Skip to content

Example: macsec over ppp

Alt text

r1

hostname r1
vrf def v1
 rd 1:1
 exit
crypto ipsec ips
 group 02
 cipher aes256cbc
 hash sha1
 key tester
 exit
int ser1
 enc ppp
 ppp ip4cp close
 ppp ip6cp close
 vrf for v1
 macsec ips
 ipv4 addr 1.1.1.1 255.255.255.0
 ipv6 addr 1234::1 ffff::
 exit

r2

hostname r2
vrf def v1
 rd 1:1
 exit
crypto ipsec ips
 group 02
 cipher aes256cbc
 hash sha1
 key tester
 exit
int ser1
 enc ppp
 ppp ip4cp close
 ppp ip6cp close
 vrf for v1
 macsec ips
 ipv4 addr 1.1.1.2 255.255.255.0
 ipv6 addr 1234::2 ffff::
 exit
r1 tping 100 30 1.1.1.2 vrf v1
r2 tping 100 30 1.1.1.1 vrf v1
r1 tping 100 30 1234::2 vrf v1
r2 tping 100 30 1234::1 vrf v1
  1. Install ContainerLab as described here
  2. Fetch crypt-macsec05 file
  3. Launch ContainerLab crypt-macsec05.yml topology:

   containerlab deploy --topo crypt-macsec05.yml  
4. Destroy ContainerLab crypt-macsec05.yml topology:

   containerlab destroy --topo crypt-macsec05.yml  
5. Copy-paste configuration for each node in the lab topology

  1. Fetch or compile freeRtr rtr.jar file.
    You can grab it here
  2. Fetch crypt-macsec05.tst file here
  3. Launch crypt-macsec05.tst test:

   java -jar ../../rtr.jar test tester crypt-macsec05 path ./ temp ./ wait
4. Destroy freeRtr crypt-macsec05.tst test:

   Ctrl-C (In freeRtr test window)