682
display mka policy
replay-protection enable
replay-protection window-size
validation mode
mka enable
Use
mka enable
to enable MKA on a port.
Use
undo mka enable
to disable MKA on a port.
Syntax
mka enable
undo mka enable
Default
MKA is disabled on a port.
Views
Ethernet interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
MKA establishes and manages MACsec secure channels on a port. It also negotiates encryption
keys used by MACsec.
The enabling of MKA on a port triggers MKA negotiation. After MKA negotiation succeeds, an MKA
session is successfully established.
Examples
# Enable MKA on GigabitEthernet 1/0/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] mka enable
Related commands
display mka session
mka policy
Use
mka policy
to create an MKA policy and enter its view, or enter the view of an existing MKA
policy.
Use
undo mka policy
to delete an MKA policy.
Syntax
mka policy
policy-name
undo mka policy
policy-name
Default
A system-defined MKA policy exists. The policy name is default-policy.