Hi all, with regard to this thread someone wrote me this in a PM (I can't answer via PM since it seems it doesn't work):
"
I could not understand your answer. Dose aruba 2930M switches with macsec module support lacp or not? In Aruba2930M / FAccessSecurityGuideforA OS-S16.10 it is listed that macsec does not support lacp"
So here I give my explanation again:
- Aruba 2930M/F Switch series support "Port Trunking" (as known as Links Aggregation) with LACP, that's a well known supported features.
- Aruba 2930M Switch series support "MACSec" (on particular ports and models).
What it is not supported is to use a "Port Trunk" logical interface (defined with either Non-Protocol or LACP) and apply a MACSec configuration to it, in other terms MACSec and Port Trunking are - considering a particular logical aggregated interface (with two or more physical member interfaces) - two mutually exclusive features. Given a physical interface you can configure MACSec or Port Trunking, not both (the physical interface can't also be member of a "Port Trunk").
------------------------------
Davide Poletto
------------------------------
Original Message:
Sent: Nov 11, 2020 10:31 AM
From: Jay R
Subject: MacSec on LACP Trunk 2930M
Hi,
does anybody know if MacSec on LACP is supported on any AOS Version. We have 2930m v16.10.0011 with 3810 MacSec/SFP+ Module but when trying to apply the MacSec policy we get a error:
Cannot configure the MACsec policy on port %s when it is part of a trunk
I did not find any information about not supported in combination with lacp and have the same running on e.g. Juniper Switches
------------------------------
Jay R
------------------------------