First post in this thread - first & second notes at the beginning of the post.How does one get license to a 6450 switch?
Yes it is working as a NTP for other devices (cameras, ip phones, pcs).Did you allow NTP in the Windows firewall?
Edit: Wait, you said, that the Windows server is working successfully as an NTP server for other devices?
Yeah, it does look likely that there's something in the switch config that's making it not work.This is another switch I am playing with - same thing as the 6450 - makes me think its me as I followed the guide.
Yes it is working as a NTP for other devices (cameras, ip phones, pcs).
From Post 1:thanks for confirming. The 1st post was a long time ago. Wasn't sure if its still valid.
SSH@switch(config-vif-1)#show interface ve 1
ve1 is up, line protocol is up
Hardware is Virtual Ethernet, address is cc4e.2451.f020 (bia cc4e.2451.f020)
No port name
Internet address is 192.168.1.2/24, IP MTU 1500 bytes, encapsulation ethernet
SSH@switch(config-vif-1)#show ntp ass
address ref clock st when poll reach delay offset disp
+~216.239.35.0 GOOG 1 64 64 377 42.557 -3.9964 2.999
*~216.239.35.4 GOOG 1 2 64 377 31.999 4.7768 4.772
* synced, # selected, + candidate, - outlayer, x falseticker, ~ configured
SSH@switch(config-vif-1)#show ntp stat
Clock is synchronized, stratum 2, reference clock is 216.239.35.4
precision is 2**-16
reference time is 3831315119.273832170 (16:11:59.273832170 Central Sat May 29 2021)
clock offset is 0.8829 msec, root delay is 31.9998 msec
root dispersion is 10.7706 msec, peer dispersion is 0.1167 msec
system poll interval is 64, last clock update was 341 sec ago
NTP server mode is disabled, NTP client mode is enabled
NTP master mode is disabled, NTP master stratum is 8
NTP is not in panic mode
SSH@switch(config-vif-1)#
So is anyone going to say anything about re-coding my "optics" with i2c to official Brocade? Will official Brocade optics show me the temperatures of said optics, or is there just absolutely no point whatsoever in re-coding RJ45 optics?So I've sent @fohdeesha a couple PM's on the subject of trying to convert/re-code my ipolex 10G SFP+ RJ45 copper transceivers to official Brocade in my ICX6450-24P. While I await his reply I figured I'd post here in case anyone else can help. These are the optics I am working with:
Amazon.com: ipolex 2 Pack 10G SFP+ RJ45 Copper Transceiver, 10GBase-T Module for Cisco, Ubiquiti, D-Link, Supermicro, Netgear, Mikrotik (Cat6a/7, 30-Meter): Computers & Accessories
Here is what I get at the terminal when I show media:
SSH@switch(config)#show media ethernet 1/2/1
Port 1/2/1: Type : 10GE SR 300m ((SFP+))
Vendor: OEM Version: 02
Part# : SFP-10G-SR Serial#: CSF101L33816
I suspect that the eeprom may be unlocked because it looks like ipolex just copied the eeprom flash from a Cisco SFP-10G-SR and substituted Cicsco with "OEM." Obviously they are not Cisco, are not 300m, and are not 10GBASE SFP+. They are ipolex 10GBASE-T modules with RJ-45.
I'm trying to figure out if I can write to them or not using i2c. So far I have not been able to figure out the context. Firstly I looked at the post where he figured out how to recode the monoprice passive copper cables here and also several other posts.
Unfortunately, on the 6450 at the serial debug console "i2c read" is not a recognized command. In fact there are very few i2c commands here on the 6450 as far as I can tell using help or ?. That seems to be a dead end.
So next I looked at @fohdeesha's hidden dm menu inside enable config terminal. There are also some i2c commands their, but none of the seem helpful either.
Finally I used @fohdeesha's guide on "Hidden Brocade Dev Stuff" and then used "Hidden Bootloader Modes." This has proven to provide some answers. However, I cannot figure out the correct context. This is what I got so far inside the hidden bootloader.
ICX64XX-boot>> help i2cprobe
i2cprobe <device>
- probe special i2c device id
device : Valid devices are <pd69000|info_eeprom|sfp_port1|sfp_port2|sfp_port3|sfp_port4s
|cpld|rtc|pca9535_sfp|pca9535_led|pca9535_led_stack|pca9535_id|hwm>
ICX64XX-boot>> i2cprobe sfp_port1
I2C has probe the SFP Port 1.(Reg0=0x03)
loop: 1
i2cprobe PASS
ICX64XX-boot>>
We can see that the optics show up in SFP Port 1 and 3 using this command. In this hidden bootloader there is indeed an i2c read function, but this is where I am not sure about the correct syntax.
