display mka policy
replay-protection enable
replay-protection window-size
validation mode
mka enable
Use mka enable to enable MKA on a port.
Use undo mka enable to disable MKA on a port.
Syntax
mka enable
undo mka enable
Default
MKA is disabled on a port.
Views
Ethernet interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
MKA establishes and manages MACsec secure channels on a port. It also negotiates encryption
keys used by MACsec.
The enabling of MKA on a port triggers MKA negotiation. After MKA negotiation succeeds, an MKA
session is successfully established.
Examples
# Enable MKA on GigabitEthernet 1/0/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] mka enable
Related commands
display mka session
mka policy
Use mka policy to create an MKA policy and enter its view, or enter the view of an existing MKA
policy.
Use undo mka policy to delete an MKA policy.
Syntax
mka policy policy-name
undo mka policy policy-name
Default
A system-defined MKA policy exists. The policy name is default-policy.
682