Drag to reposition cover

Brocade ICX Series (cheap & powerful 10gbE/40gbE switching)

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

klui

༺༻
Feb 3, 2019
970
552
93
$25 is outrageous, until I noticed the seller charged $75 for shipping. But it was CAD not USD. When I changed the URL to .com the shipping price was reduced to US$35 instead of ~US$50. Looks like the shipping was reduced recently as well and is CAD$51.

Note that switch is non-PoE. I feel this is a better deal Brocade ICX7250-48P-2x10G Enterprise 48-Port Network Switch 30 DAY WARRANTY | eBay. US$85, free shipping for a 7250-48P that has 6 SFP+ ports and still supported with more modern firmware.
 
  • Like
Reactions: RoachedCoach

jmdomini

New Member
Jan 30, 2024
16
0
1

Here's my post on a 7250-48p. I did this in 2020 and it's been running solid ever since so I think it worked out pretty well. Not sure if all the fans are still available, but there should be similar ones from the same manufacturers (check spec sheets for decibel levels and air flow).

The key is to add a fan to the ASIC. A few people have also added fans to the PSU on the side.
RoachedCoach, looking at possibly doing your mod as well except with the 24 port model. I've tried replacing the rear fans with three different models, and anything quiet just doesn't provide adequate cooling. One of the switches sits on a shelf on my desk and I don't think I can live with the fan drone as it is.

Dumb questions, what did you use to splice the fan wires and how did you attach the fan to the ASIC?
 

RoachedCoach

Member
Feb 4, 2020
47
54
18
RoachedCoach, looking at possibly doing your mod as well except with the 24 port model. I've tried replacing the rear fans with three different models, and anything quiet just doesn't provide adequate cooling. One of the switches sits on a shelf on my desk and I don't think I can live with the fan drone as it is.

Dumb questions, what did you use to splice the fan wires and how did you attach the fan to the ASIC?
Hi jmdomini! I want to make it clear that it isn't TRULY silent - there is still a 'machine running in the same room as you' fan noise. Mine sits in a rack about 3 feet from me, and I don't notice it unless it's off (which is basically never). But it's also that low constant woosh sound, not a drone, so hopefully that'd be ok for you.

In any case, if you decide to give it a try, for splicing the fans I purchased some of those header connectors and just crimped the wires into them.
Something like this: https://www.amazon.com/CHENBO-Connector-Housing-Assortment-Terminal/dp/B077X8XV2J/

As far as the ASIC - it's not exactly professional, but I just used decently deep threaded screws, through the screw holes in the fan, and straight into the fins of the ASIC heatsink. Basically the screw threads latch onto the fins with enough friction that it just doesn't move - since it's just sitting in a rack it'll never dislodge. I looked around for awhile for a replacement heat sink that would match the fan and it just became a hassle, so I went with this and it works.
 

RoachedCoach

Member
Feb 4, 2020
47
54
18
$25 is outrageous, until I noticed the seller charged $75 for shipping. But it was CAD not USD. When I changed the URL to .com the shipping price was reduced to US$35 instead of ~US$50. Looks like the shipping was reduced recently as well and is CAD$51.

Note that switch is non-PoE. I feel this is a better deal Brocade ICX7250-48P-2x10G Enterprise 48-Port Network Switch 30 DAY WARRANTY | eBay. US$85, free shipping for a 7250-48P that has 6 SFP+ ports and still supported with more modern firmware.
That's a killer deal on a 7250-48P.

I guess they're dropping in price because they're EOL? I'm half tempted to pick up another one just because at prices like that.
 

klui

༺༻
Feb 3, 2019
970
552
93
The entire 7250 line were EOS (sale) early 2022 due to supply chain issues from COVID-19, EOL won't happen until the end of 2027. There was an emergency EOS bulletin on February 2022. RUCKUS End of Sale Emergency Announcement for ICX7250, ICX7150-C08PT, ICX7150-C08P, and ICX7150-24F | Technical Documents | Ruckus Wireless Support. Most of the 7250 SKUs were replaced by those from the 7150.

End of Sale and End of Life Product Datelines | Technical Documents | Ruckus Wireless Support (October 2024)

ICXEnd of SaleEnd of Support
ICX 6650October 28, 2016December 28, 2021
ICX 6430/6450November 2, 2018November 2, 2023
ICX 6610November 2, 2018November 2, 2023
ICX 7450-32ZPFebruary 26, 2018August 26, 2023
ICX 7250February 7, 2022December 31, 2027
ICX 7150-24F
ICX 7150-C08P
ICX 7150-24F-C08PT
February 7, 2022December 31, 2027
ICX 7750December 31, 2023December 31, 2028
ICX 7650-48F
ICX 7650-48P
December 31, 2023December 31, 2028
ICX 7450November 14, 2024November 14, 2029
 
Dec 4, 2024
36
4
8
So I got an ICX6610 on somewhat of an impulse buy. I had my eye on this model for a few weeks and saw what seemed like a solid deal on one that looked like it was in great condition, and pulled the trigger.

