mirror of
https://github.com/vyos/vyos-documentation.git
synced 2025-10-26 08:41:46 +01:00
6c65fbc5f9
Thank you Bootlin for the absract! https://bootlin.com/blog/network-traffic-encryption-in-linux-using-macsec-and-hardware-offloading/
24 lines
670 B
ReStructuredText
24 lines
670 B
ReStructuredText
.. _macsec-interface:
|
|
|
|
######
|
|
MACsec
|
|
######
|
|
|
|
MACsec is an IEEE standard (IEEE 802.1AE) for MAC security, introduced in 2006.
|
|
It defines a way to establish a protocol independent connection between two
|
|
hosts with data confidentiality, authenticity and/or integrity, using
|
|
GCM-AES-128. MACsec operates on the Ethernet layer and as such is a layer 2
|
|
protocol, which means it's designed to secure traffic within a layer 2 network,
|
|
including DHCP or ARP requests. It does not compete with other security
|
|
solutions such as IPsec (layer 3) or TLS (layer 4), as all those solutions are
|
|
used for their own specific use cases.
|
|
|
|
|
|
Configuration
|
|
#############
|
|
|
|
Operation
|
|
=========
|
|
|
|
|