They are absolutely stupid cheap. Nothing to worry about, just solid old enterprise gear. They took all the modules out and shipped them in a separate box from the two switches I bought. Dual power supplies, dual 40g links and the front 10g, they are fully loaded switches.
Easily link up/stack with super cheapo 40g dacs and single mode fiber.
Can probably sell extra power supplies on eBay to recoup the entire switch price if you wanted to.
I'm hacking quieter fans in to 2 of them for some noise management, they are a little louder than the Aruba they are replacing (and those don't get quieter even after I replaced the fans with noctuas, they are a whisper)
There are some folks selling 24p for 85/p missing the front 10g ports if you're after some power savings. If you don't care get the 48s. They easily license up and run great with the normal guide.
I'm having an issue where my ICX7450-32ZP goes off during power loss when running on my UPS. This occurs during power outage or if I press the "test" button on the UPS. The UPS is a CPS1500AVR with two-year-old batteries and very few power cycles as we don't lose power here often (3-4 minutes the other day is what alerted me to the problem). The green LED on the back of the actual ICX power supply blinks a slow even beat when on UPS. But the switch goes down a moment after power is lost (LED is solid green when the switch is running).
Everything else on the UPS stays up. The Brocade PS obviously doesn't like the power it's getting from the UPS, but I can't imagine why. I would swear this UPS used to work with this switch in the past, but it's possible I swapped out UPSs at some point (though I really think not). I have several other power supplies here I could try in the switch, but I figured I'd ask here first to minimize down time and power cycles.
Even if I unplug the switch from the UPS and then plug it back in during a simulated outage, the 7450 does not come on. It boots right up as soon as normal AC is restored.
I have two R750's and two security cameras running on PoE right now, but I think that is all, so the power demand isn't very high.
known issue with the ICX 6610 - PSU's are very sensitive to power, need true/pure sinewave. On the UPS's I used, the switch would periodically reboot and sometimes not power back on. I had the ICX 6610 on utility power only and never rebooted (unless there was a utility issue - blackout/brownout. Ultimately I had to put in a pretty high quality UPS (albeit used and older). Worked with both older APC Smartups 1500 and Eaton 5px2200's.
I'm pretty sure the ICX 6610 & 7450 share the same power supply. RPS-15? and google search says yay-up. same psu.
This is a industrial grade rack mount UPS, however it is quite old (I think retail on it was like $1500). It does have a " Simulated Sine Wave" function. It also runs "online double-conversion," so I honestly don't see how the ICX sees anything differently when AC is available from the wall or not. If I'm awake at the small hours tonight I will try a different PS in the switch and failing that a different UPS. I may have another commercial UPS with actual "pure sine wave" function.
But like I said, I'm 99% sure this UPS used to be able to power this switch. There aren't any firmware changes in the switch that could affect this are there? I've tried other versions, but right now I'm back on version 08.0.95qT211.
What does a blinking green LED on the back of the power supply mean? I can guess, but I'd love confirmation. As usual Google AI muddies the water:
A blinking green LED on a Brocade power supply generally indicates a normal operational state where the power supply is ready to take over but isn't providing power to the device. It can also signal a specific event, such as the unit being in a low-power or standby mode or the power supply itself may be faulty or disconnected from the main power source. To troubleshoot, check that the power cord is connected to a functioning outlet, the power supply is properly seated, and look for any firmware updates or error messages on the management interface.
This is a industrial grade rack mount UPS, however it is quite old (I think retail on it was like $1500). It does have a " Simulated Sine Wave" function. It also runs "online double-conversion," so I honestly don't see how the ICX sees anything differently when AC is available from the wall or not. If I'm awake at the small hours tonight I will try a different PS in the switch and failing that a different UPS. I may have another commercial UPS with actual "pure sine wave" function.
But like I said, I'm 99% sure this UPS used to be able to power this switch. There aren't any firmware changes in the switch that could affect this are there? I've tried other versions, but right now I'm back on version 08.0.95qT211.
