Ethernet is a packet-based data link layer protocol that is primarily used in LAN (Local Area Networks) but also increasingly in public broadband access networks and is specified in the standard IEEE 802.3. According to the protocol, data is transmitted in Ethernet frames. The format of a typical Ethernet frame 10 appears from FIG. 1. In each frame the first 64 bits are used only for synchronization, including a preamble 11 of 56 bits and a start of frame delimiter (SFD) field 12 of 8 bits. Fields 13, 14 and 15 for a destination address, a source address, and a length/type identifier follow the synchronization bits. In a next field 16 media access control (MAC) client data and if necessary, any extra bits (PAD) and this field may totally vary in length from 46 to 1500 octets of bits. A field 17 for a frame check sequence (FCS) adds four more octets. The frame size is generally given by the bits from and including the field 13 for the destination address up to and including the field 17 for the FCS, inclusive, and thus may vary between 64 and 1518 octets, not including an extension 18 field. For a virtual local area network (VLAN) tagged frame, four additional octets 19 of bits are inserted after the field 14 for the source address.
In conventional LANs using Ethernet each terminal connected in the LAN has a layer 2 MAC address, set by the Ethernet board itself or by the user of the terminal. This address is used for identifying the terminal in forwarding data to the terminal. In Ethernet based access networks the MAC address must be unique within the access network domain. In the address fields 13, 14 of an Ethernet frame the MAC addresses of the destination terminal or terminals and of the source terminal, respectively, are given.
In FIG. 2 the format of the six octets for an example of such an MAC address is shown. The format of the example is for the specific case of a globally administered, total MAC address as defined in the IEEE standard 802-1990, such an MAC being globally unique. The first three octets, octets Nos. 1-3, form a field 20 for an organizationally unique identifier (OUT), bit No. 8 of the first octet excepted. Each OUI is owned by and specific to a single individual organization, manufacturer or vendor that is responsible for ensuring uniqueness of the MAC addresses of units produced or provided by it, for example of network boards. Each such organization, manufacturer or vendor also assigns each such unit unique MAC address that is specific or individual to the respective unit and is located in the field 21 of the three remaining octets Nos. 4-6 of the total address field. Inside the field 20 for the OUI, in the first octet thereof, bit No. 7 is a subfield 22 in which is indicated whether the address is a globally administered or locally administered address. A zero (0) in this field indicates a globally administered address, whereas a one (1) indicates a locally administered address. Bit No. 8 of the same octet is reserved for a field 23 in which is indicated whether the address is an individual or a group address. A zero (0) in the field 23 indicates an individual address, i.e. a unicast address, whereas a one (1) indicates a group address, i.e. a multicast address. The globally administered MAC address of a unit or device intended for use in Ethernet networks is usually stored in some read-only or nonvolatile memory of the unit or device where it can be accessed by e.g. some device driver.
Generally, subscribers, i.e. the users of the terminals, can themselves easily change the MAC addresses of their terminals used when connecting to an Ethernet network. The MAC addresses that are actually used can thus be different from the globally administered MAC addresses of the terminals discussed above. A consequence of this fact is that in a network multiple devices may appear having identical MAC addresses, either intentionally, called “MAC spoofing”, or by accident. Hence, the MAC address of a terminal as actually used is in the general case not usable for identification of the subscriber to which the terminal belongs.
To counter this problem, a functionality called virtual MAC (VMAC) addresses can be used, in which the MAC address of each terminal is in an access node mapped to a unique, locally generated MAC address, called the VMAC address of the terminal, such a VMAC address identifying both the terminal and the access node to which the terminal is currently directly connected.
The use of virtual MAC addresses, which are a form of locally administered MAC addresses, in Ethernet access networks is described in e.g. the published U.S. patent application No. 2004/0141468, corresponding to the published International patent application No. WO 2004/066589, these patent applications being incorporated by reference herein. In those patent applications a general method is disclosed using an address format outlined in FIG. 3, which provides 16 bits for uniquely identifying an end-user and associated MAC addresses, in octets Nos. 2 and 3, of an address field 13, 14. In the cited patent applications it is further exemplified how the 16 bits of these bytes are used for DSL (Digital Subscriber Line) access and for fiber or CAT5 access technologies. For traceability, it is suggested to include an identification of the physical port of the access node to which the end user is connected as part of these bits (line field). Furthermore, the first six bits of the first octet form a field in which a domain for locally administered, virtual MAC addresses is defined. The organizationally assigned unit unique MAC address specific to the access node is located in the field formed by octets Nos. 4-6.
Another reason to use VMAC addresses is that for increased security the MAC address of a terminal should not be used in the Ethernet access network, i.e. the original MAC address should not be revealed. This further limits the possibility to do MAC spoofing. Furthermore, there today exists a large interest from operators, standardization bodies and equipment manufacturers to use wireless access technologies in broadband access applications. Such wireless technologies can be integrated with the fixed broadband access networks. One example is IEEE 802.16 base stations used for fixed wireless access as a complement to DSL access and integrated in such access networks.