Drag to reposition cover

Brocade ICX Series (cheap & powerful 10gbE/40gbE switching)

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

fohdeesha

Kaini Industries
Nov 20, 2016
2,728
3,078
113
33
fohdeesha.com
@fohdeesha

In your site, the section for the ICX6430, the ICX6430-C12 only accepts L2 firmware doesn't it? So shouldn't the firmware be
ICX64S08030t ?
correct. the guide was written for the icx6430 / icx6450, which both run l3 firmware, which is why it has the l3 filenames. I didn't think anyone actually bought those c12 only versions. I suppose I could include a note underneath for those that do
 
Last edited:

fohdeesha

Kaini Industries
Nov 20, 2016
2,728
3,078
113
33
fohdeesha.com
actually even the full size 6430's won't run l3, I should probably add a note. to be fair though is anyone buying 6430s? they're the same price as an FCX with the same power draw and have none of the l3 features or a 10gbe slot. I guess the PoE versions are quieter than a PoE fcx
 

xm4rcell0x

New Member
Apr 2, 2019
6
1
3
Hi guys! i've a pfsense router and an icx6450 that manages guest vlan.
Now i would to create a new vlan for IOT devices (tag 69) that's already configured and works fine with my unifi APs (I have connected amazon echo and broadlink rm4), the only thing i can't do is run a firestick wired (port 21) and a minipc for photovoltaic data (port 18). Where am I wrong? if i try to tag 1/1/18 and 1/1/21 it doesn't work....
Code:
!
ver 08.0.30tT313
!
stack unit 1
  module 1 icx6450-24p-poe-port-management-module
  module 2 icx6450-sfp-plus-4port-40g-module
!
!
!
!
vlan 1 name DEFAULT-VLAN by port
 router-interface ve 1
!
vlan 57 name Guest by port
 tagged ethe 1/1/2 ethe 1/1/7 ethe 1/2/1
!
vlan 69 name IoT by port
 tagged ethe 1/1/2 ethe 1/1/7 ethe 1/2/1
!
vlan 100 name Camera by port
 tagged ethe 1/1/2 ethe 1/2/1
!
!
!
!
!
mtu-exceed forward
gig-default auto-gig
aaa authentication web-server default local
aaa authentication enable default local
aaa authentication login default local
hostname brocade6450
ip dhcp-client disable
ip dns domain-list 1
ip dns server-address 10.10.20.1
!
username root password .....
!
!
clock summer-time
clock timezone gmt GMT+01
web-management https
web-management frame bottom
!
!
!
interface ethernet 1/1/1
 speed-duplex 1000-full-master
!
interface ethernet 1/1/2
 dual-mode
!
interface ethernet 1/1/3
 inline power priority 2
!
interface ethernet 1/1/7
 dual-mode
 inline power priority 2 power-by-class 4
!
interface ethernet 1/2/1
 dual-mode
!
interface ve 1
 ip address 10.10.20.2 255.255.255.0
!
!
!
!
!
!
!
!
!
end
Code:
Port       Link    State   Dupl Speed Trunk Tag Pvid Pri MAC             Name
1/1/1      Down    None    None None  None  No  1    0   609c.9f16.7320
1/1/2      Up      Forward Full 1G    None  Yes 1    0   609c.9f16.7320
1/1/3      Up      Forward Full 100M  None  No  1    0   609c.9f16.7320
1/1/4      Down    None    None None  None  No  1    0   609c.9f16.7320
1/1/5      Up      Forward Full 100M  None  No  1    0   609c.9f16.7320
1/1/6      Down    None    None None  None  No  1    0   609c.9f16.7320
1/1/7      Up      Forward Full 1G    None  Yes 1    0   609c.9f16.7320
1/1/8      Down    None    None None  None  No  1    0   609c.9f16.7320
1/1/9      Up      Forward Full 100M  None  No  1    0   609c.9f16.7320
1/1/10     Down    None    None None  None  No  1    0   609c.9f16.7320
1/1/11     Down    None    None None  None  No  1    0   609c.9f16.7320
1/1/12     Down    None    None None  None  No  1    0   609c.9f16.7320
1/1/13     Down    None    None None  None  No  1    0   609c.9f16.7320
1/1/14     Down    None    None None  None  No  1    0   609c.9f16.7320
1/1/15     Down    None    None None  None  No  1    0   609c.9f16.7320
1/1/16     Down    None    None None  None  No  1    0   609c.9f16.7320
1/1/17     Down    None    None None  None  No  1    0   609c.9f16.7320
1/1/18     Up      Forward Full 100M  None  No  1    0   609c.9f16.7320
1/1/19     Up      Forward Full 1G    None  No  1    0   609c.9f16.7320
1/1/20     Down    None    None None  None  No  1    0   609c.9f16.7320
1/1/21     Up      Forward Full 100M  None  No  1    0   609c.9f16.7320
1/1/22     Down    None    None None  None  No  1    0   609c.9f16.7320
1/1/23     Down    None    None None  None  No  1    0   609c.9f16.7320
1/1/24     Down    None    None None  None  No  1    0   609c.9f16.7320
1/2/1      Up      Forward Full 10G   None  Yes 1    0   609c.9f16.7320
1/2/2      ERR-DIS None    None None  None  No  1    0   609c.9f16.7320
1/2/3      Down    None    None None  None  No  1    0   609c.9f16.7320
1/2/4      ERR-DIS None    None None  None  No  1    0   609c.9f16.7320
mgmt1      Down    None    None None  None  No  None 0   609c.9f16.7320
 

anomaly

Active Member
Jan 8, 2018
235
48
28
How is the actual power draw of a ICX7250-24P-2X10G? (at the wall with half the ports populated and, say, two POE+ devices)
Thinking of consolidating a 6450-24 and a C12-PD into a single 7250-24P.
 

infoMatt

Active Member
Apr 16, 2019
222
100
43
Hi guys! i've a pfsense router and an icx6450 that manages guest vlan.
Now i would to create a new vlan for IOT devices (tag 69) that's already configured and works fine with my unifi APs (I have connected amazon echo and broadlink rm4), the only thing i can't do is run a firestick wired (port 21) and a minipc for photovoltaic data (port 18). Where am I wrong? if i try to tag 1/1/18 and 1/1/21 it doesn't work....
Most of the "consumer" devices do not understand tagged VLANs; if you want to move those devices off of the default VLAN1 to VLAN69 you have to set this as a untagged vlan of the interfaces, not a tagged one. ;)
 
  • Like
Reactions: fohdeesha

jd.developer

New Member
Jan 12, 2020
8
2
3
Popping in to say I'm joining the ICX6610 club as well. Received the switch yesterday and it's been a wonderful device.

My only question is: does anyone have a suggestion where to get a blank for the back power supply slot? I wanted to run the device with a single PSU instead of dual.
 
  • Like
Reactions: fohdeesha

ewer0012

Member
Feb 10, 2019
81
25
18
Just wanted to let everyone know that this eBay seller has a bunch of 6610s for sale. Accepting $125 Best Offer: techretire on eBay

They all look to be in pretty good condition. 2x psu, 2x fans.
 

itronin

Well-Known Member
Nov 24, 2018
1,233
793
113
Denver, Colorado
Just wanted to let everyone know that this eBay seller has a bunch of 6610s for sale. Accepting $125 Best Offer: techretire on eBay

They all look to be in pretty good condition. 2x psu, 2x fans.
your link didn't take me there - I think it has something to do with how the STH interprets text and it overrode your link with its own. at least that seems to be what is happening for me.

this one works and takes you to their ICX offerings. pretty inexpensive from where these beasties have been of late.
 
  • Like
Reactions: ewer0012

ewer0012

Member
Feb 10, 2019
81
25
18
Weird, maybe it's because I posted from my phone browser. Thanks for posting a link that works, Ronin.

I bet this seller would go lower than $125. I only want 1 more, otherwise I'd see if they'd take $100.
 
  • Like
Reactions: fohdeesha

tommybackeast

Active Member
Jun 10, 2018
286
105
43
I'm using Untangle - u50xw (although I don't use the wireless on it except guest network, have Ubi APs off of it)

Untangle home license is $50 a year, and it is a very well polished UTM. Interface is great. IPS/IDS isn't as great as some other UTMs but it works fine. Overall a very polished feature set. You don't have to pay for the home license it just adds some more features.

