Drag to reposition cover

Brocade ICX Series (cheap & powerful 10gbE/40gbE switching)

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

CorvetteGS

Member
Jan 20, 2014
40
5
8
Atlanta, GA
Unfortunately the ICX 714024P would not, since - according to the data sheet - it has a minimum noise level of 41.4 dbA, which appears to be too loud for my use case.
I am going to assume you mean the 7150-24P here. In which case, your statement is only partially true. The 7150-24P has a configuration mode that reduces the max POE power budget to allow it to run with fans completely off. To quote their datasheet:
Ruckus ICX 7150 Datasheet said:
The Ruckus ICX 7150-24P and the ICX 7150-48P offer a “silent
mode” configuration option, enabling these switches to operate
with the fan disabled while providing a PoE budget of 150
watts. This Ruckus-exclusive feature enables users in hospitality,
education, healthcare, and retail industries to deploy these
switches outside of the wiring closet without disrupting the work
environment.
So as long as you would be okay with a max POE budget of 150W (seems like it wouldn't be a big deal as you considered POE optional in your requirements), then it's the same as the 7150-24 (no POE). To put the number in perspective, the C12P only has a total budget of 124W, so even in this mode the 7150-24P comes out ahead.
I don't really need 24 RJ45 ports, the 12 ports of the -C12P would be fine, it's just the exta SFP+ ports and the similar price range to the -C12P that make me lean towards the -24 model.
I would err on the side of more ports personally. I recently built a new house and with 8x CAT5e home runs to a network closet so I figured that an 8 port switch with 2x uplink ports would be perfect for my needs. Later I wanted to add a raspberry pi, a z-wave hub, etc. to the network closet but I was completely out of ports. Now I have a C12P and have plenty of spare ports. In your case, I would certainly go with the 24 ports for future capacity.
Before I pull the plug (or push the "Buy" button) I'd like to ask the following: Does the 7150-C12P have any advantage over the 7150-24 other than the smaller form factor and PoE?
As a C12P owner, I believe the only advantage is size and POE over the 7150-24 specifically. However, if you go with a 7150-24P (which I would recommend) the only advantage becomes size!
 
  • Like
Reactions: eduncan911

infoMatt

Active Member
Apr 16, 2019
222
100
43
These are the current temps. Although when I posted previously I saw temps hitting 66-67 on Sensor A and it never logged a warning.

The fan speed shows it should be in speed 1, but it clearly isn't as the fan never spins down. It runs at the same speed after a fresh reload as it would if I manually set it with dd set_pwrfan_high. The only time I can get it to run at a low speed is with dd set_pwrfan_low, at which point the temps climb so high I get nervous and either put it back to high or reload the switch, in which case it sets it back to high again.

Current fan I have in it is a Sunon MB40201V3-000U-G99. I also tried a Sunon KDE1204PKV3 before that, which reported as fan failed so I swapped for the MB40201.

Previous data: https://forums.servethehome.com/ind...erful-10gbe-40gbe-switching.21107/post-266749
Well, definitely too hot... I think that the problem is the low static pressure of the Sunons, thus they stall and can't push air through... Only 0.11 inH2O. The ones used by @ViciousXUSMC were the Sunon KDE1204PKVX that have a static pressure of 0.27 inH2O, and even he does recomment to beef up from these (MB40201VX same static pressure but 10+ CFM instead of 6.someting).


I think that you can solve your problems by choosing one of these.
 

tangofan

New Member
May 28, 2020
17
6
3
I am going to assume you mean the 7150-24P here.
Indeed I did. Thanks so much for being able to decipher my gibberish.

In which case, your statement is only partially true. The 7150-24P has a configuration mode that reduces the max POE power budget to allow it to run with fans completely off. To quote their datasheet:

So as long as you would be okay with a max POE budget of 150W (seems like it wouldn't be a big deal as you considered POE optional in your requirements), then it's the same as the 7150-24 (no POE). To put the number in perspective, the C12P only has a total budget of 124W, so even in this mode the 7150-24P comes out ahead.
Ah, I didn't know that. That does indeed make the 7150-24P more attractive. The only thing I'm struggling with then for the -24P model is the price.

