagues worked on.

Oct 28, 2020 7:05pm

Steve Pampling (1551) 8170 posts

So a device would retrieve the web page using source address A, grab the stylesheet with source address B…

Not a fan. It isn’t more efficient so why do it?

Someone monitoring from afar would have difficulty establishing who was requesting what;

Spell security and audit.

Oct 28, 2020 7:38pm

Stuart Painting (5389) 714 posts

Not a fan. It isn’t more efficient so why do it?

I was exaggerating slightly. A more realistic scenario would be to use a different IPv6 source address for each unique destination address (so for a website with 4 different adverts you’d use 5 different IPv6 source addresses in total). A given advertiser would see that client appear for one day only then disappear forever.

Spell security and audit.

That’s why I was careful to specify “from afar”. Someone on the local subnet (e.g. the security and audit teams) would be able to see the underlying – and presumably unchanging – MAC address so could ignore the IPv6 shenanigans (and should have other local mechanisms for establishing bona fides in any case). Someone sitting at the ISP (i.e. “from afar”) would know which subnet the traffic came from but not a lot else.

Oct 28, 2020 9:04pm

Rick Murray (539) 13840 posts

Someone monitoring from afar would have difficulty establishing who was requesting what

In theory. It’d fall apart when one sees a bunch of sequential requests all saying “Mozilla/5.0 (Android 8.0.0; Mobile; rv:60.0) Gecko/60.0 Firefox/60.0” or whatever as the user agent. Worse if some add-on has pasted it’s own unique ID into the user agent string and other header info.
https://amiunique.org/fp

Oh, sorry did I give away the name

Mom wasn’t a fan of GE either. She worked in nursing, but before all the computer stuff. Maybe they just “have a reputation”? I’d ask, but…

That’s why I was careful to specify “from afar”.

You’d probably be surprised what information can be collected on you. That little Like thumb tracks you all over the place (except here, kind of pleased that ROOL offer up a local copy of the logo).

Oct 28, 2020 9:07pm

Rick Murray (539) 13840 posts

I was, incredibly, incapable of speech…

Probably just as well for the health and well-being of the person who has clearly never looked up and realised there are more than two layers in the OSI model.

Oct 28, 2020 10:02pm

Stuart Painting (5389) 714 posts

It’d fall apart when one sees a bunch of sequential requests

If someone has MITM’d all your HTTPS traffic you have bigger problems. And someone monitoring at one of the destinations would only be seeing the traffic sent to that destination (which would be from a single source IP address).

That little Like thumb tracks you all over the place

Well, it tracks that device. That isn’t necessarily the same as tracking me.

Oct 29, 2020 8:12am

David J. Ruck (33) 1635 posts

Aren’t some devices trying to introduce MAC randomisation “for privacy”?

That’s mainly with Bluetooth to prevent beacons being able to track you where ever you go. Shops often use it to see where you go, and to put more crap in between the door and what you actually want.

Oct 29, 2020 8:47am

Steve Pampling (1551) 8170 posts

Shops often use it to see where you go, and to put more crap in between the door and what you actually want.

Bit of a shame that I routinely disable bluetooth then :)
Besides, Tesco (a store I haven’t visited in months) would merely have been tracking the shortest route to fresh bread and cheese that took in a visit to the domestic bits to see what had been spelled out with the alphabet Initial mugs. (It’s a rectangle with the door, mugs (turn right), cheese, bread(turn right), lonely corner cashout(turn right), door…)

Pi MAC address

Reply

Search forums

Social

ROOL Store

Donate! Why?

RISC OS IPR

Description

Voices

Options

Oct 27, 2020 3:42pm Frederick Bambrough (1372) 837 posts	On my BB -xM I placed a file in PreDesk to fix the machine’s MAC address which, IIRC, changed between OS updates. Do I need to do the same for the RPi 4? It’s a while back, I don’t remember the details.

