If I set up a mirror port and monitor an entire VLAN with ACLs configured on the VE, will packets that would be dropped by the ACLs be mirrored to the mirror port or are they dropped before getting mirrored?
Brocade ICX Series (cheap & powerful 10gbE/40gbE switching)
- Thread starter fohdeesha
- Start date
Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
These are hard to find and expensive. Here in this thread you can find several concepts for self self-made solutions. I went the way as described in the following post: cut mini-USB phone cable --> keystone --> standard Cisco console cable
I have used those same cables on ubiquiti,solarflare,chelsio and intel I am about to use on my newly aquired 6450-48p I will report back
Hey guys. I'm new to managed switches so please bear with me if these questions are simple.
I just received my ICX6610. I updated the firmware per the guide linked in the OP. However, I am confused about the part where I switch from the management port to a normal port to be able to SSH to the switch. Isn't that the point of the management port?
I just want to make sure I am doing things correctly before I rack the switch at the datacenter. My plan was to use our OOB link to connect to the management port to be able to SSH. Do I need to connect it to a normal port instead? And if so, what's the point of the management port?
I just received my ICX6610. I updated the firmware per the guide linked in the OP. However, I am confused about the part where I switch from the management port to a normal port to be able to SSH to the switch. Isn't that the point of the management port?
I just want to make sure I am doing things correctly before I rack the switch at the datacenter. My plan was to use our OOB link to connect to the management port to be able to SSH. Do I need to connect it to a normal port instead? And if so, what's the point of the management port?
And a few additional questions regarding my specific configuration. What we need is very simple - we are using this switch to A) terminate a GRE tunnel and B) have uplink failover in place from the two fiber drops that datacenter gives us.
Looking at the Ruckus guide, it looks like a dynamic LAG is what I need? Is there anything specific I need to do for it to failover automatically or is that inherent to a dynamic LAG?
Secondly, regarding the GRE tunnel, I came across this in the Ruckus guide:
Looking at the Ruckus guide, it looks like a dynamic LAG is what I need? Is there anything specific I need to do for it to failover automatically or is that inherent to a dynamic LAG?
Secondly, regarding the GRE tunnel, I came across this in the Ruckus guide:
I will be terminating a GRE tunnel on the switch - does that mean I should only terminate a tunnel on the primary LAG port? What if the primary LAG port goes down? Will the secondary LAG port still work with the tunnel?
Last edited:
Weird. I have a MCX354A-FCBT and have used a 1M Mellanox QSFP+ DAC and a 5M HPE "BladeSystem" QSFP+ DAC without any issues on my 6610. It doesn't seem to be picky at all.
I am locked out from my ICX 7250. 
I uploaded my config file to the ICX via TFTP. This before I downloaded and updated a little bit.
But after reload I cannot login any more to the console and ssh. The password is not accepted.
Did I missed something to do before uploading the file?
Any easy why to reset the password without starting from scratch?
I uploaded my config file to the ICX via TFTP. This before I downloaded and updated a little bit.
But after reload I cannot login any more to the console and ssh. The password is not accepted.
Did I missed something to do before uploading the file?
Any easy why to reset the password without starting from scratch?
Yes, I was stupid, but I found the answer by myself.I am locked out from my ICX 7250.
I uploaded my config file to the ICX via TFTP. This before I downloaded and updated a little bit.
But after reload I cannot login any more to the console and ssh. The password is not accepted.
Did I missed something to do before uploading the file?
When I copy the the config from console with
show run, the password is not included for security reasons. Only five dots are shown. And when I upload this config again, guess what? My new password is ......
Code:
!
telnet timeout 10
no telnet server
username admin password .....
!
!ICX7150-C12P here, what's the correct way forward if flashing to bootrom isn't an option (FIPS isn't enabled, seems to be the layer 2 package right now,
Looks like the seller was kind enough to bump me up to the newer version :/
Code:
ICX7150-C12 Switch#copy tftp flash 192.168.1.30 mnz10114.bin
client-certificate client RSA certificate
client-private-key client RSA private key
fips-primary-sig Primary signature file
fips-secondary-sig Secondary signature file
fips-ufi-primary-sig Primary ufi signature file
fips-ufi-secondary-sig Secondary ufi signature file
local-pri Primary code image on the local unit
local-sec Secondary code image on the local unit
pe-id-pri Copy PE primary image to unit specified by unit-id
pe-id-sec Copy PE secondary image to unit specified by unit-id
primary Primary code image
secondary Secondary code image
trust-certificate SSL Trust certificate
Code:
ICX7150-C12 Switch#show version
Copyright (c) Ruckus Networks, Inc. All rights reserved.