Cheapest price on eBay for the 7150-24P currently is ca $600, while the 7150-24 goes for $288 used on eBay and $430 new on ruckussecurity.com Quite a big difference.

I would err on the side of more ports personally. I recently built a new house and with 8x CAT5e home runs to a network closet so I figured that an 8 port switch with 2x uplink ports would be perfect for my needs. Later I wanted to add a raspberry pi, a z-wave hub, etc. to the network closet but I was completely out of ports. Now I have a C12P and have plenty of spare ports. In your case, I would certainly go with the 24 ports for future capacity.
Good thinking. I've leaned to the 24 port version anyway, since it is only marginally more than the -C12P, so that only reinforces my decision.

As a C12P owner, I believe the only advantage is size and POE over the 7150-24 specifically. However, if you go with a 7150-24P (which I would recommend) the only advantage becomes size!
Thanks so much for your feedback. I've come to the conclusion the that -C12P is out of the race. Now I only have to determine, whether to go with the -24 or the -24P version of he 7150. Right now I certainly don't need PoE ports, but it for be nice to have the option. Whether that option is worth $200-$300 though, i'm not so sure.

Something else I'm wondering about in this context. How much should the savings be to get a used model vs. a new model, say for the 7150-24?

There's a used model on ebay for $288, which comes with the 4x10G enabled, but does not have any accessories other than the power cable. The rack mounting brackets would cost about $60-$70 (if I needed them), which put the total price tag at $350-$360. And I don't know, if me purchasing this unit really would transfer the 10G license. AFAIK having a license key is not legally equivalent to actually having a valid license. So this might be just the same as me activating the feature myself (as described earlier in this thread).

As said ruckkussecurity.com sells the 7150-24 for about $430 new. It would come with the mounting hardware (for 2-post mounting IIRC), but not with the 4x10G lincense (which again wouldn't be a practical concern).

So I'd be actually paying about 20% more for a new unit with warranty, compared to a used unit. Would that make the new unit the better purchase? How much of a discount percentage to a new unit should I require, when purchasing a used unit?
 

epicurean

Active Member
Sep 29, 2014
785
80
28
Is this the right thread to ask for help on configuring vlans on a ICX6450?
I am wondering if you can also help me setup my vlans properly as I converge from 2x unifi POE switches to a single icx6450-48P. Also replacing my 3 x unifi APs, to 3x Ruckus R610s. I have about 20 POE IP cameras (that currently does not sit on a seperate vlan).

I have chosen ports 1-24 on the icx6450 to accomodate all my POE IP cameras (vlan 80).
Port 25-30 is for ruckus R610s (vlan 60(IOT) and vlan 30(guests)) .
Port 48 on the ICX6450 to connect directly to my pfsense router
I probably want to keep 1 x unifi POE switch+ unifi access point ( connect to port 47) as a backup.

I know i need to enable POE on the relevant ICX6450 ports, create vlans and all in a certain order. Then configure the ruckus R610s.
Could you help me with the sequencing and commands needed? Right now, my pfsense LAN connects directly to one of the unifi switches. I can access the ICX6450(connected to a port on the unifi switch) webgui but I think command line is needed for vlans?