Oct 27, 2020 4:16pm Stuart Painting (5389) 714 posts	The last time I had to worry about a machine’s MAC address unexpectedly changing was back in the days of ICL mainframes. Yes, that long ago. The EtherCPSW driver (on the Titanium) does have a facility for exposing multiple (or at least different) MAC addresses, but AFAIAA it is not active on the Pi 4.

Oct 28, 2020 12:01am Frederick Bambrough (1372) 837 posts	If networking is not set up, you can still obtain the machine’s MAC address (except on Beagleboard, Pandaboard and IGEPv5 which do not have a MAC address, just a locally administered address). Even a model A Pi has a MAC address even though it has no network adapter. I think this comment by Chris Hall in 2017 answers my question. I won’t need to create a MAC address.

Oct 28, 2020 8:30am Steve Pampling (1551) 8170 posts	I won’t need to create a MAC address. Possibly. The early developer boards (beagle etc) had a MAC set at first use IIRC. Others had a setup that generated a MAC from a software setting. The prefix (6 chars) marked the “NIC” as ‘manufactured’ by Acorn the rest is supposedly unique in us with that prefix. See the RPCEmu Network bridging for a replicated ‘unique’ MAC = 06:02:03:04:05:06 It used to be that dropping those first 6 into a “MAC Vendor Lookup”: site would give you a response of Acorn – obviously so long gone that they’ve cleared that bit of the table. Why is it important that they are different? Ah, that’s L2 networking. Simple story – routers (where IP ranges interact) are L3 and care about IP – your 192.168.2.3(private) vs. 82.165.2.13¹(real world) Switches (and your devices PC, printer etc) don’t (the L3 layer handlers on them do) Switches pass data from MAC address 06:02:03:04:05:06 on one port to 06:02:03:04:05:1A on another port. OK, so if you have the same MAC on two different machines on switch port 1 and switch port 8, where exactly is the switch supposed to send the data? I floods it out of ALL the ports, and that’s not efficient (damned inefficient in fact)² Just make sure all your devices are different MACs and everything will be fine at that L2/L3 level. Normal NIC devices are factory programmed with a Globally Unique value. Yes, that was simple – I had a lecturer that spent 2 days covering the basics of the different layers in the OSI model (in which layer boundaries are sort of fuzzy…) ¹ Random address, but that translation could be true wherever 82.165.2.1 is located. fn2. I actually had an instance where a manufacturer support guy cloned a licence by cloning the MAC³ onto another machine. On the days both were switched on (in the same network segment) neither machine worked properly if at all. No problem it was only the Cardiac Catheter suite video imaging… fn3. Licence tied to MAC. For a new key he’d have to phone HQ support and wait about an hour.

Oct 28, 2020 6:11pm Rick Murray (539) 13840 posts	The last time I had to worry about a machine’s MAC address unexpectedly changing was back in the days of ICL Aren’t some devices trying to introduce MAC randomisation “for privacy”? No problem it was only the Cardiac Catheter suite video imaging… Uh… nothing major then.

Oct 28, 2020 6:47pm Stuart Painting (5389) 714 posts	Aren’t some devices trying to introduce MAC randomisation “for privacy”? If by “trying to introduce” you mean “did it 6 years ago” then yes they are. It’s sort-of OK provided that you have a big enough pool of addresses to choose from, otherwise you could have problems when two devices “randomly” choose the same MAC address. The idea of a constantly-changing address is quite common in IPv6, but there it’s the IP address that is changing, not the MAC address. So a device would retrieve the web page using source address A, grab the stylesheet with source address B, grab the images with source addresses C through M and grab the adverts with source addresses N through Z. Someone monitoring from afar would have difficulty establishing who was requesting what; only the local router would “know” that all 26 addresses actually belonged to one device. A /64 subnet has nearly 2^64 addresses available for client use, so even if you had a million clients on that subnet it would still take quite a while to burn through all of the addresses.

