MACSec Redux
Good ol’ MACSec.
First, I posted a quick and dirty notes-for-myself, MACSec how-to for Juniper.
Then, I posted a similar MACSec howto for Cisco. So here’s a miscellany of different macsec implementations.
Let’s say you want to run your own router, because your Layer 8 & 9 specialists mandate it, here MACSec on linux.
Here’s a guy who did cisco-switch-to-cisco-switch macsec over an mpls link between a cisco and juniper router (because macsec works at layer 1 and thus you need to fake layer 1 via MLPS). So that’s a thing.
Here’s the Extreme Network’s MACSec implementation:
set macsec port mka enable tg.1.1
set macsec pre-shared-key port tg.1.1 ckn foo cak passphrase bar
Brocade MACSec details and also a Brocade sample config of MACSec.