macsec:If
macsec Interface
Telemetry Sensor Path(s)
Configurable Properties
| PROPERTY NAME | DATA TYPE | DESCRIPTION | PERMITTED VALUES |
|---|---|---|---|
| adminSt | nw:IfAdminSt (nw:AdminSt) |
The administrative state of the object or policy. | SELECTION: 1 - enabled 2 - disabled |
| cipherSuite | macsec:CipherSuite (scalar:Enum8) |
Cipher Suite | SELECTION: 1 - gcm-aes-128 2 - gcm-aes-256 3 - gcm-aes-xpn-128 4 - gcm-aes-xpn-256 DEFAULT: gcm-aes-xpn-256 |
| confOffset | macsec:ConfOffset (scalar:Enum8) |
Confidentiality Offset | SELECTION: 1 - offset-0 2 - offset-30 3 - offset-50 DEFAULT: offset-0 |
| descr | naming:Descr1024 (string:Basic) |
Tunnel Description | MAX SIZE: 254 |
| keyChain | macsec:KeyChain (string:Basic) |
Key Chain | A sequence of characters |
| keySvrPrio | macsec:KeySvrPrio (scalar:UByte) |
Key Server Priority | RANGE: [0 , 255] DEFAULT: 16 |
| replayWindow | macsec:ReplayWindow (scalar:Uint32) |
Replay Window | RANGE: [0 , 596000000] DEFAULT: 148809600 |
| sakExpiryTime | macsec:SakExpiryTime (scalar:Uint32) |
Security Association Key Expiry Time | RANGE: [0, 4294967295] DEFAULT: disabled |
| secPolicy | macsec:SecPolicy (scalar:Enum8) |
Security Policy | SELECTION: 1 - must-secure 2 - should-secure DEFAULT: should-secure |
| vlanTagCtrl | macsec:VlanTagCtrl (scalar:Enum8) |
VlanTag Ctrl | SELECTION: 0 - skip-0 1 - skip-1 2 - skip-2 3 - skip-3 DEFAULT: skip-0 |
Operational Properties
| PROPERTY NAME | DATA TYPE | DESCRIPTION | POSSIBLE VALUES |
|---|---|---|---|
| cakName | macsec:CakName (string:Basic) |
Connectivity Association Key Name (CKN) | A sequence of characters |
| cipherSuiteOper | macsec:CipherSuite (scalar:Enum8) |
Cipher Suite (Operational) | SELECTION: 1 - gcm-aes-128 2 - gcm-aes-256 3 - gcm-aes-xpn-128 4 - gcm-aes-xpn-256 DEFAULT: gcm-aes-xpn-256 |
| confOffsetOper | macsec:ConfOffset (scalar:Enum8) |
Confidentiality Offset (Operational) | SELECTION: 1 - offset-0 2 - offset-30 3 - offset-50 DEFAULT: offset-0 |
| lastSakKeyTime | macsec:Timestamp (scalar:Date) |
Last Secure Association Key (SAK) Key Time | DATE FORMAT: %Y-%m-%dT%H:%M:%S.%f%z |
| latestSakAN | macsec:AssocNum (scalar:Uint16) |
Latest Secure Association Key (SAK) Association Number | RANGE: [0, 65535] |
| latestSakKI | macsec:SakKiKn (string:Basic) |
Latest Secure Association Key (SAK) KI | A sequence of characters |
| latestSakKN | macsec:SakKiKn (string:Basic) |
Latest Secure Association Key (SAK) KN | A sequence of characters |
| mac | address:MAC |
MAC for this interface | Value must match MM:MM:MM:SS:SS:SS format |
| mbrId | macsec:MbrId (string:Basic) |
MKA Key Server's Member Identifier | A sequence of characters |
| mkaNegSt | macsec:MkaIfNegSt (scalar:Enum16) |
MKA Negotiation Status | SELECTION: 0 - if-neg-succ 1 - rx-val-fail 2 - rx-bad-peer-mn 3 - rx-non-recent-peerlist-mn 4 - rx-drop-sakuse-kn-mismatch 5 - rx-not-set 6 - rx-key-mi-mismatch 7 - rx-an-not-inuse 8 - ks-rx-tx-notset 9 - rx-ethertype-mismatch DEFAULT: if-neg-succ |
| msgNumber | macsec:MsgNum (scalar:Uint32) |
MKA Message Number | RANGE: [0, 4294967295] |
| operSt | macsec:OperSt (scalar:Enum8) |
Operational State | SELECTION: 1 - up 2 - down DEFAULT: down |
| operStQual | macsec:OperStQual (scalar:Enum8) |
Operational State Qualifier | SELECTION: 1 - up 2 - admin-down 3 - if-down 4 - unsupported DEFAULT: unsupported |
| peerCount | nw:Counter64 (scalar:Uint64) |
Number of Connected Peers | RANGE: [0, 18446744073709551615] |
| portId | l4:Port (scalar:Uint16) |
Port Identifier | RANGE: [0 , 0xffff] DEFAULT: unspecified |
| sakStatus | macsec:SakStatus (scalar:Enum8) |
Secure Association Key (SAK) Status | SELECTION: 0 - no-rx-tx 1 - tx-only 2 - rx-only 3 - rx-and-tx DEFAULT: no-rx-tx |
| sessOperSt | macsec:SessOperSt (scalar:Enum8) |
Session Status | SELECTION: 1 - pending 2 - secured DEFAULT: pending |
| srvStatusFlags | macsec:SrvFlags (scalar:Bitmask8) |
Server Status Flags | SELECTION: 0 - not-key-server 1 - key-server DEFAULT: not-key-server |
| txSSCI | macsec:TxSSCI (scalar:Uint32) |
Tx-SSCI (Short Secure Channel Identifier) | RANGE: [0, 4294967295] |
Internal Properties
| PROPERTY NAME | DATA TYPE | DESCRIPTION | POSSIBLE VALUES |
|---|---|---|---|
| id | nw:IfId (base:IfIndex) |
An identifier . | Must match first field in the output of show intf brief. Example: Eth1/1 or Vlan100 |
| modTs | mo:TStamp (scalar:Date) |
The time when this object was last modified. | SELECTION: 0 - never DEFAULT: never |
| name | naming:Name256 (string:Basic) |
The name of the object. | MAX SIZE: 127 DEFAULT: bgp-PeerAf |
| status | mo:ModificationStatus (scalar:Bitmask32) |
Modification status | SELECTION: 2 - created 4 - modified 8 - deleted 16 - replaced |