ICX64XX-boot>> help i2cread
i2cread <devAddr> <reg_addr> <addrlen> <get_len>
- Get special i2c device id
devAddr : I2C device address
reg_addr : I2c device register
addrlen : I2C device address size, [0/1/2] byte
get_len : Get data bytes
I have tried many variables for all of the switches above, but not to my surprise, nothing has worked. Here are some examples of my trials. Many don't make a lot of sense, but I was throwing the kitchen sink at it:
ICX64XX-boot>> i2cread 0=0x03 1 0 256
i2c read length fail (getLen=256)
ICX64XX-boot>> i2cread 0=0x03 1/2/1 0 FF
TWSI: mvTwsiRead: 977: mvTwsiAddrSet failed
i2c_halRead fail (ret=-200)
ICX64XX-boot>> i2cread 0 0x03 1/2/1 0 256
i2c_halRead fail (ret=-200)
ICX64XX-boot>> i2cread 0 0x03 0 256
i2c_halRead fail (ret=-200)
ICX64XX-boot>> i2cread 0 0x03 0 0 256
i2c_halRead fail (ret=-200)
ICX64XX-boot>> i2cread 0 0x03 1 0 256
i2c_halRead fail (ret=-200)
ICX64XX-boot>> i2cread 0 0x03 2 0 256
i2c_halRead fail (ret=-200)
ICX64XX-boot>> i2cread 0=0x03 1/2/1 0 256
i2c read length fail (getLen=256)
So what exactly is the syntax for devAddr (I2C device address), reg_addr (I2c device register), addrlen (I2C device address size) or do I even need to specify this one, and of course get_len (Get data bytes)? It was super late and I was really tired when I tried all this so it's a bit fuzzy already... I may have also been a bit inebriated
Assuming I can figure out how to read the eeprom, after I back it up, I would then like to try and write one byte to see if it's unlocked. Anybody know the commands to write?
Thanks all,
craigr
telnet@ICX6450-48P Router(config)#show ip address
IP Address Type Lease Time Interface
10.0.1.1 Static N/A 9
172.16.0.1 Static N/A 172
10.0.10.1 Static N/A 10
10.0.11.1 Static N/A 11
telnet@ICX6450-48P Router#show ip route
Total number of IP routes: 3
Type Codes - B:BGP D:Connected O:OSPF R:RIP S:Static; Cost - Dist/Metric
BGP Codes - i:iBGP e:eBGP
OSPF Codes - i:Inter Area 1:External Type 1 2:External Type 2
Destination Gateway Port Cost Type Uptime
1 0.0.0.0/0 172.16.0.2 ve 172 1/1 S 1h51m
2 10.0.1.0/24 DIRECT ve 9 0/0 D 2h15m
3 172.16.0.0/30 DIRECT ve 172 0/0 D 2h15m
telnet@ICX6450-48P Router(config)#show ip int
Interface IP-Address OK? Method Status Protocol VRF
Ve 9 10.0.1.1 YES NVRAM up up default-vrf
Ve 172 172.16.0.1 YES NVRAM up up default-vrf
Ve 10 10.0.10.1 YES manual down down default-vrf
Ve 11 10.0.11.1 YES manual down down default-vrf
telnet@ICX6450-48P Router(config)#show int ve 9
ve9 is up, line protocol is up
Hardware is Virtual Ethernet, address is cc4e.2454.6d00 (bia cc4e.2454.6d00)
No port name
Internet address is 10.0.1.1/24, IP MTU 1500 bytes, encapsulation ethernet
telnet@ICX6450-48P Router(config)#show int ve 10
ve10 is down, line protocol is down
Hardware is Virtual Ethernet, address is cc4e.2454.6d00 (bia cc4e.2454.6d00)
No port name
Internet address is 10.0.10.1/24, IP MTU 1500 bytes, encapsulation ethernet
telnet@ICX6450-48P Router(config)#show int br
Port Link State Dupl Speed Trunk Tag Pvid Pri MAC Name
1/1/1 Up Forward Full 1G None No 100 0 cc4e.2454.6d00 VZW WAN
1/1/2 Up Forward Full 1G None No 100 0 cc4e.2454.6d01 FW WAN
1/1/3 Up Forward Full 1G None No 172 0 cc4e.2454.6d00 FW LAN
1/1/47 Up Forward Full 1G None No 9 0 cc4e.2454.6d00 ap
1/1/48 Down None None None None Yes N/A 0 cc4e.2454.6d00 TRUNK
NTP persisted and maintained settings after reboot. All is well and thanks to all.Well, looking at all of your posts to my questions and @fohdeesha's walk through again, NTP seems to be working fine. I cannot reboot the switch right now to verify the settings hold, but for now they look good. The only thing I can think of that might have happened before, was that I forgot to write mem after setting the default gateway and then just thought I was having NTP issues, but it was really not accessing the outside world issues. I would have thought that I would have noticed this though
