Brocade ICX Series (cheap & powerful 10gbE/40gbE switching)
- Thread starter fohdeesha
- Start date
Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
Aah good one - thanks for that peace of mind
SSH@6610-POE-Basement#show stack
***** Warning! stack is not enabled. *****
T=13h58m15.5: alone: standalone, D: dynamic cfg, S: static
ID Type Role Mac Address Pri State Comment
1 S ICX6610-48P alone cc4e.24b9.c6d0 0 local None:0
+---+
2/1| 1 |2/6
+---+
Current stack management MAC is cc4e.24b9.c6d0
SSH@6610-POE-Basement#
Was it in this thread re the replacement RAM ? Would not mind searching it up as a standby just n case
Craig
OK here you go - think it has finished now - but will go away and leave it for another 1/2 hour anyway
Command executed successfully
ICX64XX-boot>> reset
Reset CPU by asserting RstOutn
Bootloader Version: 10.1.05T310 (Mar 19 2015 - 16:39:59)
Model ID: 1.0.0.1.1.0
Enter 'b' to stop at boot monitor: 0
bootdelay: ===
Booting image from Primary
## Booting image at 00007fc0 ...
Created: 2020-04-23 17:58:12 UTC
Data Size: 9870536 Bytes = 9.4 MB
Load Address: 00008000
Entry Point: 00008000
Verifying Checksum ... OK
OK
Starting kernel in BE mode ...
Uncompressing Image.............................................................................................................................................................................................................................................................................................................................................................................................................. done, booting the kernel.
Config partition mounted.
FIPS reset is enable.
Removing startup config & backup
Removing stacking.boot
Removing SSL_CERT_FILE
Removing SSH_RSA_HOSTKEY_FILE
Removing SSH_DSA_HOSTKEY_FILE
Creating TUN device
Starting the FastIron.
FIPS Disabled
ORT NOT DISABLEDplatform type 47
OS>Unable to set the kernel wall time
Starting Main Task .Applying factory defaults..
INFO: startup config data is not available, try to read from backup
INFO: startup config data in the backup area is not available
CPSS DxCh Version: cpss3.4p1 release
Pre Parsing Config Data ...
INFO: empty config data in the primary area, try to read from backup
INFO: empty config data in the backup area also
Parsing Config Data ...
INFO: empty config data in the primary area, try to read from backup
INFO: empty config data in the backup area also
PoD: No license present for port 1/2/2
PoD: No license present for port 1/2/4
System initialization completed...console going online.
Copyright (c) 1996-2016 Brocade Communications Systems, Inc. All rights reserved.
UNIT 1: compiled on Apr 23 2020 at 10:57:06 labeled as ICX64R08030u
(9871112 bytes) from Primary ICX64R08030u.bin
SW: Version 08.0.30uT313
Boot-Monitor Image size = 786944, Version:10.1.05T310 (kxz10105)
HW: Stackable ICX6450-48-HPOE
==========================================================================
UNIT 1: SL 1: ICX6450-48P POE 48-port Management Module
Serial #: BZT3226K07S
License: ICX6450_BASE_ROUTER_SOFT_PACKAGE (LID: dbvIHHLmFMu)
P-ENGINE 0: type DEF0, rev 01
P-ENGINE 1: type DEF0, rev 01
==========================================================================
UNIT 1: SL 2: ICX6450-SFP-Plus 4port 40G Module
==========================================================================
800 MHz ARM processor ARMv5TE, 400 MHz bus
65536 KB flash memory
512 MB DRAM
STACKID 1 system uptime is 27 second(s)
The system started at 00:00:39 GMT+00 Thu Jan 01 1970
The system : started=cold start
ICX6450-48P Router>
Stack unit 1 PS 1, Internal Power supply detected and up.
Stack unit 1 PS 1, Internal Power supply detected and up.
PoE: Stack unit 1 PS 1, Internal Power supply with 740000 mwatts capacity is up
PoE Info: Adding new 54V capacity of 740000 mW, total capacity is 740000, total free capacity is 740000
PoE Info: PoE module 1 of Unit 1 on ports 1/1/1 to 1/1/48 detected. Initializing....
PoE Event Trace Log Buffer for 2000 log entries allocated
PoE Event Trace Logging enabled...
PoE Info: Programming Ruckus defaults. Step 1: Writing port defaults on module in slot 1....
PoE Info: Programming Ruckus Defaults: Step 2: Writing PM defaults on module in slot 1.
