[c-nsp] MACSec Stages

Antoine Monnier mrantoinemonnier at gmail.com
Mon Apr 23 02:31:15 EDT 2018 

Hi Graham,

Kind of OT, but what is the title of your book on IPsec VPN?

thanks

On Fri, Apr 20, 2018 at 7:55 AM, Graham Bartlett (grbartle) <
grbartle at cisco.com> wrote:

> Hi
>
> A few of us in Cisco were thinking of writing a CiscoPress book on MACsec,
> which would include details of the inner workings, including protocol flows
> and how the various key material is derived etc.
>
> If this was available would there be interest in this ?
>
> The reason I ask is, I spent a lot of time and effort developing a book on
> IPsec VPNs and it’s got a very narrow audience. I would imagine that
> there’s even less interest in MACsec. But if we could produce something
> that meets your needs and there is interest we could reconsider.
>
> cheers
>
> On 17/04/2018, 14:18, "cisco-nsp on behalf of Nick Cutting" <
> cisco-nsp-bounces at puck.nether.net on behalf of ncutting at edgetg.com> wrote:
>
>     I agree - I spent weeks with TAC cases open etc. and Cisco has no idea
> how this works either.
>
>     I gave up and built a L3 routed VPN.
>
>     I am waiting for the How-to article by Jeremey Stretch!
>     -----Original Message-----
>     From: cisco-nsp <cisco-nsp-bounces at puck.nether.net> On Behalf Of Alex
> K.
>     Sent: Tuesday, April 17, 2018 4:13 AM
>     To: Alan Buxey <alan.buxey at gmail.com>
>     Cc: cisco-nsp <cisco-nsp at puck.nether.net>
>     Subject: Re: [c-nsp] MACSec Stages
>
>     This message originates from outside of your organisation.
>
>     Hello Alan and thank you for answering.
>
>     That's the point - all one can find by searching the standard ID, is a
> bunch of unrelated documents, some from IEEE, some from independent sources
>     - none display any coherent picture whatsoever.
>
>     Not to mention none provide any overview of the protocol. Just some
> not connected points.
>
>     Such lack of the documentation by all major vendors (white paper
> stating MACSEC is an encryption protocol, doesn't count as a documentation)
> hit the hardest when it comes to troubleshooting. No explanation for
> debugs, no known steps for endpoints to pass through, you're pretty much on
> your own trying to figure out what's going on.
>
>     Alex.
>
>     בתאריך יום ג׳, 10 באפר' 2018, 16:06, מאת Alan Buxey ‏<
> alan.buxey at gmail.com>:
>
>     > 802.1AE
>     >
>     > Look that up for how it works
>     >
>     > alan
>     >
>     > On Wed, 4 Apr 2018, 00:32 Alex K., <nsp.lists at gmail.com> wrote:
>     >
>     >> Hello everyone,
>     >>
>     >> After a few implementations of MACSec, I began wondering is there a
>     >> complete documentation of that technology out there?
>     >>
>     >> For example, I have quite an experience with L2TP. Now, SCCRP may
>     >> sound like a bad language to some, but as we all know, it's an
>     >> important step in tunnel setup. The internet is literally brimming
>     >> with information about L2TP. As for MACSec, maybe it's only me -
> but
>     >> I'm having a hard time finding information on MACSec internal
>     >> workings (beyond packets formats) especially - when it comes to
> protocols stages and related cisco debugs.
>     >>
>     >> All I was able to find this far, are some really general sketches
> of
>     >> MACSec exchanges and seemingly unrelated debug commands.
>     >>
>     >> Am I missing something? Any help, such as linking to proper
>     >> documentation, successful and unsuccessful debug outputs and such,
> on
>     >> and off-list, will be gladly appreciated.
>     >>
>     >>
>     >> Thank you,
>     >> Alex.
>     >> _______________________________________________
>     >> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>     >> https://puck.nether.net/mailman/listinfo/cisco-nsp
>     >> archive at http://puck.nether.net/pipermail/cisco-nsp/
>     >>
>     >
>     _______________________________________________
>     cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
>     archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>     _______________________________________________
>     cisco-nsp mailing list  cisco-nsp at puck.nether.net
>     https://puck.nether.net/mailman/listinfo/cisco-nsp
>     archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>

More information about the cisco-nsp mailing list