主权项 |
1. A transmission device for a communications network, the transmission device comprising:
circuitry to buffer and schedule further processing of a frame for transmission; circuitry configured to determine a class of security processing to perform on the frame for transmission based on a source address, a destination address, a virtual local area network (VLAN) tag, and an Ethernet type (Etype), the class of security processing being determined from among a set of classes including standard media access control security (MACsec), single tag bypass MACsec, dual tag bypass MACsec, and Ethernet over multiprotocol label switching (EoMPLS) header bypass MACsec, and to signal the circuitry to buffer and schedule if security processing is to be performed on the frame based on the determined class of security processing; circuitry configured to apply security processing to the portion of the frame to generate a secured frame, the applied security processing excluding application of security processing of one VLAN tag of the frame for the single tag bypass MACsec class of security processing and the applied security processing excluding application of security processing of at least two VLAN tags of the frame for the dual tag bypass MACsec class of security processing, the security processing including adding an integrity check value (ICV) to the frame, the ICV covering portions of the frame excluding the one VLAN tag for the single tag bypass MACsec class of security processing and excluding the at least two VLAN tags for the dual tag bypass MACsec class of security processing; and circuitry configured to process the secured frame to calculate a frame check sequence (FCS) value for the secured frame and to generate an output signal for transmission to a communication network. |