Brocade ICX Series (cheap & powerful 10gbE/40gbE switching)

[i386]

Page 207

 

[spatialbob]

Has anybody tried stacking these switches (I'm interested in ICX6450) with 10GBASE-T (copper)?

 

[infoMatt]

I'd be more comfortable if it were some AWS servers but when I saw linode I immediately disconnected it from my LAN.

Why should it be any different if the cloud service is hosted on AWS rather than Linode?

Everybody can spn up a EC2 instance on AWS, there aren't many more checks and validations, AFAIK...

 

[Spearfoot]

It's part of their new SmartZone central management thing, the IP's it's contacting are ruckus services. This behavior should be off by default in the 8080 firmware on my guide, I believe it was 8090 where they enabled it by default. It can be completely disabled and turned off with the following commands:

enable
conf t
no sz registrar
sz disable
write mem

you can confirm it's disabled by running "show sz status", the top line should have "Operation Status: Disabled" and below that "State: DISABLED"

This should not be required on v8080, however if it is, let me know so I can add those commands to the guide. However my money is on the two of you skipping ahead to v8090 or above

I'm running 8080e on both of my 7150-C12Ps:

SSH@ruckus-7150-u2.spearfoot.net#show vers
  Copyright (c) 2017 Ruckus Wireless, Inc. All rights reserved.
    UNIT 1: compiled on Apr  9 2019 at 03:20:17 labeled as SPR08080e
      (29826604 bytes) from Primary SPR08080e.bin
        SW: Version 08.0.80eT213
      Compressed Boot-Monitor Image size = 786944, Version:10.1.14T225 (mnz10114)
       Compiled on Thu Nov 15 06:59:22 2018

Thanks for the info and commands. I'm going to add them to my startup settings.

 

[fohdeesha]

I'm running 8080e on both of my 7150-C12Ps:

SSH@ruckus-7150-u2.spearfoot.net#show vers
  Copyright (c) 2017 Ruckus Wireless, Inc. All rights reserved.
    UNIT 1: compiled on Apr  9 2019 at 03:20:17 labeled as SPR08080e
      (29826604 bytes) from Primary SPR08080e.bin
        SW: Version 08.0.80eT213
      Compressed Boot-Monitor Image size = 786944, Version:10.1.14T225 (mnz10114)
       Compiled on Thu Nov 15 06:59:22 2018

Thanks for the info and commands. I'm going to add them to my startup settings.

well I'll be damned - can't believe SZ registration is on by default in 8080 (maybe added in the e revision?). I'll add the disable settings to the guide

 

[LodeRunner]

This is my 7150 with 8080e, I never touched SZ settings. I'll check the 7150 that I got new in box and see what it's got enabled; I haven't done a factory default on it or any config.

SSH@office-sw#sh sz st

============    SZ Agent State Info     ===================
Config Status: None     Operation Status: Disabled
State: INIT                 Prev State: INIT                 Event: NONE                

SWR List            : None
Active List         : None
DHCP Option 43      : No
DHCP Opt 43 List    : None
Passive List        : None
Merged List         : None
Merged Idx: 0    IP : 0.0.0.0
Switch registrar host: sw-registrar.ruckuswireless.com

SZ IP Used          : 0.0.0.0
SZ Query Status     : 
        Not Initiated

SSH Tunnel Status - :
  Tunnel Status     : Not Initiated
  CLI IP/Port       : /0
  SNMP IP/Port      : /0
  Syslog IP/Port    : /0
                                                                  
Timer Status        : Not Running

 

[nickf1227]

I am having a strange spanning tree problem I cannot explain.
I have an HP E3800 stack as my core.

It's spanning tree is turned on globally and set as the root:

spanning-tree mode rapid-pvst
spanning-tree root primary priority 0

The Brocade ICX 6450 Switch I have is uplinked to port 2/50. It is not designated as a

Fusco-MDF-New(config)# show run interface ethernet 2/50

Running configuration:

interface 2/50
tagged vlan 99
untagged vlan 1
exit

If I turn on spanning-tree root guard I lose connectivity to the Brocade switch. This is because the Brocade seems to be winning the root bridge election on VLAN 1:



My Brocade's config is as follows:

SSH@STH_LAB(config)#show run
Current configuration:
!
ver 08.0.30tT313
!
stack unit 1
module 1 icx6450-24p-poe-port-management-module
module 2 icx6450-sfp-plus-4port-40g-module
!
global-stp
!
!
!
spanning-tree single
!
vlan 1 name DEFAULT-VLAN by port
router-interface ve 1
spanning-tree
!
vlan 99 name TestBench by port
tagged ethe 1/2/1 to 1/2/4
untagged ethe 1/1/2 to 1/1/24
router-interface ve 99
spanning-tree
!
!
spanning-tree single 802-1w
spanning-tree single 802-1w priority 65535
!
!
!
!

and the uplink:

SSH@STH_LAB(config)#show run interface ethernet 1/2/1
interface ethernet 1/2/1
dual-mode
!

and span:

SSH@STH_LAB(config)#show span

Spanning-tree is not configured on port-vlan 4094

L2 VLAN 1 99 are members of single spanning tree.

