Drag to reposition cover

Brocade ICX Series (cheap & powerful 10gbE/40gbE switching)

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

compufritz

New Member
Feb 25, 2024
4
3
3
Not understanding what my problem is here, but I assume it's something I configured incorrectly. I have an ICX6450-48P that I reset and updated following Fodeesha's guide. I set up a few VLANs and a transit network to go to my pfSense. Right now this is all offline as I finish configuring before changing the whole network over, but I am setting up 2 Windows Server VMs acting as DCs handling DHCP and DNS, pfSense acting as the firewall on the transit, and the 6450 as the L3 switch.

I have my desktop connected to one of the SFP+ ports using a Brocade optic and a fiber cable. I can connect just fine to the switch using putty and modify configuration, however I am unable to ping the other IPs of the ve's I set up (i.e. can't ping 10.10.5.1 from PC which is 10.10.10.50). The IP address on the desktop is configured manually (10.10.10.50, 255.255.255.0, 10.10.10.1 as the gateway). If I connect my laptop into port 1/1/2 it will pull an IP address from DHCP and I am able to ping 10.10.5.1 and 10.10.10.1, but not 10.10.10.50 (desktop). Switch config
Code:
SSH@icx6450>show run
Current configuration:
!
ver 08.0.30uT313
!
stack unit 1
  module 1 icx6450-48p-poe-port-management-module
  module 2 icx6450-sfp-plus-4port-40g-module
!
!
!
!
vlan 1 name DEFAULT-VLAN by port
router-interface ve 1
!
vlan 5 name MGMT by port
tagged ethe 1/1/11 to 1/1/12 ethe 1/1/46 ethe 1/1/48
untagged ethe 1/1/2 to 1/1/4
router-interface ve 5
!
vlan 10 name Trusted by port
tagged ethe 1/1/11 to 1/1/12 ethe 1/1/46 ethe 1/1/48
untagged ethe 1/1/5 to 1/1/10 ethe 1/1/13 to 1/1/36 ethe 1/2/1 to 1/2/3
router-interface ve 10
!
vlan 20 name Lights by port
tagged ethe 1/1/11 to 1/1/12 ethe 1/1/46 ethe 1/1/48
untagged ethe 1/1/38 ethe 1/1/40
router-interface ve 20
!
vlan 30 name NVR by port
untagged ethe 1/1/37 ethe 1/1/39 ethe 1/1/41 ethe 1/1/43 ethe 1/1/45 ethe 1/1/4                                       7
router-interface ve 30
!
vlan 40 name IOT by port
tagged ethe 1/1/11 to 1/1/12 ethe 1/1/46 ethe 1/1/48
untagged ethe 1/1/42
router-interface ve 40
!
vlan 50 name Guest by port
tagged ethe 1/1/11 to 1/1/12 ethe 1/1/46 ethe 1/1/48
untagged ethe 1/1/44
router-interface ve 50
!
vlan 172 name Transit by port
untagged ethe 1/1/1 ethe 1/2/4
router-interface ve 172
!
!
!
!
!
optical-monitor
aaa authentication web-server default local
aaa authentication login default local
hostname icx6450
ip dhcp-client disable
ip route 0.0.0.0/0 172.16.1.1
!
no telnet server
username admin password .....
!
!
web-management https
!
!
!
interface ethernet 1/1/11
dual-mode  5
!
interface ethernet 1/1/12
dual-mode  5
!
interface ethernet 1/1/37
inline power
!
interface ethernet 1/1/38
inline power
!
interface ethernet 1/1/39
inline power
!
interface ethernet 1/1/40
inline power
!
interface ethernet 1/1/41
inline power
!
interface ethernet 1/1/42
inline power
!
interface ethernet 1/1/43
inline power
!
interface ethernet 1/1/44
inline power
!
interface ethernet 1/1/45
inline power
!
interface ethernet 1/1/46
dual-mode  5
inline power
!
interface ethernet 1/1/47
inline power
!
interface ethernet 1/1/48
dual-mode  5
inline power
!
interface ethernet 1/2/1
speed-duplex 1000-full-master
!
interface ve 5
ip address 10.10.5.1 255.255.255.0
!
interface ve 10
ip address 10.10.10.1 255.255.255.0
!
interface ve 20
ip address 10.10.20.1 255.255.255.0
!
interface ve 30
ip address 10.10.30.1 255.255.255.0
!
interface ve 40
ip address 10.10.40.1 255.255.255.0
!
interface ve 50
ip address 10.10.50.1 255.255.255.0
!
interface ve 172
ip address 172.16.1.2 255.255.255.252
!
!
!
!
!
!
!
!
!
end
I noticed that at the very beginning of the config it doesn't say 'stack disable' like I've seen in some other configs posted here, so I ran a 'stack unconfigure clean' and got the following:
1724121463721.png
Leads me to believe that it isn't part of a stack. The 10G ports are licensed following the guide. It seems like it's not routing from module 2 to module 1 and vice versa and I can't seem to figure it out. Any help would be appreciated. Thanks
 

