If I’m creating a whitelist for a mobile device on my network and that device is using a randomized MAC, is it going to work at all? How are randomized MACs not a nightmare on small networks?
You must log in or # to comment.
Both Android and IOS usually assign a single random MAC address per network, reusing that MAC each time it connects.
I have found this to be a bit unreliable, with some devices changing their MAC after around 6 months. I tend to disable random MAC for my devices on home networks; mostly because I assign every known device on my network a fixed IP via DHCP reservations.
For IOS devices, by default has “fixed” randomized MAC per network, i.e. each Wireless network you join sees a different MAC, but they’ll stay the same even if you leave and re-join (or even delete and re-add). So, it should not hamper MAC filtering since your AP will see the same MAC from the same device, unless you’re running more elaborate setups like multiple APs (I don’t know how IOS treats that).
This can be changed on a per-network basis in any case, so it is possible to turn it off on the device just for your home network.
Because the MAC address isn’t a part of the tcp/ip exchange. You’re specifically addressing TCP/IP only.
If you’re trying to block something by MAC address, you’re doing it wrong.
I see. Thanks.
What other way is there if the the IP is dynamic. I thought to create a whitelist for devices I had to add the client’s MAC to the custom group. It seems to work fine so far. I was just concerned that it wouldn’t continue to work if the iPhone changed its MAC.
That person is missing the point that a randomized MAC will often get a different DHCP lease, and the MAC address is used in that, so the IP address will change.
On a trusted Wi-Fi network, disable MAC randomization on your clients, and if possible reserve an IP address for their non-random MAC address. Some devices have deterministic random per WiFi network, which could also work. In iOS this is WiFi network -> private WiFi address “fixed”. “Rotating” would cause your pihole problems.
Assuming Android, you’ll want to deselect randomized MAC for your wifi. No reason to randomize on a trusted network. You can turn it off on a per network basis.
It’s a Boolean setting on Android, and there is no reason to change this. OP doesn’t understand networking.
Eh, in pihole mac or ip address is a valid way to add a device to a group so you can give it a different policy. I have multiple access points but they’re not meshed so if I randomized I’d have to have multiple client entries for a single device. Or turning off randomization for my trusted networks means just 1 client entry.
🤦
Sure, bud. Read up the chain.
At what point do imagine that DHCP is not in play here?
Y’all keep talking about randomized MAC like it’s a tool of anonymity or something. Wow.
Are you okay? They asked a very specific question and you’re coming in with answers that don’t matter.
When did I say anything about dhcp or mention randomized mac being a silver bullet for privacy? Your opinion on how effective it is or isn’t has nothing to do with the fact that they can turn it off for their network and it will solve the issue they’re asking about.
