[x]

MACsec commands > mka apply policy

 

 Next

mka apply policy

Use mka apply policy to apply an MKA policy to a port.

Use undo mka apply policy to remove the MKA policy from a port.

Syntax

mka apply policy policy-name

undo mka apply policy

Default

No MKA policy is applied to the port.

Views

Ethernet interface view

Predefined user roles

network-admin

mdc-admin

Parameters

policy-name: Specifies the name of an MKA policy, a case-sensitive string of 1 to 16 characters.

Usage guidelines

An MKA policy defines MACsec parameters, including confidentiality offset, validation mode, replay protection, and replay protection window size.

When you apply an MKA policy to a port, the MACsec parameter settings in the policy overwrite the MACsec parameters previously configured on the port. Any modifications to the MKA policy take effect immediately.

When you remove the MKA policy from a port, the MACsec parameter settings on the port restore to the default.

When you delete an MKA policy, ports that use the policy automatically use the system-defined MKA policy default-policy.

When you apply a nonexistent MKA policy to a port, the port automatically uses the system-defined MKA policy default-policy. After you create the specified policy, the policy will be automatically applied to the port.

Examples

# Apply MKA policy abcd to Ten-GigabitEthernet 4/1/1.

<Sysname> system-view
[Sysname] interface ten-gigabitethernet 4/1/1
[Sysname-Ten-GigabitEthernet4/1/1] mka apply policy abcd

Related commands

confidentiality-offset

display mka policy

replay-protection enable

replay-protection window-size

validation mode

prev

 

up

 next

macsec validation mode 

home

 mka enable

© Copyright 2018 Hewlett Packard Enterprise Development LP