Additionally, on the brocade I attempted to run:

SH@STH_LAB(config)#spanning-tree single 802-1w ethernet 1/2/1 priority 240

But It made no differance

Any ideas what I've done wrong? What makes this even weirder, is that the HP Switch is root for VLAN 99, as it should be. It is only VLAN 1 that is the problem.

Also, to be clear it is definitely flip-flopping between them.

 

[Spearfoot]

Hmm, I'd be more comfortable if it were some AWS servers but when I saw linode I immediately disconnected it from my LAN. I don't see any traffic on other hosts to these domains so I'm pretty sure it's the switch. What gets me is I can't find any trace in the configuration, it's pretty much default except a few VLANs I created. Where would something like this be configured if not there, the OS??

I'll be honest I'm likely going to return this for a Cisco switch, I'm just over my head on these Brocades..

Don't give up on them so quickly, @windwalka1990 -- especially now that we know what the SSL connections were and how to disable them! These Brocade/Ruckus units are great switches. And I wouldn't be at all surprised if Cisco (and other) switches also 'phone home'.

 

[jzeus]

This is my 7150 with 8080e, I never touched SZ settings. I'll check the 7150 that I got new in box and see what it's got enabled; I haven't done a factory default on it or any config.

SSH@office-sw#sh sz st

============    SZ Agent State Info     ===================
Config Status: None     Operation Status: Disabled
State: INIT                 Prev State: INIT                 Event: NONE               

SWR List            : None
Active List         : None
DHCP Option 43      : No
DHCP Opt 43 List    : None
Passive List        : None
Merged List         : None
Merged Idx: 0    IP : 0.0.0.0
Switch registrar host: sw-registrar.ruckuswireless.com

SZ IP Used          : 0.0.0.0
SZ Query Status     :
        Not Initiated

SSH Tunnel Status - :
  Tunnel Status     : Not Initiated
  CLI IP/Port       : /0
  SNMP IP/Port      : /0
  Syslog IP/Port    : /0
                                                                 
Timer Status        : Not Running

I did "sz dis" on 7150 with device certificate wiped. The complaint about certs went away.

 

[fohdeesha]

This is my 7150 with 8080e, I never touched SZ settings. I'll check the 7150 that I got new in box and see what it's got enabled; I haven't done a factory default on it or any config.

SSH@office-sw#sh sz st

============    SZ Agent State Info     ===================
Config Status: None     Operation Status: Disabled
State: INIT                 Prev State: INIT                 Event: NONE               

SWR List            : None
Active List         : None
DHCP Option 43      : No
DHCP Opt 43 List    : None
Passive List        : None
Merged List         : None
Merged Idx: 0    IP : 0.0.0.0
Switch registrar host: sw-registrar.ruckuswireless.com

SZ IP Used          : 0.0.0.0
SZ Query Status     :
        Not Initiated

SSH Tunnel Status - :
  Tunnel Status     : Not Initiated
  CLI IP/Port       : /0
  SNMP IP/Port      : /0
  Syslog IP/Port    : /0
                                                                 
Timer Status        : Not Running

"State: INIT" tells me it's still trying to phone home and register - make sure to run BOTH "no sz registrar" and "sz disable" - then run status again and state should now show disabled like below:

============    SZ Agent State Info     ===================
Config Status: Disabled Operation Status: Disabled
State: DISABLED             Prev State: INIT                 Event: NONE

 

[tommybackeast]

Guess I asked for that lol..how many pages when you chop out all of the incredibly specific troubleshooting/scenario chaff?

the real Brocade secrets within these 207 pages are located within the memes posted - /s/

 

[tommybackeast]

I'll check it, I know it does SMB3. Having both set doesn't immediately boot me off the console so that's a good sign. This NAS only has dual Gb connections.

I saw your included URL of Synology+10GB+SMB 3.1+Windows 10

What about Windows 7 Pro boxes and SMB3.1 + Synology with 10GB Nics + Brocade ?

