A method and apparatus for filtering data packets in a shared-medium or point-to-multipoint communications network. A filter unit is sent a data packet carrying a filter tag value in a packet addressed to the filter unit. The value is stored in the filter unit and subsequently received packets not addressed to the filter unit itself are forwarded only if they carry the stored filter tag. An embodiment of particular interest applies the method to Ethemet frames over a telecommunications access network (including optical or wireless networks), and uses the VLAN tag field to carry the filter tag information.
A network repeater apparatus connected to a plurality of networks is provided which includes a VLAN tag addition section (15) or a VLAN tag rewrite section (17) that performs prescribed VLAN tag processing with respect to a communication packet based on prescribed information of the communication packet when the communication packet is input from any one among a plurality of networks, an address translation section (16) that translates a source address of the communication packet based on the prescribed information, and an input and output section (11) that outputs to a prescribed virtual network a communication packet which has been subjected to at least either one of processing by the VLAN tag addition section (15) or the VLAN tag rewrite section (17) or address translation by the address translation part (16), whereby access can be made to a common device while ensuring security between the networks.
A system and method for VLAN configuration of an E-PON converts physical ONU port information to logical OLT port information to construct profile information of the logical OLT system and VLAN membership information based on the logical OLT port, and provides a VLAN service to the users of an optical subscriber network. Accordingly, the present invention allocates the users in the ONU systems belonging to the same OLT port to different VLAN groups, provides enhanced VLAN services for the E-PON users, causes the OLT to perform functions of managing the profile of the ONU systems and transferring information among the users of the ONU systems, and causes the ONU systems to operate as terminals performing a multiplexing/demultiplexing function rather than as a conventional two-layer switch.
Techniques are described for dynamically building an Ethernet virtual local area network (VLAN) interface in a network device. The techniques allow dynamic building of a second VLAN interface over a first VLAN interface statically built over an Ethernet port configured to support dynamic VLANs in a network device. A network device may receive a plurality of Ethernet packets from subscriber devices and dynamically build a second VLAN interface over the first VLAN interface for each of the subscribers. Once the second VLAN interface is built, the network device dynamically builds interface columns over the second VLAN interface for each protocol associated with the Ethernet packets. The network device may then authenticate a user associated with the plurality of Ethernet packets. Once the user has logged out of the network device, the network device may tear down the interface columns while persistently maintaining the corresponding second VLAN interface.