Oct 28, 2020 7:00pm Steve Pampling (1551) 8170 posts	Uh… nothing major then He put the icing on the cake on the “fix” day by stating to everybody in the office “it’s OK they have different IP’s” and got the “networks don’t work like that” response from one of the server guys. I was, incredibly, incapable of speech… Quick explanation of why he was wrong, and he went off to sort out the proper licence to sit on the machine back on its default MAC. His manager later had the cheek to suggest that “no one in GE¹ would do that as it isn’t the correct procedure”² I replied that only people in his company have access on the systems at the level required to do that. In which case was he blaming the data pixies or an act of god? ¹ Oh, sorry did I give away the name of the collection of clowns? Shame. ² If only I had a penny for every instance of one of their employees quoting procedure for a work method or system setting that was different to the last machine they or any of their colleagues worked on.

Oct 28, 2020 7:05pm Steve Pampling (1551) 8170 posts	So a device would retrieve the web page using source address A, grab the stylesheet with source address B… Not a fan. It isn’t more efficient so why do it? Someone monitoring from afar would have difficulty establishing who was requesting what; Spell security and audit.

Oct 28, 2020 7:38pm Stuart Painting (5389) 714 posts	Not a fan. It isn’t more efficient so why do it? I was exaggerating slightly. A more realistic scenario would be to use a different IPv6 source address for each unique destination address (so for a website with 4 different adverts you’d use 5 different IPv6 source addresses in total). A given advertiser would see that client appear for one day only then disappear forever. Spell security and audit. That’s why I was careful to specify “from afar”. Someone on the local subnet (e.g. the security and audit teams) would be able to see the underlying – and presumably unchanging – MAC address so could ignore the IPv6 shenanigans (and should have other local mechanisms for establishing bona fides in any case). Someone sitting at the ISP (i.e. “from afar”) would know which subnet the traffic came from but not a lot else.

Oct 28, 2020 9:04pm Rick Murray (539) 13840 posts	Someone monitoring from afar would have difficulty establishing who was requesting what In theory. It’d fall apart when one sees a bunch of sequential requests all saying “Mozilla/5.0 (Android 8.0.0; Mobile; rv:60.0) Gecko/60.0 Firefox/60.0” or whatever as the user agent. Worse if some add-on has pasted it’s own unique ID into the user agent string and other header info. https://amiunique.org/fp Oh, sorry did I give away the name Mom wasn’t a fan of GE either. She worked in nursing, but before all the computer stuff. Maybe they just “have a reputation”? I’d ask, but… That’s why I was careful to specify “from afar”. You’d probably be surprised what information can be collected on you. That little Like thumb tracks you all over the place (except here, kind of pleased that ROOL offer up a local copy of the logo).

Oct 28, 2020 9:07pm Rick Murray (539) 13840 posts	I was, incredibly, incapable of speech… Probably just as well for the health and well-being of the person who has clearly never looked up and realised there are more than two layers in the OSI model.

Oct 28, 2020 10:02pm Stuart Painting (5389) 714 posts	It’d fall apart when one sees a bunch of sequential requests If someone has MITM’d all your HTTPS traffic you have bigger problems. And someone monitoring at one of the destinations would only be seeing the traffic sent to that destination (which would be from a single source IP address). That little Like thumb tracks you all over the place Well, it tracks that device. That isn’t necessarily the same as tracking me.

Oct 29, 2020 8:12am David J. Ruck (33) 1635 posts	Aren’t some devices trying to introduce MAC randomisation “for privacy”? That’s mainly with Bluetooth to prevent beacons being able to track you where ever you go. Shops often use it to see where you go, and to put more crap in between the door and what you actually want.

Oct 29, 2020 8:47am Steve Pampling (1551) 8170 posts	Shops often use it to see where you go, and to put more crap in between the door and what you actually want. Bit of a shame that I routinely disable bluetooth then :) Besides, Tesco (a store I haven’t visited in months) would merely have been tracking the shortest route to fresh bread and cheese that took in a visit to the domestic bits to see what had been spelled out with the alphabet Initial mugs. (It’s a rectangle with the door, mugs (turn right), cheese, bread(turn right), lonely corner cashout(turn right), door…)