MAC Address Generator
Generate random MAC addresses with custom formats or analyze an existing address to view its OUI, bit flags, and derived addresses.
Random numbers are generated using the browser's cryptographic random number generator (crypto.getRandomValues) and are not sent to the server.
Decomposition
| Item | Value |
|---|
First Octet Bit Interpretation
| Bit | Name | Value | Meaning |
|---|
Other Notations ยท Derived Addresses
| Format | Value |
|---|
What is the MAC Address Generator?
A versatile online tool for generating random MAC addresses for testing, network simulation, or virtual environments. Create multiple addresses instantly, choosing formats like colon, hyphen, or Cisco-style dots, and selecting upper or lowercase. Go beyond simple randomization with advanced controls: set a fixed OUI prefix, or specify the U/L bit for Locally Administered Addresses (LAA) to avoid conflicts in virtualized settings. The tool also includes a powerful 'Analyze MAC' mode that deconstructs any MAC address, showing its OUI/NIC parts, bit-level flags (U/L, I/G), and conversions to EUI-64 and IPv6 Link-Local formats.
How to use
- Select either the '๐ฒ Generate' or '๐ Analyze MAC' mode at the top.
- To generate, set your desired 'Count', 'Separator', and 'Case'. You can also fix the first 3 bytes by entering a value in 'Fix OUI prefix (optional)'.
- For specific needs like virtual machines, use the 'U/L bit' dropdown to select 'Locally Administered (1)', or the 'I/G bit' for 'Multicast (1)'.
- Click the 'Generate' button. The list of MAC addresses appears in the result box.
- Use the 'Copy' button to copy all generated addresses to your clipboard, or 'Save' to download them as a .txt file.
- To analyze an address, switch to the '๐ Analyze MAC' tab, paste a MAC address into the input field, and its detailed breakdown appears instantly.
MAC Address Generator guide
How this tool is used in real work, and what to watch out for.
The U/L Bit โ This Tool's Most Important Setting
A MAC address is 48 bits long. The first 3 bytes are the OUI (Organizationally Unique Identifier) which identifies the manufacturer, and the last 3 bytes are a serial number assigned by the manufacturer. If you just pick 6 random bytes, you might accidentally overlap with a real manufacturer's OUI. This isn't a problem you can ignore just because it's improbable โ if a real device with that same MAC exists on your network, you'll experience intermittent connection drops that are notoriously difficult to debug.
This is why the specification has a built-in solution. By setting the second bit of the first octet (the U/L bit) to 1, the address becomes a "Locally Administered Address." The IEEE does not assign these ranges to manufacturers, which means they will never conflict with a real device. This is why "Locally Administered" is the default setting in this tool. If you're generating addresses for VMs, containers, or testing, you should leave it this way.
- Locally Administered Addresses (for unicast) have a first octet ending in x2, x6, xA, or xE. When you see a MAC like 02:1A:โฆ or 4A:3B:โฆ, you can read it as "this address was set manually."
- Choosing "Universal" creates a MAC in the manufacturer-assigned format, which can conflict with real devices. Only use this for tests where you need to mimic a specific manufacturer's OUI.
- Setting the I/G bit to "Multicast" creates a group address. It's not meant for individual devices and shouldn't be used as a NIC's MAC address.
Modern Phone MACs Change Constantly
Starting with iOS 14 and Android 10, a feature that uses a random MAC address instead of the real one when connecting to Wi-Fi is enabled by default. Furthermore, it uses a different address for each network (SSID) you connect to. This is a privacy measure to prevent devices from being tracked as they move between locations. All addresses generated this way have the Local Administered bit set โ the very same bit described above.
This change has broken several common practices in the field.
- MAC-based visitor and revisit analysis for retail Wi-Fi: The same person is counted as a new device every time they connect, inflating the numbers. This method is no longer reliable.
- MAC filtering whitelists on routers and apartment-wide internet: The device is denied access because its actual MAC doesn't match the registered one. You must guide users to turn off the "Private Wi-Fi Address" (iOS) or "Use randomized MAC" (Android) setting for that specific network.
- Static IP assignments via DHCP based on MAC address: The reservation becomes meaningless as the address changes.
Web Servers Cannot See a Visitor's MAC Address
In practice, developers are often asked to "collect visitor MAC addresses to identify their devices." This is impossible. MAC addresses are only meaningful on the same link (i.e., within the same switch or Wi-Fi network). The moment a packet crosses a router, the MAC address is replaced with that of the next hop. A server only ever sees the MAC address of the router directly in front of it.
In other words, a user's MAC address fundamentally cannot travel across the internet. Browsers do not have an API to access it. If you need to identify a device, the correct solutions are cookies, device tokens, or user authentication. When this request comes up, you should explain that it is technically impossible.
Usage in VMs and Containers
This is one of the most common use cases for this tool. When you clone a VM image, the MAC address is cloned along with it. If you bring both online on the same network, DHCP might assign them the same IP, or their communications will get tangled. After cloning, you must generate and assign a new MAC address.
Hypervisors use their own OUIs. VMware assigns addresses starting with 00:50:56, and VirtualBox uses 08:00:27. If you need to maintain that format, you can enter the value in the "Fix OUI prefix" field. This will fix the first 3 bytes and randomize only the last 3 bytes.
Why Are EUI-64 and IPv6 Link-Local Addresses Shown?
At the bottom of the "Analyze MAC" tab, you'll find the EUI-64 and IPv6 Link-Local addresses. In the early days of IPv6, a common way to create an interface ID was to derive it from the MAC address โ by inserting `FFFE` into the middle of the MAC to expand it to 64 bits and then inverting the U/L bit. The result is a link-local address that starts with `fe80::`.
The rule for inverting the bit is notoriously confusing, and manual calculations are often wrong. Use this feature when debugging IPv6 to confirm if "this link-local address" corresponds to "that device."
However, this method had a privacy problem: it left a hardware fingerprint in the IPv6 address, revealing that it was the same device connecting from anywhere. Because of this, modern operating systems now default to using temporary, randomly generated addresses. EUI-64 derived addresses are still seen on servers and network equipment but have become less common on user devices.
Frequently asked questions
Can I use these MAC addresses on a real network?
Yes, they are ideal for testing, VMs, and containers. To safely avoid conflicts with physical hardware, set the 'U/L bit' option to 'Locally Administered (1)' when generating. This ensures the address won't collide with manufacturer-assigned MACs.
What does the 'Analyze MAC' feature show?
It deconstructs a MAC address into its OUI (manufacturer) and NIC (device) parts, interprets the U/L and I/G bits, and shows other notations like Cisco-style. It also provides derived addresses, including EUI-64 and the corresponding IPv6 Link-Local address.
What are the U/L and I/G bits?
These flags define the address type. The U/L (Universal/Local) bit indicates if an address is manufacturer-assigned or locally administered (for VMs). The I/G (Individual/Group) bit shows if it's for a single device (unicast) or a group (multicast).
Is the MAC address I enter sent to a server?
No. This tool runs entirely in your browser. All generation and analysis calculations happen on your computer, and no data you enter or create is ever transmitted to our servers. Your network information remains completely private.