configure macsec initialize ports

configure macsec initialize ports port_list

Description

Resets the MAC Security (MACsec) Key Agreement (MKA) protocol state machine on one or more ports and applies MACsec configuration changes to already enabled ports.

Syntax Description

initialize Selects resetting the MACsec Key Agreement protocol state machine.
ports Specifies configuring ports.
port_list Lists which ports to reset the MACsec Key Agreement protocol state machine on.

Default

N/A.

Usage Guidelines

Issuing this command resets the MKA state machine, which in turn deletes any secured channels and their secure association keys (SAKs). This command is also used to apply MACsec configuration changes (mka actor-priority, include-sci, replay-protect, mka life-time) to an already enabled port. All traffic is blocked until MKA renegotiates a new set of keys and those keys are installed. For more information, see IEEE802.1X-2010 Clause 12.9.3 Initialization.

Example

The following example resets the MACsec Key Agreement protocol state machine on port 13:
configure macsec initialize ports 13

History

This command was first available in ExtremeXOS 30.1.

Platform Availability

This command is available on the following platforms.

Note

Note

The MACsec feature requires the installation of the MAC Security feature pack license.
Platform Ports
ExtremeSwitching 5320 All ports of all models except stacking ports.
ExtremeSwitching 5420 All ports of all models except stacking ports.
ExtremeSwitching 5520 All ports, except 5520-VIM-4X and 5520-24X 10G ports
ExtremeSwitching 5720 All ports of all models except stacking ports.