GPON (Gigabit-Capable Passive Optical Network) technology is an important technical branch in a passive optical network family, which is also a passive optical access technology using, similar to other PON technologies, point-to-multipoint topology.
GPON is composed of an office side OLT (optical line terminal), a user side ONU (optical network unit) and an ODN (optical distribution network), and uses commonly a point-to-multipoint network structure. The ODN is composed of a single mode optical fiber, an optical divider and an optical connector and other passive optical devices, providing an optical transmission medium for the physical connection between the OLT and the ONU.
To realize part of the management function of the OLT for the ONU, the G.984.3 standard of the ITU-T defines a PLOAM passage, by which the GPON transmits PLOAM messages to realize the management for a transmission collective layer, which includes ONU activation, the creation of an ONU management and control passage, encrypting configuration, key management and so on. The PLOAM message is transmitted in an upstream frame (the frame transmitted by the ONU to the OLT) and a downstream frame (the frame transmitted by the OLT to the ONU). Each downstream frame comprises a PLOAM message, and the OLT determines whether an upstream frame comprises a PLOAM message. The GPON defines 18 PLOAMd (physical layer operations, administration and maintenance downstream) messages transmitted by the OLT to the ONU, and 9 PLOAMu (physical layer operations, administration and maintenance upstream) messages transmitted by the ONU to the OLT. The formats of the PLOAM messages comprised in the downstream frame and the upstream frame are the same, as shown in FIG. 1.
The one-byte ONU identification (ID) in FIG. 1 is used to identify a specific ONU. During an activation process, each ONU obtains a number: ONU ID, the range of which may be from 0 to 253, and 255 is used to broadcast to all the ONUs; the one-byte message ID is used to identify the type of a PLOAM message; the Data of ten bytes are used to carry the payload of the GPON transmission collective layer message; the one-byte CRC is a frame check sequence, which will be discarded by the receiving end when the CRC is not correct.
The OLT transmits the PLOAMd to the ONU in the downstream frame. After receiving the PLOAMd message, the ONU firstly makes a CRC check, and discards the PLOAMd message when the result of the CRC check is wrong; if the check result is correct, the ONU judges whether the PLOAMd message is transmitted to itself according to the ONU ID in the PLOAMd message, if yes, the ONU performs the corresponding operation according to the Message ID in the PLOAMd and the content of the Data, and if not, the ONU discards the PLOAMd message. The OLT notifies the ONU whether to transmit the PLOAM message in the upstream bandwidth by the bit10 of the Flags domain of the allocation structure of the downstream frame, and if the bit is set to 1 by the OLT, the ONU transmits the PLOAM message in the upstream bandwidth, or else, the ONU does not transmit the PLOAM message in the upstream bandwidth.
The PLOAM message is transmitted in the form of clear text in a GPON system. Because the natural broadcast form is used in the downstream direction (from the OLT to the ONU), every ONU will receive all the PLOAM messages, obtain the PLOAM message belonging to itself according to the ONU-ID, and discard the PLOAM messages transmitted to other ONUs. If a malicious ONU which is reprogrammed exists in the network, the malicious ONU will monitor the PLOAM messages transmitted to other ONUs from the OLT. If the malicious ONU monitors the sequence number of a legal ONU, then the malicious ONU may complete its registration and activation process with the sequence number of the legal ONU after the legal ONU is powered down, thus causing an illegal ONU to be able to access the GPON system.
The PLOAM messages transmitted by the ONU in the upstream direction have two threats of illegal monitoring: if the optical divider in the GPON uses a 2: N spectrometer, as shown in FIG. 2, an illegal user can monitor the PLOAM messages transmitted by all the ONUs through the B port shown in the FIG. 2; the illegal user may also probe the upstream signal optical fiber in the way of, for example, bending the optical fiber, thereby monitoring the upstream messages. The security of the GPON system is threatened for the above reasons and thus the PLOAM messages need to be encrypted. While considering encrypting the PLOAM messages, it also needs to avoid occurrence of the case where the encrypted information is decrypted easily by the illegal users. If we encrypt the whole PLOAM message, the key information is easy to leak when the encryption is performed for the whole PLOAM message if part of fixed and unchanged content exists in the PLOAM message, or part of easily exhaustive content exists in the PLOAM message, thus making it easy for the illegal user to analyze and embezzle the information of other illegal users.
In conclusion, the format and transmission method for the PLOAM message defined by the GPON have the following problems:
1. each downstream frame could only transmit one PLOAM message to one ONU, and the efficiency of such a method for transmitting the PLOAM message is very low when a plurality of ONUs are connected in the GPON system, and the low efficiency is especially apparent when lots of PLOAMds need to be transmitted at the time when the ONU is registered or switched to a redundant path;
2. in general, four to five bytes on average in the Data domain of a PLOAM message carry no valid information, and the whole Data domain (ten bytes) of some PLOAM messages does not carry any useful information at all, such as the Request_Key PLOAMd message and the Dying_Gasp PLOAMu message, which causes the waste of upstream and downstream bandwidths in a certain degree;
3. the Data domain in the PLOAM message defined by the GPON is 10 bytes, making one PLOAM message not able to complete the transmission of a PLOAM message whose Data domain is bigger than 10 bytes;
4. some PLOAM messages carry two more kinds of information, and when the OLT or ONU needs only to transmit one kind of information of a certain PLOAM message, the transmitted PLOAM message carries part of invalid information, and the transmission mechanism is not flexible;
5. part of the PLOAM message can not be encrypted;
6. whenever an ONU takes over a GPON medium from another ONU, new PLOu data comprising an ONU ID must be transmitted, and because the ONU ID is also comprised in the PLOAMu message transmitted by the ONU, the ONU ID content in the PLOAMu message is redundant.