source-git / iproute

Clone
Source Code
GIT

Blame man/man8/ip-macsec.8

c8 c8s master
  1.   26777c41d4d0f23f5a5633fd9efbac91e2905784
  2.   man
  3.   man8
  4.   ip-macsec.8
Blob History Raw
Packit d3f73b 
.TH IP\-MACSEC 8 "07 Mar 2016" "iproute" "Linux"
Packit d3f73b 
.SH NAME
Packit d3f73b 
ip-macsec \- MACsec device configuration
Packit d3f73b 
.SH "SYNOPSIS"
Packit d3f73b 
.BI "ip link add link " DEVICE " name " NAME " type macsec "
Packit d3f73b 
[ [
Packit d3f73b 
.BI address " <lladdr>"
Packit d3f73b 
]
Packit d3f73b 
.BI port " PORT"
Packit d3f73b 
|
Packit d3f73b 
.BI sci " <u64>"
Packit d3f73b 
] [
Packit d3f73b 
.BR cipher " { " default " | " gcm-aes-128 " | "gcm-aes-256" } ] ["
Packit d3f73b 
.BI icvlen " ICVLEN"
Packit d3f73b 
] [
Packit d3f73b 
.BR encrypt " { " on " | " off " } ] ["
Packit d3f73b 
.BR send_sci " { " on " | " off " } ] ["
Packit d3f73b 
.BR end_station " { " on " | " off " } ] ["
Packit d3f73b 
.BR scb " { " on " | " off " } ] ["
Packit d3f73b 
.BR protect " { " on " | " off " } ] ["
Packit d3f73b 
.BR replay " { " on " | " off " } ] ["
Packit d3f73b 
.BI window " WINDOW"
Packit d3f73b 
] [
Packit d3f73b 
.BR validate " { " strict " | " check " | " disabled " } ] ["
Packit d3f73b 
.BI encodingsa " SA"
Packit d3f73b 
]
Packit d3f73b
Packit d3f73b 
.BI "ip macsec add " DEV " tx sa"
Packit d3f73b 
.RI "{ " 0..3 " } [ " OPTS " ]"
Packit d3f73b 
.BI key " ID KEY"
Packit d3f73b 
.br
Packit d3f73b 
.BI "ip macsec set " DEV " tx sa"
Packit d3f73b 
.RI "{ " 0..3 " } [ " OPTS " ]"
Packit d3f73b 
.br
Packit d3f73b 
.BI "ip macsec del " DEV " tx sa"
Packit d3f73b 
.RI "{ " 0..3 " }"
Packit d3f73b
Packit d3f73b 
.BI "ip macsec add " DEV " rx " SCI
Packit d3f73b 
.RB [ " on " | " off " ]
Packit d3f73b 
.br
Packit d3f73b 
.BI "ip macsec set " DEV " rx " SCI
Packit d3f73b 
.RB [ " on " | " off " ]
Packit d3f73b 
.br
Packit d3f73b 
.BI "ip macsec del " DEV " rx " SCI
Packit d3f73b
Packit d3f73b 
.BI "ip macsec add " DEV " rx " SCI " sa"
Packit d3f73b 
.RI "{ " 0..3 " } [ " OPTS " ]"
Packit d3f73b 
.BI key " ID KEY"
Packit d3f73b 
.br
Packit d3f73b 
.BI "ip macsec set " DEV " rx " SCI " sa"
Packit d3f73b 
.RI "{ " 0..3 " } [ " OPTS " ]"
Packit d3f73b 
.br
Packit d3f73b 
.BI "ip macsec del " DEV " rx " SCI " sa"
Packit d3f73b 
.RI "{ " 0..3 " }"
Packit d3f73b
Packit d3f73b 
.B ip macsec show
Packit d3f73b 
.RI [ " DEV " ]
Packit d3f73b
Packit d3f73b 
.IR OPTS " := [ "
Packit d3f73b 
.BR pn " { "
Packit d3f73b 
.IR 1..2^32-1 " } ] ["
Packit d3f73b 
.BR on " | " off " ]"
Packit d3f73b 
.br
Packit d3f73b 
.IR SCI " := { "
Packit d3f73b 
.B sci
Packit d3f73b 
.IR <u64> " | "
Packit d3f73b 
.BI port
Packit d3f73b 
.IR PORT
Packit d3f73b 
.BI address " <lladdr> "
Packit d3f73b 
}
Packit d3f73b 
.br
Packit d3f73b 
.IR PORT " := { " 1..2^16-1 " } "
Packit d3f73b
Packit d3f73b
Packit d3f73b 
.SH DESCRIPTION
Packit d3f73b 
The
Packit d3f73b 
.B ip macsec
Packit d3f73b 
commands are used to configure transmit secure associations and receive secure channels and their secure associations on a MACsec device created with the
Packit d3f73b 
.B ip link add
Packit d3f73b 
command using the
Packit d3f73b 
.I macsec
Packit d3f73b 
type.
Packit d3f73b
Packit d3f73b 
.SH EXAMPLES
Packit d3f73b 
.PP
Packit d3f73b 
.SS Create a MACsec device on link eth0
Packit d3f73b 
.nf
Packit d3f73b 
# ip link add link eth0 macsec0 type macsec port 11 encrypt on
Packit d3f73b 
.PP
Packit d3f73b 
.SS Configure a secure association on that device
Packit d3f73b 
.nf
Packit d3f73b 
# ip macsec add macsec0 tx sa 0 pn 1024 on key 01 81818181818181818181818181818181
Packit d3f73b 
.PP
Packit d3f73b 
.SS Configure a receive channel
Packit d3f73b 
.nf
Packit d3f73b 
# ip macsec add macsec0 rx port 1234 address c6:19:52:8f:e6:a0
Packit d3f73b 
.PP
Packit d3f73b 
.SS Configure a receive association
Packit d3f73b 
.nf
Packit d3f73b 
# ip macsec add macsec0 rx port 1234 address c6:19:52:8f:e6:a0 sa 0 pn 1 on key 00 82828282828282828282828282828282
Packit d3f73b 
.PP
Packit d3f73b 
.SS Display MACsec configuration
Packit d3f73b 
.nf
Packit d3f73b 
# ip macsec show
Packit d3f73b 
.SH SEE ALSO
Packit d3f73b 
.br
Packit d3f73b 
.BR ip-link (8)
Packit d3f73b 
.SH AUTHOR
Packit d3f73b 
Sabrina Dubroca <sd@queasysnail.net>

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation