Feature Explorer AI 
×
You implement the hitless rollover keychain feature for increased security and to prevent session drops when the connectivity association key (CAK) configuration changes. In this implementation, a keychain that has multiple security keys, key names, and start times is used. Each key in the keychain has a unique start time. At the next key's start time, a rollover occurs from the current key to the next key, and the next key becomes the current key. With the implementation of the hitless rollover keychain feature, the MACsec Key Agreement (MKA) protocol establishes MACsec sessions successfully without any session drop when the CAK configuration changes.
| Product / Application | Software | Introduced Release |
|---|---|---|
| ACX7100-32C | Junos OS Evolved | 22.4R1 |
| PTX10001-36MR | Junos OS Evolved | 20.4R1 |
| PTX10004 | Junos OS Evolved | 20.4R1 |
| PTX10008 | Junos OS Evolved | 20.3R1 |
| PTX10016 | Junos OS Evolved | 21.2R2 |
| PTX10002-36QDD | Junos OS Evolved | 24.2R2 |
| QFX5130-48CM | Junos OS Evolved | 23.4R2 |
| QFX5700 | Junos OS Evolved | 23.4R2 |
| QFX5700E | Junos OS Evolved | 23.4R2 |