Drag to reposition cover

Brocade ICX Series (cheap & powerful 10gbE/40gbE switching)

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
N

NateR

Member
Feb 10, 2022
33
23
8
Hello all,

I've got an ICX6450-24p I've had in use for a year or so now. I've noticed that when I mess around with stuff in my rack, sometimes I'll lose the SFP ports (no status lights), which I use for uplink to the upstream switch, requiring a reboot of the switch. I believe I've finally figured out what is causing it - I disconnected a shielded network cable the other day, and happened to touch the metal shielding on the connector and shocked it with ESD (it's pretty dry here, and I typically touch the rack before anything else to discharge it, but either forgot to or just moving around built up a charge). The SFP ports went dark when this happened. Rebooted, and they came back up.

Any ideas on how to keep this from repeatedly happening?

Also, has anyone found a good alternative to OEM rack-mount ears? Mine came with a couple, but as I didn't have a rack at the time, I stupidly removed them and put them "where I will remember them..." well, after much searching, I have failed to find them.

Thanks
 
D

dswartz

Active Member
Jul 14, 2011
611
79
28
NablaSquaredG said:
Yeah... I like Mellanoxes approach, where you can have at least images downloaded on the switch, but not installed (just ready to install).

This doesn't work from the bootloader though, but that would be a great idea in case some switch manufacturer reads this ;)
Click to expand...
You beat me to it. Yeah, you need to be up and running to do that, but both flash partitions were borked. "Can't get there from here". What I ended up doing:

1. Login to 7250 stack with my iphone and delete the LAG.
2. Unplug one of the LAG cables at my end to avoid STP issues.
3. Move the other cable to the mgmt port on the 7150.
4. Boot from tftp on the VM specifying the old FW.
5. Copy from tftp on the VM with old FW to primary.
6. Reboot from primary.
7. Set up minimal config so I can http in and finish config (there wasn't much unlike the 7250 stack).
8. copy from primary flash to secondary flash.
9. Login to 7250 stack and reinstate the LAG.
10. Restore cables to original positions.
11. (minimize future hassles) Install tftpd-hpa on a 1U rackmount linux host by my desktop that is a secondary backup target.
12. Bitch-slap myself for getting into this cluster-f*ck to begin with LOL.
 
Last edited:
D

dswartz

Active Member
Jul 14, 2011
611
79
28
NateR said:
Hello all,

I've got an ICX6450-24p I've had in use for a year or so now. I've noticed that when I mess around with stuff in my rack, sometimes I'll lose the SFP ports (no status lights), which I use for uplink to the upstream switch, requiring a reboot of the switch. I believe I've finally figured out what is causing it - I disconnected a shielded network cable the other day, and happened to touch the metal shielding on the connector and shocked it with ESD (it's pretty dry here, and I typically touch the rack before anything else to discharge it, but either forgot to or just moving around built up a charge). The SFP ports went dark when this happened. Rebooted, and they came back up.

Any ideas on how to keep this from repeatedly happening?

Also, has anyone found a good alternative to OEM rack-mount ears? Mine came with a couple, but as I didn't have a rack at the time, I stupidly removed them and put them "where I will remember them..." well, after much searching, I have failed to find them.

Thanks
Click to expand...
Wish I could help. My grumble about rackmount stuff: the nuts everyone provides have the same outside square size to fit the rack posts, but I've found that when you order a set of nuts and bolts, the nuts and bolts are not always the exact right size between different vendors. e.g. sometimes a bolt from vendor A is a bit too big to fit in the hole of a nut from vendor B. Other times, it's a bit too small, and doesn't engage the threads (but just slides right in, which is obviously useless).
 
D

dswartz

Active Member
Jul 14, 2011
611
79
28
Vesalius said:
Weirdly I had something similar when my area had major power outages from an ice storm that took power out for hours, exhausted the UPS and then proceeded to flicker on and off for several more hours. Although I still had a switch that seemed to function correctly, I could neither SSH into it or do anything directly at the console. Ultimately pulling the plug and then powering back up fixed that glitch, though I was nervous and ready to reinstall on a backup switch.
Click to expand...
I had something very similar happen!
 
