Brocade ICX Series (cheap & powerful 10gbE/40gbE switching)

[adman_c]

Hello! Thanks a ton for this whole thread and to everyone contributing, it’s an awesome resource. I just got an ICX 7250-48P that I’m really excited about and trying to get set up.

So far I haven’t been able to get connected to the console, though. I’m using a janky cable I made with an rsr232-to-usb breakout adapter and using the correct settings I’m clearly getting data, I can see the boot process, and am able to send keystrokes, but everything displayed is completely garbled. It looks like what I’d expect from an incorrect baud rate, but I’ve tried just about every different baud rate for the connection and nothing works. I confirmed with the seller that the console port was working and that they used it at 9600 to factory reset just before shipping it, so I’m not sure what else to try with my set up to get it working. I have proper cables on the way, that’s my next best hope. I think I’ve tried everything I’ve been able to find searching through this thread and in other places.

Anyways I tried hooking the management port into my router and it happily got an address from DHCP and I was able to telnet into it, so the switch is working. Is it possible to flash a new bootrom through telnet? Poking around the CLI it looks like it’s possible to set boot options, including tftp boot, so I was wondering if that was an option and if anyone‘s tried it. I get nervous doing an update like that without access to the console, though.

This might be barking up the wrong tree, but have you tried a different usb to serial adapter? I made one out of a keystone and an old mini usb cable I had lying around per this post: https://forums.servethehome.com/ind...erful-10gbe-40gbe-switching.21107/post-316704
Took all of 5 minutes and worked first go round. I also have an unused Brocade oem mini usb serial cable if you’d like it.

 

[kate]

This might be barking up the wrong tree, but have you tried a different usb to serial adapter? I made one out of a keystone and an old mini usb cable I had lying around per this post: https://forums.servethehome.com/ind...erful-10gbe-40gbe-switching.21107/post-316704
Took all of 5 minutes and worked first go round. I also have an unused Brocade oem mini usb serial cable if you’d like it.

Yeah, I did. If you look at my last post up the page I wrote a little more about the other adapter I tried.

Thank you for that offer! I already ordered an oem cable that should be getting here Monday, though . I’m on my second cannibalized mini usb cable now so hopefully one of these other cables will work. If not I’m back to figuring out how to update the bootrom with only telnet access and no console.

 

[epicurean]

How do you change the ip address of a icx6450? I tried to disable the current fixed IP , to use the DHCP assigned with
"ip dhcp-client enable"
but it does not work.

 

[xtantaudio]

Hello, I am looking for some assistance with my Brocade ICX6650. I have followed the documentation on the first page from Fohdeesha in order to get the license and configuration done on the switch and I also purchased 3 of the 649281-B21 (originally HPE) cards and completed the firmware update on those units.

The 649281-B21 cards work when connected directly to each other, the link comes up between my test PC's. When I plug the QSFP Cable from one of the test PC's into the ICX6650, the link light never comes on, the NIC shows no cable connected. any suggestions ? I am REALLY hoping that the brocade switch is not bad on the 4 40Gb ports.

I have confirmed that the 2 40Gb Breakout ports DO work.

I did run the fpod-40g-enable group 1, 2 and 3 commands to "turn on" the 40Gb ports.

I have included a show ver of the switch in case it helps. It looks to me like I have everything right, so I am guessing I am missing something stupid here. If any more information is needed, I will provide it, I would REALLY like to get this working in my home lab.

 

[danb35]

If you'd followed the guide linked in the OP to set it up initially, it should be:

enable
configure terminal
interface ve 1
no ip address 192.168.1.50/24 # substitute whatever address you'd configured
exit
[code]
Then set a new address, or enable DHCP (though I don't think the latter would be recommended).

 

[Lone Wolf]

How do you change the ip address of a icx6450? I tried to disable the current fixed IP , to use the DHCP assigned with
"ip dhcp-client enable"
but it does not work.

Did you run 'factory set-default'? I believe when I first got my 6450 and ran that, it was able to grab a DHCP address by default. The guide then tells you to disable it. You could skip that part if you are wanting to do a static DHCP assignment.

 

[epicurean]

Did you run 'factory set-default'? I believe when I first got my 6450 and ran that, it was able to grab a DHCP address by default. The guide then tells you to disable it. You could skip that part if you are wanting to do a static DHCP assignment.

No, I did not run factory set-default . Would that set EVERYTHING to default, which is not my intention. I just want to be able to change the IP. Yes, I can also do a change in static IP assignment.

 

[Lone Wolf]

No, I did not run factory set-default . Would that set EVERYTHING to default, which is not my intention. I just want to be able to change the IP. Yes, I can also do a change in static IP assignment.

Yes, if you already have a lot of configuration in the switch it would make sense not to do a factory reset. I had assumed you had just received the switch and were setting it up from scratch, my bad.

I'm not sure how to set it back to dhcp to be honest. I would've thought your command of "ip dhcp-client enable" would do the trick.

