Brocade ICX Series (cheap & powerful 10gbE/40gbE switching)

[ramicio]

See that makes no sense now... you can't get DHCP to pass to the server, yet you have NO errors and NO packet loss with static IP's on the local lan.

I apologize in advance for what may seem like dumb questions but I feel they have to be asked:

static ip testing:
When testing with static IP's are you setting the test system's default gateway to your ASUS router?

dhcp testing:
While you have not stated you are using reservations based on your past comments with DHCP and your servers ip's assigned by dhcp it sounds like you have reservations set up.
If you have dhcp reserverations then are you changing the MAC address of the reservation to match the MAC address of the port you are using on the server?
I believe there are two ports on that card therefore 2 different mac addresses, which will also be different from your 10Gbe card's mac addresses?

Yes, I would set the gateway to 192.168.1.1.

This card's MAC address has been long gone from my DHCP reservations list. Since before I even made this thread. Once I can get things to work (may be with a different card, if that's the issue), it will be added back. It just grabs a DHCP address from the random range pool. Not really concerned about giving it a reserved address at this point.

This is the XL710-QDA1, the single-port card.

 

[ramicio]

See that makes no sense now... you can't get DHCP to pass to the server, yet you have NO errors and NO packet loss with static IP's on the local lan.

I apologize in advance for what may seem like dumb questions but I feel they have to be asked:

static ip testing:
When testing with static IP's are you setting the test system's default gateway to your ASUS router?

dhcp testing:
While you have not stated you are using reservations based on your past comments with DHCP and your servers ip's assigned by dhcp it sounds like you have reservations set up.
If you have dhcp reserverations then are you changing the MAC address of the reservation to match the MAC address of the port you are using on the server?
I believe there are two ports on that card therefore 2 different mac addresses, which will also be different from your 10Gbe card's mac addresses?

Oh, yes, when I set it to a static IP, that's when I get all of the errors. If I try DHCP, it can't do anything at all. It just hangs there endlessly looking for a response [to get an address].

 

[ramicio]

I just ordered 2 new cables. Customized for Brocade on one end and Intel on the other. Should arrive tomorrow. We'll see what happens.

 

[thebwack]

I've got a 7250-24 here on 08.0.30hT211 and I need to update it. I've successfully gone through the guide with two 6610's so I'm familiar but still new to FastIron.

I can't get the MiniUSB Serial Port to work at all, I know its not a USB connection. I've read all the posts and built a cable using the pinout and a usb/console adapter. I'll probably order a Brocade cable although I'm concerned the USB port might have been DOA but we'll see.

In the meantime I have access via Telnet and was able to create a super user and get GUI access so I can for the most part manage this switch but all the features I need are in v8.0.80 onward.

So my question: Is it possible to upgrade this unit from Telnet or GUI? I don't think I can get into the boot loader so I can't load the newer bootloader . Is there anyway to go directly from 8.0.30 to one of the newer packages via GUI or Telnet that would be safe?

Thanks!

 

[Rttg]

While it’s likely best practice to upload the new bootloader from the boot prompt regardless, have you checked to see whether you’re already on the newest bootloader?

A quick sh ver should do the trick. If you’re already on the latest boot code, then it’s fairly trivial to update the software image via SSH/telnet

 

[thebwack]

here is the output

telnet@ICX7250-24 Switch#sh ver                                                 
  Copyright (c) 1996-2016 Brocade Communications Systems, Inc. All rights reserv
ed.                                                                             
    UNIT 1: compiled on May 19 2016 at 01:22:26 labeled as SPS08030h           
      (28713156 bytes) from Primary SPS08030h.bin                               
        SW: Version 08.0.30hT211                                               
      Compressed Boot-Monitor Image size = 786944, Version:10.1.06T215 (spz10106
)                                                                               
  HW: Stackable ICX7250-24                                                     
==========================================================================     
UNIT 1: SL 1: ICX7250-24 24-port Management Module                             
      Serial  #:DUH3824N00C                                                     
      License: BASE_SOFT_PACKAGE   (LID: fwjINHJpFFe)                           
      P-ASIC  0: type B344, rev 01  Chip BCM56344_A0                           
==========================================================================     
UNIT 1: SL 2: ICX7250-SFP-Plus 8-port 80G Module                               
==========================================================================     
 1000 MHz ARM processor ARMv7 88 MHz bus

 

[thebwack]

wondering if I could load SPR08080f.bin or something newer from the telnet prompt to then allow me to flash the 8095 ufi

if not I'll wait while I order the correct serial cable and see if that works. seems like making a DIY console cable for the MiniUSB is hit or miss so Im probably doing something wrong there.