To the best of my knowledge, a Windows 7 Pro box cannot use SMB 3.1 - please correct me if wrong

 

[tommybackeast]

It's part of their new SmartZone central management thing, the IP's it's contacting are ruckus services. This behavior should be off by default in the 8080 firmware on my guide, I believe it was 8090 where they enabled it by default. It can be completely disabled and turned off with the following commands:

enable
conf t
no sz registrar
sz disable
write mem

you can confirm it's disabled by running "show sz status", the top line should have "Operation Status: Disabled" and below that "State: DISABLED"

This should not be required on v8080, however if it is, let me know so I can add those commands to the guide. However my money is on the two of you skipping ahead to v8090 or above

In the attempt to help you help "us" ; I am on 8080e (downloaded from you); and "show sz status" does give "Operation Status : Disabled" -however -- "State:" shows INIT (and not the Stateisabled) you mentioned.

I followed your original install guide to the letter : switch was wiped, and your copy of 8080e installed.

Screengrab attached

PS: There is a Ruckus r510AP attached to this Brocade 7250-48P using POE

 

[tommybackeast]

It's part of their new SmartZone central management thing, the IP's it's contacting are ruckus services. This behavior

I googled but didn't learn much - can you talk a bit on what exactly this "SmartZone" central management is exactly?

I know there's some type of single pane of glass if you have Brocade Switch + a Ruckus AP ; but it seems "SmartZone" management is something else. /thanks

 

[tommybackeast]

noob Question: I have a Brocade 7250-48p. if I run 10Gig fiber cable from it to a " Brocade ICX7150-C12P " that is two stories up from the Brocade 7250.

My use case is : plugging a 10GBe Workstation into the 7150-C12P via DAC cable; and plugging 3 CAT6 cables as well to run 3 Workstations.

I know this is not called a stacked switch config; but is it called a 'branch switch' config?

(sorry for not knowing the correct term) -

QUESTION: can i just plug cables in and be good to go; or must I do "something" on the 7250 Top-of-Rack switch to properly setup the 7150-C12P as the "branch switch"?

 

[kapone]

noob Question: I have a Brocade 7250-48p. if I run 10Gig fiber cable from it to a " Brocade ICX7150-C12P " that is two stories up from the Brocade 7250.

My use case is : plugging a 10GBe Workstation into the 7150-C12P via DAC cable; and plugging 3 CAT6 cables as well to run 3 Workstations.

I know this is not called a stacked switch config; but is it called a 'branch switch' config?

(sorry for not knowing the correct term) -

QUESTION: can i just plug cables in and be good to go; or must I do "something" on the 7250 Top-of-Rack switch to properly setup the 7150-C12P as the "branch switch"?

As long as you don't expect any Layer 3 stuff on the 7150, it's plug and play for Layer 2 (no different than sticking a switch into another switch's ethernet port).

Edit: Minor correction. Plug and play as long as the TOR switch port is in "some" VLAN, not the default VLAN (although that could be worked as well, but that's a whole another story). All your devices on the 7150 will be in "that" VLAN that is defined on the 7250.

 

[Spearfoot]

noob Question: I have a Brocade 7250-48p. if I run 10Gig fiber cable from it to a " Brocade ICX7150-C12P " that is two stories up from the Brocade 7250.

My use case is : plugging a 10GBe Workstation into the 7150-C12P via DAC cable; and plugging 3 CAT6 cables as well to run 3 Workstations.

I know this is not called a stacked switch config; but is it called a 'branch switch' config?

(sorry for not knowing the correct term) -

QUESTION: can i just plug cables in and be good to go; or must I do "something" on the 7250 Top-of-Rack switch to properly setup the 7150-C12P as the "branch switch"?

We were all noobs at one time or another...

How do you have your network configured? Are you using VLANs?

If your network is flat -- a single subnet; no VLANs -- then you ought to be able to just hook everything up and "Bob's your uncle".

If you're using VLANs, things are different. You'll need to configure trunk ports to connect the two switches. At least, I think of them as trunk ports... On Cisco switches you designate them with switchport mode trunk, but I believe trunk means something completely different in the Brocade/Ruckus world.

Semantics aside, if you're using VLANs you need to configure specific ports to carry your tagged VLAN traffic between the two switches.