Thanks guys and I'll let you all know what happens after I can reboot.Code:SSH@switch(config-vif-1)#show interface ve 1 ve1 is up, line protocol is up Hardware is Virtual Ethernet, address is cc4e.2451.f020 (bia cc4e.2451.f020) No port name Internet address is 192.168.1.2/24, IP MTU 1500 bytes, encapsulation ethernet SSH@switch(config-vif-1)#show ntp ass address ref clock st when poll reach delay offset disp +~216.239.35.0 GOOG 1 64 64 377 42.557 -3.9964 2.999 *~216.239.35.4 GOOG 1 2 64 377 31.999 4.7768 4.772 * synced, # selected, + candidate, - outlayer, x falseticker, ~ configured SSH@switch(config-vif-1)#show ntp stat Clock is synchronized, stratum 2, reference clock is 216.239.35.4 precision is 2**-16 reference time is 3831315119.273832170 (16:11:59.273832170 Central Sat May 29 2021) clock offset is 0.8829 msec, root delay is 31.9998 msec root dispersion is 10.7706 msec, peer dispersion is 0.1167 msec system poll interval is 64, last clock update was 341 sec ago NTP server mode is disabled, NTP client mode is enabled NTP master mode is disabled, NTP master stratum is 8 NTP is not in panic mode SSH@switch(config-vif-1)#
Kind regards,
craigr
telnet@ICX6450-48P Router#ping time1.google.com
Type Control-c to abort
Sending DNS Query to 1.1.1.1
Ping Failed DNS: DNS query timed out...failed to resolve
telnet@ICX6450-48P Router#ping 216.239.35.0
Sending 1, 16-byte ICMP Echo to 216.239.35.0, timeout 5000 msec, TTL 64
Type Control-c to abort
Request timed out.
No reply from remote host.
telnet@ICX6450-48P Router#ping 216.239.35.0 source 10.0.1.1
Sending 1, 16-byte ICMP Echo to 216.239.35.0, timeout 5000 msec, TTL 64
Type Control-c to abort
Reply from 216.239.35.0 : bytes=16 time=31ms TTL=107
Success rate is 100 percent (1/1), round-trip min/avg/max=31/31/31 ms.
telnet@ICX6450-48P Router#ping 216.239.35.0 source 172.16.0.1
Sending 1, 16-byte ICMP Echo to 216.239.35.0, timeout 5000 msec, TTL 64
Type Control-c to abort
Request timed out.
No reply from remote host.
source-interface ve 9
as a workaround.telnet@ICX6450-48P Router#show ip route
Total number of IP routes: 5
Type Codes - B:BGP D:Connected O:OSPF R:RIP S:Static; Cost - Dist/Metric
BGP Codes - i:iBGP e:eBGP
OSPF Codes - i:Inter Area 1:External Type 1 2:External Type 2
Destination Gateway Port Cost Type Uptime
1 0.0.0.0/0 172.16.0.2 ve 172 1/1 S 2h17m
2 10.0.1.0/24 DIRECT ve 9 0/0 D 2h17m
3 10.0.10.0/24 DIRECT ve 10 0/0 D 2h17m
4 10.0.11.0/24 DIRECT ve 11 0/0 D 23m10s
5 172.16.0.0/30 DIRECT ve 172 0/0 D 2h17m
telnet@ICX6450-48P Router#show run
Current configuration:
!
ver 08.0.30tT313
!
stack unit 1
module 1 icx6450-48p-poe-port-management-module
module 2 icx6450-sfp-plus-4port-40g-module
!
global-stp
!
!
!
vlan 1 name DEFAULT-VLAN by port
!
vlan 9 name SERVERS by port
tagged ethe 1/1/6 ethe 1/1/48
untagged ethe 1/1/7 to 1/1/47 ethe 1/2/1 to 1/2/4
router-interface ve 9
spanning-tree 802-1w
!
vlan 10 name USERS by port
tagged ethe 1/1/6 ethe 1/1/48
router-interface ve 10
spanning-tree 802-1w
!
vlan 11 name GUESTS by port
tagged ethe 1/1/6 ethe 1/1/48
router-interface ve 11
spanning-tree 802-1w
!
vlan 100 name WAN by port
untagged ethe 1/1/1 to 1/1/2
spanning-tree 802-1w
!
vlan 172 name TRANSIT by port
untagged ethe 1/1/3 to 1/1/5
router-interface ve 172
spanning-tree 802-1w
!
!
!
!
!
ip dhcp-client disable
ip dns server-address 1.1.1.1
ip route 0.0.0.0/0 172.16.0.2
!
cdp run
fdp run
!