I followed most of the guide so far from:

TFTP Setup = Done - Brocade Overview - Fohdeesha Docs
Done - FCX / ICX6610 - Fohdeesha Docs


My questions / reason for posting are admittedly n00bish, as I confess I did not do a serious deep dive beyond "what hardware fits my use case" - I'm coming from using a blend of 4 to 8 port "retail" un/managed switches, and 24 to 48 port "retired" Enterprise Cisco switches, and this licensing concept to enable hardware ports on a piece of equipment I bought, install and paid for shipping myself for is somewhat baffling

- So shout out to fohdeesha for the FANTASTIC guides and Extraordinarily generous contributions of time and energy on helping us all out! I probably won't have bought this beefchunker if I didn't have the guides to give me more confidence I'd get this figured out quickly!

That said, I wanted to try to understand "what do I have already", in terms of "licenses" and my particular flavor of hardware, before I get any further:


Code:
ICX6610-Router>show license
Index    Lic Mode        Lic Name               Lid/Serial No  Lic Type    Status     Lic Period    Lic Capacity
Stack unit 1:
1        Node Lock       ICX6610-PREM-LIC-SW    01234567890    Normal      Active     Unlimited         65535
2        Node Lock       ICX6610-10G-LIC-POD    01234567890    Normal      Active     Unlimited         8
3        Node Lock       ICX6610-ADV-LIC-SW     01234567890    Normal      Active     Unlimited         1

I'm not sure what these Licenses that are already installed are for - Am I missing anything that is shown in the ICX6610 Licensing guide here?:
- ICX6610 Licensing - Fohdeesha Docs

How can I tell what "features" the licenses that are already on this beefmonster are for? (Also curious if this switch has had the same guide ran on it before, as its clearly the "best of web" for these makes/models/series)

I see just the 3 license files, and I have those 3 lines there, so maybe I have them all already?
I'm not sure.
How do I even begin to find out?


I should note that I've been able to enable the Web UI and figure out how to "enable" all of the front SFP+ 10G ports, and since I only have one long enough QSFP breakout that is long enough to reach my test NIC on my test box in the current testing location I can only confirm that the Breakout Cable works great, but not able to test other ports just yet (the 1Gbe's) except for the RJ45 "Management Port" which seems to work great (though I'm questioning if I can actually use that for a "regular switch port", too?)

I have also had somewhat of an awkward realization that I have the "R type" which is showing "ICX6610 Router" from the Console prompt - Which... I have no idea what the difference is between models, but I'm thinking "that's a good thing" as "Router" implies some additional possible functionality?

I know there is no NAT (Definitely have that covered already anyway),

but what are the functional differences between the "switch" and "router" type of switch?
(That actually hurts my brain just to type in out - Super confused how a Switch can be a router? I get most routers have switches built-in, but not sure how the inverse is true?)

I'm holding off on "upgrading" licenses from the guide until I understand whether or not I even need to apply them (am I to understand there is a limited amount of available licenses, too?)

Any help is greatly appreciated!
 

klui

༺༻
Feb 3, 2019
970
552
93
Your 6610 is fully licensed. The important column is License Capacity for 10G. Maximum is 8 since there's 8 SFP cages. The License/Serial No column isn't a normal value so the previous owner had applied the "community" license. I never did it for my 6610 and left the original licenses intact and it has a "valid" value--doesn't have the unlikely serial of 01234567890.

The difference between router vs switch is the former can actually perform routing at wire speed. You can define a layer 3 interface and give it an IP address. That will be a gateway so all routing will occur inside the switch without relying on another device.

You can use your breakout cable and connect the SFP+ ends to the front ports. Once you do that if they link up use the CLI and obtain their speed (show interfaces brief).
 
  • Love
Reactions: coolelectricity

fohdeesha

Kaini Industries
Nov 20, 2016
2,877
3,377
113
34
fohdeesha.com
So I got an ICX6610 on somewhat of an impulse buy. I had my eye on this model for a few weeks and saw what seemed like a solid deal on one that looked like it was in great condition, and pulled the trigger.

