macsec replay-protection enable
Use macsec replay-protection enable to enable MACsec replay protection on a port.
Use undo macsec replay-protection enable to disable MACsec replay protection on a port.
Syntax
macsec replay-protection enable
undo macsec replay-protection enable
Default
MACsec replay protection is enabled on the port.
Views
Ethernet interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
This feature allows a MACsec port to accept a number of out-of-order or repeated inbound frames.
If you execute this command on a port to which an MKA policy has been applied, the configuration overwrites the MACsec replay protection configuration in the MKA policy. The MKA policy application is removed from the port. However, other settings (settings for parameters except MACsec replay protection) of the MKA policy are effective on the port.
Examples
# Enable MACsec replay protection on Ten-GigabitEthernet 4/1/1.
<Sysname> system-view [Sysname] interface ten-gigabitethernet 4/1/1 [Sysname-Ten-GigabitEthernet4/1/1] macsec replay-protection enable
Related commands
display macsec
macsec replay-protection window-size
mka apply policy
replay-protection enable