N1h1l1ty

New Member
Oct 21, 2018
29
3
3
Toronto, Canada
Been a long time since I posted here... (6 years) but huge thanks @fohdeesha, buying an ICX6610 may or may not have sent me down a deep spiral that ended up with me as a sysadmin for a career.

Said career actually led to me recently buying my first home and naturally, despite the place being pretty tiny, I wanted 10 gig... and POE... and all the bells and whistles. Fast forward a few months and I'm the relatively happy new owner of an ICX7250-24P. I'd figure I'd share my experience trying to quiet this thing down and also the kind of silly oopsie I made that I've now figured out and may as well mention in case someone else runs into the same thing.

Now, context here is that I'm making do with the top of my laundry closet doubling for server/network closet duties. Its not exactly the largest space and even though I've got a door and a sliding bookshelf in front of it, noise is definitely a concern, so when I got the 7250 in I fully expected to have to, ahem, do a little work - as expected, the Foxconn fans were just too loud even at speed 1. Naturally I perused this thread, found the Delta EFB0412VHD-F00 + Sunon MF60101V3-1000U-A99 on asic recommendation, went ahead and ordered. Installation was fairly straightforward, I did not bother with new connectors and just cut the connectors off the Foxconns and soldered in the Deltas and Sunon:
Closed er up, looked at temps, all was swell... and this is where I make a critical error. What I did not realize (and I hope this will be informative for anyone that does this and then sees temps climb up and down and up and down between speeds 1 and 2) is that the ICX7250 relies on diagonal airflow, with air being pulled in not from the front but from the left (Power supply) side of the chassis and traversing across the board / PSU on its way out when pulled by the fans. I made the mistake of sandwiching this poor thing beside my UPS, which itself is not actually running hot at all... but completely eliminating any actual potential for the switch to draw in fresh (relatively for a tiny closet) air:
This didn't actually lead to the switch overheating - in Speed 2 the Deltas are actually fully capable of keeping PSU temps below 50 C and the ASIC is completely fine the entire time, stabilizing at 68 when running at Speed 1 and 60 at Speed 2, even with the airflow restriction. However, once I moved the switch 2 inches away from the UPS (and also elevated it for good measure to stop the bottom of the switch radiating heat inwards) temps have completely stabilized at 67-68 on the ASIC and 45 on the PSU air outlet. The best part? Its dead silent. I mean, the M720q above it makes more noise, and that thing is running at a cool 25C.

Overall, lessons have been learned... I actually ordered some more potent Mechatronix fans while I was trying to puzzle out this (silly) temp issue, but I think I'm going to experiment with adding one as a third fan just to completely eliminate any chance of the PSU running too hot.
 