I followed most of the guide so far from:

TFTP Setup = Done - Brocade Overview - Fohdeesha Docs
Done - FCX / ICX6610 - Fohdeesha Docs


My questions / reason for posting are admittedly n00bish, as I confess I did not do a serious deep dive beyond "what hardware fits my use case" - I'm coming from using a blend of 4 to 8 port "retail" un/managed switches, and 24 to 48 port "retired" Enterprise Cisco switches, and this licensing concept to enable hardware ports on a piece of equipment I bought, install and paid for shipping myself for is somewhat baffling

- So shout out to fohdeesha for the FANTASTIC guides and Extraordinarily generous contributions of time and energy on helping us all out! I probably won't have bought this beefchunker if I didn't have the guides to give me more confidence I'd get this figured out quickly!

That said, I wanted to try to understand "what do I have already", in terms of "licenses" and my particular flavor of hardware, before I get any further:


Code:
ICX6610-Router>show license
Index    Lic Mode        Lic Name               Lid/Serial No  Lic Type    Status     Lic Period    Lic Capacity
Stack unit 1:
1        Node Lock       ICX6610-PREM-LIC-SW    01234567890    Normal      Active     Unlimited         65535
2        Node Lock       ICX6610-10G-LIC-POD    01234567890    Normal      Active     Unlimited         8
3        Node Lock       ICX6610-ADV-LIC-SW     01234567890    Normal      Active     Unlimited         1

I'm not sure what these Licenses that are already installed are for - Am I missing anything that is shown in the ICX6610 Licensing guide here?:
- ICX6610 Licensing - Fohdeesha Docs

How can I tell what "features" the licenses that are already on this beefmonster are for? (Also curious if this switch has had the same guide ran on it before, as its clearly the "best of web" for these makes/models/series)

I see just the 3 license files, and I have those 3 lines there, so maybe I have them all already?
I'm not sure.
How do I even begin to find out?


I should note that I've been able to enable the Web UI and figure out how to "enable" all of the front SFP+ 10G ports, and since I only have one long enough QSFP breakout that is long enough to reach my test NIC on my test box in the current testing location I can only confirm that the Breakout Cable works great, but not able to test other ports just yet (the 1Gbe's) except for the RJ45 "Management Port" which seems to work great (though I'm questioning if I can actually use that for a "regular switch port", too?)

I have also had somewhat of an awkward realization that I have the "R type" which is showing "ICX6610 Router" from the Console prompt - Which... I have no idea what the difference is between models, but I'm thinking "that's a good thing" as "Router" implies some additional possible functionality?

I know there is no NAT (Definitely have that covered already anyway),

but what are the functional differences between the "switch" and "router" type of switch?
(That actually hurts my brain just to type in out - Super confused how a Switch can be a router? I get most routers have switches built-in, but not sure how the inverse is true?)

I'm holding off on "upgrading" licenses from the guide until I understand whether or not I even need to apply them (am I to understand there is a limited amount of available licenses, too?)

Any help is greatly appreciated!
Out of curiosity can you post the full output of "show version" ? Did you edit that license output to have that serial to avoid posting your real serial? If not and it actually shows that, someone else has figured out how to arbitrarily generate licenses lol
 
  • Love
Reactions: coolelectricity
Dec 4, 2024
36
4
8
Out of curiosity can you post the full output of "show version" ? Did you edit that license output to have that serial to avoid posting your real serial? If not and it actually shows that, someone else has figured out how to arbitrarily generate licenses lol
I did obfuscate the Serial since I wasn't sure how "sensitive" it might be. A lot of these older switches have CVEs that will never get patched (in Cisco world, anyway) so I was being extra cautious. (check your DMs)
 
Dec 4, 2024
36
4
8
Your 6610 is fully licensed. The important column is License Capacity for 10G. Maximum is 8 since there's 8 SFP cages. The License/Serial No column isn't a normal value so the previous owner had applied the "community" license. I never did it for my 6610 and left the original licenses intact and it has a "valid" value--doesn't have the unlikely serial of 01234567890.

The difference between router vs switch is the former can actually perform routing at wire speed. You can define a layer 3 interface and give it an IP address. That will be a gateway so all routing will occur inside the switch without relying on another device.

You can use your breakout cable and connect the SFP+ ends to the front ports. Once you do that if they link up use the CLI and obtain their speed (show interfaces brief).
Thank you for this detailed answer! This is exactly what I was trying to understand.

Also, that is FANTASTIC news, since I've gotten a bit wild with buying up all kinds of different "old but cheap AF" 20/25/40Gbe NICs and breakouts/DACs. I was starting to question my "buy" of this for a brief moment since getting the console up so kind of janky and weird. After 6+ unplug/replugs (power cycles) I finally "got it", and have been off to the races. I'll have to get the hang of making more of these tweaks/edits from the CLI, but once I got the web interface going I sorted out the 10Gbe ports.