What does a blinking green LED on the back of the power supply mean? I can guess, but I'd love confirmation. As usual Google AI muddies the water:
This is a industrial grade rack mount UPS, however it is quite old (I think retail on it was like $1500). It does have a " Simulated Sine Wave" function. It also runs "online double-conversion," so I honestly don't see how the ICX sees anything differently when AC is available from the wall or not. If I'm awake at the small hours tonight I will try a different PS in the switch and failing that a different UPS. I may have another commercial UPS with actual "pure sine wave" function.
so not quite sure what to tell ya. you might look here for a some posts on simulated sine wave on ICX 6610. In those posts you'll see me talking about using the CP1500AVR (not CPS - it may be the "S" is the rackmount varient but essentially the same UPS or it could be the "S" variant is much beefier electronically). Down again you'll see someone posting not having issues with an ICX 6610 but using the NON-POE power supplies. Could it be that concurrent with your issue developing you added one or more POE devices and so you reached a tipping point?
I spent a bunch of time T/S this: syslog monitoring, single PSU, replacing the memory in the 6610, no POE devices, addiing POE devices back one at a time etc. etc. The breakthrough came when I plugged into street power and the issues disappeared -> better ups.
so not quite sure what to tell ya. you might look here for a some posts on simulated sine wave on ICX 6610. In those posts you'll see me talking about using the CP1500AVR (not CPS - it may be the "S" is the rackmount varient but essentially the same UPS or it could be the "S" variant is much beefier electronically). Down again you'll see someone posting not having issues with an ICX 6610 but using the NON-POE power supplies. Could it be that concurrent with your issue developing you added one or more POE devices and so you reached a tipping point?
I spent a bunch of time T/S this: syslog monitoring, single PSU, replacing the memory in the 6610, no POE devices, addiing POE devices back one at a time etc. etc. The breakthrough came when I plugged into street power and the issues disappeared -> better ups.
I'm running into an issue when adding a switch to my environment. The scene is I have a stack of ICX 7250s that have an uplink to our core VDXs using a lag (1). From that 7250 I have two copper ports using a second lag (2) to an ICX 7150 at the other end of the building. Both lags are up and running and I have them in all of my vlans as tagged. I can't reach the 7150 from outside, but I can get into the 7250 and use SSH on it to reach the 7150. Any system connected to the 7150 doesn't get DHCP. My assumption is that I am missing something in the way packets are being routed between the two lags on the 7250, but can't see what I'm doing wrong. Any suggestions?
7250 example vlan:
vlan 1053 name B5Student by port
tagged ethe 1/2/8 ethe 2/1/21 to 2/1/22 lag 1 to 2
untagged ethe 2/1/1 to 2/1/17
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
7150 example vlan:
vlan 1053 name B5Student by port
untagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
I'm running into an issue when adding a switch to my environment. The scene is I have a stack of ICX 7250s that have an uplink to our core VDXs using a lag (1). From that 7250 I have two copper ports using a second lag (2) to an ICX 7150 at the other end of the building. Both lags are up and running and I have them in all of my vlans as tagged. I can't reach the 7150 from outside, but I can get into the 7250 and use SSH on it to reach the 7150. Any system connected to the 7150 doesn't get DHCP. My assumption is that I am missing something in the way packets are being routed between the two lags on the 7250, but can't see what I'm doing wrong. Any suggestions?
7250 example vlan:
vlan 1053 name B5Student by port
tagged ethe 1/2/8 ethe 2/1/21 to 2/1/22 lag 1 to 2
untagged ethe 2/1/1 to 2/1/17
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
7150 example vlan:
vlan 1053 name B5Student by port
untagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
So I should have ports 1-30 tagged for each vlan that we need data through? I can certainly give that a try.
They all now have
tagged ethe 1/1/1 to 1/1/30 lag 1
and I still can't come in using SSH without doing it directly from a SSH session on the 7250.
So I should have ports 1-30 tagged for each vlan that we need data through? I can certainly give that a try.
They all now have
tagged ethe 1/1/1 to 1/1/30 lag 1
and I still can't come in using SSH without doing it directly from a SSH session on the 7250.