  • Like
Reactions: RoachedCoach

ManoftheSea

Member
Apr 18, 2023
41
16
8
I have my desktop connected to one of the SFP+ ports using a Brocade optic and a fiber cable.
Code:
SSH@icx6450>show run
...
vlan 10 name Trusted by port
tagged ethe 1/1/11 to 1/1/12 ethe 1/1/46 ethe 1/1/48
untagged ethe 1/1/5 to 1/1/10 ethe 1/1/13 to 1/1/36 ethe 1/2/1 to 1/2/3
router-interface ve 10
!
vlan 172 name Transit by port
untagged ethe 1/1/1 ethe 1/2/4
router-interface ve 172
!
end
Any help would be appreciated. Thanks
You don't happen to have the desktop plugged into 1/2/4, do you?
 

compufritz

New Member
Feb 25, 2024
4
3
3
You don't happen to have the desktop plugged into 1/2/4, do you?
No, it's definitely plugged into 1/2/1. I actually tested plugging my laptop in 1/2/1 using a RJ45 SFP adapter and it is able to ping the desktop at 10.10.10.50, but is also doesn't get an IP from DHCP servers on the DCs and is unable to ping 10.10.5.1 or either of the DC VMs(10.10.5.2 & 10.10.5.3)
 

ManoftheSea

Member
Apr 18, 2023
41
16
8
It seems like it's not routing from module 2 to module 1
It looks like you can plug the laptop into 1/1/5, manually assign 10.10.10.49/24, and ping the desktop at 10.10.10.50. This will demonstrate that modules 1 and 2 can pass traffic to each other.

You might also try running tcpdump at various points to determine where traffic is breaking down.

I'd also recommend the "show ip route" and "show ip cache" commands.
 

compufritz

New Member
Feb 25, 2024
4
3
3
It looks like you can plug the laptop into 1/1/5, manually assign 10.10.10.49/24, and ping the desktop at 10.10.10.50. This will demonstrate that modules 1 and 2 can pass traffic to each other.

You might also try running tcpdump at various points to determine where traffic is breaking down.

I'd also recommend the "show ip route" and "show ip cache" commands.
Duh moment...eliminate variable to isolate the problem. Didn't think of that last night.

I'll try that later tonight. I had run "show ip route" and it looked normal. I'll run both of those commands later and post the output. Thanks
 
  • Like
Reactions: ManoftheSea

compufritz

New Member
Feb 25, 2024
4
3
3
Ok, so module 1 and 2 are communicating properly. I connected the laptop to 1/1/5 and manually set IP info (10.10.10.51, 255.255.255.0, 10.10.10.1) and was able to ping the desktop (10.10.10.50) and vice versa.

Had another epiphany to test VLAN routing, so hooked up wife's laptop to 1/1/38 and manually set IP (10.10.20.51,255.255.255.0,10.10.20.1) and was unable to ping the other laptop or the desktop. So that points me to a switch config issue with inter-VLAN routing. Found this post while researching, so restarted both machines since I already has DNS configured and now everything is talking... /facepalm...it's always DNS lol


Show IP route and show IP cache results below (ran before I tested the .20.0 ping so that's why it's not in the routes)
Code:
SSH@icx6450>show ip route
Total number of IP routes: 4
Type Codes - B:BGP D:Connected O:OSPF R:RIP S:Static; Cost - Dist/Metric
BGP  Codes - i:iBGP e:eBGP
OSPF Codes - i:Inter Area 1:External Type 1 2:External Type 2
        Destination        Gateway         Port          Cost          Type Upti                           me
1       0.0.0.0/0          172.16.1.1      ve 172        1/1           S    1m33                           s
2       10.10.5.0/24       DIRECT          ve 5          0/0           D    1m34                           s
3       10.10.10.0/24      DIRECT          ve 10         0/0           D    18h1                           1m
4       172.16.1.0/30      DIRECT          ve 172        0/0           D    1m33                           s
SSH@icx6450>show ip cache
Entries in default routing instance:
Total number of cache entries: 6
D:Dynamic  P:Permanent  F:Forward  U:Us  C:Complex Filter
W:Wait ARP  I:ICMP Deny  K:Drop  R:Fragment  S:Snap Encap
     IP Address         Next Hop        MAC            Type Port           Vlan Pri
1    172.16.1.2         DIRECT          0000.0000.0000 PU   n/a                 0
2    10.10.5.1          DIRECT          0000.0000.0000 PU   n/a                 0
3    10.10.5.2          DIRECT          0000.0000.0000 DW   n/a                 0
4    10.10.5.3          DIRECT          0000.0000.0000 DW   n/a                 0
5    10.10.10.1         DIRECT          0000.0000.0000 PU   n/a                 0
6    255.255.255.255    DIRECT          0000.0000.0000 PU   n/a                 0
SSH@icx6450>
Duh moment...eliminate variable to isolate the problem. Didn't think of that last night.