PoE Info: Programming Ruckus defaults. Step 3: Writing user byte 0xf3 on module in slot 1.
PoE Info: Programming Ruckus defaults. Step 4: Saving settings on module in slot 1.
PoE Info: Programming Ruckus defaults....completed.
PoE Info: PoE module 1 of Unit 1 initialization is done.
ICX6450-48P-Router>TFTP session timed out
ICX6450-48P-Router>en
No password has been assigned yet...
ICX6450-48P-Router#conf t
ICX6450-48P-Router(config)#ip dhcp-client disable
ICX6450-48P-Router(config)#TFTP session timed out
ICX6450-48P-Router(config)#ip dhcp-client disable
ICX6450-48P-Router(config)#vlan 1
ICX6450-48P-Router(config-vlan-1)#rou
router-interface Attach router interface for Layer 2 VLAN
ICX6450-48P-Router(config-vlan-1)#router-interface ve 1
ICX6450-48P-Router(config-vlan-1)#exit
ICX6450-48P-Router(config)#int ve 1
ICX6450-48P-Router(config-vif-1)#ip address 172.16.100.243/24
ICX6450-48P-Router(config-vif-1)#exit
ICX6450-48P-Router(config)#wr mem
There is no startup config file, unable to save legacy config
ICX6450-48P-Router(config)#Flash Memory Write (8192 bytes per dot) .
Write startup-config done.
Copy Done.
ICX6450-48P-Router(config)#exit
ICX6450-48P-Router#inline power install-firmware stack-unit 1 tftp 172.16.100.115 ICX64xx/icx64xx_poeplus_02.1.0.b004.fw
ICX6450-48P-Router#Flash Memory Write (8192 bytes per dot) ..................
tftp download successful file name = poe-fw
Sending PoE Firmware to Unit 1.
Firmware version from File: 2.1.1
PoE Warning: Upgrading firmware in slot 1....DO NOT HOTSWAP OR POWER DOWN THE MODULE.
PoE Info: FW Download on slot 1...sending download command...
PoE Info: FW Download on slot 1...TPE response received.
PoE Info: FW Download on slot 1...sending erase command...
PoE Info: FW Download on slot 1...erase command...accepted.
PoE Info: FW Download on slot 1...erasing firmware memory...
PoE Info: FW Download on slot 1...erasing firmware memory...completed
PoE Info: FW Download on slot 1...sending program command...
PoE Info: FW Download on slot 1...sending program command...accepted.
PoE Info: FW Download on slot 1...programming firmware...takes around 12 minutes....
U1-MSG: PoE Info: Firmware Download on slot 1.....10 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....20 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....30 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....40 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....50 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....60 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....70 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....80 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....90 percent completed.
U1-MSG: PoE Info: Firmware Download on slot 1.....100 percent completed.
PoE Info: FW Download on slot 1...programming firmware...completed.
PoE Info: FW Download on slot 1...upgrading firmware...completed. Module will be reset.
PoE Info: Resetting in slot 1....
PoE Info: Resetting module in slot 1....completed.
PoE Info: Programming Ruckus defaults. Step 1: Writing port defaults on module in slot 1....
PoE Info: Programming Ruckus Defaults: Step 2: Writing PM defaults on module in slot 1.
PoE Info: Programming Ruckus defaults. Step 3: Writing user byte 0xf3 on module in slot 1.
PoE Info: Programming Ruckus defaults. Step 4: Saving settings on module in slot 1.
PoE Info: Programming Ruckus defaults....completed.
PoE Info: PoE module 1 of Unit 1 initialization is done.
Craig
Brocade ICX7250 daughter board with console port?
I gambled and bought a used 7250-24 from ebay, the auction was sold as-is and said it didn't power on. I hoped it was just a bad power supply, however it's a PoE version of the switch but the PoE daughter card is missing, I just had to plug the PS back into the motherboard; when the PoE card was removed, nobody reconnected the main power cable.
So I have it powered on, lights, sirens, fans, all the things. I decided to try and connect a console cable to see what is going on, I cut up an old usb cable and used my cisco usb/rj45 console cable (it has the serial chip onboard) but I wasn't getting anything from the console. I chased my tail a bit thinking I just didn't pin it out right. My issue was I was trying to console in via the USB A port on the switch, which seems to be just a USB port not a serial port.
So realizing this, I chopped up a micro usb cable and pinned it out connected to a keystone jack. Then I went to plug the console into the micro usb port on the switch and there isn't one.
