Hello
1. Background:
a. Topology
ii. We have 3 VCs connected to each other. A,B,C
iii. There is VSTP between all 3
b. They are connected via L2 WAN lines
c. We are trying to implement MACSEC between them
I saw that there is a MACsec Limitation:
All types of Spanning Tree Protocol frames cannot currently be encrypted using MACsec.
I don't need the STP to be encrypted, so it is OK for me.
Query:
MACsec does not encrypt STP, so I conclude STP frames sent in clear over tagged and untagged vlans. But, at the same time, MACsec does encrypt the tagging, correct?
So how will VSTP work, as the switch supposed to send STP frames in tagged vlans, which are encrypted?
MACsec encrypts tagging
MACsec does not encrypt STP
STP sent inside tagged vlans
------------------------------
EMIL TARANDASH
------------------------------