 

[kpfleming]

The DHCP client won't attempt to obtain an address unless there are *no* addresses assigned to any interfaces in the switch. Please ensure that you have used `no ip ...` to remove all of them.

 

[kate]

Ok! I got the console working using an OEM Brocade Mini USB to DB9 cable from eBay, a DB9 to RJ45 adapter with configurable pinout, and an RJ45 to USB console cable. The RJ45 to USB console cable has the exact same FTDI chip as the adapter I was previously using so I think the garbled data issue I was having probably just comes down to signal quality. I‘d expect a DIY Mini USB to RJ45 keystone cable would work with this console cable like others have reported. Here are the pinouts I used, and links to products:

https://www.amazon.com/dp/B01AFNBC3K
RJ45 Pins :: Console Cable Pinout
1 :: RTS
2 :: DTR
3 :: TX
4 :: GND
5 :: GND
6 :: RX
7 :: DSR
8 :: CTS

https://www.amazon.com/dp/B00066HL3W
RJ45 Pins :: Adapter Colors
1 :: blue
2 :: orange
3 :: black
4 :: red
5 :: green
6 :: yellow
7 :: brown
8 :: white

DB9 Pins :: Adapter Colors
1 :: empty
2 :: black
3 :: yellow
4 :: orange
5 :: red+green
6 :: brown
7 :: white
8 :: blue
9 :: empty

The console cable has two grounds, so I had to tie together two of the DB9 adapter pins together like this:

 

[kate]

In case anybody else runs into this, the Brocade web management interface has a maximum password length of 31 characters ‍*facepalm*. It seems like it truncates anything longer than that, even if it's a valid password everywhere else on the system.

 

[fohdeesha]

8095g has released, of course only bugfixes to 8095f, but a surprising amount of unexpected reboot fixes. I'll update the guide in the next couple of days

 

[fohdeesha]

8095g has released, of course only bugfixes to 8095f, but a surprising amount of unexpected reboot fixes. I'll update the guide in the next couple of days

updated

 

[sergi0]

Hi,

I own a Brocade ICX6450-24 for almost a year. I don't really need most of its capabilities, but it was the cheaper 24*1gb swith with 4 SFP+ ports. I have pretty basic needs.
During my use of this switch I have encounter something strange which is probably linked to its pro functionnalities.

But first, let me explain my network :

My ISP provide 2 boxes : one called the freebox server that connect to fiber optics and deliver RJ45 connectivity and another one called freebox player used to watch TV. The traffic between the 2 is specific and it is really a pain to filter. So I don't do it.

On a topo view, here what I have :

INTERNET - FREEBOX_SERVER (192.168.1.x) - FW (openBSD) - network (10.11.12.x/24)
|
°- FREEBOX_PLAYER (192.168.1.y)


On a network view, the switch is just behind the freebox server and everything is plugged on it. There are 2 networks on the switch : 192.168.1.x and 10.11.12.x. I have a RJ45 plug between the brocade and the TV zone where it output to another switch where both networks are connected (192xxx for the TV flux between the freebox server and player and 10xxx for the NAS and the Shield TV connected to the TV).

Before the Brocade, I had a Netgear devices and everyhting worked fine. With the Brocade I am unable to get the TV flux on the freebox player. I am sure it is a qeustion of VLAN tagging, but I lack the proper expertise to immediately see the trick and configure the Brocade to allow it.

Do someone have an idea of what I am missing or what topic I should learn to solve my problem ?

cheers,

s.

 

[LodeRunner]

Can you provide the output of 'show run'? You can wrap it in spoiler and code tags so it keeps formatting and is collapsed by default on page load.

 

[cablepick]

My 6610 was previously part of a stack. How do I go about removing the stack unit 2 from this unit? I followed the guide and did factory set-default followed by reset however stack unconfigure clean always returns Invalid input -> unconfigure clean. Stacking ports and stacking are disabled and I'm using both 40gbe ports successfully as regular ports.

stack command list:

Spoiler

SSH@core(config)#stack unconfigure clean
Invalid input -> unconfigure clean
Type ? for a list
SSH@core(config)#stack
  disable                 This unit will never be part of stack
  enable                  Enable stacking feature
  mac                     stacking MAC address
  persistent-mac-timer    persistent MAC timer
  stack-port-resiliency   recover stack port errors by errdisabling ports or
                          reloading units
  suggested-id            If bootup ID not available, use this
  suppress-warning        Don't display stacking warnings or errors
  unit                    Configure local parameters for a stack unit

show run:

Spoiler

SSH@core>show run
Current configuration:
!
ver 08.0.30jT7f3
!
stack unit 1
  module 1 icx6610-48p-poe-port-management-module
  module 2 icx6610-qsfp-10-port-160g-module
  module 3 icx6610-8-port-10g-dual-mode-module
  no legacy-inline-power
stack unit 2
  module 1 icx6610-48p-poe-port-management-module
  module 2 icx6610-qsfp-10-port-160g-module
  module 3 icx6610-8-port-10g-dual-mode-module
  stack-trunk 2/2/1 to 2/2/2
  stack-trunk 2/2/6 to 2/2/7
stack disable

 

[sergi0]

Can you provide the output of 'show run'? You can wrap it in spoiler and code tags so it keeps formatting and is collapsed by default on page load.