I use my ICX 7150-C12P much the way you seem to be planning to. I connect my office PC to one of its SFP+ ports (1/3/1), the other SFP+ port (1/3/2) connects via fiber to my shop switch (an ICX 6610-48P). This later port is configured as a trunk -- it carries tagged traffic for the 4 VLANs that I use. I've also configured the two non-PoE 'uplink' ports (1/2/1 & 1/2/2) as trunk ports; one connects to a Cisco SG350-10P switch in my living room, the other is unused.

Here's the relevant snippet from my startup config. You'll see ports 1/2/1, 1/2/2, and 1/3/2 tagged on very VLAN:

!
vlan 1 name DEFAULT-VLAN by port
 router-interface ve 1
!
vlan 10 name Secure by port
 tagged ethe 1/2/1 to 1/2/2 ethe 1/3/2 
 untagged ethe 1/1/1 to 1/1/12 ethe 1/3/1 
 router-interface ve 10
!
vlan 20 name Gizmos by port
 tagged ethe 1/2/1 to 1/2/2 ethe 1/3/2 
 router-interface ve 20
!
vlan 30 name WiFi by port
 tagged ethe 1/1/12 ethe 1/2/1 to 1/2/2 ethe 1/3/2 
 router-interface ve 30
!
vlan 40 name Cameras by port
 tagged ethe 1/2/1 to 1/2/2 ethe 1/3/2 
 router-interface ve 40
!

 

[tommybackeast]

As long as you don't expect any Layer 3 stuff on the 7150, it's plug and play for Layer 2 (no different than sticking a switch into another switch's ethernet port).

Edit: Minor correction. Plug and play as long as the TOR switch port is in "some" VLAN, not the default VLAN (although that could be worked as well, but that's a whole another story). All your devices on the 7150 will be in "that" VLAN that is defined on the 7250.

I apologize for doing a terrible job explaining in my prior post. thanks for your time. Please recall I'm a noob; and have not set up any VLANs.

but before I buy a 7150 I wish to make sure it will work for me. ReCap: 7250 is at Server Rack and Top-of-Rack Switch.

7150 would be in another room, a home office. Connection is 10GB Fiber from 7250 to 7150. On the 7150 : I wish to plug in 10GB Workstation on VLAN01, plug in a Printer via CAT6 and have that on VLAN02; and long-term plug in a POE Security Camera into 7150 and have that on VLAN03.

Is this possible? (your sentence of " All your devices on the 7150 will be in "that" VLAN that is defined on the 7250. " I wasn't sure how to take this sentence. Can the 7250 setup the above 3VLANS and have them working on the 7150?

(note: I know I lack the skill/knowledge to setup secure VLANS, and I'm seeking $ help to setup pfSense router with two 10GB NICs that go into the TOR 7250.

I am sorry I lack the tech skill to ask my question in a professional manner.

PS: are you have a 7150 : are they as silent reviewers have stated? how hot does the unit get? can you put your hand on the outside of it?

 

[tommybackeast]

We were all noobs at one time or another...

How do you have your network configured? Are you using VLANs?

I apologize for doing a terrible job explaining in my prior post. thanks for your time. Please recall I'm a noob; and have not set up any VLANs.

but before I buy a 7150 I wish to make sure it will work for me. ReCap: 7250 is at Server Rack and Top-of-Rack Switch.

7150 would be in another room, a home office. Connection is 10GB Fiber from 7250 to 7150. On the 7150 : I wish to plug in 10GB Workstation on VLAN01, plug in a Printer via CAT6 and have that on VLAN02; and long-term plug in a POE Security Camera into 7150 and have that on VLAN03.

Is this possible? (another poster wrote sentence of " All your devices on the 7150 will be in "that" VLAN that is defined on the 7250. " I wasn't sure how to take this sentence. Can the 7250 setup the above 3VLANS and have them working on the 7150?

(note: I know I lack the skill/knowledge to setup secure VLANS, and I'm seeking $ help to setup pfSense router with two 10GB NICs that go into the TOR 7250.

I am sorry I lack the tech skill to ask my question in a professional manner.

Bluntly, right now, I am not really seeking HOW-TO do the above Wish List, but simply can the 7250+7150 combo do this. (so I know it's ok to start shopping for one)


PS: are you have a 7150 : are they as silent reviewers have stated? how hot does the unit get? can you put your hand on the outside of it?

 

[klui]

I am sorry I lack the tech skill to ask my question in a professional manner.

You need to obtain more knowledge of VLANs in order to understand what others are recommending. Check out some videos on Youtube or articles on the web. Here's one that's easy to understand.

The 7150-C12P is silent because there is no fan. Mine is not deployed but without any ports used its top vents are lukewarm to the touch.