Drag to reposition cover

Brocade ICX Series (cheap & powerful 10gbE/40gbE switching)

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

blinkenlights

Active Member
May 24, 2019
157
65
28
I have been testing the 09000 release on my personal 7450s. Like @fohdeesha said, the new web GUI is the most visible change. Did not run into any noticeable bugs but I am planning to return my gear to the 0809x codetrain for now.

Earlier today, I stumbled across this notice regarding 08090m:

2 September 2021: RUCKUS has found a defect # FI-247944 due to which we have removed the software image for 08.0.90m from the Support Portal. For more information, please read TSB-2021-005.

I do not have access to the detailed TSB, but it is unusual for a vendor to completely pull a GA release before the patch is available. I would consider downgrading if you deployed the 'm' firmware.
 

DavidB

Member
Aug 31, 2018
60
19
8
damn now the surprise is going to seem really lame in comparison :p it's a form of info a lot of people in this thread already have, hint hint. also shit we're on 300 everyone uhh take a vacation real quick while I finish this guide
I hope it's that now the ICX 7250 and ICX 7450 are the best value as I just picked them up for cheap NEW IN BOX on Ebay, after you change your OP to recommend those it will be months until they're cheap again (if ever). Currently flashing them with the help of your guides, keep up the awesome work :)
 

nickf1227

Active Member
Sep 23, 2015
197
128
43
33
damn now the surprise is going to seem really lame in comparison :p it's a form of info a lot of people in this thread already have, hint hint. also shit we're on 300 everyone uhh take a vacation real quick while I finish this guide
So what you're saying is all those recent commits on github were for a reason??;)
 

Dave Corder

Active Member
Dec 21, 2015
290
184
43
41
Random question about using a QSFP-4xSFP+ breakout cable on a 6610: Are the SFP+ ends SFP+/10Gbps only, or could I run one of them into a SFP-only switch at 1Gbps? (My guess is "no".)

Background: I stupidly put my router and core network switch (an ICX6610-48P) in my main rack when I started running Cat6 in my house after we bought it a couple years ago. As I've added more and more drops, this means there's a bigger and bigger bundle of Cat6 coming from my patch panel on the wall over to the rack to get to the core switch (and did I mention the rack is on wheels for easier maintenance access?). I'm in the process of moving the router and core switch over to a 4U vertical wall-mount bracket right under the patch panel to clean up my cable management mess. I've decided to just go with a long (5M) QSFP-4xSFP breakout DAC (a Dell P8T4W) from the core switch on the wall to the two servers that will end up staying in the rack. But there are also a handful of management interfaces in the rack (a couple iDRACs, a networked PDU, APC SNMP card, etc). So it'd be super convenient if I could run one of the extra SFP+ breakouts into an older SFP/gigabit-only switch for those management connections. But I have a feeling that's not actually possible, but was hoping someone with some first-hand knowledge could chime in. If it turns out I have to run a single Cat6 cable over for a small management network switch (or heck, just get a MikroTik CSS610-8G-2S+IN for a benjamin...), no biggie.
 

fohdeesha

Kaini Industries
Nov 20, 2016
2,727
3,075
113
33
fohdeesha.com
I have been testing the 09000 release on my personal 7450s. Like @fohdeesha said, the new web GUI is the most visible change. Did not run into any noticeable bugs but I am planning to return my gear to the 0809x codetrain for now.

Earlier today, I stumbled across this notice regarding 08090m:

2 September 2021: RUCKUS has found a defect # FI-247944 due to which we have removed the software image for 08.0.90m from the Support Portal. For more information, please read TSB-2021-005.

I do not have access to the detailed TSB, but it is unusual for a vendor to completely pull a GA release before the patch is available. I would consider downgrading if you deployed the 'm' firmware.
It's just a management access issue in the layer 2 only images, the layer3 images that everyone here should be running are unaffected:

1631530487494.png

Random question about using a QSFP-4xSFP+ breakout cable on a 6610: Are the SFP+ ends SFP+/10Gbps only, or could I run one of them into a SFP-only switch at 1Gbps? (My guess is "no".)

