Okay, network theory and protocol questions for you guys:
Assuming a router is using NAT, is a device's MAC address every actually exposed to the Internet? Or, does the router transmogrify (wow, spell-check didn't have a problem with that word, I always thought it was just a Calvin and Hobbes term) the MAC like it does with the source device's IP address?
I seem to remember from classes that once the packet hits the network router the router substitutes its IP and MAC info in there, slaps a frame on it and then kicks it out onto the web in the general direction of the closest IP match. However, a thread that I read on another site indicated that the MAC address changed with every hop!
While that may be nice for privacy issues (no real way to tell what the original device/routers MAC was from an arbitrary point along the hops), it doesn't really seem to make sense that both the IP and MAC would need to be stripped each time.
Best Answer
A mac address is only relevant to the local broadcast domain (vlan, subnet). The source MAC address on each packet is the MAC address of the device that emitted the packet onto the local network.
It is a layer 2 address. So it isn't so much the router "substitutes" its own MAC address, the only possible (for the sake of this discussion) mac address that can be on a packet emitted from the router is the mac address of the interface on the router that the packet originated when put out onto the internet.
Note that the router mac address is only present in the packet until it reaches the next hop - the next router. At that point the packet is routed, exits the ISP router, and has the MAC address of the ISP router interface.
None of this is about security or privacy, it is the difference between how layer 2 and layer 3 networking works.