Resets the MAC Security (MACsec) Key Agreement (MKA) protocol state machine on one or more ports and applies MACsec configuration changes to already enabled ports.
initialize | Selects resetting the MACsec Key Agreement protocol state machine. |
ports | Specifies configuring ports. |
port_list | Lists which ports to reset the MACsec Key Agreement protocol state machine on. |
N/A.
Issuing this command resets the MKA state machine, which in turn deletes any secured channels and their secure association keys (SAKs). This command is also used to apply MACsec configuration changes (mka actor-priority, include-sci, replay-protect, mka life-time) to an already enabled port. All traffic is blocked until MKA renegotiates a new set of keys and those keys are installed. For more information, see IEEE802.1X-2010 Clause 12.9.3 Initialization.
configure macsec initialize ports 13
This command was first available in ExtremeXOS 30.1.
This command is available on the following platforms.
Note
The MACsec feature requires the installation of the MAC Security feature pack license.Platform | Ports | LRM/MACsec Adapter Required? |
---|---|---|
ExtremeSwitching X460-G2-24p-24hp, X460-G2-24t-24ht switches | Half-duplex, 1G ports (25–48) | No |
All other SFP/SFP+ ports * | Yes | |
ExtremeSwitching X450-G2, X460-G2, X670-G2, X440-G2, X590, X620, X690, and X695 series switches | SFP/SFP+ ports * | Yes |
ExtremeSwitching X465 |
X465-24W, X465-24XE: ports 1–24 X465-48T, X465-48P, X465-48W, X465i-48W: ports 1–48 X465-24MU-24W: ports 25–48 VIM5-4XE: all 4 ports VIM5-4YE in X465-24MU, X465-24MU-24W switches: all 4 ports VIM5-4YE in X465-24W, X465-48T, X465-48P, X465-48W, X464.24S, X465-24S, X465i-48W: first 2 ports only |
No |
ExtremeSwitching 5420 | All ports of all models except stacking ports. | No |
ExtremeSwitching 5520 | All ports, except 5520-VIM-4X and 24X 10G ports | No |
Note: * For ExtremeSwitching X460-G2
series switches, the VIM-2X option does not support the
LRM/MACsec Adapter.
|