Port data traffic records cannot show MACSec encapsulation changes

The customer networking diagram is as shown in the preceding figure. 

The source server connects to switch 1, configudes macSec on the outgoing port (G1/0/2) of the switch, and then accesses the ISP link of the public network. 

When it reaches switch 2, it configudes MACSec on the incoming port (G1/0/1). 

Customer feedback That the volume of traffic displayed by using display Interface G1/0/2 on switch 1 is basically the same as that displayed by G1/0/1. Why can't the size of macSec encapsulated be displayed? The same phenomenon occurs on switch 2. 

1.Each port has two chips, one Phy chip and the other MAC chip. Using the display interface command, you can only view the data of the MAC chip, but not the DATA of the Phy chip. Therefore, the data displayed on port G1/0/2 of switch 1 is the data before the MACSEC package. You just see decapsulated data on port G1/0/1 of switch 2. 

1.To capture packets encapsulated by macsec, connect a switch to the public network link and view commands and capture packets on the switch port. 

2.The MACSEC protocol encapsulates 38-40 bytes larger than the original packet.