Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-02-28 | macsec: T3368: add support for gcm-aes-256 cipher | Christian Poessinger | |
2021-01-21 | xml: T3239: override default mtu values and remove workarounds | John Estabrook | |
2020-11-07 | macsec: T2653: include common "ip" and "ipv6" interface options | Christian Poessinger | |
2020-10-28 | mtu: T2630: add support for ethernet MTU up to 16000 bytes | Christian Poessinger | |
There is a Myricom 10G card with 16k MTU available. | |||
2020-09-26 | macsec: T2023: shift priority to run on vxlan/geneve source-interface | Christian Poessinger | |
2020-09-20 | macsec: T2023: add missing mtu CLI option | Christian Poessinger | |
Base MTU for MACsec is 1468 bytes (encryption headers), but we leave room for 802.1ad and 802.1q VLAN tags, thus the limit is lowered to 1460 bytes to not make the user juggle with the MTU bytes if he enables VLAN support later on, which is yet to come. | |||
2020-06-27 | ifconfig: T2653: move macsec interface to get_config_dict() | Christian Poessinger | |
2020-05-22 | macsec: T2491: add replay window protection | Christian Poessinger | |
2020-05-21 | macsec: T2023: add valueHelp for MKA keys | Christian Poessinger | |
2020-05-21 | macsec: T2023: support MACsec Key Agreement protocol actor priority | Christian Poessinger | |
2020-05-21 | macsec: T2023: rename "security key" node to "security mka" | Christian Poessinger | |
MACsec always talks about MKA (MACsec Key Agreement protocol) thus the node should reflect that. | |||
2020-05-21 | macsec: T2023: use wpa_supplicant for key management | Christian Poessinger | |
2020-05-21 | macsec: T2023: cli: move "cipher" and "encryption" under new "secutiry" node | Christian Poessinger | |
This is best suited as a key is required, too. | |||
2020-05-21 | macsec: T2023: remove gcm-aes-256 cipher type | Christian Poessinger | |
Cipher type gcm-aes-256 is supported by Linux 4.19 but it is not available in iproute2 4.19. We could backport it of course but the plan is to Upgrade to a more recent 5.x series kernel anyway once all out-of-tree module issues are resolved, mainly Intel QAT. gcm-aes-256 support was added to iproute2 package with commit b16f5253233 ("Add support for configuring MACsec gcm-aes-256 cipher type.") which made it into the 5.2 release of iproute2. | |||
2020-05-21 | macsec: T2023: add optional encryption command | Christian Poessinger | |
By default MACsec only authenticates traffic but has support for optional encryption. Encryption can now be enabled using: set interfaces macsec <interface> encrypt | |||
2020-05-21 | macsec: T2023: add initial XML and Python interfaces | Christian Poessinger | |