|
NAME | SYNOPSIS | DESCRIPTION | EXAMPLES | SEE ALSO | AUTHOR | COLOPHON |
|
IP-MACSEC(8) Linux IP-MACSEC(8)
ip-macsec - MACsec device configuration
ip link add link DEVICE name NAME type macsec [ [ address <lladdr> ]
port PORT | sci <u64> ] [ cipher { default | gcm-aes-128 } ] [ icvlen
ICVLEN ] [ encrypt { on | off } ] [ send_sci { on | off } ] [
end_station { on | off } ] [ scb { on | off } ] [ protect { on | off
} ] [ replay { on | off } ] [ window WINDOW ] [ validate { strict |
check | disabled } ] [ encodingsa SA ]
ip macsec add DEV tx sa { 0..3 } [ OPTS ] key ID KEY
ip macsec set DEV tx sa { 0..3 } [ OPTS ]
ip macsec del DEV tx sa { 0..3 }
ip macsec add DEV rx SCI [ on | off ]
ip macsec set DEV rx SCI [ on | off ]
ip macsec del DEV rx SCI
ip macsec add DEV rx SCI sa { 0..3 } [ OPTS ] key ID KEY
ip macsec set DEV rx SCI sa { 0..3 } [ OPTS ]
ip macsec del DEV rx SCI sa { 0..3 }
ip macsec show [ DEV ]
OPTS := [ pn { 1..2^32-1 } ] [ on | off ]
SCI := { sci <u64> | port PORT address <lladdr> }
PORT := { 1..2^16-1 }
The ip macsec commands are used to configure transmit secure
associations and receive secure channels and their secure
associations on a MACsec device created with the ip link add command
using the macsec type.
Create a MACsec device on link eth0
# ip link add link eth0 macsec0 type macsec port 11 encrypt on
Configure a secure association on that device
# ip macsec add macsec0 tx sa 0 pn 1024 on key 01 81818181818181818181818181818181
Configure a receive channel
# ip macsec add macsec0 rx port 1234 address c6:19:52:8f:e6:a0
Configure a receive association
# ip macsec add macsec0 rx port 1234 address c6:19:52:8f:e6:a0 sa 0 pn 1 on key 00 82828282828282828282828282828282
Display MACsec configuration
# ip macsec show
ip-link(8)
Sabrina Dubroca <sd@queasysnail.net>
This page is part of the iproute2 (utilities for controlling TCP/IP
networking and traffic) project. Information about the project can
be found at
⟨http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2⟩.
If you have a bug report for this manual page, send it to
netdev@vger.kernel.org, shemminger@osdl.org. This page was obtained
from the project's upstream Git repository
⟨git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/iproute2.git⟩
on 2018-02-02. (At that time, the date of the most recent commit
that was found in the repository was 2018-01-29.) If you discover
any rendering problems in this HTML version of the page, or you
believe there is a better or more up-to-date source for the page, or
you have corrections or improvements to the information in this
COLOPHON (which is not part of the original manual page), send a mail
to man-pages@man7.org
iproute 07 Mar 2016 IP-MACSEC(8)
|
HTML rendering created 2018-02-02 by Michael Kerrisk, author of The Linux Programming Interface, maintainer of the Linux man-pages project. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH.
|
|