mka policy
Use mka policy to create an MKA policy and enter its view, or enter the view of an existing MKA policy.
Use undo mka policy to delete an MKA policy.
Syntax
mka policy policy-name
undo mka policy policy-name
Default
A system-defined MKA policy exists. The policy name is default-policy.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
policy-name: Specifies the name of an MKA policy, a case-sensitive string of 1 to 16 characters.
Usage guidelines
MKA policy provides a centralized method for configuring MACsec confidentiality offset, validation mode, replay protection, and replay protection window size.
The system supports multiple MKA policies.
You cannot delete or modify the system-defined MKA policy default-policy.
Examples
# Create an MKA policy named abcd and enter its view.
<Sysname> system-view [Sysname] mka policy abcd [Sysname-mka-policy-abcd]
Related commands
confidentiality-offset
display mka policy
mka apply policy
replay-protection enable
replay-protection window-size
validation mode