[x]

Configuring MACsec > Configuring the MKA key server priority

 

 Next

Configuring the MKA key server priority

Configure an MKA key server priority for key server selection. The lower the priority value, the higher the priority.

In client-oriented mode, the access device port automatically becomes the key server. You do not have to configure the MKA key server priority.

In device-oriented mode, the port that has higher priority becomes the key server. If a port and its peers have the same priority, MACsec compares the secure channel identifier (SCI) values on the ports. The port with the lowest SCI value (a combination of MAC address and port ID) becomes the key server.

A port with priority 255 cannot become the key server. For a successful key server selection, make sure a minimum of one participant's key server priority is not 255.

To configure the MKA key server priority:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter interface view.

interface interface-type interface-number

N/A

3. Set the MKA key server priority.

mka priority priority-value

The default setting is 0.

prev

 

up

 next

Configuring a preshared key 

home

 Configuring MACsec protection parameters in interface view

© Copyright 2016 Hewlett Packard Enterprise Development LP