IP Address vs MAC Address - What's the Difference?
IP addresses and MAC addresses are both used to identify devices on networks, but they operate at different layers of the network stack, serve different purposes, and have fundamentally different scopes. Confusing the two is common - This article explains exactly what sets them apart.
Side-by-Side Comparison
| Property | IP Address | MAC Address |
|---|---|---|
| OSI Layer | Layer 3 - Network | Layer 2 - Data Link |
| Format | IPv4: 4 decimal octets (e.g. 192.168.1.1) / IPv6: 8 hex groups | 6 hex octets separated by colons (e.g. 00:1A:2B:3C:4D:5E) |
| Length | IPv4: 32 bits / IPv6: 128 bits | 48 bits (6 bytes) |
| Scope | Global (public IP) or local subnet (private IP) | Local network only - Not routable beyond the local segment |
| Assigned by | ISP (public) or DHCP server/router (private) | Burned into NIC hardware by manufacturer; can be spoofed |
| Changes on reconnect? | Private IP may change (DHCP); public IP set by ISP | Hardcoded unless MAC randomisation is active |
| Visible to the internet? | Yes (public IP) | No - Never leaves the local network segment |
| Used for | Routing packets across networks | Delivering frames within a local network (ARP) |
How They Work Together
When you send a packet to a remote server, your device uses the IP address to route the packet through multiple networks to reach the destination. Within each local network segment, ARP (Address Resolution Protocol) maps IP addresses to MAC addresses so the router knows which physical device to send frames to. The MAC address is stripped and rewritten at each router hop via NAT - Only the IP addresses travel end-to-end.
MAC Randomisation for Privacy
- Modern iOS (14+), Android (8+), and Windows 10+ randomise MAC addresses per Wi-Fi network by default to prevent tracking across locations.
- A fixed MAC address can be used by Wi-Fi access points and ISPs to track your device across sessions, even if your IP changes.
- MAC addresses can be spoofed in software - A process called MAC cloning - Which is legal and sometimes used to bypass MAC-based access controls.
- Your MAC address is never visible to websites you visit - It stays within your local network and is not transmitted in IP packets.
Where Each Address Lives in the OSI Model
| OSI Layer | Name | Addressing Used | Example Protocols |
|---|---|---|---|
| 7-5 | Application / Presentation / Session | Domain names, URLs, ports indirectly | HTTP, TLS, DNS |
| 4 | Transport | Port numbers | TCP, UDP |
| 3 | Network | IP addresses - End-to-end, across networks | IPv4, IPv6, ICMP |
| 2 | Data Link | MAC addresses - One hop, within a segment | Ethernet, Wi-Fi (802.11), ARP |
| 1 | Physical | None - Raw bits on the wire or airwaves | Cabling, radio |
The packet you send keeps the same source and destination IP from your device to the final server, but its Layer 2 framing - The MAC addresses - Is discarded and rebuilt at every router along the path. That is the whole relationship in one sentence: IP addresses travel the journey, MAC addresses only ever cross one room.
ARP: The Glue Between the Two
How ARP resolves an IP to a MAC
When your laptop needs to reach 192.168.1.1, it broadcasts an ARP request to the whole local segment: "Who has 192.168.1.1?" The device owning that IP replies with its MAC address, the laptop caches the answer in its ARP table, and frames flow directly. You can inspect this table yourself with arp -a on Windows, macOS, and Linux - It lists every IP-to-MAC mapping your machine currently knows.
Why ARP matters for security
ARP has no authentication, so a malicious device on the same network can answer ARP requests with its own MAC for the router's IP - ARP spoofing - And silently sit in the middle of your traffic. This is one of the classic risks of untrusted networks covered in public Wi-Fi privacy, and it is why encrypted connections matter even on a local network.
Which One Identifies You - And to Whom?
The privacy implications split cleanly. Your public IP identifies you to every website and service you contact - Run an IP lookup to see what it reveals. Your MAC address identifies your device only to the local network operator: the coffee shop, hotel, or office whose Wi-Fi you join. That is why the defences differ too - A VPN masks the IP from remote services, while MAC randomisation masks the hardware identity from local venues. Using both covers both audiences.
What This Means for You
You rarely need to manage either address by hand, but knowing the split saves real troubleshooting time. "Two devices fighting over an address" and router DHCP reservations are MAC-and-private-IP territory inside your home. Geo-blocks, bans, and website tracking are public-IP territory on the internet. When a guide tells you to whitelist a device on your router, it wants the MAC; when a service blocks your country, no MAC setting will ever help. Keep MAC randomisation on for public networks, and reach for IP-level tools when the problem lives beyond your router.
Frequently Asked Questions
Can a website see my MAC address?
No. MAC addresses exist only in the Layer 2 frames of your local network segment and are stripped at the first router. Websites see your public IP, browser headers, and fingerprintable browser traits - Never the hardware address of your network card.
Do I have one MAC address or several?
One per network interface. A laptop typically has separate MAC addresses for Wi-Fi and Ethernet, plus a Bluetooth address, and modern systems generate additional randomised Wi-Fi MACs per network. Your IP situation mirrors this: each active interface holds its own IP addresses too.
Can two devices share a MAC address or an IP address?
Not on the same network without breakage. Duplicate private IPs cause an address conflict, and duplicate MACs on one segment make switches deliver frames unpredictably. Across different networks, duplicates are harmless - Private IP ranges repeat in every home, and spoofed MACs only matter locally.