Operate and maintain
Documents under this category provide functional descriptions and procedures for configuring, operating, and maintaining 7705 SAR software.
- Basic System Configuration Guide
  This guide provides an overview of the CLI and describes 7705 SAR boot options file (BOF) configuration, file system management, and basic system management such as node timing and synchronization.
- Interface Configuration Guide
  This guide describes the functionality of the 7705 SAR cards, modules, and ports and how to configure these components.
- MPLS Guide
  This guide describes how to configure MPLS, RSVP-TE, PCEP, and LDP protocols on the 7705 SAR.
- Quality of Service Guide
  This guide describes the Quality of Service (QoS) functionality provided by the 7705 SAR and how to configure and implement QoS on the router.
- Router Configuration Guide
  This guide describes how to configure logical IP routing interfaces, VRRP filtering, routing policies, and the cflowd tool on the 7705 SAR.
- Routing Protocols Guide
  This guide describes how to configure unicast routing protocols (OSFP, IS-IS, BGP, RIP) and multicast routing protocols (IGMP, MLD, PIM, MSDP) supported on the 7705 SAR.
- Services Guide
  This guide describes how to configure service parameters such as service access points (SAPs) and service destination points (SDPs), Layer 2 and Layer 3 services, security functions (IPSec), and encryption functions (NGE) on the 7705 SAR.
- System Management Guide
  This guide describes how to configure system security and access features, SNMP functionality, and event and accounting logs on the 7705 SAR.

Clear tag mode

In most Layer 2 networks, MAC forwarding is performed using the destination MAC address. According to the 802.1AE standard, any field after the source and destination MAC addresses and after the SecTAG must be encrypted. This includes the 802.1Q tags. However, some VLAN switching networks may require the 802.1Q tag to be in clear text.

On the 7705 SAR, it is possible to configure 802.1Q tags in clear text by placing them before the SecTAG or to configure the 802.1Q tags in encrypted text by placing them after the SecTAG.

The following table lists the MACsec encryption of 802.1Q tags when clear-tag-mode is configured on the 7705 SAR.

Table 1. MACsec encryption of 802.1Q tags with clear-tag-mode configured
Unencrypted format	clear-tag-mode configuration	Pre-encryption (Tx)	Pre-decryption (Rx)
Single tag (dot1q)	single-tag	DA, SA, TPID, VID, Etype	DA, SA, TPID, VID, SecTAG
Single tag (dot1q)	dual-tag	DA, SA, TPID, VID, Etype	DA, SA, TPID, VID, SecTAG
Double tag (QinQ)	single-tag	DA, SA, TPID1, VID1, IPID2, VID2, Etype	DA, SA, TPID1, VID1, SecTAG
Double tag (QinQ)	dual-tag	DA, SA, TPID1, VID1, IPID2, VID2, Etype	DA, SA, TPID1, VID1, IPID2, VID2, SecTAG

October 30, 2024