tcpdump mailing list archives

Re: New LINKTYPE_ for EPON

From: Guy Harris <guy () alum mit edu>
Date: Wed, 23 Apr 2014 21:02:13 -0700


On Apr 22, 2014, at 2:29 PM, Guy Harris <guy () alum mit edu> wrote:

In addition, the code *still* has a preference to indicate whether the octet preceding the mode/LLID is just 0x55 or 
an encryption enabled/key ID field.  Either

      1) there should be *two* LINKTYPE_ values - LINKTYPE_EPON, in which that field is just part of the preamble, 
and LINKTYPE_DPON or LINKTYPE_CABLELABS_DPOE, in which it's an encryption enabled/key ID field

or

      2) if that field will *never* have the value 0x55 in a DPoE capture, and will *always* have the value 0x55 in a 
regular EPON capture, use that to determine what the field is.


According to

        http://www.cablelabs.com/wp-content/uploads/specdocs/DPoE-SP-SECv2.0-I03-140327.pdf

(BTW, 5 googolplex cheers to CableLabs for not putting their specifications behind a @#$%@@$$# paywall!), the octet 
before the LLID will always have the bit value 010101EK, where E is the "Enc", or "data transferred is cypher text" 
bit, and "K" is the "key identification number used to encrypt the frame", with the number in question being either 0 
or 1, obviously.

So a value of 0x55, i.e. 01010101, has the "data transferred is cypher text" bit clear, and the "key identification 
number" bit being 1 but presumably being *irrelevant*, as the "data transferred is cypher text" bit is clear and the 
frame is *not* encrypted.

Furthermore, the spec also says "When encryption is disabled, the DPoE System MUST set the 1Down security octet to a 
value of 0x55."

So is there any technical reason *not* to dissect the frame by:

        if that octet doesn't have the upper 6 bits as 010101, report it as an error;

        if that octet is 0x55, show it as a preamble octet, and treat the frame as not encrypted;

        if that octet is 0x54, report it as an error, as encryption is disabled but the security octet is *not* 0x55;

        if that octet is 0x56, report it as "encryption enabled, key ID 0", and treat the frame as encrypted;

        if that octet is 0x57, report it as "encryption enabled, key ID 1", and treat the frame as encrypted;

with no preference needed?
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Current thread:

New LINKTYPE_ for EPON Philip Rosenberg-Watt (Apr 18)
- Re: New LINKTYPE_ for EPON Guy Harris (Apr 18)
- <Possible follow-ups>
- Re: New LINKTYPE_ for EPON Guy Harris (Apr 21)
- Re: New LINKTYPE_ for EPON Guy Harris (Apr 21)
- Re: New LINKTYPE_ for EPON Guy Harris (Apr 22)
- Re: New LINKTYPE_ for EPON Guy Harris (Apr 22)
- Re: New LINKTYPE_ for EPON Guy Harris (Apr 23)
  - Re: New LINKTYPE_ for EPON Michael Richardson (Apr 23)
- Re: New LINKTYPE_ for EPON Guy Harris (Apr 23)
  - Re: New LINKTYPE_ for EPON Guy Harris (Apr 23)
  - Re: New LINKTYPE_ for EPON Philip Rosenberg-Watt (Apr 24)
    - Re: New LINKTYPE_ for EPON Guy Harris (Apr 24)
- Re: New LINKTYPE_ for EPON Guy Harris (Apr 24)
  - Re: New LINKTYPE_ for EPON Philip Rosenberg-Watt (Apr 25)