First question, where is my console port? The hole through the chassis is there but there's no micro usb and even no reset switch. Is the console port physically on the PoE daughter card or on the PoE daughter card?
Second question, what are the part numbers? I tried searching ebay, but couldn't find a listing for the PoE card or a different daughter card for the console but came up blank.
Surprisingly, the switch is getting an IP address on the management port, connected to my LAN, I can ping the IP and ssh. Google helped me find the default username and password and I was able to log into ssh and the web gui and set a new password.
Now, question three, is there a way to update the firmware without the console? Can I do that via SSH or even the GUI?
edit: FYI the switch is currently running 8.0.90hT213 which isn't the latest, but not super old.
I gambled and bought a used 7250-24 from ebay, the auction was sold as-is and said it didn't power on. I hoped it was just a bad power supply, however it's a PoE version of the switch but the PoE daughter card is missing, I just had to plug the PS back into the motherboard; when the PoE card was removed, nobody reconnected the main power cable.
So I have it powered on, lights, sirens, fans, all the things. I decided to try and connect a console cable to see what is going on, I cut up an old usb cable and used my cisco usb/rj45 console cable (it has the serial chip onboard) but I wasn't getting anything from the console. I chased my tail a bit thinking I just didn't pin it out right. My issue was I was trying to console in via the USB A port on the switch, which seems to be just a USB port not a serial port.
So realizing this, I chopped up a micro usb cable and pinned it out connected to a keystone jack. Then I went to plug the console into the micro usb port on the switch and there isn't one.
First question, where is my console port? The hole through the chassis is there but there's no micro usb and even no reset switch. Is the console port physically on the PoE daughter card or on the PoE daughter card?
Second question, what are the part numbers? I tried searching ebay, but couldn't find a listing for the PoE card or a different daughter card for the console but came up blank.
Surprisingly, the switch is getting an IP address on the management port, connected to my LAN, I can ping the IP and ssh. Google helped me find the default username and password and I was able to log into ssh and the web gui and set a new password.
Now, question three, is there a way to update the firmware without the console? Can I do that via SSH or even the GUI?
edit: FYI the switch is currently running 8.0.90hT213 which isn't the latest, but not super old.
Running Image Version: | SW: Version 08.0.90hT213 Compiled on Nov 4 2020 at 22:05:18 labeled as SPR08090h |
|---|
Last edited:
switch only takes 1 DIMM of this, so this is two spares: Centon Lot of 2 RD703G01 2GB PC2-5300 Reg ECC CL5 DDR2 667Mhz 1 Rank SODIMM 6-2 | eBay
FYI Ruckus running forward on ICX release versions. Now has a 10.0.00 release. Only runs on ICX 7550, 7560 and 7850 Series. obviously not recommended, although doubt many have one of the supported switch series.
Last edited:
Thanks @Fodeesha - unfortunately he does not ship to the land down under - but now i know the specs i can start looking - i assume this is the same memory across unit (i.e. non POE and POE ?) i may take the module from a non-poe and see if the problem goes away (It happened again last night with a reboot at around midnight or so)
[EDIT] nope looked around no on else with ECC SODIMMs like that so i have used a US drop shipper and will see how that goes - will in the meantime cannabalise a module from a non POE here and see how we go
Craig
Last edited:
Hi, getting up and running with my 6450 and struggling with VLANs. My router is Unifi UDM Pro SE and I have several VLANs already set up and working fine on a different Unifi switch (which has its own uplink to the UDM for now so as not to interfere with the Brocade) Most traffic goes through the default VLAN 1 including where the switch is getting its IP from right now.
I basically followed fohdeesha's guide and it's functioning fine at the level of a simple unmanaged Layer 2 switch. I plug in devices to a port and they get a 192.168.1.0/24 IP. No problem at all.
I can't get any devices outside of default VLAN to work. I added port #3 as untagged on VLAN 25 and when I plug in the device, the Unifi gives it a 192.168.1.0/24 IP (not a 192.168.25.0/24 IP as it should) and I can't ping it.
What are some things I should be checking? I'm not using Layer 3 routing at this point so as I imagine things would work, I would tag ports to the appropriate VLANs which match what's on my UDM, and the UDM handles the rest. Should be easy right? What am I missing?
