GigaSMART Masking

Required License: Base

GigaSMART operations with Masking selected write over a specific portion of a packet with a specified one-byte pattern. Masking operations consist of an offset, length, and pattern as shown in Figure 1.

Figure 76 GigaSMART Operations Page with Masking Selected

The following table describes the fields.

Component

Description

Offset

Specifies where GigaSMART should start masking data with the supplied pattern. You can specify this in terms of either a static offset from the start of the packet or a relative offset from a particular protocol layer. This lets you automatically compensate for variable length headers, specifying a mask target in terms of a particular packet header.

Length

Specifies how much of the packet GigaSMART should mask. The specified one-byte pattern can be repeated to mask from 1-9600 bytes.

Pattern

Specifies what pattern GigaSMART should use to mask the specified portion of the packet. You can specify a one-byte hex pattern (for example, 0xFF).

Refer to the following when configuring GigaSMART operations with a Masking component:

Feature

Description

Protocol

The following are the protocols that you can select for from the protocol drop-down list:

o IPV4 – Mask starting a specified number of bytes after the IPv4 header.
o IPV6 – Mask starting a specified number of bytes after the IPv6 header.
o UDP – Mask starting a specified number of bytes after the UDP header.
o TCP – Mask starting a specified number of bytes after the TCP header.
o FTP– Identify using TCP port 20. Mask payloads using offset from the TCP header.
o https – Identify using TCP port 443. Mask payloads using offset from the TCP header.
o SSH – Identify using TCP port 22. Mask payloads using offset from the TCP header.

The GigaSMART-HC0 module can provide masking for GTP tunnels, provided the user payloads are unencrypted. Both GTPv1 and GTPv2 are supported – GTP' (GTP prime) is not supported. Keep in mind that only GTP-u (user plane packets) are masked. Control plane packets (GTP-c) are left unmodified.

o GTP – Mask starting a specified number of bytes after the outer GTP header.
o GTP-IPV4 – Mask starting a specified number of bytes after the IPv4 header inside the encapsulating GTP packet.
o GTP-UDP – Mask starting a specified number of bytes after the UDP header inside the encapsulating GTP packet.
o GTP-TCP – Mask starting a specified number of bytes after the TCP header inside the encapsulating GTP packet.

Masking Offset and Length

You can specify either a relative offset or a static offset for the masking pattern:

■   Static offsets begin masking a specific number of bytes from the start of the packet. Choose a static offset by setting Protocol to None and supplying an Offset from <0~9000> bytes. Zero (0) indicates the start of the Ethernet frame.
■   Relative offsets begin masking a specified number of bytes from the end of a particular header – IPv4, IPv6, and so on. Choose a relative offset by selecting any of the following values for the protocol argument and supplying an offset from the specified protocol header of <1~9000> bytes:

Note:  You can only mask one contiguous portion of a packet.

Recalculated CRC

GigaSMART automatically calculates a new Ethernet CRC based on the masked packet’s length and data, and uses it to replace the existing CRC. This way, analysis tools do not report CRC errors for masked packets.

Note:  IP or UDP checksum is not recalculated if masking is done on the existing IP or UDP checksum.

GigaSMART Trailer

Masking operations can optionally include the GigaSMART Trailer. If you do elect to include the GigaSMART Trailer, it will include the original packet length. Refer to GigaSMART Trailer Reference for details.

In Combination with Slicing

Masking operations can be assigned to GigaSMART groups consisting of multiple engine ports. Refer to Groups of GigaSMART Engine Ports for details.