7450 has lower bandwidth than 6610 but the newer software, lower power, and higher power PoE ports are pretty nice in certain applications. I agree with you that you need to find one that has the modules already otherwise it isn't worth it.
Brocade ICX Series (cheap & powerful 10gbE/40gbE switching)
- Thread starter fohdeesha
- Start date
Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
the power draw is almost identical, +/- 5-10% in my experience. the newer PoE is nice indeed
if you have the web UI enabled, 30+ digit passwords are the least of your worries
To be fair, I haven’t actually measured either of them but with no PoE load the 7450-24 is listed at 75W while the 6610-24 is listed at 120W. Fans are probably non negligible in both cases if you don’t swap them out since they’re > 10w each at full speed and you need a minimum 3/switch.
6610-24Ps measure around 80 watts, actual measurements for these should all be in my OP
@fohdeesha my icx6450 suddenly lost web and ssh connect. pc connect to RJ45 port still work , but server connect to SFP+ are not (can't ping form pc , but the server's nic light still remain normal ).
after reboot the 6450 , everything seems ok, no error or warning message in logs.
do i need worry about this?
after reboot the 6450 , everything seems ok, no error or warning message in logs.
do i need worry about this?
@fohdeesha and I discussed this privately a while ago. Either platform (Broadcom or Marvell) will meet the needs of most everyone with 1/10 GbE devices. If you are really bumping into performance limitations on either one, there are better options available like Arista.
When I rebuilt my home network, my main considerations were: number/type of ports and ongoing software support (bug and security fixes). Ongoing support made ICX7xxx an easy choice; don't forget that the ICX6xxx switches were designated EOL/EOS in mid-2018 and the last update of the 8030 codetrain was in 2020. For ports, either 7250 or 7450 fit the bill. I started out with an abused ICX7250 that apparently lived in a hot IDF closet in Florida, but quickly replaced it with two 7450s.. the modularity (spare parts) made more sense for when the 7450 eventually goes EOL.
You're not missing anything. If you are comfortable with the age of the switch and don't need/want any new features of the 809x or 9xxx codetrains, get yourself a nice switch. In fact, get two.. when I priced out buying individual spare parts (PSU, fan, port modules) it was just as expensive to buy a fully kitted out switch.
On the POE+ question, those models have a "P" at the end - see page 6 of the datasheet: https://www.dataswitchworks.com/datasheets/switches/brocade-icx-6610-ds.pdf
I use two of them stacked, one in the garage and one in my "hobby room" closet. The only extra downside to these switches has to be the noise. They are a bit noisy on low fan speed, but the instant they hit 75C (and that is pretty easy...), the fans will spool up to 18,000rpm+ and they sound like a jet getting ready to take off (ok, slight exaggeration). Then, 10 to 15 seconds later, they drop back down for a bit.
How bad this is all depends on where you are placing them and how sensitive to noise you are. These sort of things don't bother me TOO much, but I will say, I have purchased a nice piece of 1/8" plexiglass to make a new cover and allow me to place the 120mm fans on top of the hot spots. I'll also build a pulse generator/fan monitor out of attiny45 8 pin MCU to give me a nice fan header and to keep the switch happy. I'll probably leave the fans in the power supplies alone (I want to keep them cool and on low speed, they are not too bad) but pull the 4 fans out of the two fan trays and feed in the signal from the pulse generator to them.
Overall, I am very happy with the upgrade from my Aruba S3500 stack. The Brocade is definitely a LOT more capable and flexible hardware. Not to mention the 16 10Gb ports on each of them...
Break out port issue. I've configured the switch to use the two 40G ports for stacking and the other two QSFP ports as breakout ports. Stacking works great. I've setup 2/2/2 to 2/2/3 as tagged ports and each one connects to one of two servers. Same with ports 2/2/7 to 2/2/8. They connect perfectly at 10Gb and the two activity lights for the ports are all on and working perfectly.
The other four (ok, 2 times 2) break out ports are setup as untagged on a specific VLAN for management (overkill, but I have the ports, so...). And they do NOT work at all. To verify the ESXI side of things (and to have management access), I have configured one of the front 10Gb ports on the same VLAN and connected it to the primary server in place of the breakout cable. It connects and runs perfectly fine.
Here is the port configuration for the non working breakout port (2/2/4) and working front port (2/3/5):
The stack configuration from show run:
Finally, show interface brief unit 2:
Once more, I suspect it is something simple and obvious that I am missing. My gut says it has to be in the breakout port configuration, but they APPEAR to be the same as the working front 10Gb port, so I'm doubting my gut right now. Is there an issue with trying to run some of the breakout ports tagged and others untagged?
Any help would be greatly appreciated, even if you have to start the reply with "Hey knucklehead, did you notice ...!"
Regards,
clcorbin
The other four (ok, 2 times 2) break out ports are setup as untagged on a specific VLAN for management (overkill, but I have the ports, so...). And they do NOT work at all. To verify the ESXI side of things (and to have management access), I have configured one of the front 10Gb ports on the same VLAN and connected it to the primary server in place of the breakout cable. It connects and runs perfectly fine.
