How widespread is the use of and availability of MACSEC? ----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP
On 12/19/24 03:07, Jason Bothe via NANOG wrote:
Quite a bit I’d say, particularly in WAN. It’s an easy and excellent go-to for line rate encryption along waves and some transparent layer 2 services state they support it but haven’t had an opportunity to test personally. Double check the implementation for continuation of rolling keys and so forth to ensure your expectations are met.
On the DWDM side, expect to add between 0.3W of energy @ 100G, and 0.6W @ 400G, when encryption is enabled. Something to keep in mind if power and/or thermal management are crucial for you. Mark.
On the DWDM side, expect to add between 0.3W of energy @ 100G, and 0.6W @ 400G, when encryption is enabled.
Something to keep in mind if power and/or thermal management are crucial for you.
Are you talking about L1OE here, not MACSEC? On Thu, Dec 19, 2024 at 9:42 AM Mark Tinka <mark@tinka.africa> wrote:
On 12/19/24 03:07, Jason Bothe via NANOG wrote:
Quite a bit I’d say, particularly in WAN. It’s an easy and excellent go-to for line rate encryption along waves and some transparent layer 2 services state they support it but haven’t had an opportunity to test personally. Double check the implementation for continuation of rolling keys and so forth to ensure your expectations are met.
On the DWDM side, expect to add between 0.3W of energy @ 100G, and 0.6W @ 400G, when encryption is enabled.
Something to keep in mind if power and/or thermal management are crucial for you.
Mark.
Gotcha. I think when I read Jason's comments, I xlated 'waves' as 'leased circuits' in my head, not native WDM. :) On Sat, Dec 21, 2024 at 12:33 PM Mark Tinka <mark@tinka.africa> wrote:
On 12/20/24 17:47, Tom Beecher wrote:
Are you talking about L1OE here, not MACSEC?
Correct.
GCM-AES-256 encryption at Layer 1, to be exact.
It was in reference to Jason's comments about encryption over "waves".
Mark.
On 12/21/24 20:22, Tom Beecher wrote:
Gotcha. I think when I read Jason's comments, I xlated 'waves' as 'leased circuits' in my head, not native WDM. :)
I find that people say "waves" as shorthand for DWDM-based services a la "wavelengths". I'd say that the majority of new leased circuit services are based on EoDWDM, in 2024. Mark.
Generally widely available and supported by all the major vendors, although to the best of my knowledge only on specific hardware. Linux implementation is pretty robust at this point as well. Like anything else, different vendors have some implementation quirks , but by and large the spec has been defined for almost 20 years, so it's mostly fleshed out and quite stable at this point. On Wed, Dec 18, 2024 at 7:38 PM Mike Hammett <nanog@ics-il.net> wrote:
How widespread is the use of and availability of MACSEC?
----- Mike Hammett Intelligent Computing Solutions <http://www.ics-il.com/> <https://www.facebook.com/ICSIL> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> <https://www.linkedin.com/company/intelligent-computing-solutions> <https://twitter.com/ICSIL> Midwest Internet Exchange <http://www.midwest-ix.com/> <https://www.facebook.com/mdwestix> <https://www.linkedin.com/company/midwest-internet-exchange> <https://twitter.com/mdwestix> The Brothers WISP <http://www.thebrotherswisp.com/> <https://www.facebook.com/thebrotherswisp> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
participants (4)
-
Jason Bothe -
Mark Tinka -
Mike Hammett -
Tom Beecher