DHCP is from pfsense machine that has only ports(for now), one for WAN and one for LAN.
Current firmware of the ICX6450-48P is 8030t and fully enabled. (Much thanks to fohdeesha!)
Much thanks for your assistance

@itronin is also helping me with this but I think I put it out here in this thread as perhaps I am not the only one clueless about setups and would also benefit
 

klui

Well-Known Member
Feb 3, 2019
824
453
63
I am wondering if you can also help me setup my vlans properly as I converge from 2x unifi POE switches to a single icx6450-48P. Also replacing my 3 x unifi APs, to 3x Ruckus R610s. I have about 20 POE IP cameras (that currently does not sit on a seperate vlan).
I would do the following
  • On pfSense, define subnets and VLANs for guests, IoT, and cameras.
  • Define a trunk for your pfSense and ICX interconnect for all 3 VLANs as tagged
  • For ports where the R610s are connected define as trunk for your 3 VLANs as tagged
  • For the R610s create each WiFi network and set their Access VLAN in the WLAN Priority tab
  • For ports 1-24, define the ports as camera VLAN untagged
  • For ports 25-30, define the port as trunk allowing guests and IoT tagged VLANs, or you can have either guests or IoT as untagged and the other tagged
This will be a good learning experience and you should do the above in small steps so you get comfortable with the CLI. If someone were to give you all the commands you won't learn anything and if you run into trouble and need to troubleshoot, you'll just get overwhelmed.

Get comfortable with the CLI on your switch. Make judicious use of either Tab or ? after each keyword in the CLI to tell you want possible options are allowed. Doing this configuration in small steps allows you to digest what you're trying to accomplish and whether if the commands you've entered are working correctly. Tagged VLANs over trunked ports are a little more difficult to validate but you can easily do that with your APs once they're set up. To confirm ports are working on an untagged VLAN is easy: connect a notebook to, say, port 1 and see if it gets the right IP and can ping that VLAN's gateway.

Finally, follow @fohdeesha's advice and check out Terry Henry's YouTube channel. He's shared a lot of examples on how to do things on older (8.0.30) and newer ICX devices.
 
  • Like
Reactions: Mitsubishi

epicurean

Active Member
Sep 29, 2014
785
80
28
I would do the following
  • On pfSense, define subnets and VLANs for guests, IoT, and cameras.
  • Define a trunk for your pfSense and ICX interconnect for all 3 VLANs as tagged
  • For ports where the R610s are connected define as trunk for your 3 VLANs as tagged
  • For the R610s create each WiFi network and set their Access VLAN in the WLAN Priority tab
  • For ports 1-24, define the ports as camera VLAN untagged
  • For ports 25-30, define the port as trunk allowing guests and IoT tagged VLANs, or you can have either guests or IoT as untagged and the other tagged
This will be a good learning experience and you should do the above in small steps so you get comfortable with the CLI. If someone were to give you all the commands you won't learn anything and if you run into trouble and need to troubleshoot, you'll just get overwhelmed.

Get comfortable with the CLI on your switch. Make judicious use of either Tab or ? after each keyword in the CLI to tell you want possible options are allowed. Doing this configuration in small steps allows you to digest what you're trying to accomplish and whether if the commands you've entered are working correctly. Tagged VLANs over trunked ports are a little more difficult to validate but you can easily do that with your APs once they're set up. To confirm ports are working on an untagged VLAN is easy: connect a notebook to, say, port 1 and see if it gets the right IP and can ping that VLAN's gateway.

Finally, follow @fohdeesha's advice and check out Terry Henry's YouTube channel. He's shared a lot of examples on how to do things on older (8.0.30) and newer ICX devices.
Thank you.
What do you mean by "Define a trunk for your pfsense and icx interconnect...."?
 

infoMatt

Active Member
Apr 16, 2019
222
100
43
There's a used model on ebay for $288, which comes with the 4x10G enabled, but does not have any accessories other than the power cable. The rack mounting brackets would cost about $60-$70 (if I needed them), which put the total price tag at $350-$360. And I don't know, if me purchasing this unit really would transfer the 10G license.
AFIK, on the 7xxx series the license are "trust based" - see the @fohdeesha docs on the first page... basically all you need to do is tell the switch to enable its functions, saying "I promise, I've bought the licenses".
All of this apply on a home/lab situation, not on a business/commercial grade installation... in the latter, please purchase the correct licenses.