In order to answer your question you really need to provide more information. topology. what you have included is all L2 yet you are asking an L3 question.
here are some thoughts:
For example where is your default gateway pointed when you are on "the outside" ? Is the def GW on the 7250? VDX? Or is by chance an "Internet router" connected to the same vlan you are on? If you have a def gw in the mix and it is something other than the 7250 did you define a route on the def gw to whatever subnet your 7150 "management ip" is in or are you running a routing protocol and where?
again more info - you provided no L3 info so IDK if you have a VE for 1053 on the 7150, 7250, or some other subnet that you are using for mgmt IP's.
If the "core" / your VDX is where all routes live - are you running a routing protocol between your 7250's/7150's and your VDX or staticly defined routes? If static make sure you don't have a typo wherever it is (VDX? def gw somewhere?). If routing protocol make sure your core/VDX / def gw is seeing the routes advertised from your outside edge (7150).
debated say something on this.
Your VDX does it have the lowest priority for R/STP? If not or its the same as your other two switch (stacks?) then core is a good place for your root so set that. IDK because you are set priority non-default on the other two switches which makes me think you're playing with STP root too.
more advice: (edit this section, thinking way ahead of typing speed):
If you are using routing protocols, use loopbacks for your management interfaces and make sure those get properly advertised.
I personally recommend to most folks NOT using ve interfaces AS MANAGEMENT IPs on transit vlans or wide-ranging vlans unles you are ONLY running L2 across it all no idea if you are doing that here or not. loopbacks make great management IP's especially when coupled with a routing protocol. Otherwise it sucks poop to set up static routes for your loopbacks all the way to your core.
if this is a learning environment then definitely use routing protocol(s) as you will get real world experience troubleshooting your own playground.
Default gateway for the campus is an edge router, for individual subnets within the campus it is a stack of VDXs. In this case, by 'outside', I am referring to either another subnet within the campus or the same subnet, but physically off both the 7250 and 7150 in question. I visualize the topology of this bit as a daisy chain. VDX->7250->7150. Right now, if I log into the 7250 or a VDX, I can ssh to the 7150 and make configuration changes. If instead I try to ssh from my workstation (topology WS->7250->VDX->7250->7150) I time out. My assumption is that I've got something missing within the vlan settings, but that could easily be completely wrong.
Here are the vlan settings on the 7150 in question:
lag LAG_2_ICX dynamic id 1
ports ethe 1/1/47 to 1/1/48
sflow forwarding ethernet 1/1/47
sflow forwarding ethernet 1/1/48
!
default-vlan-id 4095
!
vlan 16 name Management_VLAN by port
untagged ethe 1/1/45 to 1/1/46
tagged ethe 1/2/2 lag 1
router-interface ve 16
spanning-tree 802-1w
spanning-tree 802-1w priority 1
!
vlan 100 name Facilities by port
tagged ethe lag 1
untagged ethe 1/1/31 to 2/1/44
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 251 name W-LAB by port
tagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 252 name W-ADMIN by port
tagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 253 name W-GUEST by port
tagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 254 name Guest by port
tagged lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1053 name B5Student by port
tagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1055 name B5VOIP by port
tagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1056 name B5Staff by port
tagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1057 name B5Printers by port
tagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1058 name B5Podiums by port
tagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 4095 name DEFAULT-VLAN by port
no untagged ethe 1/1/30 to 1/1/44
spanning-tree
And the settings on the 7250 in question:
lag LAG_2_VDX dynamic id 1
ports ethe 2/2/8
sflow forwarding ethernet 2/2/8
!
lag LAG_2_ICX dynamic id 2
ports ethe 1/1/1 to 1/1/2
sflow forwarding ethernet 1/1/1
sflow forwarding ethernet 1/1/2
!
default-vlan-id 4095
!
