Not sure if this is common knowledge.
But just tested MACSEC to see if I could get it to work using 3 mikrotik’s and a generic switch to connect them.
I was under the impression that it was just point to point, but no it point to muti-point plus !!
I set up a CCR1036, a RB750 and a RB750r2 via a generic switch.
I added MACSEC to all interconnected interfaces with the same CAK/CKN
Then using the generated macsec1 interfaces added 2xIP address ranges. In my case used 172.16.1.x/24 + 172.16.2.x/24 to each interface.
I could ping without issues to-and-from all units from any remote address. So happy days on this..
