confidentiality
Syntax
confidentiality [offset {0|30|50}] no confidentiality
描述
Within the MACsec policy context, enables Ethernet packet encryption after the MACsec header, optionally including a start-of-encryption offset. Confidentiality is enabled by default with an offset of 0 bytes after the MACsec header.
An offset of 0 causes the entire packet (after the MACsec header) to be encrypted. It is sometimes desirable to offset the start of the encryption deeper into the packet to allow for fields such as MPLS labels and 802.1Q tags to remain unencrypted.
Omitting theoffset
parameter enables confidentiality with whatever offset was configured previously.
The没有
这个命令禁用的形式进行dentiality.
Command context
config-macsec-policy
Parameters
-
offset {0|30|50}
-
Selects the start-of-encryption offset (in bytes) into the packet after the MACsec header. Default 0 bytes.
Authority
Administrators or local user group members with execution rights for this command.
Examples
Enabling confidentiality with an offset of 30 bytes:
switch(config-macsec-policy)#confidentiality offset 30
Disabling confidentiality
switch(config-macsec-policy)#没有confidentiality