I'll try that later tonight. I had run "show ip route" and it looked normal. I'll run both of those commands later and post the output. Thanks
 

RuckusVol

New Member
Jul 2, 2024
7
7
3
You'll need to show the full output of 'show version', that alone is not enough.
SPR08095p, SW version 08.0.95pT213, Software Package ICX7250_L3_SOFT_PACKAGE, license l3-prem-8X10G. Does that tell you what you need to know? I didn't see anything else relevant in the logs.

I was able to get the GPON working. But it's very intermittent. I have a Firewalla and now none of my devices can ping the gateway. I assume I messed something up on the switch and it's not a Firewalla problem.

To get the WAN working I had to try a bunch of stuff. I doubt it's right or the best way so I'd like feedback on the big picture correct way to do it. I'm happy to learn how to implement the concepts myself.

I have a GPON SFP module bringing fiber in. That communicates on Vlan 1222 but also has untagged traffic. I'm not clear on the right way to handle that between two ports and not have them talk to any other ports so it all goes to the router. I ended up with tagged Vlan 1222 and untagged Vlan 22 on both ports. It worked, but I'm not sure if split Vlans causes an issue or not. I did configure the router to expect Vlan 1222.

I tried untagged 1222 on the GPON and tagged on the other side, while removing the default Vlan. I tried the reverse of that, both tagged and removed from default, and both untagged. I don't know if there's a specific isolated Vlan I should use or something. I'm open to suggestions.

On the LAN side I have a default Vlan 1 and 11 & 57 for IoT & Guests. I just want to understand a simple setup well to start. I followed the guide, but does each vlan need a ve? Should they use their own router interfaces, the shared main one, or none aside from default Vlan? Do I need a transport vlan of some type to bridge them?

I know that's a lot of mess and not laid out very cleanly. But I wanted this to be a fun learning project and I've ended up thrashing with the whole house down for over a day. Any ideas are much appreciated!
 

kpfleming

Active Member
Dec 28, 2021
416
214
43
Pelham NY USA
SPR08095p, SW version 08.0.95pT213, Software Package ICX7250_L3_SOFT_PACKAGE, license l3-prem-8X10G. Does that tell you what you need to know?
Yes, that's it. The 'SPR' prefix means you are using the 'routing' (layer 3) version of the firmware, which means you can assign IP addresses to interfaces (including virtual interfaces), setup routes between VLANs, etc. It's not *necessary* to do any of that, you can operate the switch entirely at layer 2 even with the SPR firmware installed.

Your VLAN configuration sounds correct: the SFP port for the GPON should have an untagged VLAN (the number doesn't matter as long it's not 1222 or 1), and a tagged VLAN (number 1222). The port for the Firewalla will need to have the same tagged VLAN (number 1222) which it will use to communicate with the ISP via the GPON SFP. That port will also need VLANs (untagged and tagged) for all of the VLANs that the Firewalla is providing routing/addressing/etc. for (VLAN 1, 11, and 57, it sounds like). The Firewalla will have to be configured to know about all of the VLANs on its port, and have IP subnets (presumably with a DHCP server on 1, 11, and 57, and a DHCP client on 1222) on each of them.

