EUI-64 Process and Randomly Generated IPv6
After the client receives SLAAC or SLAAC with stateless Router Advertisement (RA) message, the client required to generate its own Interface ID. The client gets the prefix portion of the IP version 6 address from the Router Advertisement (RA) message; however, the RA message did not hold the information about the interface ID for the client. So, the client creates its own Interface ID. The Interface ID can be derived from the MAC address or a randomly generated 64-bit number.
EUI also known as EUI-64 process defined by IEEE, EUI is the abbreviation of Extended Unique Identifier. The process uses a client’s 48-bit Ethernet MAC address and inserts an extra 16 bits in the middle of the 48-bit MAC address to create a 64-bit Interface ID. Ethernet MAC addresses are represented in hexadecimal containing two parts:
- Organizationally Unique Identifier (OUI)– This is the first part of MAC address called OUI. An OUI is a 24-bit number which uniquely identifies a vendor or manufacturer of the device. The organizations purchased an OUI from the IEEE. The first three octets of a MAC address are Organizationally Unique Identifier (OUI).
- Device Identifier– The last three octets of the MAC address uniquely identify the device. It is also a 24-bit (6 hexadecimal digits) value within a common OUI. The device identifier bits assigned by the organization to their device.
A EUI-64 Interface ID has three parts represented in binary:
- 24-bits Organizationally Unique Identifier (OUI) from the client MAC address with a reversed 7th bit. For example, if the 7th bit of the OUI is 1, it becomes a 0, and vice versa in the EUI interface ID.
- 24-bits Device Identifier from the client MAC address
- Hexa decimal value FFFE (16 bits) between Organizationally Unique Identifier (OUI) and Device Identifier.
EUI-64 process using the MAC address of BC:78:ba:b1:f8:55.
- Get the mac address of the host or device for example in this case BC:78:ba:b1:f8:55
- Insert ff:fe in the middle: bc:78:ba:ff:fe:b1:f8:55
- Reorder the above hexadecimal digits in IP version 6 notation. bc78:baff:feb1:f855
- You can see that now it’s 4 hextet, convert the first octet from hexadecimal to binary: BC-> 10111100
- Flip the 7th bit: 10111100 ->10111110
- convert changed octet back to hexadecimal:01000111 ->BE
- Now change the first octet with new value one: bc78:baff:feb1:f855
- Insert the link-local prefix at the beginning : fe80:: bc78:baff:feb1:f855
Advantages and Dis-Advantages of EUI-64 Process
EUI-64 process is an easy way to find out that the address was likely created from the MAC address. We can easily locate FFFE in the middle of the Interface ID. We can also use the MAC address to find out the interface ID. The Network administrators also easily track an ID to an end-device using the unique MAC address. The main disadvantage of deriving IP version 6 address from the MAC address is privacy among users because packets can be traced to the actual physical computer. So, we can use a randomly generated Interface ID in its place.
Randomly Generated Interface IDs
We can also configure devices to use a randomly generated Interface ID instead of using the MAC address and the EUI-64 process, Depending on the operating system. For example, Windows Vista uses a randomly generated Interface ID instead of one created with EUI-64 process. Windows XP and previous Windows operating systems used EUI-64.
When Interface ID is established, both through the EUI-64 process or through random generation, it can be combined with an IP version 6 prefix in the RA message to create a global unicast address. To avoid IP address duplicate addressing the client can use DAD (duplicated address detection). This is similar to the Address Resolution Protocol (ARP) request for its own address.
December 4, 2020 @ 8:55 am
couldn’t a mac spoofer for ipv6 accomplish the same kind of thing?