This model (un?)fortunately is "all SFP+", and I don't have any 1Gbe DACs or spare Transceivers at the moment, so I'd interested in where I might find "10+ pack deals" on both 1/1.25 DACs and/or Transceivers that are compatible with Brocades, now that I have more confidence I can ditch all the 4, 5, and 8+ port switches I've collected over the years.

So pardon my Brocade/Ruckus noob brain, but I assume (or translate) that this:
"You can define a layer 3 interface and give it an IP address. That will be a gateway so all routing will occur inside the switch without relying on another device."

means that:

Even if I use a "basic retail" 1Gbe router (Linksys, Netgear, Ubiquity, Asus, TP-Link, etc), I could define said Layer 3 interface in the "router config of the switch" and not have the "speed limit" of the 1Gbe "retail router"?
Of course, assuming I use the Gateway Address of the said L3 interface IP as my configuration in my individual NICs and "upstream gateway" address of my vRouters (pfSense, OPNsense, etc)?

Am I understanding that correctly?
 

klui

༺༻
Feb 3, 2019
970
552
93
> means that:

Yes, pretty much. There are many posts asking about how to do this on this forum. Use the search function to find members' recommendations. There's no one size fits all as it's a more complex configuration. As a "noob" just use your switch as an L2 device. Maybe buy another and use that to actually do lab stuff.
 
  • Like
Reactions: coolelectricity

BoGs

Member
Feb 18, 2019
131
20
18
I would love some of yours opinions. I am in the process of ripping out my Unifi stuff and replacing it with Ruckus Unleased. I am pulling out 3 switches and have / had purchased some ICX7250-{24P,48P} super cheap for powering POE devices around my property.

When looking at my switches running
Code:
show inline power detail
I get a variety of codes and I was wondering if I am missing something.

Code:
Device HW version         : 0:V1R3      1:V1R3      2:V1R3      3:V1R3      4:V1R3      5:V1R3
Device Temperature(deg-C) : 0:31        1:33        2:35        3:31        4:33        5:27
Device Status             : 0:VOP-Sev1  1:Recovered 2:Recovered 3:Recovered 4:VOP-Sev1  5:Recovered
One of the switches has all V1R3 as
Code:
VOP-Sev1
but when I plug in some POE devices they power on and everything works as expected. I am unsure what that means thought?

Also
Code:
Recovered
from what I have seen is Ok as well so all should be good, and I also have good status. Trying to find VOP-Sev1 on the internet does not bring much outside of some that have found the same on their switches and posted to this thread.

Any insights are greatly appreciated.
 

klui

༺༻
Feb 3, 2019
970
552
93
No idea about the status because my 7150's PoE status are all "Good" running 08.0.90.

Did you update to the latest recommended FW that should update PoE FW per @fohdeesha's guide?
 

BoGs

Member
Feb 18, 2019
131
20
18
No idea about the status because my 7150's PoE status are all "Good" running 08.0.90.

Did you update to the latest recommended FW that should update PoE FW per @fohdeesha's guide?
Yep I am running ICX7xxx/SPR08095qufi.bin as per the guide.

When originally I got the switches it applied the firmware for the POE.
 

klui

༺༻
Feb 3, 2019
970
552
93
Oh, I just looked at the saved logs of my 7250 and it shows similar status but not the same. PoE works for all ports.
Code:
PoE Info: PoE module 1 of Unit 1 on ports 1/1/1 to 1/1/48 detected. Initializing....
PoE Info: PoE module 1 of Unit 1 initialization is done.

   .
   .
   .
HW/SW INFO : ICX7250-48-HPOE/SPR08095m
==========================================================================
    .
    .
    .
Firmware
Version
----------------
02.1.8 Build 004

Hardware
Version
----------------
V1R3

Device HW version         : 0:V1R3      1:V1R3      2:V1R3      3:V1R3      4:V1R3      5:V1R3
Device Temperature(deg-C) : 0:37        1:39        2:40        3:37        4:37        5:37
Device Status             : 0:VOP-Sev1  1:Good      2:VOP-Sev1  3:VOP-Sev1  4:VOP-Sev1  5:Good
 

BoGs

Member
Feb 18, 2019
131
20
18
Yep I am in the same boat. I bought a ICX7150-48ZP that is my poe core that I use for R750s and the first 2 modules (2.5g) are also VOP-Sev1 but the first 8 ports are POE AP. I think of the 7 switches ICX7{1,2}50 that I have ever owned only 1 has all Good. POE has worked on all of them in the past - the ones that I hard a fail showed during boot that the 8 ports were not working and seller sent me new switch.