Thanks
I basically followed fohdeesha's guide and it's functioning fine at the level of a simple unmanaged Layer 2 switch. I plug in devices to a port and they get a 192.168.1.0/24 IP. No problem at all.
I can't get any devices outside of default VLAN to work. I added port #3 as untagged on VLAN 25 and when I plug in the device, the Unifi gives it a 192.168.1.0/24 IP (not a 192.168.25.0/24 IP as it should) and I can't ping it.
What are some things I should be checking? I'm not using Layer 3 routing at this point so as I imagine things would work, I would tag ports to the appropriate VLANs which match what's on my UDM, and the UDM handles the rest. Should be easy right? What am I missing?
Thanks
Last edited:
OK so think about what you are trying to accomplish here
Something has to route between the VLANs - you can keep it simple to start with and leave the switch as essentially L2 and use the UDM Pro as that is where you are comfortable
So on the unifi it has to know about all of the VLANs that you are going to setup and it needs to have a DHCP config for each of those subnets.
Now for a port to be in multiple VLANs (on the 6450) then it must be able to understand which VLAN a packet is for - this is done by Tagging the packets (which is just a way of saying putting a bit of info in the front to say which VLAN the packet is for)
If you have a dumb device that does not understand VLANs (like a TV or similar) then it can not tag packets - but it still needs to be able to get packets meant for it - so we set a port as being untagged and give it a VLAN that it will be a member of and that the switch will add the tag to the front of every packet the TV generates.
As a network guy - i shudder when people talk about using the default VLAN for data traffic - but lots of people do it - so just remember i told you so later when you want to come back and fix it !
So first up you need to create a VLAN 25
login as root/admin etc
then
en (enable mode)
then
conf t (go into config mode)
then
vlan 25 name VLAN25 (create VLAN 25 and give it a name)
then
untag e 1/1/3 (add port 3 in untagged mode to the VLAN)
Now you have not said which port the Unifi is plugged into - for sake of the argument lets say port 48 (i always put my important network stuff up at the end of the switch)
So port 48 needs to receive packets for both VLAN 1 and VLAN 25
With the software release we have on these devices they had a kludge for using an untagged VLAN
you need to enable dual mode on the port
So continuuing on from up above
tag e 1/1/48 (add port 48 into VLAN 25) (this also takes it out of the default VLAN 1)
int e 1/1/48 (go the int 48 and configure it)
dual-mode 1 (which will leave the tagging on this port for VLAN 25) and add untagged on VLAN 1
Now you will need to configure this up on the UDM pro end to understand that VLAN 1 traffic is untagged and VLAN 25 traffic is tagged
Craig
yeah all the 6610 variants use the same ram. DDR2 ECC registered sodimm - the size is only 512mb, but ones that small are even harder to find so any size above will work
Last edited:
Thanks so much Craig! Duly noted advice on default VLAN - I'll probably make some adjustments down the line and would love to do inter VLAN routing too... but for now I just want to work with what I have and minimize the number of moving parts...
I had to use a console cable to complete this step as I lost my SSH link to the Brocade once I tagged the uplink to VLAN #25. As soon as I put the port in dual mode it came back online again. There was nothing to configure on the Unifi since the SFP+ downlink was already marked as a trunk port so it defaults to #1 but allows any VLAN already on the router to be passed through it.
For what it's worth my uplink is on 1/2/1 since it's a SFP+ link.
NOW... to build on this question a bit, two things:
This seems to have been the missing piece for me. I had the VLAN configured correctly on the Brocade for the device port #3, and I had VLANs configured on the UDM, but I didn't have the uplink to the UDM configured on the Brocade. I assumed (incorrectly) that it would be treated as a trunk port. Am I correct to assume that this concept doesn't exist on Brocade i.e. I need to add every single VLAN (either tagged or untagged) on every single port that I might want to use?
I had to use a console cable to complete this step as I lost my SSH link to the Brocade once I tagged the uplink to VLAN #25. As soon as I put the port in dual mode it came back online again. There was nothing to configure on the Unifi since the SFP+ downlink was already marked as a trunk port so it defaults to #1 but allows any VLAN already on the router to be passed through it.
For what it's worth my uplink is on 1/2/1 since it's a SFP+ link.
NOW... to build on this question a bit, two things:
- If I want to add a different VLAN for a different device port, do I essentially repeat the same steps? Do I need to re-add 1/2/1 to dual-mode after tagging it to a new VLAN, or is that part done?