For the new vs used... you have to evaluate youself if the peace of mind of having a brand new unit is worth the extra on top of the price of a used one; as these are still available models, the price on the used market are a bit higher than the discontinued 6xxx series.
 
  • Like
Reactions: tangofan

tommybackeast

Active Member
Jun 10, 2018
286
105
43
Reviving page 124 from November. I'm a newbie+ on networking and CLI. If anyone has problems figuring out the config part of, "Now we need to assign that virtual interface an address. Choose an IP that is unused in your subnet, and out of your DHCP server range (ping it first to be sure it's unused)"

I use 192.168.0.1 for my main network. I used an old asus router that uses 192.168.1.1 in order to config my switch. Fohdeesha's doc made sense because he uses 192.168.1.1.

Once I put the switch on my network, I assigned it a static 192.168.0.xxx on my router, and then had to redo the command on the CLI to change the ip to the xxx I chose. (the interface ve 1 | ip address 192.168.0.xxx/24 commands)

My only other question is that the uplink ports "don't support half-duplex". Why does this matter, why would I want half-duplex? If I connect sfp+ connections (either directly to a nic or to a stack), the rj45 uplinks still function full speed, right? Some prosumer switches allow the sfp+ or the sister rj45's to be used, but not both at the same time.

My OCD may end up cleaning this thread up..., or creating a wiki like I did with the HP N40L (multi-hundred pages on an Australian forum, STH and homeservershow, and then Hardforum got confusing). So much good information/discussion here scattered amongst 180+ pages.

Thanks to all who have contributed to this thread, and to Fohdeesha
Please unleash your OCD . This is so much great information here; but it can be challenging at times to find the desired information.
 

LodeRunner

Active Member
Apr 27, 2019
540
227
43
Thank you.
What do you mean by "Define a trunk for your pfsense and icx interconnect...."?
In ICX syntax, you go to each VLAN and then tag or untag the port (vs Cisco syntax where you go to the port and add a list of VLANS to is).

ICX (snipped from sh run on my 7150):
Code:
vlan 4 name LAN by port
 untagged ethe 1/1/1 to 1/1/5 ethe 1/1/11 to 1/1/12 lag 1         
 router-interface ve 4
 spanning-tree
!
vlan 5 name WiFi by port
 tagged ethe 1/1/11 to 1/1/12 lag 1 
!
So what's happening above is that ports 1-5, 11-12, and the LAG interface (lag 1) are all 'untagged' for VLAN 4, that is traffic with no VLAN information will be handled in VLAN 4. My APs are on 11 and 12, so the radio traffic is carrying a tag for VLAN 5. The LAG interface is the pair of gig cables back to my core switch. So ports 11, 12, and lag 1 are all trunk ports because they are carrying multiple VLANs of traffic.

In Cisco land, it looks different:
Code:
interface GigabitEthernet1/0/17
 description Office-sw:eth1/2/1
 switchport trunk native vlan 4
 switchport trunk allowed vlan 4-6
 switchport mode trunk
 channel-protocol lacp
 channel-group 1 mode passive
!
interface GigabitEthernet1/0/18
 description Office-sw:eth1/2/2
 switchport trunk native vlan 4
 switchport trunk allowed vlan 4-6
 switchport mode trunk
 channel-protocol lacp
 channel-group 1 mode passive
!
{...}
interface Vlan4
 description LAN
 ip address 192.168.0.254 255.255.255.0
!
interface Vlan5
 description WLAN
 no ip address
!
So ports 17 and 18 on the Cisco are setup as LACP, untaged traffic (native) is VLAN 4, but also allowing tagged traffic for 4-6 making them trunks.

I haven't done VLANs on pfSense, so you're on your own there; my pfSense is virtualized and I just have a virtual NIC per VLAN and one big LACP bundle going to the hypervisor.
 
  • Like
Reactions: epicurean

tozmo

Active Member
Feb 1, 2017
142
102
43
74
Ok, I started a wiki here

As opposed to just rehashing the first op, my main goal is for us to catalogue all of the customization/Q&A/help that has gone through 185 pages here.

