How to clear Maclock "Last Violating MAC address" field
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎11-01-2017 07:33 PM
For many years our C5 stacks (edge switches) have the following configuration for all edge ports...
set maclock enable
set maclock trap enable violation
set maclock agefirstarrival enable
set maclock firstarrival 8
set maclock enable
This was recommended by an Enterasys Engineer to protect the network from loops, mac floods and notify us if a port has more than 8 devices (we use macauth/multiauth; C5 limit is 8 devices).
Over the years the system has worked well except for once in a while (due to a firmware bug) the maclock firstarrival # needs to be increased for a total of 8 devices to be allowed (only happens when switch has been running for months and a reboot fixes things).
When I run "show maclock" I see...
Port Port Trap Syslog Aging Port Clr Max Max Last Violating Number Stat Thr|Viol Thr|Viol Stat Dis|Viol OLC Stc FA MAC Address -------- ---- -------- -------- ---- -------- --- --- ---- -----------------
ge.2.37 ena dis|ena dis|dis ena dis|dis ena 20 8 c0:3f:d5:f6:23:73
Short of rebooting the switch, how do I clear the "Last Violating Mac Address"?
Have tried Policy Manager's Maclock tab; when I select an entry, the "Remove" button remains greyed out.
Thanks
Nabil
set maclock enable
set maclock trap enable violation
set maclock agefirstarrival enable
set maclock firstarrival 8
set maclock enable
This was recommended by an Enterasys Engineer to protect the network from loops, mac floods and notify us if a port has more than 8 devices (we use macauth/multiauth; C5 limit is 8 devices).
Over the years the system has worked well except for once in a while (due to a firmware bug) the maclock firstarrival # needs to be increased for a total of 8 devices to be allowed (only happens when switch has been running for months and a reboot fixes things).
When I run "show maclock" I see...
Port Port Trap Syslog Aging Port Clr Max Max Last Violating Number Stat Thr|Viol Thr|Viol Stat Dis|Viol OLC Stc FA MAC Address -------- ---- -------- -------- ---- -------- --- --- ---- -----------------
ge.2.37 ena dis|ena dis|dis ena dis|dis ena 20 8 c0:3f:d5:f6:23:73
Short of rebooting the switch, how do I clear the "Last Violating Mac Address"?
Have tried Policy Manager's Maclock tab; when I select an entry, the "Remove" button remains greyed out.
Thanks
Nabil
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎11-02-2017 12:45 PM
I have found the only way to clear this is with a switch reset, or when another "violating" user is plugged into the port in question. The MAC address stays in the switch so when a "violating" user plugs into the switch, it can be viewed at a later time even though they are no longer plugged in. This is not a field that can be administratively cleared
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎11-01-2017 08:09 PM
The result is "The specified entry does not exist." 😞
Switch firmware version is 06.81.07.0004
Switch firmware version is 06.81.07.0004
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎11-01-2017 07:42 PM
How about the following command:
clear maclock c0:3f:d5:f6:23:73 ge.2.37
Ryan
clear maclock c0:3f:d5:f6:23:73 ge.2.37
Ryan
