In traditional Ethernet (802.3 10BASE5) and Cheapernet (802.3 10BASE2) a coaxial cable provides the linear bus to which all nodes are connected. Signalling is accomplished using a current synch technique with a center conductor used for the signal and a shield used as a ground reference. Twisted pair Ethernet (802.3 10BASE-T) utilizes standard voice grade telephone cable, employing separate transmit and receive pairs. The system uses a star topology. At the center of a star is a repeater. The repeater performs signal amplitude and timing restoration. It takes the incoming bitstream and repeats it to all the ports connected to it. In this sense the repeater acts as a logical coaxial cable so that any node connected to the network will see another node's transmission. Differential signalling is employed with one pair acting as the transmit path and the other pair acting as the receive path.
While repeaters are used in traditionally wired coaxial Ethernet as a means to extend the networks physical distance limit, in the IEEE 802.3 10BASE-T, the standard mandates the use of a repeater to actually provide the connectivity function if more than two nodes are required. Although the physical signalling on the cabling differs, the functionality of the repeater is identical in either coaxial or twisted pair networks as is the frame or packet format that is used to pass messages between the participating nodes on the network.
The frame commences with a preamble sequence which is an alternating (1,0) pattern. The preamble provides a single frequency on the network, in this case 5 (MHz) at the start of each frame, which allows a receiver to lock to the incoming bitstream. This preamble sequence is then followed by a start of packet which indicates that the data portion of the message will follow. Either a start of frame delimiter (802.3) or synch sequence (Ethernet) is used to delineate the start of the data portion of the message. The next two fields are the destination address (DA) and the source address (SA) for the frame. Both are 48 bit values which are transmitted least significant bit (LSB) first.
The destination address is used by the receiving media access controller (MAC) to determine if the incoming packet is addressed to this particular node. If the receiving node detects a match between its own node address and the address within the DA field, it will attempt to receive the packet. Other nodes which did not detect a match will ignore the remainder of the packet.
Three types of destination addressing are supported by these standards.
1. Individual. The DA field contains an individual and unique address assigned to one node on the network.
2. Multicast. If the first bit of the DA field is set this indicates that the group address is being used. The group of nodes that will be addressed is determined by a higher layer function but in general the intent is to transmit a message between logically similar subset of nodes on the network.
3. Broadcast. The broadcast is a special form of multicast address where the DA field is set to all 1s. The address is reserved, and all nodes on the network must be capable of receiving a broadcast message.
The source address field is supplied by the transmitting media access controller (MAC), which inserts it own address into this field as the frame is transmitted indicating it was the originating station. The receiving MAC is not required to take action based on the SA field. The 2-byte length or type field follows the SA field. The choice of length or type is dependent upon whether the frame is compatible with the IEEE 802.3 Ethernet standard. The high order byte of the length type field is transmitted first with the LSB of each byte transmitted first. The data field contains the actual packet data that is being transferred and is between 46 to 1500 bytes in length.
A Logical Link Control (LLC) function is responsible for fragmenting data into block sizes suitable for transmission over the network. Data bytes are transmitted sequentially with the LSB of each byte transmitted first. Finally, the frame check sequence (FCS) is a four-byte field that contains the cyclic redundancy check (CRC) for the entire frame. The CRC is computed by the transmitting station on the destination address, source address, length/type, and data field and appended as the last four bytes of the frame. The same CRC algorithm is used by the receiving station to compute the CRC value for the frame as it is received,
The value computed at the receiver is compared with that appended by the transmit station providing an error detection mechanism in the case of corrupted data. The CRC bits within the FCS are transmitted in the order most significant bit to least significant bit. Referring now to FIGS. 1 and 2, what is shown is the frame format for an IEEE 802.3 Standard compliant frame and an Ethernet frame, respectively. The primary difference as can be seen from the figures is that the start of frame delimiter (SFD) for 802.3 is defined as a byte that has a "1,0, 1,0, 1,0, 1,1" pattern whereas the start frame (synch) of Ethernet is a "1,1" sequence. However, it is seen in both cases the preamble plus the start of frame indication is a total of 64 bits long.
802.3 and Ethernet standards both specify that a packet must be in the range of 64-1518 bytes. However, the actual data field in the 802.3 system is permitted to be smaller than the 46 byte value that is necessary to ensure this minimum size. This is handled by requiring the media access control layer to append pad characters to the LLC data field before sending data over the network. The Ethernet standard assumes that the upper layer ensures that the minimum data field is 46 bytes before passing data to the MAC and the existence of these appended characters is unknown to the MAC. The 802.3 standard also uses a length field which indicates the number of data bytes that are on the data field only. Ethernet, on the other hand, uses a type field in the same two bytes to identify the message protocol type. Since valid Ethernet type fields are always assigned outside of the valid maximum 802.3 packet length size, both 802.3 and Ethernet packets can coexist on the same network.
Hence, it has been found that it is important to be able to provide security in such networks for a variety of reasons, more particularly for repeaters in such networks it is important to prevent ports of such repeaters from receiving certain data while other ports may be able to receive such information. For example, authentication may be required to ensure that the appropriate nodes on the network receive the information.
Typically, repeaters have been devices that are just used for signal amplitude and timing restoration. In all of the above-mentioned modes the repeater must also be provided with the capability to detect and interpret data and fields within it.
The present invention addresses the need for this type of device.