- What if I want a hypervisor or a downstream switch or a WAP that passes traffic on multiple VLANs? (I have a Proxmox server and a couple of small Unifi switches.) Do I tag the device port with every VLAN it might conceivably use and put it in dual-mode/untagged on VLAN 1?
Last edited:
Does anyone have a link for a well-priced, Brocade actual (not "compatible"), 1 meter, SFP+, passive, DAC cable? I know the Brocade switches are agnostic, but I would like a real Brocade cable. I just want to be able to run "show optic."
Show optic does nothing for a DAC. There's no optical component, so there can't be optical monitoring, which is what the show optic command is for.
Edit: If you have non-Ruckus/Brocade coded optics, you can do "non-ruckus-optic-enable". Or just order them from FS.com coded for Brocade and stop worrying about it.
I wondered about that on a passive DAC... thanks for the clarification.
I have a 6450 and last I knew the "non-ruckus-optic-enable" command did not work on these switches? Am I remembering right/wrong? For fiber I have just been sticking to Brocade branded. They cost about the same anyway.
Oh, I only have 7k family units, so not sure what the process is for a 6k. But get it from FS.com and have it coded for Brocade and it won't matter. It's not like an encrypted signature or anything, just an ID burned into the SFP/DAC and the switch won't know the difference.
This is a FS.com DAC, with one end coded for Ruckus, on my 7450:
Code:
SSH@core#sh med e 1/3/1
Port 1/3/1: Type : 40GBASE-Passive Copper 1m (QSFP+)
Vendor: RUCKUS Version: A
Part# : 58-0000033-01 Serial#: S2109200480-1
SSH@core#sh med validation e 1/3/1
Port Supported Vendor Type
----------------------------------------------------------------------
1/3/1 Yes RUCKUS Type : 40GBASE-Passive Copper 1m (QSFP+)
Code:
SSH@ICX6450-24P#sh med e 1/2/3
Port 1/2/3: Type : 10GE SR 300m ((SFP+))
Vendor: BROCADE Version: A
Part# : 57-0000075-01 Serial#: AAF210210000E3G
SSH@ICX6450-24P#sh med e 1/2/1
Port 1/2/1: Type : 10GE SR 300m ((SFP+))
Vendor: OEM Version: 02
Part# : SFP-10G-SR Serial#: CSF101L34485
SSH@ICX6450-24P#sh med e 1/2/4
Port 1/2/4: Type : 10GE SR 300m ((SFP+))
Vendor: OEM Version: 02
Part# : SFP-10G-SR Serial#: CSF101L34484
SSH@ICX6450-24P#show optic 1/2/3
Port Temperature Tx Power Rx Power Tx Bias Current
+----+-----------+--------------+--------------+---------------+
1/2/3 49.0507 C -002.6114 dBm -002.3837 dBm 8.366 mA
Normal Normal Normal Normal
SSH@ICX6450-24P#show optic 1/2/1
SSH@ICX6450-24P#show optic 1/2/4I had exactly the same problem as you.
Try to add the line to each physical interface:
Code:
no spanning-tree
e.g.
interface ethernet 1/2/1
port-name xxxx
no spanning-treeThe explanation is somewhere within this thread. I think it was about spanning tree being active per port even though it is globally disabled.
At least it helped in my case.
Does anyone have any pointers on debugging / profiling an ICX switch?
I’ve had an ICX6450-48P that’s been fairly bullet proof running 8.0.30u, but recently moved the core to an ICX7150-C12 on 8.0.95g to squeeze some longer runtime on my UPS. The 7150 had been working well for the first few days but locked up last night, with L2 traffic flowing through the switch but no L3 traffic passing across VEs and no response over the USB-C or the RJ45 serial consoles.
With no ability to access the switch via SSH or over serial, I pulled power and everything came back up just fine, but I’d like to figure out how to diagnose this if it happens again.
After reboot, I checked
but it looks as if the log was cleared on reboot.
I’ve had an ICX6450-48P that’s been fairly bullet proof running 8.0.30u, but recently moved the core to an ICX7150-C12 on 8.0.95g to squeeze some longer runtime on my UPS. The 7150 had been working well for the first few days but locked up last night, with L2 traffic flowing through the switch but no L3 traffic passing across VEs and no response over the USB-C or the RJ45 serial consoles.
With no ability to access the switch via SSH or over serial, I pulled power and everything came back up just fine, but I’d like to figure out how to diagnose this if it happens again.
After reboot, I checked
Code:
sh log