You don't need any virtual ethernet interfaces on any of the VLANs for traffic to be able to pass between the GPON SFP, Firewalla, and LAN clients; a layer 2 configuration of just VLANs will be sufficient for that.

The only situation where you will need a virtual ethernet interface is if you want to be able to manage the switch itself over the LAN (instead of using the console port or management port); in that case you'd create a VE on VLAN 1 (probably) and give that an address in the VLAN 1 subnet. The switch would then be reachable at that address.
 

RuckusVol

New Member
Jul 2, 2024
7
7
3
Yes, that's it. The 'SPR' prefix means you are using the 'routing' (layer 3) version of the firmware, which means you can assign IP addresses to interfaces (including virtual interfaces), setup routes between VLANs, etc. It's not *necessary* to do any of that, you can operate the switch entirely at layer 2 even with the SPR firmware installed.

Your VLAN configuration sounds correct: the SFP port for the GPON should have an untagged VLAN (the number doesn't matter as long it's not 1222 or 1), and a tagged VLAN (number 1222). The port for the Firewalla will need to have the same tagged VLAN (number 1222) which it will use to communicate with the ISP via the GPON SFP. That port will also need VLANs (untagged and tagged) for all of the VLANs that the Firewalla is providing routing/addressing/etc. for (VLAN 1, 11, and 57, it sounds like). The Firewalla will have to be configured to know about all of the VLANs on its port, and have IP subnets (presumably with a DHCP server on 1, 11, and 57, and a DHCP client on 1222) on each of them.

You don't need any virtual ethernet interfaces on any of the VLANs for traffic to be able to pass between the GPON SFP, Firewalla, and LAN clients; a layer 2 configuration of just VLANs will be sufficient for that.

The only situation where you will need a virtual ethernet interface is if you want to be able to manage the switch itself over the LAN (instead of using the console port or management port); in that case you'd create a VE on VLAN 1 (probably) and give that an address in the VLAN 1 subnet. The switch would then be reachable at that address.
Thank you so much! This part still confuses me:

The port for the Firewalla will need to have the same tagged VLAN (number 1222) which it will use to communicate with the ISP via the GPON SFP. That port will also need VLANs (untagged and tagged) for all of the VLANs that the Firewalla is providing routing/addressing/etc. for (VLAN 1, 11, and 57, it sounds like). The Firewalla will have to be configured to know about all of the VLANs on its port, and have IP subnets (presumably with a DHCP server on 1, 11, and 57, and a DHCP client on 1222) on each of them.
On my prior WAN setup, there were no vlans required on the WAN port. If you aren't familiar with Firewalla, mine has 4 ports. I'm using 1 for WAN and previously that came from an ISP box direct to the Firewalla. So I didn't have to deal with any vlans there, but I never thought the Firewalla might be tagging traffic out to the ISP box. In my case here, I have two isolated ports being used for the WAN, 1 for GPON in and another for ethernet out to the Firewalla WAN port. I thought those two should only have the 1222 and alternate untagged ports. Otherwise, wouldn't traffic be free to flow to the network without going through the firewall? And wouldn't the Firewalla handle translating the incoming 1222/alternate traffic to the needed vlan?

On the LAN side there are 3 ports. I'm only using 1 right now, but the VLANs are created in the Firewalla and all the traffic is tagged. On the ICX I have the input port tagged for all the VLANs and the individual ports tagged/untagged as needed. Am I doing something wrong by not tagging the external WAN port of the Firewalla? My concern was traffic bypassing the firewall, but maybe I misunderstand the concept.

