If it's not PoE, it's a 7250-24, not a 7250-24PICX 7250-24P offer accepted for 225 so I thought I should take it. it is not PoE
You didn't describe what you meant by 'the same thing'. Yes, you can link the CSS610 to the 7250 via SFP+ ports (using a DAC or AOC) and if the 7250 is primarily operating in layer 2 mode then you've essentially added 8 1GbE PoE ports to the overall network.so I could then isolate that 10gb port on the 7250 and achieve the same thing right
This....I understand that's what I want to do. However, where the "ip" command will accept an interface or ve as "next-hop", the ipv6 command requires a gateway address, which I understand to be the destination for this hop. As far as I understand the documentation, I should be able to run the command within the (config) level:
ipv6 route 2001:db8::/64 ve 3
But the interface tells me "gateway address is required".
ip ve as hop Configuring a virtual interface as next hop
ipv6 route Commscope Technical Content Portal
I found the layer 3 IPv6 support in the ICX very limiting
int ve 1234
ipv6 address 2601:3726:ab25:329a::1/64
ipv6 nd prefix-advertisement 2601:3726:ab25:329a::/64 1800 600 onlink autoconfig
ipv6 route 2001:db8::/64 ve 3 fe80::1 (link-local address and specific interface the link-local address is attached)
ipv6 route 2001:db8::/64 2001:1234::1 (a GUA or ULA address that is on an attached and routable subnet)
vlan 1 by port
untagged ethe 1/1/1
router-interface ve 1
!
vlan 2 by port
!
vlan 3 by port
untagged ethe 1/1/2 to 1/1/24
router-interface ve 3
!
vlan 999 name DEFAULT-VLAN by port
!
interface ve 1
ip address 192.168.1.250 255.255.255.0
!
interface ve 3
ip access-group 100 in
ip address 192.168.3.1 255.255.255.0
Does the unit have stacking turned on? It's possible that QSFP port is currently setup for linking.Well darn, looks like port 1/2/7 on my 6610 is damaged or misconfigured in some way.
I was using a breakout dac to my mikrotik crs312 sfp ports and 1/2/2-1/2/5 work just fine for LAG. but configuring the other breakout port the same way and putting the breakout into it - only 3 will show up as active.
I wonder If it's worth it to take apart and see if it's a component or solder issue that could be easily repairs - or a damaged PHY port. Probably not yet, since I dont have that many 40g devices yet.
No the stacking config is cleared. I even tried using the port outside of a LAG and it is just dead.Does the unit have stacking turned on? It's possible that QSFP port is currently setup for linking.
I’m not sure exactly what you mean by wanting to “put the L3 magic on”, but you’d typically want to pick a single L3 router rather than using multiple routers. A managed L2 PoE switch would let you configure VLANs on that device downstream of your 7250. You could also use an unmanaged PoE switch (or individual PoE injectors) and manage VLANs on the 7250 itself (look for MAC/flex auth in the L2 security guide if you need dynamic VLANs on a single 7250 port - e.g., an IoT VLAN and a ‘trunk’ for an AP all powered by the same unmanaged PoE switch).so I could theoretically have another managed switch with PoE even 2.5gb poe or higher, and a 10gb uplink to this switch, and I could put the L3 magic on that port and thus get a similar outcome to having a the poe version?
Check @fohdeesha ’s excellent guidealso, what is the best or highest firmware 7250 models are recommended to be on ?
Yup - if devices don’t like a non-authoritative DHCP server, you’ll have problems using the switch in that capacity, but DHCP relay works well to a separate device (typically your upstream router/gateway/firewall or a separate server).last question --- is the 7250 a switch that has issues as a DHCP server?? that was one of the reasons among many others I went this direction. if it does have issues, what is the best solution for a dhcp server so I can setup the 7250 with dhcp relay or whatever?
Practically, no. The PoE-less switches not only lack the PoE daughter board but are also missing other components.and can a 7250-24 be upgraded to a 7250-24P?
Thanks for the confirmation. At this time, I've got OpenWRT doing the gateway to the ISP (Comcast) who gives me a /60. So OpenWRT has a static route through fe80::1 (ICX6450 ve 1) to the /60, and ve 1 has a default route through the link-local EUI-64 of OpenWRT to the internet. Then, I assign static /64's to ve 2 and ve 3 (thus allowing routing traffic to those segments) as well as giving them fe80::1. The switch announces that it is the default route on ve 2 and 3, which covers the delegated prefix as well as a ULA for the "site".All hope is not lost.
As far as your routing situation, it needs to know where to send the packets with either a router advertisement or a static assigned gateway. Can't just send it out of an interface. AFAIK, other switch firmware is similar.
ipv6 unicast-routing
ipv6 route ::/0 ve 1 fe80::f2ad:4eff:fexx:xxxx
!
interface ve 1
ipv6 address fe80::1 link-local
ipv6 address fdxx:xxxx:xxxx::/64 eui-64
ipv6 address 2601:xxxx:xxxx:xxx0::/64 eui-64
ipv6 nd suppress-ra
!
interface ve 2
ipv6 address fe80::1 link-local
ipv6 address fd50:xxxx:xxxx:20::/64 eui-64
ipv6 address 2601:xxxx:xxxx:xxx2::/64 eui-64
ipv6 nd other-config-flag
I've never felt comfortable with the idea of an L3 switch. I like to keep routing and switching separated.I found the layer 3 IPv6 support in the ICX very limiting and in my recent network rebuild I stopped using it; my ICX units only handle layer 2 now.
How retro.I've never felt comfortable with the idea of an L3 switch. I like to keep routing and switching separated.
I am trying to figure out the DHCPv6 giving out DNS and NTP servers, since the ICX6450 can't advertise those in the RA; then I will be figuring out the DHCPv6 relay.
ipv6 dhcp-relay destination <primary ipv6 dhcp server>
ipv6 dhcp-relay destination <secondary ipv6 dhcp server>
ipv6 dhcp-relay include-options interface-id remote-id
ipv6 nd other-config-flag
Did you see that isc-dhcp-server is deprecated? They want you to move to isc-kea-server.I am using ISC's DHCP server on FreeBSD for IPv4 DHCP assignments and now the same for IPv6 DNS, NTP, and TFTP assignments.