ExtremeSwitching (EOS)

Expand all | Collapse all

How to clear Maclock "Last Violating MAC address" field

  • 1.  How to clear Maclock "Last Violating MAC address" field

    Posted 11-01-2017 19:33
    For many years our C5 stacks (edge switches) have the following configuration for all edge ports...
    set maclock enable
    set maclock trap enable violation
    set maclock agefirstarrival enable
    set maclock firstarrival 8
    set maclock enable

    This was recommended by an Enterasys Engineer to protect the network from loops, mac floods and notify us if a port has more than 8 devices (we use macauth/multiauth; C5 limit is 8 devices).

    Over the years the system has worked well except for once in a while (due to a firmware bug) the maclock firstarrival # needs to be increased for a total of 8 devices to be allowed (only happens when switch has been running for months and a reboot fixes things).

    When I run "show maclock" I see...
    Port Port Trap Syslog Aging Port Clr Max Max Last Violating Number Stat Thr|Viol Thr|Viol Stat Dis|Viol OLC Stc FA MAC Address -------- ---- -------- -------- ---- -------- --- --- ---- -----------------
    ge.2.37 ena dis|ena dis|dis ena dis|dis ena 20 8 c0:3f:d5:f6:23:73[/code]
    Short of rebooting the switch, how do I clear the "Last Violating Mac Address"?

    Have tried Policy Manager's Maclock tab; when I select an entry, the "Remove" button remains greyed out.

    Thanks
    Nabil


  • 2.  RE: How to clear Maclock "Last Violating MAC address" field

    Posted 11-01-2017 19:42
    How about the following command:

    clear maclock c0:3f:d5:f6:23:73 ge.2.37

    Ryan


  • 3.  RE: How to clear Maclock "Last Violating MAC address" field

    Posted 11-01-2017 20:09
    The result is "The specified entry does not exist." :(

    Switch firmware version is 06.81.07.0004



  • 4.  RE: How to clear Maclock "Last Violating MAC address" field

    Posted 11-02-2017 12:45
    I have found the only way to clear this is with a switch reset, or when another "violating" user is plugged into the port in question. The MAC address stays in the switch so when a "violating" user plugs into the switch, it can be viewed at a later time even though they are no longer plugged in. This is not a field that can be administratively cleared