In Ethernet systems, each Ethernet interface has its own medium access control (MAC) address, which is used as the source address for frames sent from the interface and is the destination address to which frames for the interface are sent. Typically, Ethernet LANs are inter-connected via hubs or switches. Hubs and switches do not translate MAC addresses, so all frames with the destination address of the interface must go through the designated MAC device, thus creating a single point of failure.
The IEEE 802.3-2002 Standard defines Link Aggregation Groups to provide a larger aggregated bandwidth, load sharing, and link redundancy. These groups can be used to provide link redundancy, but still use a single MAC device with a single aggregator MAC address. Thus, there is still a single point of failure at the MAC device, so complete Ethernet redundancy is not provided.
Ethernet LANs are interconnected using bridges. One approach to Ethernet redundancy is to use a modified bridge that is capable of translating MAC addresses upon detection of an interface failure. There are some problems with this approach. First, Ethernet bridge protocols do not support this kind of failure processing. Second, an Ethernet bridge does not have enough fidelity in its failure detection to know precisely what failed and how to fix the failure. An Ethernet bridge only knows that the MAC address is no longer reachable through the port. Ethernet bridges may be reconfigured through spanning tree protocols to find a new path, but Ethernet bridges do not support reconfiguring interfaces for MAC address translation.
Another approach to avoiding the aforementioned single point of failure is to swap addresses in the MAC chip, thus having a different MAC chip serve the interface. This can lead to some problems during switch-over. If the second port is enabled before the first port is disabled, hubs and switches tend to lock up with protocol violations due to having two ports with the same MAC address. Ethernet protocols do not support removing the first link from the tables when the link failure occurs. Instead, Ethernet protocols must wait for the path to time out. These time-outs can be lengthy, thus leading to a significant amount of data loss.
Also, there is a potential for looping to occur when there are duplicate MAC addresses. Looping is a problem in Ethernet bridges, since packets get replicated on all interfaces. If there is a loop, the replication may repeat until all bandwidth is consumed. Spanning Tree Protocol (STP) and its rapid reconfiguration descendant, Rapid Spanning Tree Protocol (RSTP), were developed to eliminate loops. These protocols use a subset of the physical interconnections to form a tree spanning the entire network without loops. The protocols eliminate duplicate paths, so a hot second path tends to be eliminated by spanning tree protocols.
When security software sees duplicate MAC addresses, the security software sees this as a penetration by an unauthorized user. Thus, the approach of changing MAC addresses can also lead to security alerts.
Therefore, there is a need in the art for improved Ethernet redundancy. In particular, there is a need for an effective way to overcome single point MAC device failures.