!
clock summer-time
clock timezone us Eastern
!
!
ntp
disable serve
source-interface ve 9
server 216.239.35.0
server 216.239.35.4
!
!
!
!
!
interface ethernet 1/1/1
port-name VZW WAN
spanning-tree 802-1w admin-edge-port
!
interface ethernet 1/1/2
port-name FW WAN
spanning-tree 802-1w admin-edge-port
!
interface ethernet 1/1/3
port-name FW LAN
spanning-tree 802-1w admin-edge-port
!
interface ethernet 1/1/4
port-name FW LAN
spanning-tree 802-1w admin-edge-port
!
interface ethernet 1/1/5
port-name FW LAN
spanning-tree 802-1w admin-edge-port
!
interface ethernet 1/1/6
port-name AP
dual-mode 9
spanning-tree 802-1w admin-edge-port
!
interface ethernet 1/1/13
port-name LR Desk
spanning-tree 802-1w admin-edge-port
!
interface ethernet 1/1/48
port-name TRUNK
!
interface ve 9
ip address 10.0.1.1 255.255.255.0
!
interface ve 10
ip address 10.0.10.1 255.255.255.0
!
interface ve 11
ip address 10.0.11.1 255.255.255.0
!
interface ve 172
ip address 172.16.0.1 255.255.255.252
!
!
!
!
!
lldp run
!
!
ip ssh permit-empty-passwd yes
!
!
end
@itronin@jht3
you don't mention what your Firewall/egress is but here's a guess.
Your switch is sourcing the 172 subnet for the ping and the dns query.
Your troubleshooting pretty much confirms this.
In your firewall do you have any allow and NAT rules for your 172 subnet ?
vyos@vyos# show nat
source {
rule 1 {
outbound-interface eth0
source {
address 10.0.0.0/16
}
translation {
address masquerade
}
}
rule 2 {
outbound-interface eth0
source {
address 172.16.0.0/30
}
translation {
address masquerade
}
}
}
You will be fine, just follow the guide. It will likely power on directly to the bootloader prompt. Make sure to read the update guide carefully, and prepare for the steps in advance. Your 6610 will be in full howl mode until you get the OS booting, so it's in your best interest to move through the steps as quickly as possible.Sorry if it's been already answered somewhere, tried to do some googling first, but still not clear. I've just won an auction for a couple of ICX 6610, and only after proceeding to the checkout, re-read the description again - and realized I somehow missed this:
"DEVICE IS FULLY WIPED AND WILL NEED REIMAGED/SOFTWARE,SET UP AND CONFIGURED!! DEVICE DOES TURN ON AND WAS WIPED!
"SWITCH CONTAINS NO BOOT IMAGE! A NEW BOOT IMAGE WILL NEED TO BE UPLOADED BEFORE CONFIGURATION!"
I've read the guides from the first post, but they seem to be about firmware upgrading, configuration etc, I couldn't find anything related to fully wiped switches with no boot image. Is this going to be a problem, or I'll be able to just upload new images / firmware by myself?
Thank you so much for the quick reply, much appreciated!You will be fine, just follow the guide.
SSH@ICX7250-48P Router#show cable-diagnostics tdr 1/2/1
No TDR data on port 1/2/1
SSH@ICX7250-48P Router#
UNIT 1: compiled on Apr 9 2019 at 03:20:17 labeled as SPR08080e
(29826604 bytes) from Primary SPR08080e.bin
SW: Version 08.0.80eT213
Compressed Boot-Monitor Image size = 786944, Version:10.1.14T215 (spz10114)
I think you should do "clear/phy/show" in this order.Is there a way to find out fiber cable length on either a 6450 or 7250? I am thinking about buying a premade 6 strand OM5 LC/LC to replace my OM3 cable - for no other reason than 'because' - only thing is i am not sure what size fiber cable I have now & it is the same route for the new one.
I tried :
Is there something else I can try?Code:SSH@ICX7250-48P Router#show cable-diagnostics tdr 1/2/1 No TDR data on port 1/2/1 SSH@ICX7250-48P Router# UNIT 1: compiled on Apr 9 2019 at 03:20:17 labeled as SPR08080e (29826604 bytes) from Primary SPR08080e.bin SW: Version 08.0.80eT213 Compressed Boot-Monitor Image size = 786944, Version:10.1.14T215 (spz10114)
SSH@ICX7250-48P Router(config)#clear cable-diagnostics tdr 1/2/1
SSH@ICX7250-48P Router#phy cable-diagnostics tdr 1/2/1
This feature is only supported when the interface is configured for Auto-Negotiation
SSH@ICX7250-48P Router#phy cable-diagnostics tdr 1/2/8
This feature is only supported when the interface is configured for Auto-Negotiation