Probably 99% of the forum will be better than me to answer this, but in your case, isn't it better to use the Cisco as a L2+ switch, the ICX as L3 and the FW in the transit VLAN ?
So you trunk all the VLANs from ICX to Cisco (with a LACP if too much traffic) and let the ICX handle the routing as it will do it line rate?
With that you can have the 10g separated from 1g and when not internal the ICX will go to the transit?
Probably 99% of the forum will be better than me to answer this, but in your case, isn't it better to use the Cisco as a L2+ switch, the ICX as L3 and the FW in the transit VLAN ?
So you trunk all the VLANs from ICX to Cisco (with a LACP if too much traffic) and let the ICX handle the routing as it will do it line rate?
With that you can have the 10g separated from 1g and when not internal the ICX will go to the transit?
Yup, that was my third attempt, but haven't been able to do all the routing on the ICX since the first attempt, hence the wall post, LACP seems a additional step which I'm not sure if I will take it, previously had the SG300-52 with a SG300-28 doing exactly that topology and had more troubles than stability, probably to my old CAT5e cabling was to be blamed but with 1Gb line from ICX to the SG300 will be ok for now until I get another ICX for my core/rack networking, thank you so much!
I have three Brocade questions - I am hoping I can get some help on:
1. Lag - I have 6 strand, 3 pair fiber cable running between two switches (6450 & 7250) - Is a lag for redundancy or extra speed? If I setup 3 SFP+ ports on the two switches in a lag and one goes down, does my network go down?
2. NTP: I have a NTP server setup on my network & the Brocade 6450 & 7250 can ping the server, they dont seem to be getting updates?
3. Full factory reset? I have done the "factory set-default" - is there a way to confirm everything is gone? Is there something more I can do to make sure there are no "phone home" things left on the switches? Overwrite firmware, etc?
@vpadro (and others) - You guys do realize that you're now getting into serious networking configs, which are more analogous to SMB and small companies than just a homelab, right?
These kinds of configs with multiple switches, LAGs, VLANs, router config, DHCP/DNS config, FW config...are not easy or straight forward. I'm not sure what to say other than, I'd love to help you, but I can't. I'm way too overwhelmed with family and work at the moment.
1. Lag - I have 6 strand, 3 pair fiber cable running between two switches (6450 & 7250) - Is a lag for redundancy or extra speed? If I setup 3 SFP+ ports on the two switches in a lag and one goes down, does my network go down?
So I'm trying to figure out what went wrong trying to replicate kapone's post but can't seem to find the culprit of it.
First of all, you'll have to forgive me if I don't make too much sense, since English is not my first language but always try to do my best to communicate with it.
Right now my home gear network consists of the following:
PC Engines APU2 - PfSense
Cisco SG300-52 L3 enabled
ICX7250-48 L3 10Gb license (Thanks @fohdeesha)
ICX6610-48 Fully licensed too (1 PSU rev3, 1 FAN) - Not in use, too loud after a few minutes (maybe will sell it since PSU and fan will cost me as much as another unit)
What I am trying to achive?
Have a native L3 network after a while since FW was handling the VLANs as a Router on a Stick approach, right now it can't handle inter-vlan 1Gb network traffic after doing so for a "some time", since I have the gear that can do all the L3 at its core.
My core networking/services/servers (more APU2s) are on a 12U startech rack is hangin on my apartment's entrance corner and my office is a few meters away cabled with 6 CAT6 ethernet drops, maybe more, but don't tell my wife.
My first approach was to use the ICX7250 as a Core switch for my place on the aforementioned startech rack, and the ICX6610 for my 24U rack with 6 SM servers all with 10Gb NICs and a 40Gbps NIC on my main ESX/NAS server, short long story, as I mentioned the switch is too loud to have it 24/7 on my apartment I didn't even setup up correctly on both ends. - Currently discarded until further notice or until christmas bonus. lol
Then I tried to use the SG300 as my Core L3 switch and the ICX7250 as my rack switch with inter-VLAN routing on my main LAN, this worked "well" can access the SVIs, setup the firewall rules, static routes both the switches and FW can see and communicate, everything was ok but then I realized L3 routing was performed at the Cisco so 10Gb traffic was limited to 1Gb as you might guessed. - Discarded for the time being, maybe will get back to this if could find the routing issue on the ICX.
So third attempt, since the APU has 3 ethernet ports (WAN, LAN, OPT1) tried the Kapone's post guideline, using the OPT1 which was unused to connect one of the cable drops to my office directly to the ICX, created a /30 transit VLAN, gateway, static route on FW, static route on SW, FW rules and what not, but can't communicate from my main home network to the VLANs associated on the ICX, I'm still using the SG300 on my LAN, nothing has done yet in there (No L3 switching, VLANs SVIs, nothing really, just a dumb SW ATM), was thinking to use it as an access L2 SW for the VLANs needed for the APU2s VMs and LXC containers using a second drop back from my rack to the startech rack.
So with all this, which approach will be the best to execute, and more important, am I missing something on my config, steps that might be overlooked?
Basically TDLR;
Need to setup a L3 network using Cisco SG300, ICX7250 and pfsense, but have failed doing so.
Here's the precious data if needed:
VLANs: 40 (Transit), 51-54, 60, 65, 70, 80, 90-92
PfSense
LAN IP: 192.168.50.1/24
Transit IP: 192.168.40.1/30
Current configuration:
!
ver 08.0.80eT213
!
stack unit 1
module 1 icx7250-48-port-management-module
module 2 icx7250-sfp-plus-8port-80g-module
!
!
!
!
!
vlan 1 name DEFAULT-VLAN by port
router-interface ve 1
loop-detection
!
vlan 40 name Transit by port
tagged ethe 1/1/1
router-interface ve 40
!
vlan 51 name IPMI by port
tagged ethe 1/1/1
untagged ethe 1/1/3 to 1/1/12
router-interface ve 51
!
vlan 52 name VoIP by port
tagged ethe 1/1/1 ethe 1/1/13 to 1/1/36
router-interface ve 52
!
vlan 53 name "Guest WiFi" by port
tagged ethe 1/1/1 ethe 1/1/47 to 1/1/48
router-interface ve 53
!
vlan 54 name IoT by port
tagged ethe 1/1/1 ethe 1/1/47 to 1/1/48
router-interface ve 54
!
vlan 55 name Management by port
tagged ethe 1/1/1 ethe 1/1/13 to 1/1/40 ethe 1/2/1 to 1/2/8
router-interface ve 55
!
vlan 60 name "Windows Server" by port
tagged ethe 1/1/1 ethe 1/1/13 to 1/1/40
router-interface ve 60
!
vlan 65 name "Linux Server" by port
tagged ethe 1/1/1 ethe 1/1/13 to 1/1/40
router-interface ve 65
!
vlan 70 name WORK by port
tagged ethe 1/1/1 ethe 1/1/13 to 1/1/48 ethe 1/2/1 to 1/2/8
router-interface ve 70
!
vlan 80 name "Dev Network" by port
tagged ethe 1/1/1 ethe 1/1/13 to 1/1/40
router-interface ve 80
!
vlan 90 name Storage by port
tagged ethe 1/1/1 ethe 1/2/1 to 1/2/8
router-interface ve 90
!
vlan 91 name Storage2 by port
tagged ethe 1/1/1 ethe 1/2/1 to 1/2/8
router-interface ve 91
!
vlan 92 name vMotion by port
tagged ethe 1/1/1 ethe 1/2/1 to 1/2/8
router-interface ve 92
!
!
!
!
!
!
!
!
!
!
!
!
!
aaa authentication web-server default local
aaa authentication enable default local
aaa authentication login default local
enable aaa console
no fast port-span
hostname icx7250
ip dhcp-client disable
ip dns domain-list padrosys.net
ip dns server-address 192.168.50.5 192.168.50.6
ip route 0.0.0.0/0 192.168.40.1
ip route 0.0.0.0/0 192.168.50.1
!
no telnet server
username root password .....
!
!
snmp-server community ..... rw
snmp-server contact vpadro
snmp-server location Noneedtoknow
!
!
clock summer-time
clock timezone gmt GMT-06
!
!
ntp
disable serve
server 192.168.50.1
!
!
no web-management http
web-management https
web-management page-menu
web-management session-timeout 3000
web-management list-menu
!
!
!
!
router ospf
area 0
!
!
!
!
!
!
