I want to build a unidirectional comminucation. In transportation layer of this device, it needs a one-way media to send data from side A to side B.
All commercial products use SFP. I tested some SFP devices but they have negotiation between the two sides and cutting RX fiber is not possible.
Is it possible to implement One-way connection with CAT5 cable?
SideA { tx --> rx } SideB
Answer
One-way Ethernet cables won't work with Gigabit network equipment and later, because without a return path the autonegotiation sequence will never complete. You'll see a "Network cable unplugged" or an equivalent message on both devices if you try to use such a cable.
Older Ethernet devices won't work with simple one-way cables either, but can be fooled to do so. This website has practical instructions for building suitable cables. In the essence, you'll have to do something like this:
SideA SideA HUB PORT
------- ------- -------
x x r r x x r r r r x x
6 3 1 2 6 3 2 1 1 2 3 6
| | | | | | | | | |
| +-/ | | | | \-------------/ |
| | | OR | | \-----------------/
+-|---/ | |
| | | |
| | | |
| | | |
6 3 2 1 6 3 2 1
r r x x r r x x
------- -------
SideB SideB
The extra Hub port is needed to provide voltage over the RX pair of SideA, to fool it into believing there's a transmitter on the other end.
If none of the above works, or you cannot disable auto-negotiation, the next best thing is to implement two Ethernet-enabled devices with a one-way data path between them. For example, a couple of Ethernet PICs with a unidirectional UART in between should be able to do the trick.
One thing you should ask yourself before you proceed is whether you really need a data diode. Here's what the experts say:
Most organizations don’t need a new protection technology like data diodes. [...] Assuming the [firewall] rules only allow inside-out, UDP-based communication, and there is no misconfiguration in the firewall, I can’t recall a firewall exploit that would allow an external attacker to gain access into the CCA perimeter.
No comments:
Post a Comment