But it sounds like it should be:

Code:
vlan 'alternate'
  GPON untagged
  FIREWALLA_WAN_ICX tagged? or empty to discard non-1222 traffic?

vlan 1222
  GPON tagged
  FIREWALL_WAN_ICX tagged

vlan 1
  ICX_IN_FROM_FIREWALLA tagged
  RELEVANT_ICX_PORTS tagged/untagged
  ??FIREWALLA_WAN_ICX tagged??
 vlan 11
  ICX_IN_FROM_FIREWALLA tagged
  RELEVANT_ICX_PORTS tagged/untagged
  ??FIREWALLA_WAN_ICX tagged??
 
vlan 57
  ICX_IN_FROM_FIREWALLA tagged
  RELEVANT_ICX_PORTS tagged/untagged
  ??FIREWALLA_WAN_ICX tagged??
My two main questions right now are:
  1. Should the FIREWALLA_WAN_ICX have the alternate VLAN untagged or should it be excluded?
  2. Should the FIREWALLA_WAN_ICX port be tagged with the VLANS or is that a security concern allowing traffic to bypass the firewall?
 

Burthouse4563

New Member
Jan 27, 2019
1
0
1
Is my 7250 POE no good? I can't get it to work for anything.

Code:
SSH@ICX7250#show inline power detail


Power Supply Data On unit 1:
++++++++++++++++++



Power Supply Data:
++++++++++++++++++

Power Supply #1:
        Max Curr:       13.7 Amps
        Voltage:        54.0 Volts
        Capacity:       740 Watts
        PoePower:       740 Watts
power supply 2 is not present
power supply 3 is not present


POE Details Info. On Unit 1 :


General PoE Data:
+++++++++++++++++

Firmware
Version
----------------
02.1.8 Build 004

Hardware
Version
----------------
V1R3

Device HW version         : 0:V1R3      1:V1R3      2:V1R3      3:V1R3      4:V1R3      5:V1R3
Device Temperature(deg-C) : 0:44        1:48        2:50        3:44        4:44        5:46
Device Status             : 0:VOP-Sev1  1:VOP-Sev1  2:VOP-Sev1  3:VOP-Sev1  4:VOP-Sev1  5:Good
 

kpfleming

Active Member
Dec 28, 2021
416
214
43
Pelham NY USA
My two main questions right now are:
  1. Should the FIREWALLA_WAN_ICX have the alternate VLAN untagged or should it be excluded?
  2. Should the FIREWALLA_WAN_ICX port be tagged with the VLANS or is that a security concern allowing traffic to bypass the firewall?
It's difficult to answer your questions without a diagram of the connections between the various devices. Also, if the GPON SFP was previously in an ISP-provided device which provided an Ethernet port for the router, then that device handled the VLAN 1222 stuff for you, and that's why you didn't need to deal with it. Now that you've moved the SFP to your own device, you have to handle the VLAN tagging/untagging.

If you can provide a diagram of the devices involved and how they are connected to each other, that will help quite a lot.
 

OKGolombRuler

New Member
Mar 13, 2020
22
6
3
Long time no chat, Brocade Brigade--

I have a 7150 stack consisting of a pair of 2 -24s and a -12 running 8.0.95. The stack connects to my core (a Cisco 3172) via a pair of 10G links. The core feeds VLANs to another couple of -12s that due to their location cannot be gracefully stacked.

Several months ago i switched everything over to authenticate via RADIUS (good learning exercise, that) and after some recent network hiccups, discovered that I can authenticate to every switch in the network EXCEPT the stack. Not via SSH, not via web, not via telnet, not via serial console. :facepalm

The radius server shows no logs (and indeed no IP traffic at all) from the stack- it's not trying to authenticate to the radius so I can't cheat it there. I assume I bungled something in the stack config and didn't notice it at the time. Not a crisis, just need a weekend, a notepad, and a good craft festival to get the wife out of wifi range of the broken internet. :D

Here's the trouble: I can't get the stack to reset.

I've done the reset process (serial console, boot interrupt, all that) for one of the stack units, but it seems to be in a race with the stack to reprovision/reconfigure the unit I'm console'd into. I'd rather not wipe the entire stack config if I can avoid it (though I will if i have to, just need a bigger craft festival). Other than ripping the stack apart and reprovisioning it as a stanalone unit one switch at a time, anybody got any clever ideas to try?
 

rmzachar

New Member
Mar 8, 2024
10
0
1
Am I correct in assuming my 7250-48P is bad? Got it off eBay and have been having issues where POE either won't work on certain ports or will work and then stop working a few days later. Some port are showing 'internal h/w fault' (more were showing this before a reboot). I'm guessing this is a lost cause?