UNIT 1: compiled on Sep 22 2019 at 23:54:26 labeled as SPS08090d
(28660224 bytes) from Primary SPS08090d.bin (UFI)
SW: Version 08.0.90dT211
Compressed Primary Boot Code size = 786944, Version:10.1.15T225 (mnz10115)
Compiled on Thu Jan 31 07:08:55 2019
HW: Stackable ICX7150-C12-POE
==========================================================================
UNIT 1: SL 1: ICX7150-C12-2X1G POE 12-port Management Module
Serial #:FEK3833R0RC
Software Package: BASE_SOFT_PACKAGE
Current License: 2X1G
P-ASIC 0: type B160, rev 11 Chip BCM56160_B0
==========================================================================
UNIT 1: SL 2: ICX7150-2X1GC 2-port 2G Module
==========================================================================
UNIT 1: SL 3: ICX7150-2X10GF 2-port 20G Module
==========================================================================
1000 MHz ARM processor ARMv7 88 MHz bus
8192 KB boot flash memory
2048 MB code flash memory
1024 MB DRAMLooking further into it, the secondary flash seems to at least be an SPR package
Attempting downgrade via USB image auto-loading, we'll see
Attempting downgrade via USB image auto-loading, we'll see
I played a little bit with PSU and fans of ICX6610 yesterday, did some interesting findings.
Went to PSU rev A and one fan in intake to PSU rev C exhaust with one fan, then two.
Exhaust PSU seems to be MUCH more silent than intake but will require two back fans modules if you want decent temperature. Those tests are made in my garage in winter, where ambiant temp is about 10C (so pretty low).
(The bump in the graph is moving from PSU intake to PSU exhaust w/ one fan, then it goes back to normal once I add a second fan module).
Single PSU Rev.C in exhaust mode is SO MUCH MORE quiet than single PSU Rev.A intake, you would not believe it. It used to litterally scream (high pitch noise, very loud) to being inaudible over servers and Fortigate around it.
To sum it up:
1. Single PSU Rev.A intake + one fan = ~45C, VERY LOUD
2. Single PSU Rev.C exhaust + one fan = ~71C, quiet
3. Single PSU Rev.C exhaust + two fans = ~46C, quiet
I would have loved to test Rev.A vs Rev.C in same configuration (intake/exhaust) as I heard intake vs exhaust makes a lot of difference in noise levels.
Went to PSU rev A and one fan in intake to PSU rev C exhaust with one fan, then two.
Exhaust PSU seems to be MUCH more silent than intake but will require two back fans modules if you want decent temperature. Those tests are made in my garage in winter, where ambiant temp is about 10C (so pretty low).
(The bump in the graph is moving from PSU intake to PSU exhaust w/ one fan, then it goes back to normal once I add a second fan module).
Single PSU Rev.C in exhaust mode is SO MUCH MORE quiet than single PSU Rev.A intake, you would not believe it. It used to litterally scream (high pitch noise, very loud) to being inaudible over servers and Fortigate around it.
To sum it up:
1. Single PSU Rev.A intake + one fan = ~45C, VERY LOUD
2. Single PSU Rev.C exhaust + one fan = ~71C, quiet
3. Single PSU Rev.C exhaust + two fans = ~46C, quiet
I would have loved to test Rev.A vs Rev.C in same configuration (intake/exhaust) as I heard intake vs exhaust makes a lot of difference in noise levels.
For another data point for those trying to make things a little quieter, I threw a Delta EFB0412VHD-F00 into my ICX7250-24 and it worked well. Switch boots fine, and it's significantly quieter than the stock Foxconn monstrosity.
EDIT: After bringing the switch back up, the fan was not sufficient to keep the ASIC temps in the low-range fan speed. More work is required.
EDIT: After bringing the switch back up, the fan was not sufficient to keep the ASIC temps in the low-range fan speed. More work is required.
Last edited:
Sadly I have no scientific method to measure this. My "butt dyno" says it's much, much quieter.
As I learned the hard way - the management port 'reuses' a MAC of one of the regular switches ports (see https://forums.servethehome.com/ind...erful-10gbe-40gbe-switching.21107/post-289899).
So when those two end up on the same network (as is likely in a home setup) then there are collisions.
If you have a completely separate circuit for OOB management then it should be fine.
Big fan of the ICX, currently I have some FastIron FCX 648S POE, I know these does BGP with advanced license package but super expensive in my opinion to obtain aside that they require site id and alot of complication these days, all the ones i own come with the basic package, any suggestion on getting the license cheap?!
I ended up going to Arbua for this option however would love to use these as well for BGP if there is a cheaper way for the license
I ended up going to Arbua for this option however would love to use these as well for BGP if there is a cheaper way for the license
Last edited:
I am curious. What about AISIC temperatures in your ICX 7250-24?
I did the same on my ICX 7250-24P. This device even has two fans. But the two Delta EFB0412VHD-F00 were not sufficient to keep the ASIC temperature down and frequently step 2 of the fan control jumped in. I had to add an additional fan on top of the cooling fins for the ASIC.