Re: [EFM] (EFM)a question about P2P
Xu Zhang thanks for your comments,
You are presenting an interesting security issue that we should
consider. However, I don't see how it relates to the decision of
p2p-emulation below MAC versus forwarding rules above the MAC.
A shared-emulation model sends just one copy of this packet in the
broadcast medium. The decision is what encryption key to use since
the destination is not known yet.
The p2p-emulation sends as many copies as virtual links. It can use the
key of the destination (since there is only one for each copy) in each
virtual link. However, this still means that all ONUs can see the copy
of the frame, but only one is the actual destination.
So both cases seem to be equivalent from this point of view.
Dolors
zhangxu wrote:
> Hi, Dolors:
>
> thanks for your september presentation, I am very interested about it. I think whether the P2P layer be put above the
> MAC layer or under the MAC layer is a very important question.
> I think if we put the P2P layer about the MAC layer then using filter layer to emulate P2P between different ONU,
> this can solve the problem that without PTP layer different OUN can't communicate each other in layer 2,
> but there is a question that we know downstream in PON is broadcasting nature, the ONU how to deal with the ethernet frame with unknown destination addr if the destination addr is an addr in another ONU range.
> traditional ethernet switch will forward the frame to all the other ports(because the destinaton addr is unknown), I think in EPON if we solve the problem like that is not suitable for the security problem, we must filter these packet out.
> where we can filter these packet out, I think under the MAC layer is more suitable,
> so I prefer put the P2P layer under the MAC layer.
>
> best regards
>
> xu zhang
> bu. tele. tech. Co, Ltd
> Email: zhangx@xxxxxxxx