You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/expressroute/expressroute-howto-macsec.md
+6-2Lines changed: 6 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -113,13 +113,17 @@ Every ExpressRoute Direct instance consists of two physical ports. You can activ
113
113
114
114
115
115
> [!NOTE]
116
-
> You can configure both XPN and Non-XPN ciphers:
116
+
> You can configure Non-XPN ciphers for 10 gbps ExpressRoute Ports:
117
117
> * GcmAes128
118
118
> * GcmAes256
119
+
>
120
+
> You can configure either Non-XPN or XPN ciphers for 40 gbps and greater ExpressRoute Ports:
121
+
> * GcmAes128
122
+
> * GcmAes256
119
123
> * GcmAesXpn128
120
124
> * GcmAesXpn256
121
125
>
122
-
> The suggested best practice is to set up encryption with xpn ciphers to prevent sporadic session failures that occur with non-xpn ciphers on high speed links.
126
+
> The suggested best practice is to set up encryption with xpn ciphers to prevent sporadic session failures that occur with non-xpn ciphers on links with 40 gbps or greater bandwidth.
123
127
124
128
1. Establish the MACsec secrets and cipher and link the user identity with the port to enable the ExpressRoute management code to retrieve the MACsec secrets when required.
0 commit comments