Solved: Nexus 7K - F2E MACSEC Support

Christian Dunn · ‎10-31-2013

Do the F2E cards in the 7K currently have MACSEC support on both hardware and software?

I'm fairly certain they at least have hardware support on an 8 port subset. I've been told by a Cisco partner that it is fully supported on F2E but this (http://www.cisco.com/en/US/docs/switches/datacenter/sw/6_x/nx-os/release/notes/62_nx-os_release_note.html
) NX-OS 6.2 doc claims there is still no software support.

Does anyone have any realworld experience with MACSEC on F2E or know definitively if/when it will be fully supported?

michael.duvall · ‎10-31-2013

Cannot implement MACSEC as of 6.2.(2), ran into the limitation and am currently trying to workaround with "M" ports but keep running into other little surprises. Adding an M port to a vdc changes all F2e ports to layer 2 only, this killed my L3 port-channel to my OTV vdc, no biggie I thought and just created a p2p vlan and brough my IGP right up, only to find that you can't use a svi as your join interface - ethernet or port-channel (L3) only so far.

View solution in original post

michael.duvall · ‎10-31-2013

Cannot implement MACSEC as of 6.2.(2), ran into the limitation and am currently trying to workaround with "M" ports but keep running into other little surprises. Adding an M port to a vdc changes all F2e ports to layer 2 only, this killed my L3 port-channel to my OTV vdc, no biggie I thought and just created a p2p vlan and brough my IGP right up, only to find that you can't use a svi as your join interface - ethernet or port-channel (L3) only so far.

Christian Dunn · ‎04-03-2014

Update: After installing 6.2.(6) we are successfully running MACSEC on the last 8 ports of F2E cards.