If anyone wants to add the CLI or "findings" of other tips, add it. We can always clean up the index later
 

fohdeesha

Kaini Industries
Nov 20, 2016
2,728
3,076
113
33
fohdeesha.com
I have still been away dealing with medical issues but I am glad to see other members stepping in to help others :cool:

doing my best to get to license requests but it may take a couple days so don't worry if I don't reply immediately
 

tozmo

Active Member
Feb 1, 2017
142
102
43
74
It's going to take the whole community.

Again, let's get the info / code / links onto the wiki, and then we can sort it better once the project forms out. I've started some sample pages
 
  • Like
Reactions: Aluminat

Juggie

Member
Nov 3, 2018
41
9
8
Hey Folks,

I've been trying to sort this out for the entire evening but I can't track it down!

I have a ICX6610-48p which I just recently moved everything over to from another managed switch. When I restarted one of my docker containers I noticed it was no longer able to detect my hdhomerun which is discovered via multicast/ssdp using 239.255.255.250. Upon investigation i'm not able to detect the device at all using the hdhomerun tool on any workstation, etc. However, connecting via it's assigned ip no problem!

This is all on the same vlan (default vlan1).

I dumped the config but it looks pretty boring, just some vlans and dual mode ports. Let me know if it would help.

Thanks in advance!
 

klui

Well-Known Member
Feb 3, 2019
824
453
63
I have a ICX6610-48p which I just recently moved everything over to from another managed switch. When I restarted one of my docker containers I noticed it was no longer able to detect my hdhomerun which is discovered via multicast/ssdp using 239.255.255.250. Upon investigation i'm not able to detect the device at all using the hdhomerun tool on any workstation, etc. However, connecting via it's assigned ip no problem!

This is all on the same vlan (default vlan1).
Check your multicast settings.

 

klui

Well-Known Member
Feb 3, 2019
824
453
63
Are there any settings you recommend? I'd tried this before and tried both active and passive (ip multicast active/passive) with no luck.
You need to enable it for the ports where you want multicasts can traverse. I have never configured multicast on ICX switches before but only for another vendor. The document I found references some commands you can issue to find if your discovery packets are accepted.
 

Juggie

Member
Nov 3, 2018
41
9
8
You need to enable it for the ports where you want multicasts can traverse. I have never configured multicast on ICX switches before but only for another vendor. The document I found references some commands you can issue to find if your discovery packets are accepted.
A bit confusing because everything i've read is that if no igmp is configured, the hardware should flood all ports. And come to think of it, this was working previously for me when I had the Brocade connected to the old switch. The 6610 was connected to two devices via the 40g ports (running in dual mode, untagged vlan 1 + several other vlans) and then the same vlan confiig on port that was crossed over to the other switch before I moved everything over.

Also in the port stats, I do have multi-cast packets. Not making a lot of sense!

Config here: Current configuration: ! ver 08.0.30tT7f3 ! stack unit 1 module 1 icx6610 - Pastebin.com
 
Last edited:

Juggie

Member
Nov 3, 2018
41
9
8
A bit confusing because everything i've read is that if no igmp is configured, the hardware should flood all ports. And come to think of it, this was working previously for me when I had the Brocade connected to the old switch. The 6610 was connected to two devices via the 40g ports (running in dual mode, untagged vlan 1 + several other vlans) and then the same vlan confiig on port that was crossed over to the other switch before I moved everything over.

Also in the port stats, I do have multi-cast packets. Not making a lot of sense!

Config here: Current configuration: ! ver 08.0.30tT7f3 ! stack unit 1 module 1 icx6610 - Pastebin.com
Seems multi-cast is working properly on the network except for that one device. I found a little python snippet i was able to test on several hosts w/ the right ip and port and i see the packets flying around from all the hosts trying to discover, but none from the device itself.