configure macsec initialize ports
Description
Resets the MAC Security (MACsec) Key Agreement (MKA) protocol state machine on one or more ports and applies MACsec configuration changes to already enabled ports.
Syntax Description
| initialize | Selects resetting the MACsec Key Agreement protocol state machine. |
| ports | Specifies configuring ports. |
| port_list | Lists which ports to reset the MACsec Key Agreement protocol state machine on. |
Default
N/A.
Usage Guidelines
Issuing this command resets the MKA state machine, which in turn deletes any secured channels and their secure association keys (SAKs). This command is also used to apply MACsec configuration changes (mka actor-priority, include-sci, replay-protect, mka life-time) to an already enabled port. All traffic is blocked until MKA renegotiates a new set of keys and those keys are installed. For more information, see IEEE802.1X-2010 Clause 12.9.3 Initialization.
Example
configure macsec initialize ports 13
History
This command was first available in ExtremeXOS 30.1.
Platform Availability
This command is available on the following platforms.
Note
The MACsec feature requires the installation of the MAC Security feature pack license.| Platform | Ports |
|---|---|
| ExtremeSwitching 5320 | All ports of all models except stacking ports. |
| ExtremeSwitching 5420 | All ports of all models except stacking ports. |
| ExtremeSwitching 5520 | All ports, except 5520-VIM-4X and 5520-24X 10G ports |
| ExtremeSwitching 5720 | All ports of all models except stacking ports. |