Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
590
Views
1
Helpful
6
Replies

Nexus switch not learning the mac address with Macsec device

alon to
Level 1
Level 1

‎11-04-2024 04:08 AM

Hello,

In my network, I have two Juniper switches that are connected by a Nexus switch that only acts as an L2 switch.

I cannot learn the Mac-Address when I run Mac-Sec on Juniper switches on the Nexus side. (pic1)

alonto_0-1730721798356.png

If I delete the Mac-Sec configuration in Juniper, I do learn the Mac-Address in Nexus (pic 2)

 

alonto_1-1730721850685.png

When I use a L2 switch from another vendor instead of Cisco Nexus, I learn the Mac-Address in both cases

What could be the problem? When mac-sec is enabled in Juniper switches

Labels:
6 Replies 6

M02@rt37
VIP
VIP

‎11-04-2024 06:08 AM

Hello @alon to 

Which model of Nexus, and which NX-os version ?

Thanks.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

alon to
Level 1
Level 1
In response to M02@rt37

‎11-04-2024 07:17 AM

cisco Nexus9000 C93180YC-FX

version 9.3(13)

0 Helpful

MHM Cisco World
VIP
VIP
In response to alon to

‎11-04-2024 07:21 AM

Did you try ""macsec shutdown"" in NSK

MHM

0 Helpful

alon to
Level 1
Level 1
In response to MHM Cisco World

‎11-04-2024 08:13 AM

I added the command but without success :

NEXUS-2# sh run | i macsec
feature macsec
macsec shutdown


NEXUS-2#
NEXUS-2# sh mac address-table interface Eth1/15
Legend:
* - primary entry, G - Gateway MAC, (R) - Routed MAC, O - Overlay MAC
age - seconds since last seen,+ - primary entry using vPC Peer-Link,
(T) - True, (F) - False, C - ControlPlane MAC, ~ - vsan
VLAN MAC Address Type age Secure NTFY Ports
---------+-----------------+--------+---------+------+----+------------------
NEXUS-2#

0 Helpful

M02@rt37
VIP
VIP
In response to alon to

‎11-04-2024 09:36 AM

Please @alon to share the output of that command:

#show license usage

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

alon to
Level 1
Level 1
In response to M02@rt37

‎11-05-2024 12:17 AM

NEXUS-2# show license usage
Feature Ins Lic Status Expiry Date Comments
Count
--------------------------------------------------------------------------------
ACI-STRG No - Unused -
ACI-AD-GF No - Unused -
ACI-AD-XF No - Unused -
ACI-ES-GF No - Unused -
ACI-ES-XF No - Unused -
ACI-AD-XF2 No - Unused -
ACI-ES-XF2 No - Unused -
ACI-SEC-GF No - Unused -
ACI-SEC-XF No - Unused -
ACI-SEC-XM No - Unused -
N9K_LIC_1G No - Unused -
VPN_FABRIC No - Unused -
ACI-STRG-GF No - Unused -
ACI-STRG-XF No - Unused -
NXOS_OE_PKG No - Unused -
FCOE_NPV_PKG No - Unused -
SECURITY_PKG No - Unused -
ACI-PREMIER-GF No - Unused -
ACI-PREMIER-XF No - Unused -
N9K_UPG_EX_10G No - Unused -
ACI-PREMIER-XF2 No - Unused -
NXOS-PREMIER-M4 No - Unused -
TP_SERVICES_PKG No - Unused -
NXOS-PREMIER-M816 No - Unused -
NXOS_ADVANTAGE_GF No - Unused -
NXOS_ADVANTAGE_M4 No - Unused -
NXOS_ADVANTAGE_XF No - Unused -
NXOS_ESSENTIALS_GF No - Unused -
NXOS_ESSENTIALS_M4 No - Unused -
NXOS_ESSENTIALS_XF No - Unused -
NXOS_ESSENTIALS_XM No - Unused -
SAN_ENTERPRISE_PKG No - Unused -
PORT_ACTIVATION_PKG No 0 Unused -
NETWORK_SERVICES_PKG No - Unused -
NXOS_ADVANTAGE_M8-16 No - Unused -
NXOS_ESSENTIALS_M8-16 No - Unused -
FC_PORT_ACTIVATION_PKG No 0 Unused -
LAN_ENTERPRISE_SERVICES_PKG No - Unused -
--------------------------------------------------------------------------------

0 Helpful
Customers Also Viewed These Support Documents