D

dswartz

Active Member
Jul 14, 2011
611
79
28
fohdeesha said:
what da heck is an icx6150? lol

I don't know of any low level commands that completely bypass physical SFP presence, but from the page you linked it looks like you should just solder pin 6 to ground on the optic itself to solve it
Click to expand...
the icx6150 is the tofu version of a beefy switch :)
 
  • Love
Reactions: fohdeesha
S

Shad

New Member
Oct 15, 2022
3
0
1
Shad said:
What I'd like to do next is replace one of the switches with the PoE version, ICX6540-48P. The documentation and video guides say that as long as the replacement stack member is the same model and has been erased, it will be adopted and the config applied. "It just works".

Does anybody know if that is also the case when replacing non-PoE with PoE version of otherwise the exact same model?
Click to expand...
Any thoughts on this one? I'm going to attempt it tomorrow now I have a replacement switch sorted out with updated firmware, a license, and empty config.
 
T

tangofan

New Member
May 28, 2020
17
6
3
Just wanted to drop in and say a special "thank you" to @fohdeesha Got my used ICX7150-24p up and running using your instructions a bit over 2 years ago. Just upgraded firmware to 8095h and everything went as smooth as butter.

A bit of beer money is heading your way. Thanks again for all the good work you do here.
 
  • Love
Reactions: fohdeesha
fohdeesha

fohdeesha

Kaini Industries
Nov 20, 2016
2,893
3,404
113
34
fohdeesha.com
tangofan said:
Just wanted to drop in and say a special "thank you" to @fohdeesha Got my used ICX7150-24p up and running using your instructions a bit over 2 years ago. Just upgraded firmware to 8095h and everything went as smooth as butter.

A bit of beer money is heading your way. Thanks again for all the good work you do here.
Click to expand...
Thank you for the donation!
 
  • Like
Reactions: Aluminat
S

Shad

New Member
Oct 15, 2022
3
0
1
Shad said:
What I'd like to do next is replace one of the switches with the PoE version, ICX6540-48P. The documentation and video guides say that as long as the replacement stack member is the same model and has been erased, it will be adopted and the config applied. "It just works".

Does anybody know if that is also the case when replacing non-PoE with PoE version of otherwise the exact same model?
Click to expand...
In case anyone finds this in the future, I played it safe. Having exported the config it was clear it wasn't going to work plug-n-play because the POE module has a different name so the stack part of the config wouldn't have matched up. I modified the config with the correct module name and restored it to the new POE switch and it was happy. Then I erased the other switch for the stack and it hooked it up, and the config automatically copied over as expected. All sorted :)
 
N

NablaSquaredG

Bringing 100G switches to homelabs
Aug 17, 2020
1,748
1,164
113
I've lent an ICX6610 to a friend, config is stock (no VLANs, nothing)

He keeps telling me that the ICX6610 doesn't allow DHCP to passthrough? I have no idea, I've never had any issue like that. He's using the 4x10G port with a breakout cable and one of the 10G ports on the front. Other traffic seems to go through.

I suppose it's a Layer 8 error on his side...
 
D

DerTom

New Member
Mar 30, 2021
13
1
3
Hi!

I've got myself the Brocade ICX-6450-48P and think that I do have lost myself during configuration... At least I'm missing something and ask for your help.

What am I trying to achieve:
I do have configured four gateways and four vlans at a pfSense-firewall. I specified a specific gateway for each vlan using the firewall-rules. To get the inter-vlan-routing off the firewall I got the ICX-6450. As much as I understand the documentation or what I have read I have to configure one port with all four 'pfSense-vlans' being tagged and being connected to the pfSense-box. Next is to create four new 'ICX-vlans' for my network, create the router-interface for each vlan and specify the gateway for each 'ICX-vlan' by using the default-gateway option (IP of the created tagged vlan-port).

Right here I'm stuck...

The ICX is running the 'latest' router-firmware:

IMG_20230305_175623.jpg


I do have created a vlan 72 for testing and the 've 72' interface:

IMG_20230305_181358.jpg

There is no option to define a 'default-gateway' for the router-interface:

IMG_20230305_181511.jpg

or the vlan itself:

IMG_20230305_182027.jpg

Is it, that the 6450 isn't having this option as the firmware is 'too old'
or
my configuration is just wrong
or
I'm missing something else?

If there is someone kind enough to help me out, every hint is kindly appreciated.

Best wishes from Germany!

Tom
 

Attachments

I

itronin

Well-Known Member
Nov 24, 2018
1,325
882
113
Denver, Colorado
DerTom said:
Hi!