 

[js00]

Not a direct question for this series but how do you use public IPs with these switches do you need to configure the IP blocks or are they just plug and play like for private IP ranges.

 

[kpfleming]

Not a direct question for this series but how do you use public IPs with these switches do you need to configure the IP blocks or are they just plug and play like for private IP ranges.

If you are using the L2 firmware (in 'switch' mode), there is no need to manage IP blocks at all.
If you are using the L3 firmware (in 'router' mode), you set it up like you would any IPv4 or IPv6 router.

 

[js00]

If you are using the L2 firmware (in 'switch' mode), there is no need to manage IP blocks at all.
If you are using the L3 firmware (in 'router' mode), you set it up like you would any IPv4 or IPv6 router.

I don't currently have access I presume by default these ICX (after factory reset) are in L2 firmware mode?

 

[kpfleming]

No, it depends on the firmware that is installed; the device will either boot 'S' (switch) or 'R' (router) firmware depending on what has been loaded into its flash.

 

[js00]

No, it depends on the firmware that is installed; the device will either boot 'S' (switch) or 'R' (router) firmware depending on what has been loaded into its flash.

Private IPs where working fine between my machines so it would be in L2?

 

[kpfleming]

Private IPs where working fine between my machines so it would be in L2?

There's really not enough information to be able to answer this question.

If your statement is "I have two machines onto which I have configured addresses from the RFC 1918 ranges and those machines are able to communicate with each other when connected through this ICX box", then it could be that the ICX is running L2 firmware... it could also be running L3 firmware in a factory-default configuration where there is only a single VLAN and no routing configured.

In either case it doesn't matter whether the addresses are 'private' (RFC 1918) or 'public'.

 

[kemic]

Forgive me if this has been addressed in this massive thread already…

I’m trying to configure the rear ports as an LACP lag and for some reason when I add the lag primary port to a vlan as a tagged port, one of the ports in the lag goes down and won’t come back up until I reboot the switch. I tried forcing it up as well with no luck. I get the feeling it’s an STP thing. After the switch reboots, everything seems good. Any tips?

 

[Zackey_TNT]

Is your ICX 6610 plugged into a UPS? If so, mfg and model please.

Hey sorry for not getting back to you. It was the UPS. Make sure you guys aren't using low quality Line Interactive consumer UPSes! It'll crash the PSUs on the Beefy bois. I replaced it with a rack mounted APC unit and it was perfect since.

 

[Craig Curtin]

Forgive me if this has been addressed in this massive thread already…

I’m trying to configure the rear ports as an LACP lag and for some reason when I add the lag primary port to a vlan as a tagged port, one of the ports in the lag goes down and won’t come back up until I reboot the switch. I tried forcing it up as well with no luck. I get the feeling it’s an STP thing. After the switch reboots, everything seems good. Any tips?

Which Switch ? Show us the config so we can see the ports you are using ? Dynamic or static LACP - who/what is on the other end and what are they configured for ? It does sound like STP though

Do you have router firmware or switch firmware on the unit ?

Craig

 

[Craig Curtin]

Private IPs where working fine between my machines so it would be in L2?

Also unless you are really into setting up ACLs on the switch and really understanding networking and what you are letting yourself in for - i would not be putting one of these as front facing to the internet without a hefty firewall in front.

Remember this switch code is out of date and is freely available on the internet for hackers to pore over and look for holes etc.

Craig

 

[ramicio]

I got new DAC cables. They make zero difference. Where do I go from here? Please help me.

 

[ramicio]

Could it be a counterfeit NIC? The eBay listing is for a massive quantity of cards, and they've been listed for years. Yet somehow the picture they show has the same MAC address as the card I have. Luck of the draw or what? What do I do?

 

[ramicio]

Okay, I am going to bark up the tree of where I bought the NIC. The YottaMark info just shows that it's a NIC. It has ZERO trace information shown on YottaMark's site. No model number or ANY info, whatsoever. If I go to another auction where they show a picture of it, and enter that into YottaMark, it shows the correct info about it and even the MAC address.

I ordered another NIC. One from an auction where they're only selling one, and it's explicitly said that what is in the picture is what I will get, and the YottaMark checks out.