vlan 5 name Ruckus_Management by port
tagged ethe 1/2/8 lag 1 to 2
untagged ethe 1/1/45 to 1/1/48
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 16 name Management_VLAN by port
tagged ethe 1/2/8 lag 1 to 2
router-interface ve 16
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 100 name Facilities by port
tagged ethe 1/2/8 ethe 2/1/27 to 2/1/48 lag 1 to 2
untagged ethe 2/1/25 to 2/1/26
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 251 name W-Lab by port
tagged ethe 1/1/45 to 1/1/48 ethe 1/2/8 lag 1 to 2
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 252 name W-Admin by port
tagged ethe 1/1/45 to 1/1/48 ethe 1/2/8 lag 1 to 2
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 253 name W-Guest by port
tagged ethe 1/1/45 to 1/1/48 ethe 1/2/8 lag 1 to 2
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 254 name Guest by port
tagged ethe 1/2/8 ethe 2/1/23 to 2/1/24 lag 1 to 2
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1053 name B5Student by port
tagged ethe 1/2/8 ethe 2/1/21 to 2/1/22 lag 1 to 2
untagged ethe 2/1/1 to 2/1/17
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1055 name B5VOIP by port
tagged ethe 1/1/15 to 1/1/39 ethe 1/2/8 lag 1 to 2
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1056 name B5Staff by port
tagged ethe 1/2/8 lag 1 to 2
untagged ethe 1/1/15 to 1/1/37
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1057 name B5Printers by port
tagged ethe 1/2/8 lag 1 to 2
untagged ethe 1/1/40 to 1/1/44
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1058 name B5Podiums by port
tagged ethe 1/2/8 ethe 2/1/21 to 2/1/22 lag 1 to 2
untagged ethe 2/1/18 to 2/1/20
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 4095 name DEFAULT-VLAN by port
no untagged ethe 1/1/38 to 1/1/39 ethe 1/2/8 ethe 2/1/21 to 2/1/24 ethe 2/1/27 to 2/1/48 lag 1
Note the two lags on the 7250, My thoughts were that having both lags on each vlan would allow traffic though from the VDX to the 7150. When I plug a laptop into a port on the 7150 I don't get a DHCP lease, so something is blocking.
I have put another three hours or so into this today, with no better result. I believe I have the VLAN settings at both ends of the LAG configured to match for trunks. The 7250 has all those VLANs on lag 1 (upstream to a stack of VDXs) and lag 2 (downstream to the 7150). The 7150 has it's only lag (1) with all the same VLANs. I did find one instance where the spanning tree priority was set at 1 for one switch and 16384 for the other, and they now match. I can ssh into the 7150 from pretty much any other switch in the same subnet, no matter which building they are in. If I try to ssh in, or ping the switch, from my workstation, also on the same subnet, I get timeouts. If I plug a laptop into the 7150 and look for a DHCP lease, I get none.
I'm going to repeat what I said in my first reply.
In order to answer your question you really need to provide more information. topology. what you have included is all L2 yet you are asking an L3 question.
You've provided some additional information about topology all of it L2. Nada L3.
here are your L3 questions summarized: I can't ssh into the 7150 from X but can from Y and Z. ssh is a layer 3 activity. There is probably routing involved between. your WS and the 7150 - yes really!
I can't get a dhcp address plugged into a port on the 7150 Could be layer 2 could be layer 3 - all depends on how DHCP is set up at your site.
You are very focused on this being an L2 problem only. It may be that and you may have a L3 issue or issues.
I tried drawing a picture to visualize what I think are important parts of your config. I'm not an artist.
NB:I've also wrapped your config snippets in spoilers and reformatted them - otherwise makes my brain hurt reading your and my comments.
Default gateway for the campus is an edge router, for individual subnets within the campus it is a stack of VDXs. In this case, by 'outside', I am referring to either another subnet within the campus or the same subnet, but physically off both the 7250 and 7150 in question. I visualize the topology of this bit as a daisy chain. VDX->7250->7150. Right now, if I log into the 7250 or a VDX, I can ssh to the 7150 and make configuration changes. If instead I try to ssh from my workstation (topology WS->7250->VDX->7250->7150) I time out. My assumption is that I've got something missing within the vlan settings, but that could easily be completely wrong.
I AM ASSUMING that your management IP addresses for the switches are all in the same subnet and are in fact the IP addresses configured for ve16 on each respective switch. Why? Because VLAN 16 is labeled "Management_VLAN".
