confidentiality-offset

Configure the confidentiality offset to specify the number of unencrypted bytes that precede MACsec encryption. Valid values are 30 and 50. Configuring the offset to 30 enables an IPv4 header and TCP/UDP header to remain unencrypted, while configuring the offset to 50 enables an IPv6 header and TCP/UDP header to remain unencrypted.

Syntax

Command Parameters

<30 | 50>
Specifies the bytes after the Ethernet header from which data encryption begins.

Default

The default is no confidentiality offset.

Command Mode

MKA Profile Configuration mode

Usage Guidelines

This command does not apply to all hardware platforms. For more information about feature support, see Fabric Engine and VOSS Feature Matrix.