Code:
SSH@ruckus7250>show inline power

Power Capacity:         Total is 740000 mWatts. Current Free is 740000 mWatts.

Power Allocations:      Requests Honored 48 times


 Port   Admin   Oper    ---Power(mWatts)---  PD Type  PD Class     Pri  Fault/
        State   State   Consumed  Allocated                             Error
-----------------------------------------------------------------------------
  1/1/1 On      Off            0          0  n/a      n/a            3  n/a
  1/1/2 On      Non-PD         0          0  n/a      n/a            3  n/a
  1/1/3 On      Off            0          0  n/a      n/a            3  n/a
  1/1/4 On      Off            0          0  n/a      n/a            3  n/a
  1/1/5 On      Off            0          0  n/a      n/a            3  n/a
  1/1/6 On      Off            0          0  n/a      n/a            3  n/a
  1/1/7 On      Off            0          0  n/a      n/a            3  n/a
  1/1/8 On      Off            0          0  n/a      n/a            3  n/a
  1/1/9 On      Off            0          0  n/a      n/a            3  internal h/w fault
 1/1/10 On      Off            0          0  n/a      n/a            3  internal h/w fault
 1/1/11 On      Off            0          0  n/a      n/a            3  internal h/w fault
 1/1/12 On      Off            0          0  n/a      n/a            3  internal h/w fault
 1/1/13 On      Off            0          0  n/a      n/a            3  internal h/w fault
 1/1/14 On      Off            0          0  n/a      n/a            3  internal h/w fault
 1/1/15 On      Off            0          0  n/a      n/a            3  internal h/w fault
 1/1/16 On      Off            0          0  n/a      n/a            3  internal h/w fault
 1/1/17 On      Off            0          0  n/a      n/a            3  n/a
 1/1/18 On      Off            0          0  n/a      n/a            3  n/a
 1/1/19 On      Off            0          0  n/a      n/a            3  n/a
 1/1/20 On      Off            0          0  n/a      n/a            3  n/a
 1/1/21 On      Off            0          0  n/a      n/a            3  n/a
 1/1/22 On      Off            0          0  n/a      n/a            3  n/a
 1/1/23 On      Off            0          0  n/a      n/a            3  n/a
 1/1/24 On      Off            0          0  n/a      n/a            3  n/a
 1/1/25 On      Off            0          0  n/a      n/a            3  n/a
 1/1/26 On      Off            0          0  n/a      n/a            3  n/a
 1/1/27 On      Off            0          0  n/a      n/a            3  n/a
 1/1/28 On      Non-PD         0          0  n/a      n/a            3  n/a
 1/1/29 On      Non-PD         0          0  n/a      n/a            3  n/a
 1/1/30 On      Non-PD         0          0  n/a      n/a            3  n/a
 1/1/31 On      Off            0          0  n/a      n/a            3  n/a
 1/1/32 On      Off            0          0  n/a      n/a            3  n/a
 1/1/33 On      Off            0          0  n/a      n/a            3  n/a
 1/1/34 On      Off            0          0  n/a      n/a            3  n/a
 1/1/35 On      Off            0          0  n/a      n/a            3  n/a
 1/1/36 On      Off            0          0  n/a      n/a            3  n/a
 1/1/37 On      Off            0          0  n/a      n/a            3  n/a
 1/1/38 On      Off            0          0  n/a      n/a            3  n/a
 1/1/39 On      Off            0          0  n/a      n/a            3  n/a
 1/1/40 On      Off            0          0  n/a      n/a            3  n/a
 1/1/41 On      Off            0          0  n/a      n/a            3  n/a
 1/1/42 On      Off            0          0  n/a      n/a            3  n/a
 1/1/43 On      Off            0          0  n/a      n/a            3  n/a
 1/1/44 On      Off            0          0  n/a      n/a            3  n/a
 1/1/45 On      Off            0          0  n/a      n/a            3  n/a
 1/1/46 On      Non-PD         0          0  n/a      n/a            3  n/a
 1/1/47 On      Off            0          0  n/a      n/a            3  n/a
 1/1/48 On      Off            0          0  n/a      n/a            3  n/a
-----------------------------------------------------------------------------
 Total                         0          0


