Hello,
As Mathieu reported today, when randomizing only 24 bits of the MAC
a collision is basically assured. We can calculate the probability of a
collision out of a pool of c when there are n people by:
p(n; c) = 1 - ((c-1)/c)^(n*(n-1)/2)
If we are only randomizing 24 bits of MAC we end up with numbers
like this:
p(500, 2^24) = 0.0074
p(1000, 2^24) = 0.029
p(5000, 2^24) = 0.525 <-- worse than a coin flip
Even with only 500 people it's basically assured that there will be a
collision after a while. Whereas if we randomize 46 bits of MAC we end
up with numbers like this:
p(500, 2^46) = 0.0000000018
p(1000, 2^46) = 0.0000000071
p(5000, 2^46) = 0.0000001776
p(10000, 2^46) = 0.0000007105
p(30000, 2^46) = 0.00000639
The record for most simultaneous associations in a wi-fi network is
30,0000+ and even in that situation, assuming everyone is randomizing
MAC addresses it's still around 1:156000. Never say never but we can say
"highly unlikely."
Whereas if we only randomize 24 bits we can safely say "definitely assured".
I do not think this study group wants to come up with recommendations on
how to most assuredly screw up a network.
The critical issue is not whether someone temporarily sets his MAC address
to that "owned" by someone somewhere (and I am still not convinced that
purchasers of OUIs get them with the "local" bit set), the critical issue is
whether there will be collisions on the switched network. We do not need to
assure that a randomly chosen MAC address is unique in the world, we just
need to make it as unlikely as possible that that address is already used on the
same switched network. We can't make that assurance with only 24 bits
but we can with 46.
Please, let's abandon the idea of following 802.1's recommendations for
their small, local LAN randomized MAC scheme. It won't work in wireless
in the real world.