You can of course spin your own untangle instead of buying their box, it is just a Qotom. I've replaced the spinner with an SSD. Took me less than 30min as the restore function works fantastic.
I have a SuperMicro dedicated box (for either pfSense or Untangle) with AES-NI CPU

for a network noob (me) might you have thoughts which is easier for a first time user? pfSense or Untangle?

When you answer, might you explain the 'why' of your answer

Thanks
 

infoMatt

Active Member
Apr 16, 2019
222
100
43
pfSense is essentially a firewall-distro, you can configure interfaces, vlans, firewall rules, vpn tunnels and so on; Untangle is more of a IPS/UTM out of the box (but I don't have played with it long enough to evaluate it).
If you need IPS functionalities, you'd better of considering Untagle (or other UTM like Sophos or Fortinet); if you don't plan on exposing services directly from home, and all you need is a "basic" edge firewall, pfsense is easier and achieves better performance, and of course is free.
 

tommybackeast

Active Member
Jun 10, 2018
286
105
43
pfSense is essentially a firewall-distro, you can configure interfaces, vlans, firewall rules, vpn tunnels and so on; Untangle is more of a IPS/UTM out of the box (but I don't have played with it long enough to evaluate it).
If you need IPS functionalities, you'd better of considering Untagle (or other UTM like Sophos or Fortinet); if you don't plan on exposing services directly from home, and all you need is a "basic" edge firewall, pfsense is easier and achieves better performance, and of course is free.
Thank you.

As someone who has used either pfSense, Untangle, Sophos, etc : does pfSense provide any IPS/UTM aspects or will it only handle firewall, vlans, VPN? Or can pfSense do UTM aspects with add-ons ?
 
Last edited:

kousuke

New Member
Jul 18, 2017
24
0
1
40
Hey guys,

I was about to make up my mind to get a ICX6610 off ebay until I saw admins ranting about high ICX failure rate to the extent they are switching out vendors. Now, are these switches on ebay prone to failure? or is that there is specific hardware revisions or firmware that I should avoid to navigate around these issues?

Ruckus ICX7150-C12P woes : networking
 

fohdeesha

Kaini Industries
Nov 20, 2016
2,728
3,078
113
33
fohdeesha.com
the little icx7150-c12P's have small cheap power supplies, I've had to repair one for someone. No relation to the full size ICX models with Delta OEM PSUs, I think out of this 150 page thread we've had....1 or 2 people come back and say their switch failed? And that's from a sample pool of a bunch of old used switches as well. generally they're built like tanks and will last forever if you don't plug a bunch of outdoors PoE shit into them with no surge protection and then get a nearby lightning strike

pretty much all the software issues they're complaining about in the comments as well were fixed in firmware nearly a year ago ¯\_(ツ)_/¯ (this is why I'm constantly hounding on everyone in this thread to update their ebay switches before posting problems, ruckus fixed a LOT of stuff after the brocade acquisition)

the one complaint there I'll agree with is their first line support can really suck, thankfully nobody here will have to be dealing with that
 
Last edited:

kousuke

New Member
Jul 18, 2017
24
0
1
40
the little icx7150-c12P's have small cheap power supplies, I've had to repair one for someone. No relation to the full size ICX models with Delta OEM PSUs, I think out of this 150 page thread we've had....1 or 2 people come back and say their switch failed? And that's from a sample pool of a bunch of old used switches as well. generally they're built like tanks and will last forever if you don't plug a bunch of outdoors PoE shit into them with no surge protection and then get a nearby lightning strike

pretty much all the software issues they're complaining about in the comments as well were fixed in firmware nearly a year ago ¯\_(ツ)_/¯

the one complaint there I'll agree with is their first line support can really suck, thankfully nobody here will have to be dealing with that

Many thanks for the prompt reply - do you think I should go with ICX 6610-48 or ICX 6610-48P?

I'm unsure if I should get rid of my PoE+ 24-port midspan. ICX 6610-48 non-POE version does have slightly higher MTBF and lower power consumption - I suppose this is a plus
 

rshakin

New Member
Jan 15, 2019
29
6
3
Want to switch my outdated juniper ex4200 for a ICX6610 -48 so i can have some sfp+ ports for my new homelab, most of the switches I see on ebay don't have the license for the 8 10G port upgrade, are those sold still or where would one acquire one if need be.