Here is the port configuration for the non working breakout port (2/2/4) and working front port (2/3/5):
Code:
blah(config)#sh int eth 2/2/4
10GigabitEthernet 2/2/4 is down, line protocol is down
Port down for 7 day(s) 17 hour(s) 50 minute(s) 29 second(s)
Hardware is 10GigabitEthernet , address is blah (bia blah)
Configured speed 10Gbit, actual unknown, configured duplex fdx, actual unknown
Configured mdi mode AUTO, actual unknown
Member of L2 VLAN ID blah, port is untagged, port state is BLOCKING
BPDU guard is Disabled, ROOT protect is Disabled, Designated protect is Disabled
Link Error Dampening is Disabled
STP configured to ON, priority is level0, mac-learning is enabled
Openflow is Disabled, Openflow Hybrid mode is Disabled, Flow Control is config enabled, oper enabled, negotiation disabled
Mirror disabled, Monitor disabled
Mac-notification is disabled
Not member of any active trunks
Not member of any configured trunks
Port name is blah
MTU 1500 bytes, encapsulation ethernet
300 second input rate: 0 bits/sec, 0 packets/sec, 0.00% utilization
300 second output rate: 0 bits/sec, 0 packets/sec, 0.00% utilization
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 multicasts, 0 unicasts
0 input errors, 0 CRC, 0 frame, 0 ignored
0 runts, 0 giants
100183 packets output, 16651186 bytes, 0 underruns
Transmitted 69827 broadcasts, 28642 multicasts, 1714 unicasts
0 output errors, 0 collisions
Relay Agent Information option: Disabled
Egress queues:
Queue counters Queued packets Dropped Packets
0 97212 0
1 0 0
2 0 0
3 0 0
4 0 0
5 2971 0
6 0 0
7 0 0
blah(config)#sh int eth 2/3/5
10GigabitEthernet2/3/5 is up, line protocol is up
Port up for 18 minute(s) 25 second(s)
Hardware is 10GigabitEthernet, address is blah (bia blah)
Interface type is 10Gig SFP+
Configured speed 10Gbit, actual 10Gbit, configured duplex fdx, actual fdx
Member of L2 VLAN ID blah, port is untagged, port state is FORWARDING
BPDU guard is Disabled, ROOT protect is Disabled, Designated protect is Disabled
Link Error Dampening is Disabled
STP configured to ON, priority is level0, mac-learning is enabled
Openflow is Disabled, Openflow Hybrid mode is Disabled, Flow Control is enabled
Mirror disabled, Monitor disabled
Mac-notification is disabled
Not member of any active trunks
Not member of any configured trunks
Port name is blah
MTU 1500 bytes, encapsulation ethernet
300 second input rate: 58576 bits/sec, 8 packets/sec, 0.00% utilization
300 second output rate: 24432 bits/sec, 10 packets/sec, 0.00% utilization
5230063 packets input, 4533116887 bytes, 0 no buffer
Received 228 broadcasts, 22742 multicasts, 5207093 unicasts
0 input errors, 0 CRC, 0 frame, 0 ignored
0 runts, 0 giants
6132363 packets output, 1738716258 bytes, 0 underruns
Transmitted 1425193 broadcasts, 1397917 multicasts, 3309253 unicasts
0 output errors, 0 collisions
Relay Agent Information option: Disabled
Egress queues:
Queue counters Queued packets Dropped Packets
0 5234343 0
1 0 0
2 0 0
3 859073 0
4 40 0
5 17163 0
6 21744 0
7 0 0
Code:
stack unit 1
module 1 icx6610-48p-poe-port-management-module
module 2 icx6610-qsfp-10-port-160g-module
module 3 icx6610-8-port-10g-dual-mode-module
no legacy-inline-power
stack-port 1/2/1 1/2/6
stack unit 2
module 1 icx6610-48p-poe-port-management-module
module 2 icx6610-qsfp-10-port-160g-module
module 3 icx6610-8-port-10g-dual-mode-module
no legacy-inline-power
priority 200
stack-port 2/2/1 2/2/6
stack enable
stack mac blah
!
Code:
2/2/1 Up Forward Full 40G None No N/A 0
2/2/2 Up Forward Full 10G None Yes N/A 0
2/2/3 Up Forward Full 10G None Yes N/A 0
2/2/4 Down None None None None No blah 0
2/2/5 Down None None None None No blah 0
2/2/6 Up Forward Full 40G None No N/A 0
2/2/7 Up Forward Full 10G None Yes N/A 0
2/2/8 Up Forward Full 10G None Yes N/A 0
2/2/9 Down None None None None No blah 0
2/2/10 Down None None None None No blah 0
<snip>
2/3/5 Up Forward Full 10G None No blah 0Any help would be greatly appreciated, even if you have to start the reply with "Hey knucklehead, did you notice ...!"
Regards,
clcorbin
reboot the stack (both switches) once the breakout cable is connected on both ends (to the icx's and to your hypervisor hardware). hopefully it will come up after the switch reboot
If you want some pointers on the fan mod, take a look at my earlier post in this thread, the whole mod is painless to do. My 6610 and my 7450 (see other thread) are both happily running for months now. My PC is louder than my switches now.
My guess would be because it's another vector for potential attack not because there's anything inherently insecure about it (or less insecure than usual for HTTPS)
Of course, I'm saying that without being aware of any prior information that would suggest ruckus web interface has a vulnerability in it
Last edited: