[c-nsp] WAN MACSec Restrictions

Alex K. nsp.lists at gmail.com
Mon Jun 27 06:01:18 EDT 2016

Hello everyone,

A customer of mine, considering using MACSec in his WAN environment (hence,
it would be the WAN MACSec flavor). Their WAN comprised of 1001x and 1009x
ASR routers.

Unfortunately, Cisco documentation is a bit short on WAN MACSec
restrictions. What I've found is that the ASR 1000 series allows a limited
number of peers on every interface (up to 16 on 10G interface, for example).

Can someone please prove or disprove that limitations (especially for 1001x
and 1009x routers)? Point out another restrictions or undesirable side
effects of that technology?

Thank you in advance.

More information about the cisco-nsp mailing list