Code:
Firmware
Version
----------------
02.1.8 Build 004

Hardware
Version
----------------
V2R2

Device HW version         : 0:V2R2      1:V2R2      2:V2R2      3:V2R2      4:V2R2      5:V2R2      6:V2R2      7:V2R2
Device Temperature(deg-C) : 0:35        1:37        2:35        3:31        4:33        5:29        6:29        7:29
Device Status             : 0:VOP-Sev1  1:VOP-Sev1  2:Good      3:Good      4:Good      5:Good      6:Good      7:Good
 

servethehomefan

New Member
Mar 31, 2024
19
1
3
I hope someone can help me understand what I am missing (or have done wrong) with my config.

The setup is just a homelab trying to understand OPNsense firewall and Brocade ICX-6450 utilizing VLANs.

The OPNsense firewall will be used as DHCP server, firewall, etc. I have setup two VLAN's within OPNsense and assigned them to a single interface "router on a stick" type setup. Within OPNsense firewall rules I have setup PASS ALL IPV4 any protocol on all interfaces: LAN, VLAN10 and VLAN50. Within Brocade 6450 I have tagged/untagged appropriately (see config at bottom of this post). Below are some observations:
  • I have plugged the OPNsense LAN (which VLAN 10 and VLAN 50 are assigned to) into Brocade ethernet 1/1/2. This 1/1/2 is tagged for VLAN 10 and VLAN 50.
  • When I plug my laptop into Brocade ethernet 1/1/3 (untagged vlan 10) I do successfully get an IP address of 192.168.10.100 from OPNsense.
  • When I plug my laptop into Brocade ethernet 1/1/7 (untagged vlan 50) I do successfully get an IP address of 192.168.50.100 from OPNsense.
  • From my laptop in either 1/1/3 or 1/1/7 I cannot access the OPNsense firewall nor able to even ping it.
  • From within Brocade CLI I cannot ping the OPNsense firewall.
  • From within OPNsense I can ping my laptop at 192.168.10.100.
  • From within OPNsense I can ping the Brocade virtual interface ve 10 at 192.168.10.2.
I'm confused as to why OPNsense can ping the Brocade virtual interface as well as attached devices (my laptop when plugged into 1/1/3) but Brocade and my laptop cannot ping OPNsense. It seems like there is a routing issue that I believe is within the Brocade switch config. Maybe it is my OPNsense config......

One additional item is the pros and cons of setting up virtual interfaces within the Brocade. I'm not sure if it is needed for routing reasons or if it is simply to be able to access the Brocade CLI from within any of the VLANS that use virtual interface.

Any assistance on what could be causing this? Below is the running config:

Code:
!
Startup-config data location is flash memory
!
Startup configuration:
!
ver 08.0.30uT313
!
stack unit 1
  module 1 icx6450-48p-poe-port-management-module
  module 2 icx6450-sfp-plus-4port-40g-module
  no legacy-inline-power
  priority 128
  stack-port 1/2/1 1/2/3
stack unit 2
  module 1 icx6450-24p-poe-port-management-module
  module 2 icx6450-sfp-plus-4port-40g-module
  stack-port 2/2/1 2/2/3
stack enable
stack mac <removed in-case sensitive>
!
!
!
!
vlan 1 name DEFAULT-VLAN by port                               
router-interface ve 1
!
vlan 10 name V10 by port
tagged ethe 1/1/2
untagged ethe 1/1/3
uplink-switch ethe 1/1/2
router-interface ve 10
!
vlan 50 name V50 by port
tagged ethe 1/1/2
untagged ethe 1/1/7
!
!
!
!
!
aaa authentication web-server default local
aaa authentication login default local
enable aaa console
hostname beef
ip dhcp-client disable
ip dns server-address 192.168.3.1
ip route 0.0.0.0/0 192.168.3.1                                 
!
no telnet server
username root password .....
!
!
clock timezone gmt GMT-07
!
!
ntp
disable serve
server 216.239.35.0
server 216.239.35.4
!
!
web-management https
hitless-failover enable
!
!
!
interface ethernet 1/1/1
inline power
!
interface ethernet 1/1/3                                       
inline power
!
interface ethernet 1/1/7
inline power
!
interface ve 1
ip address 192.168.3.2 255.255.255.0
!
interface ve 10
ip address 192.168.10.2 255.255.255.0
!
!
!
!
!
!
!
!
!
end