How to clear Maclock "Last Violating MAC address" field

For many years our C5 stacks (edge switches) have the following configuration for all edge ports...
set maclock enable
set maclock trap enable violation
set maclock agefirstarrival enable
set maclock firstarrival 8
set maclock enable

This was recommended by an Enterasys Engineer to protect the network from loops, mac floods and notify us if a port has more than 8 devices (we use macauth/multiauth; C5 limit is 8 devices).

Over the years the system has worked well except for once in a while (due to a firmware bug) the maclock firstarrival # needs to be increased for a total of 8 devices to be allowed (only happens when switch has been running for months and a reboot fixes things).

When I run "show maclock" I see...
Port Port Trap Syslog Aging Port Clr Max Max Last Violating Number Stat Thr|Viol Thr|Viol Stat Dis|Viol OLC Stc FA MAC Address -------- ---- -------- -------- ---- -------- --- --- ---- -----------------
ge.2.37 ena dis|ena dis|dis ena dis|dis ena 20 8 c0:3f:d5:f6:23:73[/code]
Short of rebooting the switch, how do I clear the "Last Violating Mac Address"?

Have tried Policy Manager's Maclock tab; when I select an entry, the "Remove" button remains greyed out.


3 replies

Userlevel 3
How about the following command:

clear maclock c0:3f:d5:f6:23:73 ge.2.37

The result is "The specified entry does not exist." 😞

Switch firmware version is
Userlevel 3
I have found the only way to clear this is with a switch reset, or when another "violating" user is plugged into the port in question. The MAC address stays in the switch so when a "violating" user plugs into the switch, it can be viewed at a later time even though they are no longer plugged in. This is not a field that can be administratively cleared