SSH@ruckus7250>show inline power detail


Power Supply Data On unit 1:
++++++++++++++++++



Power Supply Data:
++++++++++++++++++

Power Supply #1:
        Max Curr:       13.7 Amps
        Voltage:        54.0 Volts
        Capacity:       740 Watts
        PoePower:       740 Watts
power supply 2 is not present
power supply 3 is not present


POE Details Info. On Unit 1 :


General PoE Data:
+++++++++++++++++

Firmware
Version
----------------
02.1.8 Build 004

Hardware
Version
----------------
UNKNOWN

Device HW version         : 0:V1R3      1:UNKNOWN   2:V1R3      3:V1R3      4:V1R3      5:V1R3
Device Temperature(deg-C) : 0:39        1:n/a       2:40        3:40        4:40        5:39
Device Status             : 0:VOP-Sev1  1:Failed    2:Good      3:Good      4:VOP-Sev1  5:Good



Cumulative Port State Data:
+++++++++++++++++++++++++++

#Ports    #Ports     #Ports   #Ports    #Ports       #Ports     #Ports
Admin-On  Admin-Off  Oper-On  Oper-Off  Off-Denied   Off-No-PD  Off-Fault
-------------------------------------------------------------------------
48        0          0        48        0            48         8



Cumulative Port Power Data:
+++++++++++++++++++++++++++

#Ports  #Ports  #Ports        Power       Power
Pri: 1  Pri: 2  Pri: 3  Consumption  Allocation
-----------------------------------------------
0       0       48          0.000 W     0.000 W
 

dbvader

New Member
Oct 22, 2023
20
3
3
Doesn't look good but could it be that the budget somehow has been overcommitted? 740W / 48 ~= 15W and class 3 can go probably go up to 30W (or even higher).

I can't activate power for all 24 ports given a budget of 370W (on a 6450 24p), unless I reduce the max power allocated for class 3 devices to, say 15W. I guess the default for class 3 devices is 30W (could be different/higher for a 7250).

I'd try to either reduce the max power allocated for class 3 devices to, say 15W (which can be done under "inline power ...") or turn off inline power for at least half of the ports just to see if the hardware faults return when each of the remaining 24 ports has ~30W budget.
 

rmzachar

New Member
Mar 8, 2024
10
0
1
Doesn't look good but could it be that the budget somehow has been overcommitted? 740W / 48 ~= 15W and class 3 can go probably go up to 30W (or even higher).

I can't activate power for all 24 ports given a budget of 370W (on a 6450 24p), unless I reduce the max power allocated for class 3 devices to, say 15W. I guess the default for class 3 devices is 30W (could be different/higher for a 7250).

I'd try to either reduce the max power allocated for class 3 devices to, say 15W (which can be done under "inline power ...") or turn off inline power for at least half of the ports just to see if the hardware faults return when each of the remaining 24 ports has ~30W budget.
I disable 24 ports and it at least now shows power consumption on ports that are using POE which it wasn't before. I disabled everything but the 8 ports with the h/w faults and those still show fault. With POE off to those ports then the fault is gone.

Yes

Code:
Device HW version  1:UNKNOWN
Device Temperature(deg-C) 1:n/a
Device Status 1:Failed
This group of 8 ports has a broken PoE controller. Get a refund if you can.
Yup, that is confirmed at this point. I'll see what I can do about a refund here. The seller is claiming everything worked fine when he sent it, but that's obviously not the case here. In reality, I really don't need all the ports to be POE enabled -- but still, it's not 100% functional as stated.