Again Why? because you said that if you connect to the VDX or 7250 (connected to the 7150) you can ssh into the 7150. the 7250 and 7150 have VE's defined for VLAN 16, guessing the VDX stack does as well. So all three of those switches have interfaces directly connected to the same VLAN - no routing involved from the switch standpoint.
So that makes me think that you have established L2 connectivity from the VDX all the way to the 7150 and your config snippets also show that (well except for the VDX but cause you can ssh from there I feel I can make that statement).
So why can't your WS ssh directly to the 7150? Can it get to the VDX and 7250 via ssh? you never mentioned ssh just "connect to" and I don't want to assume you used ssh.
Could be lots of reasons. there could be VRF's in your VDX and your WS is not positioned to hit them.
Could be your WS's IP or subnet is blocked from accessing VLAN 16's subnet. <--- this right here. that's a common enough thing to do especially in a hostile network environment like a school campus (Not saying you are configuring a network at a school - just a guess)
You should collect some useful information to further troubleshoot this:
What's your WS IP?
What's the mgmt IP of the 7250 between your WS and the VDX stack?
Can you ssh into the 7250 your WS is connected to and from there can you SSH into the 7150?
What's your VDX mgmt IP?
What's your 7250 connected to the 7150's mgmt IP?
What's your 7150's mgmt IP?
What does a traceroute show from your WS to the VDX, to the 7250 connected to the 7150, to the 7150?
Code:
lag LAG_2_ICX dynamic id 1
ports ethe 1/1/47 to 1/1/48
sflow forwarding ethernet 1/1/47
sflow forwarding ethernet 1/1/48
!
default-vlan-id 4095
!
vlan 16 name Management_VLAN by port
untagged ethe 1/1/45 to 1/1/46
tagged ethe 1/2/2 lag 1
router-interface ve 16
spanning-tree 802-1w
spanning-tree 802-1w priority 1
!
vlan 100 name Facilities by port
tagged ethe lag 1
untagged ethe 1/1/31 to 2/1/44
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 251 name W-LAB by port
tagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 252 name W-ADMIN by port
tagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 253 name W-GUEST by port
tagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 254 name Guest by port
tagged lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1053 name B5Student by port
tagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1055 name B5VOIP by port
tagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1056 name B5Staff by port
tagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1057 name B5Printers by port
tagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1058 name B5Podiums by port
tagged ethe 1/1/1 to 1/1/30 lag 1
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 4095 name DEFAULT-VLAN by port
no untagged ethe 1/1/30 to 1/1/44
spanning-tree
Code:
lag LAG_2_VDX dynamic id 1
ports ethe 2/2/8
sflow forwarding ethernet 2/2/8
!
lag LAG_2_ICX dynamic id 2
ports ethe 1/1/1 to 1/1/2
sflow forwarding ethernet 1/1/1
sflow forwarding ethernet 1/1/2
!
default-vlan-id 4095
!
vlan 5 name Ruckus_Management by port
tagged ethe 1/2/8 lag 1 to 2
untagged ethe 1/1/45 to 1/1/48
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 16 name Management_VLAN by port
tagged ethe 1/2/8 lag 1 to 2
router-interface ve 16
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 100 name Facilities by port
tagged ethe 1/2/8 ethe 2/1/27 to 2/1/48 lag 1 to 2
untagged ethe 2/1/25 to 2/1/26
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 251 name W-Lab by port
tagged ethe 1/1/45 to 1/1/48 ethe 1/2/8 lag 1 to 2
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 252 name W-Admin by port
tagged ethe 1/1/45 to 1/1/48 ethe 1/2/8 lag 1 to 2
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 253 name W-Guest by port
tagged ethe 1/1/45 to 1/1/48 ethe 1/2/8 lag 1 to 2
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 254 name Guest by port
tagged ethe 1/2/8 ethe 2/1/23 to 2/1/24 lag 1 to 2
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1053 name B5Student by port
tagged ethe 1/2/8 ethe 2/1/21 to 2/1/22 lag 1 to 2
untagged ethe 2/1/1 to 2/1/17
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1055 name B5VOIP by port
tagged ethe 1/1/15 to 1/1/39 ethe 1/2/8 lag 1 to 2
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1056 name B5Staff by port
tagged ethe 1/2/8 lag 1 to 2
untagged ethe 1/1/15 to 1/1/37
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1057 name B5Printers by port
tagged ethe 1/2/8 lag 1 to 2
untagged ethe 1/1/40 to 1/1/44
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 1058 name B5Podiums by port
tagged ethe 1/2/8 ethe 2/1/21 to 2/1/22 lag 1 to 2
untagged ethe 2/1/18 to 2/1/20
spanning-tree 802-1w
spanning-tree 802-1w priority 16384
!
vlan 4095 name DEFAULT-VLAN by port
no untagged ethe 1/1/38 to 1/1/39 ethe 1/2/8 ethe 2/1/21 to 2/1/24 ethe 2/1/27 to 2/1/48 lag 1
Note the two lags on the 7250, My thoughts were that having both lags on each vlan would allow traffic though from the VDX to the 7150. When I plug a laptop into a port on the 7150 I don't get a DHCP lease, so something is blocking.
I matters what port you plug into. Did you try ports 1/1/45 and 1/1/46? Those are ports in your management VLAN - some enterprises will leave a small pool active in a management VLAN - some won't. Do you know any unused static IP in your management VLAN? Did you try configuring that on your laptop and using ports 45 and 46?
What about the other ports on the 7150? uhmmm those seem to be in VLAN 4095. You are not passing that upstream and have not specified a helper for 4095 so unless you have DHCP server directly connected then you're not gonna have DHCP on those other ports. there are other possible reasons but going into that may confuse the discussion a bit.
I have to ask why are you using VLAN 4095 as configured ? I am deeply curious and hoping to learn something here.
Everything I know about 4095 is that "it is magickal". IME Different systems/software/whatever treat VLAN 4095 somewhat differently.
In my experience any field with "all 1's" or "all 0's" from a binary perspective tends to be special purposed so I personally avoid using those.
If you need a dumping ground or holding pen for unused ports IDK pick something like 666 or 999 or something really easily recognized.
Did you inherit this environment and are being asked to make changes to it?
If this is a production environment (your config snippets make me think yes) just a reminder to please follow good change management hygiene as you work through your troubleshooting.
I bought a used ICX 7150-C12P. I followed fohdeesha's instructions but cannot get past the update_primary command which returns FIPS:update_primary command is disabled in FIPS/CC mode.
I've fully booted into FastIron, cleared the keys, disabled FIPS, wrote to memory, and reloaded (after rebooting, fips show says that everything is turned off). I still get the same message when trying to update_primary. Does anyone have any experience with FIPS? I would appreciate any guidance. Thanks.
EDIT:
Here is the show version output if it is pertinent:
Code:
ICX7150-C12 Switch>show version
Copyright (c) Ruckus Networks, Inc. All rights reserved.
UNIT 1: compiled on Oct 3 2023 at 04:49:31 labeled as SPS09010h_cd2
(29360128 bytes) from Primary SPS09010h_cd2.bin (UFI)
SW: Version 09.0.10h_cd2T211
Compressed Primary Boot Code size = 786944, Version:10.1.26T225 (mnz10126)
Compiled on Tue Nov 29 12:43:26 2022
HW: Stackable ICX7150-C12-POE
==========================================================================
UNIT 1: SL 1: ICX7150-C12-2X10GR POE 12-port Management Module
Serial #:XXXXXXXXXXX [REDACTED]
Software Package: BASE_SOFT_PACKAGE
Current License: 2X10GR
P-ASIC 0: type B160, rev 11 Chip BCM56160_B0
==========================================================================
UNIT 1: SL 2: ICX7150-2X1GC 2-port 2G Module
==========================================================================
UNIT 1: SL 3: ICX7150-2X10GF 2-port 20G Module
==========================================================================
1000 MHz ARM processor ARMv7 88 MHz bus
8 MB boot flash memory
2 GB code flash memory
1 GB DRAM
STACKID 1 system uptime is 1 day(s) 41 minute(s) 44 second(s)
The system started at 06:05:40 GMT+00 Tue Oct 03 2023
The system : started=cold start
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.