Here is the show run command output :

Spoiler

SSH@bro6450>show run
Current configuration:
!
ver 08.0.30tT313
!
stack unit 1
  module 1 icx6450-24-port-management-module
  module 2 icx6450-sfp-plus-4port-40g-module
!
!
!
!
vlan 1 name DEFAULT-VLAN by port
 router-interface ve 1
!
!
!
!
!
aaa authentication web-server default local
aaa authentication enable default local
aaa authentication login default local
hostname bro6450
ip dhcp-client disable
!
username root password .....
!
!
!
!
!
interface ve 1
 ip address 10.11.12.254 255.255.255.0
!
!
!
!
!
!
!
!
!
end

SSH@bro6450>

 

[fohdeesha]

My 6610 was previously part of a stack. How do I go about removing the stack unit 2 from this unit? I followed the guide and did factory set-default followed by reset however stack unconfigure clean always returns Invalid input -> unconfigure clean. Stacking ports and stacking are disabled and I'm using both 40gbe ports successfully as regular ports.

stack command list:

Spoiler

SSH@core(config)#stack unconfigure clean
Invalid input -> unconfigure clean
Type ? for a list
SSH@core(config)#stack
  disable                 This unit will never be part of stack
  enable                  Enable stacking feature
  mac                     stacking MAC address
  persistent-mac-timer    persistent MAC timer
  stack-port-resiliency   recover stack port errors by errdisabling ports or
                          reloading units
  suggested-id            If bootup ID not available, use this
  suppress-warning        Don't display stacking warnings or errors
  unit                    Configure local parameters for a stack unit

show run:

Spoiler

SSH@core>show run
Current configuration:
!
ver 08.0.30jT7f3
!
stack unit 1
  module 1 icx6610-48p-poe-port-management-module
  module 2 icx6610-qsfp-10-port-160g-module
  module 3 icx6610-8-port-10g-dual-mode-module
  no legacy-inline-power
stack unit 2
  module 1 icx6610-48p-poe-port-management-module
  module 2 icx6610-qsfp-10-port-160g-module
  module 3 icx6610-8-port-10g-dual-mode-module
  stack-trunk 2/2/1 to 2/2/2
  stack-trunk 2/2/6 to 2/2/7
stack disable

pretty sure stack unconfigure clean happens at the enable level, not the conf t level

 

[LodeRunner]

Here is the show run command output :

Spoiler

SSH@bro6450>show run
Current configuration:
!
ver 08.0.30tT313
!
stack unit 1
  module 1 icx6450-24-port-management-module
  module 2 icx6450-sfp-plus-4port-40g-module
!
!
!
!
vlan 1 name DEFAULT-VLAN by port
router-interface ve 1
!
!
!
!
!
aaa authentication web-server default local
aaa authentication enable default local
aaa authentication login default local
hostname bro6450
ip dhcp-client disable
!
username root password .....
!
!
!
!
!
interface ve 1
ip address 10.11.12.254 255.255.255.0
!
!
!
!
!
!
!
!
!
end

SSH@bro6450>

What model was the Netgear you previously had? If it wasn't VLAN aware (unmanaged) and the TV equipment is using VLAN tags, the unmanaged switch will happily pass the traffic. The unconfigured ports on the 6450 just default to untagged VLAN 1; if the Freebox packets are VLAN tagged, the switch is either discarding the VLAN tagged packets or honoring them, but has no tagged ports to send them to. Was the Netgear that the TV system was plugged into shared by the rest of your network? Have you also confirmed that the Freebox connected to the TV is pulling the correct IP address to work?

I could be very wrong about what the 6450 is doing though. As this is supplied by your ISP, if their support is worth anything, they might be able to give you some guidance as well.

You can use diagrams.net to draw quick diagrams of how it was before and how it is now.

 

[fohdeesha]

What model was the Netgear you previously had? If it wasn't VLAN aware (unmanaged) and the TV equipment is using VLAN tags, the unmanaged switch will happily pass the traffic. The unconfigured ports on the 6450 just default to untagged VLAN 1; if the Freebox packets are VLAN tagged, the switch is either discarding the VLAN tagged packets or honoring them, but has no tagged ports to send them to. Was the Netgear that the TV system was plugged into shared by the rest of your network? Have you also confirmed that the Freebox connected to the TV is pulling the correct IP address to work?

I could be very wrong about what the 6450 is doing though. As this is supplied by your ISP, if their support is worth anything, they might be able to give you some guidance as well.

You can use diagrams.net to draw quick diagrams of how it was before and how it is now.

yeah I can almost promise it's a case of vlans, @sergi0 if you really wanna figure it out, connect the modem directly to your PC, and run wireshark for a few minutes. The dump should show what VLAN tags it's sending out. might be easier to connect the TV box and capture it instead, in case the modem doesn't initiate any TV VLAN traffic until the tv box does