!
interface ethernet 1/1/1
port-name Uplink
no flow-control both
!
interface ethernet 1/1/2
no flow-control both
!
interface ethernet 1/1/3
no flow-control both
!
interface ethernet 1/1/4
no flow-control both
!
interface ethernet 1/1/5
no flow-control both
!
interface ethernet 1/1/6
no flow-control both
!
interface ethernet 1/1/7
no flow-control both
!
interface ethernet 1/1/8
no flow-control both
!
interface ethernet 1/1/9
no flow-control both
!
interface ethernet 1/1/10
no flow-control both
!
interface ethernet 1/1/11
no flow-control both
!
interface ethernet 1/1/12
no flow-control both
!
interface ethernet 1/1/13
no flow-control both
!
interface ethernet 1/1/14
no flow-control both
!
interface ethernet 1/1/15
no flow-control both
!
interface ethernet 1/1/16
no flow-control both
!
interface ethernet 1/1/17
no flow-control both
!
interface ethernet 1/1/18
no flow-control both
!
interface ethernet 1/1/19
no flow-control both
!
interface ethernet 1/1/20
no flow-control both
!
interface ethernet 1/1/21
no flow-control both
!
interface ethernet 1/1/22
no flow-control both
!
interface ethernet 1/1/23
no flow-control both
!
interface ethernet 1/1/24
no flow-control both
!
interface ethernet 1/1/25
no flow-control both
!
interface ethernet 1/1/26
no flow-control both
!
interface ethernet 1/1/27
no flow-control both
!
interface ethernet 1/1/28
no flow-control both
!
interface ethernet 1/1/29
no flow-control both
!
interface ethernet 1/1/30
no flow-control both
!
interface ethernet 1/1/31
no flow-control both
!
interface ethernet 1/1/32
no flow-control both
!
interface ethernet 1/1/33
no flow-control both
!
interface ethernet 1/1/34
no flow-control both
!
interface ethernet 1/1/35
no flow-control both
!
interface ethernet 1/1/36
no flow-control both
!
interface ethernet 1/1/37
no flow-control both
!
interface ethernet 1/1/38
no flow-control both
!
interface ethernet 1/1/39
no flow-control both
!
interface ethernet 1/1/40
no flow-control both
!
interface ethernet 1/1/41
no flow-control both
!
interface ethernet 1/1/42
no flow-control both
!
interface ethernet 1/1/43
no flow-control both
!
interface ethernet 1/1/44
no flow-control both
!
interface ethernet 1/1/45
no flow-control both
!
interface ethernet 1/1/46
no flow-control both
!
interface ethernet 1/1/47
no flow-control both
!
interface ethernet 1/1/48
no flow-control both
!
interface ethernet 1/2/1
no flow-control both
!
interface ethernet 1/2/2
no flow-control both
!
interface ethernet 1/2/3
no flow-control both
!
interface ethernet 1/2/4
no flow-control both
!
interface ethernet 1/2/5
no flow-control both
!
interface ethernet 1/2/6
no flow-control both
!
interface ethernet 1/2/7
no flow-control both
!
interface ethernet 1/2/8
no flow-control both
!
interface ve 1
ip address 192.168.50.254 255.255.255.0
!
interface ve 40
ip address 192.168.40.2 255.255.255.252
!
interface ve 51
ip address 192.168.51.1 255.255.255.224
!
interface ve 52
ip address 192.168.52.1 255.255.255.224
!
interface ve 53
ip address 192.168.53.1 255.255.255.224
!
interface ve 54
ip address 192.168.54.1 255.255.255.224
!
interface ve 55
ip address 192.168.55.1 255.255.255.192
!
interface ve 60
ip address 192.168.60.1 255.255.255.0
!
interface ve 65
ip address 192.168.65.1 255.255.255.0
!
interface ve 70
ip address 192.168.70.1 255.255.255.192
!
interface ve 80
ip address 192.168.80.1 255.255.255.192
!
interface ve 90
ip address 192.168.90.1 255.255.255.128
!
interface ve 91
ip address 192.168.91.1 255.255.255.128
!
interface ve 92
ip address 10.10.76.1 255.255.255.192
!
!
!
!
!
!
!
!
!
!
end
ICX7250
Code:
Total number of IP routes: 15
Type Codes - B:BGP D:Connected O:OSPF R:RIP S:Static; Cost - Dist/Metric
BGP Codes - i:iBGP e:eBGP
OSPF Codes - i:Inter Area 1:External Type 1 2:External Type 2
Destination Gateway Port Cost Type Uptime
1 0.0.0.0/0 192.168.40.1 ve 40 1/1 S 8m37s
0.0.0.0/0 192.168.50.1 ve 1 1/1 S 8m37s
2 10.10.76.0/26 DIRECT ve 92 0/0 D 1d1h
3 192.168.40.0/30 DIRECT ve 40 0/0 D 8m38s
4 192.168.50.0/24 DIRECT ve 1 0/0 D 1d9h
5 192.168.51.0/27 DIRECT ve 51 0/0 D 1d8h
6 192.168.52.0/27 DIRECT ve 52 0/0 D 1d8h
7 192.168.53.0/27 DIRECT ve 53 0/0 D 1d8h
8 192.168.54.0/27 DIRECT ve 54 0/0 D 1d8h
9 192.168.55.0/26 DIRECT ve 55 0/0 D 1d8h
10 192.168.60.0/24 DIRECT ve 60 0/0 D 1d8h
11 192.168.65.0/24 DIRECT ve 65 0/0 D 1d8h
12 192.168.70.0/26 DIRECT ve 70 0/0 D 1d8h
13 192.168.80.0/26 DIRECT ve 80 0/0 D 1d8h
14 192.168.90.0/25 DIRECT ve 90 0/0 D 1d8h
15 192.168.91.0/25 DIRECT ve 91 0/0 D 1d8h
Code:
icx7250#ping 192.168.40.1
Sending 1, 16-byte ICMP Echo to 192.168.40.1, timeout 5000 msec, TTL 64
Type Control-c to abort
Reply from 192.168.40.1 : bytes=16 time<1ms TTL=64
Success rate is 100 percent (1/1), round-trip min/avg/max=0/0/0 ms.
icx7250#ping 192.168.50.50
Sending 1, 16-byte ICMP Echo to 192.168.50.50, timeout 5000 msec, TTL 64
Type Control-c to abort
Request timed out.
No reply from remote host.
icx7250#
So removing the ve 1 did the trick, but really would like to know why I don't need that SVI since every guide I've read including fohdeesha's suggest creating the ve 1 as a starting point when configuring the switch, maybe some documentation that I am overlooking or misreading could be helpful.
@vpadro (and others) - You guys do realize that you're now getting into serious networking configs, which are more analogous to SMB and small companies than just a homelab, right?
These kinds of configs with multiple switches, LAGs, VLANs, router config, DHCP/DNS config, FW config...are not easy or straight forward. I'm not sure what to say other than, I'd love to help you, but I can't. I'm way too overwhelmed with family and work at the moment.
Thanks for taking the time, yes indeed, my enviroment is suppossed to emulate a few of what I've seen on the wild west, and it will be more complicated afterwards, hehe.
Quick (and possibly stupid) question on a different topic. My 6450 does not retain the clock setting when rebooted or when power is pulled. I'm tired of being in 1969 even though it may have been a good year. I have done write memory after setting the clock. I changed the battery and tested both the old and new, and they are both good.
NTP
To have the switch keep its time synced via NTP (so its logs make more sense), use the following. If you live in an area that doesn't use Daylight Savings, skip the clock summer-time command. Use tab completion for the timezone command to see what's available. The IP's in the following example are google's NTP servers and work well for most cases:
clock summer-time
clock timezone gmt GMT-05
ntp
disable serve
server 216.239.35.0
server 216.239.35.4
exit
Also this was a quick and dirty way to spoof the 6450-24P into thinking it still has two fans to avoid the fan fail message.
(I actually did wind up putting the sole fan in the normal position after experimenting not as shown)
It would be better form to remove the board and solder onto the bottom, but this was so much easier. You can of course also splice into the fan wire if you don't want to solder. A three pin header is also an option so as not to accidentally cross, but I have these made up and handy.
Could this be a possible solution for 6610 and 6650 users to quiet down the fans by using less of them? Just throwing it out there as I have never used those switches.
I switched the fan to the popular Sunon MagLev KDE1204PKV3.MS.AR.GN and also wound up adding a Noctua speed reducer/silencer, and the 6450 still reports that the fans are OK. It's really quiet now and my stead state temp under very heavy load is 60.5 degrees. As always, @fohdeesha is absolutely correct, this switch just won't get too hot for a home lab as long as there is just some air going through. And, the fan can indeed start when the switch is booted and the fan is disconnected and reconnected at low voltage.
Quick (and possibly stupid) question on a different topic. My 6450 does not retain the clock setting when rebooted or when power is pulled. I'm tired of being in 1969 even though it may have been a good year. I have done write memory after setting the clock. I changed the battery and tested both the old and new, and they are both good.
Thank you - I have been playing with this a bit - if I have three 10gb ports, the speed wont exceed 10gb but I can have three separate transfers of up to 10 gb x 3 (theoretical?) at the same time?
So this wasnt at me specifically but i am having an identical problem.
Code:
BrO6450-200#show ntp ass
address ref clock st when poll reach delay offset disp
~192.168.1.29 LOCL 1 30 64 377 1.880 21474836 0.997
* synced, # selected, + candidate, - outlayer, x falseticker, ~ configured
BrO6450-200#show ntp stat
Clock is unsynchronized, no reference clock
NTP server mode is disabled, NTP client mode is enabled
NTP master mode is disabled, NTP master stratum is 8
NTP is not in panic mode
Sh Run (without the junk)
Code:
ip dhcp-client disable
ip dns server-address 192.168.1.29
ip route 0.0.0.0/0 192.168.1.1
!
!
!
clock timezone us Eastern
!
!
ntp
disable serve
server 192.168.1.29
!
BrO6450-200#ping 192.168.1.29
Sending 1, 16-byte ICMP Echo to 192.168.1.29, timeout 5000 msec, TTL 64
Type Control-c to abort
Reply from 192.168.1.29 : bytes=16 time=1ms TTL=128
Success rate is 100 percent (1/1), round-trip min/avg/max=1/1/1 ms.
Code:
BrO6450-200#sh clock
12:07:49.121 Eastern Fri Jan 30 1970
A manual reset in the web interface fixes it until it reboots
I think i am missing something basic but cant figure what it is.
Thank you! The config is very simple as I have tried resetting it again:
SSH@switch#show run
Current configuration:
!
ver 08.0.30tT313
!
stack unit 1
module 1 icx6450-24p-poe-port-management-module
module 2 icx6450-sfp-plus-4port-40g-module
!
!
!
!
vlan 1 name DEFAULT-VLAN by port
router-interface ve 1
!
!
!
!
!
optical-monitor
aaa authentication web-server default local
aaa authentication enable default local
aaa authentication login default local
enable telnet authentication
hostname switch
ip dhcp-client disable
!
username root password .....
!
!
clock summer-time
clock timezone us Central
!
!
ntp
disable serve
!
!
web-management refresh tftp 30
web-management refresh front-panel 30
web-management connection-receive-timeout 30
web-management session-timeout 3000
!
!
!
interface ethernet 1/1/1
port-name WAN
!
interface ethernet 1/1/2
port-name IPMI
!
interface ethernet 1/1/4
port-name Office
!
interface ethernet 1/2/1
port-name unRAID1
!
interface ethernet 1/2/3
port-name unRAID2
!
interface ve 1
ip address 192.168.1.2 255.255.255.0
!
!
!
!
!
!
!
!
!
end
I get no response from " show ntp ass ".
SSH@switch#show ntp stat
Clock is unsynchronized, no reference clock
NTP server mode is disabled, NTP client mode is enabled
NTP master mode is disabled, NTP master stratum is 8
NTP is not in panic mode
Like I said in the post above, I am pretty sure I disabled ntp yesterday and tried to just manually set the clock.
Regarding recoding my 10G RJ45 "optics" with i2c to official Brocade; the only reason I want to do this is so that I can get temperature information on the optic's chips to see if they remain normal. I know they are always hot, but I have been testing running iperf both directions at full 10G up and down simultaneously with -t 60000. The 6450 hovers around 98% utilization on both ports Tx and Rx and is moving near theoretical top speed.
After some time iperf will just stop (about 10-15 minutes) and also the system becomes erratic, loss of LAN and/or WAN. I am trying to see what may have been the culprit in this. I have been doing the testing with a single Intel X550-T2 (high quality Chinese knock off) with one port assigned to a host OS (slackware) and the other port passed through bare metal (each port is in it's own IOMMU group by default) to the guest VM Win10. So the X550-T2 is basically running in a two circles between host and guest. The Brocade shows around 98% utilization on both ports up and down. The optics get very hot and the 6450 is not hot. The X550-T2 seems to be at a bit hot but at a tolerable temperature.
@CIR-Engineering - Looking at your config, you don't seem to have an NTP "server" (that the switch should sync with) defined for the switch??
Mine (it's a 6610 btw, but that should make no difference) looks like this (the 172.16.x.2 are my pair of firewalls that also serve as NTP servers):
Code:
clock summer-time
clock timezone us Eastern
ntp
disable serve
server 172.16.0.2
server 172.16.1.2
And NTP stats work as expected.
Code:
show ntp stat
Clock is synchronized, stratum 3, reference clock is 172.16.1.2
precision is 2**-16
reference time is 3831128794.1405142281 (13:26:34.1405142281 Eastern Thu May 27 2021)
clock offset is -0.1163 msec, root delay is 35.2241 msec
root dispersion is 42.8897 msec, peer dispersion is 40.4451 msec
system poll interval is 64, last clock update was 334 sec ago
NTP server mode is disabled, NTP client mode is enabled
NTP master mode is disabled, NTP master stratum is 8
NTP is not in panic mode
Code:
show ntp ass
address ref clock st when poll reach delay offset disp
~172.16.0.2 STEP 16 - 1024 0 0.00 0.000 15937.
*~172.16.1.2 50.192.156.119 2 33 64 377 0.445 -0.1163 3.667
* synced, # selected, + candidate, - outlayer, x falseticker, ~ configured
@CIR-Engineering - Looking at your config, you don't seem to have an NTP "server" (that the switch should sync with) defined for the switch??
Mine (it's a 6610 btw, but that should make no difference) looks like this (the 172.16.x.2 are my pair of firewalls that also serve as NTP servers):
Code:
clock summer-time
clock timezone us Eastern
ntp
disable serve
server 172.16.0.2
server 172.16.1.2
And NTP stats work as expected.
Code:
show ntp stat
Clock is synchronized, stratum 3, reference clock is 172.16.1.2
precision is 2**-16
reference time is 3831128794.1405142281 (13:26:34.1405142281 Eastern Thu May 27 2021)
clock offset is -0.1163 msec, root delay is 35.2241 msec
root dispersion is 42.8897 msec, peer dispersion is 40.4451 msec
system poll interval is 64, last clock update was 334 sec ago
NTP server mode is disabled, NTP client mode is enabled
NTP master mode is disabled, NTP master stratum is 8
NTP is not in panic mode
Code:
show ntp ass
address ref clock st when poll reach delay offset disp
~172.16.0.2 STEP 16 - 1024 0 0.00 0.000 15937.
*~172.16.1.2 50.192.156.119 2 33 64 377 0.445 -0.1163 3.667
* synced, # selected, + candidate, - outlayer, x falseticker, ~ configured
I think I had set it up before, but deleted it. So I just did this:
Code:
SSH@switch#show ntp stat
Clock is unsynchronized, no reference clock
NTP server mode is disabled, NTP client mode is enabled
NTP master mode is disabled, NTP master stratum is 8
NTP is not in panic mode
SSH@switch#config t
SSH@switch(config)#clock summer-time
SSH@switch(config)#clock timezone us central
SSH@switch(config)#ntp
SSH@switch(config-ntp)#disable serve
SSH@switch(config-ntp)# server 172.16.0.2
SSH@switch(config-ntp)# server 172.16.1.2
SSH@switch(config-ntp)#write mem
SSH@switch(config-ntp)#Flash Memory Write (8192 bytes per dot) .
Write startup-config done.
Copy Done.
SSH@switch(config-ntp)#show ntp stat
Clock is unsynchronized, no reference clock
NTP server mode is disabled, NTP client mode is enabled
NTP master mode is disabled, NTP master stratum is 8
NTP is not in panic mode
This does not seem right. What the heck am I doing wrong?!? Or is it broken. Seems odd that the 6450 is working fine with other commands and not ntp . I did follow @fohdeesha's reset and config procedure to the letter when I got the switch last week.
I think I had set it up before, but deleted it. So I just did this:
Code:
SSH@switch#config t
SSH@switch(config)#clock summer-time
SSH@switch(config)#clock timezone us central
SSH@switch(config)#ntp
SSH@switch(config-ntp)#disable serve
SSH@switch(config-ntp)# server 172.16.0.2
SSH@switch(config-ntp)# server 172.16.1.2
SSH@switch(config-ntp)#write mem
interface ve 1
ip address 192.168.1.2 255.255.255.0
Per your preivous config I did not see a default route in your switch *and* your switch's IP address is in a different subnet ... Did you simply cut'n paste @kapone 's config? If so its not gonna work for ya.
First question, do you have a local NTP server on your network?
If Yes substitute its IP address for what kapone had.
If not you can try using one of the global NTP server addresses however your switch will need to be configured to get to the outside world.
Thank you - I have been playing with this a bit - if I have three 10gb ports, the speed wont exceed 10gb but I can have three separate transfers of up to 10 gb x 3 (theoretical?) at the same time?
So this wasnt at me specifically but i am having an identical problem.
Code:
BrO6450-200#show ntp ass
address ref clock st when poll reach delay offset disp
~192.168.1.29 LOCL 1 30 64 377 1.880 21474836 0.997
* synced, # selected, + candidate, - outlayer, x falseticker, ~ configured
BrO6450-200#show ntp stat
Clock is unsynchronized, no reference clock
NTP server mode is disabled, NTP client mode is enabled
NTP master mode is disabled, NTP master stratum is 8
NTP is not in panic mode
Sh Run (without the junk)
Code:
ip dhcp-client disable
ip dns server-address 192.168.1.29
ip route 0.0.0.0/0 192.168.1.1
!
!
!
clock timezone us Eastern
!
!
ntp
disable serve
server 192.168.1.29
!
BrO6450-200#ping 192.168.1.29
Sending 1, 16-byte ICMP Echo to 192.168.1.29, timeout 5000 msec, TTL 64
Type Control-c to abort
Reply from 192.168.1.29 : bytes=16 time=1ms TTL=128
Success rate is 100 percent (1/1), round-trip min/avg/max=1/1/1 ms.
Code:
BrO6450-200#sh clock
12:07:49.121 Eastern Fri Jan 30 1970
A manual reset in the web interface fixes it until it reboots
I think i am missing something basic but cant figure what it is.
What's 192.168.1.29? Is that your firewall or something else? It's quite possible that ping is "allowed" on it, but ntp (is a different protocol) is not.
What's 192.168.1.29? Is that your firewall or something else? It's quite possible that ping is "allowed" on it, but ntp (is a different protocol) is not.
Thats my windows 2016 server with NTP enabled - I have a sonicwall & it is set to allow all traffic through from the Brocade switch range/vlan to the windows server. It works as a NTP with other devices but I guess i could fire up a vm - maybe its windows related?
Code:
SSH@ICX7250-48P Router#sh ntp stat
Clock is unsynchronized, no reference clock
NTP server mode is disabled, NTP client mode is enabled
NTP master mode is disabled, NTP master stratum is 8
NTP is not in panic mode
SSH@ICX7250-48P Router#sh ntp ass
address Domain name Reference Clock st when poll Reach delay offset disp
~ 192.168.1.29 None LOCL 1 39 64 7 4.669 -1662175 1937.9
* synced, # selected, + candidate, - outlayer, x falseticker, ~ configured, **More characters in domain name
This is another switch I am playing with - same thing as the 6450 - makes me think its me as I followed the guide.
Per your preivous config I did not see a default route in your switch *and* your switch's IP address is in a different subnet ... Did you simply cut'n paste @kapone 's config? If so its not gonna work for ya.
First question, do you have a local NTP server on your network?
If Yes substitute its IP address for what kapone had.
If not you can try using one of the global NTP server addresses however your switch will need to be configured to get to the outside world.
OK I was in a rush when I did that and I made the assumption that @kapone's NTP server addresses were public which was a silly mistake considering they are LAN addresses. When I set this up originally I used the Google addresses @fohdeesha used in his tutorial. I'll work on this again tomorrow or Saturday.
To answer your question, I do not have a local NTP server so I will need to use a global server.
Thanks guys, I'll let you know what happens tomorrow or the next.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.