I've got myself the Brocade ICX-6450-48P and think that I do have lost myself during configuration... At least I'm missing something and ask for your help.

What am I trying to achieve:
I do have configured four gateways and four vlans at a pfSense-firewall. I specified a specific gateway for each vlan using the firewall-rules. To get the inter-vlan-routing off the firewall I got the ICX-6450. As much as I understand the documentation or what I have read I have to configure one port with all four 'pfSense-vlans' being tagged and being connected to the pfSense-box. Next is to create four new 'ICX-vlans' for my network, create the router-interface for each vlan and specify the gateway for each 'ICX-vlan' by using the default-gateway option (IP of the created tagged vlan-port).

Right here I'm stuck...
Click to expand...
Is this a requirement: Specific default gateway per VLAN?
Or
Are you simply as you said trying to get inter-vlan routing off the firewall? Ie. use the ICX6450 as your "core router"?

I'm going to leave this drawing here and see if it helps:
4-vlan-home-icx-pfsense.drawio.png
 
D

DerTom

New Member
Mar 30, 2021
13
1
3
itronin said:
Is this a requirement: Specific default gateway per VLAN?
Or
Are you simply as you said trying to get inter-vlan routing off the firewall? Ie. use the ICX6450 as your "core router"?

I'm going to leave this drawing here and see if it helps:
View attachment 27640
Click to expand...
As much as I know I do need a separate gateway for each vlan as there are different wan-gateways/purposes for each vlan.
#1 gateway vlan 71 -> default gateway wan
#2 gateway vlan 72 -> vpn
#3 gateway vlan 73 -> vpn-streaming
#4 gateway vlan 74 -> vpn-work
Having vlan99/ve99 for all four vlans will not work as I don't see a way to separate the traffic for the different gateways.

I'm thinking about a setup like:
(icx-6450 -> pfsense -> gateway)
#1 vlan71 (ve 71: 192.168.71.253, default-gateway: 192.168.171.254) -> vlan171 (192.168.171.0/24, 192.168.171.254) -> default-gateway: 10.0.71.1
#2 vlan72 (ve 72: 192.168.72.253, default-gateway: 192.168.172.254) -> vlan172 (192.168.172.0/24, 192.168.172.254) -> default-gateway: 10.0.72.1
#3...
#4....

The documentation (for configuring the default-gateway) I do see is for fastiron 08050 - a version I will not get with the 6450!?
 
M

MikeSpears

New Member
Feb 8, 2016
14
1
3
31
MikeSpears said:
Having some issues with the 40G to 4x 10G breakout cable I bought (https://www.amazon.com/dp/B01LAR98YK and https://www.amazon.com/dp/B00U8LY4Y4). When I attach the cable to one of the breakout ports and the other end to my servers, either only 1 or 2 will link up, or none will link. Is this potentially a bad cable or user error?
Click to expand...
I suspect I fixed this, but will know for sure later as my lab lives in a datacenter so gotta go back to test... I never disabled stacking on my switch.
 
K

kpfleming

Active Member
Dec 28, 2021
440
226
43
Pelham NY USA
DerTom said:
As much as I know I do need a separate gateway for each vlan as there are different wan-gateways/purposes for each vlan.
#1 gateway vlan 71 -> default gateway wan
#2 gateway vlan 72 -> vpn
#3 gateway vlan 73 -> vpn-streaming
#4 gateway vlan 74 -> vpn-work
Having vlan99/ve99 for all four vlans will not work as I don't see a way to separate the traffic for the different gateways.
Click to expand...
This sort of thing is what VRFs were invented for. You create a VRF for each 'virtual routing table' you need, with the proper routes to external networks, and assign VLANs to the VRFs they need.

The issue here is not the existence of different gateways, it's the existence of different routing tables.
 
  • Like
Reactions: RobstarUSA and itronin
I

itronin

Well-Known Member
Nov 24, 2018
1,325
882
113
Denver, Colorado
kpfleming said:
This sort of thing is what VRFs were invented for. You create a VRF for each 'virtual routing table' you need, with the proper routes to external networks, and assign VLANs to the VRFs they need.

The issue here is not the existence of different gateways, it's the existence of different routing tables.
Click to expand...
and @DerTom

Concur that VRF would solve this.

But, does the ICX6450 have VRF support?

AFAIK - I do not think VRF support is available on the ICX6450 (first post in the thread and here.)
 
You must log in or register to reply here.
Top Bottom