MAC address vs. IP address: What's the difference?
A MAC address and an IP address each identify network devices, but they do the jobs at different levels. Explore the differences between the two and learn why both are necessary.
Every computer or device on the internet has two types of addresses: a physical address and an internet address.
The physical address -- or media access control (MAC) address -- identifies a device to other devices on the same local network. The internet address -- or IP address -- identifies the device globally. A network packet needs both addresses to get to its destination.
What's the difference between MAC and IP addresses?
MAC addresses and IP addresses both identify a network device but in different ways. Some of the main differences between a MAC address and an IP address include the following:
- Local identification vs. global identification.
- Layer 2 vs. Layer 3 operation.
- Physical address vs. logical address.
- Number of bits.
- Address assignment and permanence.
- Address formatting.
A MAC address is responsible for local identification and an IP address for global identification. For example, the MAC address is only significant on the LAN to which a device is connected. It is not used or retained in the data stream once packets leave that network. This is the primary difference between a MAC address and IP address, affecting how the addresses differ in their number of bits, address assignment and interactions.
Another difference between a MAC address and IP address is the way the addresses are assigned. Manufacturers assign a unique MAC address to each device, and these addresses are typically regarded as permanent. But it is possible to alter or spoof a MAC address with command-line tools and software settings. An IP address is bound to a network device via software configurations. Network administrators can manually change the address at any time or use Dynamic Host Protocol Configuration (DHCP) to change it dynamically.
What is a MAC address?
Media access control refers to the piece of hardware that controls how data is pushed out onto a network. A MAC device operates on Layer 2 -- the data link layer -- of the OSI model for networking. Each device has a MAC address that acts as a unique identifier for the network interface card (NIC) installed on the device. This address operates at Layer 2, letting devices talk to each other within the same broadcast domain.
In the current internet era, most devices are connected physically with Ethernet cables or wirelessly with Wi-Fi. Both methods use MAC addresses to identify a device on the local network.
A MAC address consists of 12 hexadecimal digits, usually grouped into six pairs separated by hyphens. MAC addresses are available from 00-00-00-00-00-00 through FF-FF-FF-FF-FF-FF. The first half of the number is typically used as a manufacturer ID, while the second half is a device identifier. In nearly all enterprise network devices today, this number is hardcoded into the device during the manufacturing process.
The number of device-identifying bits is limited, however, so manufacturers do reuse them. Each manufacturer has about 1.68 million available addresses, so when it burns a device with a MAC address ending in FF-FF-FF, it starts again at 00-00-00. This approach assumes it is highly unlikely two devices with the same address will end up in the same local network segment.
No two devices on a local network should ever have the same MAC address. If that does happen, both devices have communication problems because the local network gets confused about which device should receive the packet. When a switch broadcasts a packet to all ports to find the intended recipient, the device that responds first receives the packet stream. If the device reboots, is taken away or shuts down, the other node then receives the packets.
What is an IP address?
Internet Protocol controls how devices on the internet communicate and defines the behavior of internet routers. It corresponds to Layer 3, the network layer, of the OSI reference model. The internet was initially built around IPv4 and is in transition to IPv6.
An IP address identifies a device on the global internet, acting as the device's logical address to identify its network connection. Typically, an ISP assigns the IP address to a customer's device. Network administrators use DHCP to assign and manage IP addresses within the local network.
An IPv4 address consists of 32 bits, usually written as four octets using decimal numbers, separated by periods. This format is also known as a dotted quad. Possible values range from 000.000.000.000 through 255.255.255.255, although many possible addresses are disallowed or reserved for specific purposes. One example is 192.0.2.127.
The IP address combines network identification and device identification data. The network prefix is anywhere from eight to 31 bits, and the remaining bits identify the device on the network. Steady, rapid growth in the number of internet-connected devices has led to the looming exhaustion of the IPv4 address list -- one of several reasons for the development of IPv6.
An IPv6 address consists of 128 bits, with the first 64 reserved for network identification and the second 64 dedicated to identifying a device on the network. The address is typically written as eight sets of four hexadecimal digits separated by colons -- for example, 2001:0DB8:A1CD:1234:0000:48B3:4001:BA92. In this case, the segment consisting of 0000 can also be written with a single 0, and 0DB8 can be written as DB8 to omit the leading zero. Many conventions are available to shorten an IPv6 address when writing it.
How MAC and IP addresses work together
Any piece of internet software, such as a web browser or email client, directs data to a destination on the internet using the destination's IP address. For example, if a user wants to access a website via a web browser, they could enter the domain's IP address. Most people don't know a website's IP address, however, and use human-readable DNS names instead, which a DNS server translates into the corresponding address.
The source network software stack inserts the IP address information into the data packets and forwards the packets toward their destination. Internet routers move the packets from the source network to the destination network. Once the packets reach the destination network, the LAN translates the IP address to a MAC address using Address Resolution Protocol (ARP). It then adds the MAC address to the data stream and sends the data to the right device on the local network.
Local network switches maintain ARP tables that map IP addresses to MAC addresses. When a router sends the switch a packet with a destination specified by an IP address, it uses the ARP table to know which MAC address to attach to the packet when it forwards the data to the device as Ethernet frames.
Editor's note: This article was originally written by Chris Partsenidis. It has been updated by John Burke and TechTarget editors to improve the reader experience.
John Burke is CTO and principal research analyst with Nemertes Research. With nearly two decades of technology experience, he has worked at all levels of IT, including as an end-user support specialist, programmer, system administrator, database specialist, network administrator, network architect and systems architect. His focus areas include AI, cloud, networking, infrastructure, automation and cybersecurity.