Background: I stupidly put my router and core network switch (an ICX6610-48P) in my main rack when I started running Cat6 in my house after we bought it a couple years ago. As I've added more and more drops, this means there's a bigger and bigger bundle of Cat6 coming from my patch panel on the wall over to the rack to get to the core switch (and did I mention the rack is on wheels for easier maintenance access?). I'm in the process of moving the router and core switch over to a 4U vertical wall-mount bracket right under the patch panel to clean up my cable management mess. I've decided to just go with a long (5M) QSFP-4xSFP breakout DAC (a Dell P8T4W) from the core switch on the wall to the two servers that will end up staying in the rack. But there are also a handful of management interfaces in the rack (a couple iDRACs, a networked PDU, APC SNMP card, etc). So it'd be super convenient if I could run one of the extra SFP+ breakouts into an older SFP/gigabit-only switch for those management connections. But I have a feeling that's not actually possible, but was hoping someone with some first-hand knowledge could chime in. If it turns out I have to run a single Cat6 cable over for a small management network switch (or heck, just get a MikroTik CSS610-8G-2S+IN for a benjamin...), no biggie.
nope, sadly 10gbe lanes only
 

atb

New Member
Sep 7, 2021
7
7
3
So searching old posts brought me a lot of references for old posts about the 6xxx series, but what are my fan swap/removal options for an icx7250? It's considerably louder than I expected after spindown, I was hoping for it to be comparable to say a Cisco 3750X, or would like to get it as close to that as possible
 

fohdeesha

Kaini Industries
Nov 20, 2016
2,727
3,075
113
33
fohdeesha.com
So searching old posts brought me a lot of references for old posts about the 6xxx series, but what are my fan swap/removal options for an icx7250? It's considerably louder than I expected after spindown, I was hoping for it to be comparable to say a Cisco 3750X, or would like to get it as close to that as possible
on the one I sold you, you can remove/unplug 2 of the 3 fans to start with, since it's no longer a PoE model (atleast, I think I pulled the PoE board)
 

Dave Corder

Active Member
Dec 21, 2015
290
184
43
41
nope, sadly 10gbe lanes only
Thanks. An extra Cat6 cable it is! And maybe an older 10/100 PoE switch, since I forgot I have a couple of home automation bridges in that rack using PoE to 5V/USB splitters that I'll need to connect as well.
 

richtj99

Member
Jul 8, 2017
70
1
8
50
I am moving from a 6450 to the 7250 (need more 10gb ports) - is there an easy way to transfer the configuration I have on the 6450?
 

ZFSZealot

New Member
Aug 16, 2021
26
6
3
I am moving from a 6450 to the 7250 (need more 10gb ports) - is there an easy way to transfer the configuration I have on the 6450?
Not sure if this is what you're asking or if it helps but I'll take a stab at it. You can copy the config to a tftp server and then back off of it, of course I have no idea if the config is interchangeable between those two switches:

 

klui

Well-Known Member
Feb 3, 2019
824
453
63
Unless you auto save your config to a TFTP server, it's easier to copy the config and paste to your target device. This is where having an actual lab helps so you can test whether if all commands work.

The only thing off the top of my head is dual mode is no longer available for untagging non-VLAN 1 if one is running at 8.0.80 or newer. Going over Terry Henry's videos the others are
  • spanning tree is enabled by default for 8.0.92
  • LACP syntax is different for 8.0.61+.
 

tozmo

Active Member
Feb 1, 2017
142
102
43
74
Before I start bricking stuff, I'm looking to upgrade my 7150-C12 to 8090k from the fohdeesha default 8080. Guides/videos talk about usb upgrade, but before I brick it, they mention the security of NOT having a cfg installed when going to upgrade.

So... how do you do that? I have the ICX7150 and manifest files on my usb, but how else do I prepare the switch for the upgrade? Is there a doc that I didn't see about "simple" upgrade paths?
 

fohdeesha

Kaini Industries
Nov 20, 2016
2,727
3,075
113
33
fohdeesha.com
Before I start bricking stuff, I'm looking to upgrade my 7150-C12 to 8090k from the fohdeesha default 8080. Guides/videos talk about usb upgrade, but before I brick it, they mention the security of NOT having a cfg installed when going to upgrade.

So... how do you do that? I have the ICX7150 and manifest files on my usb, but how else do I prepare the switch for the upgrade? Is there a doc that I didn't see about "simple" upgrade paths?
I'll pm you the beta version of my new guide
 

VMman

Active Member
Jun 26, 2013
125
45
28
Does anyone know if the Brocade ICX 6650-32-E-ADV ICX6650-32-E-ADV switches that are sold as 32 "active" ports are software locked in the firmware... and is it possible to remove this restriction with an update etc?
 

nickf1227

Active Member
Sep 23, 2015
197
128
43
33
Just as a PSA:
If you have some 7450s or other 7xxx switches in a stack running 8070 or newer in production, update to 8080(e or newer) before moving to 809x.

We updated a few stacks from 8070 to 8090 and all stack members except the primary failed the upgrade and had to be manually updated.
 
  • Like
Reactions: nedimzukic2

Vesalius

Active Member
Nov 25, 2019
252
190
43
  • Like
Reactions: nedimzukic2

fohdeesha

Kaini Industries
Nov 20, 2016
2,727
3,075
113
33
fohdeesha.com
So when I said page 300, I meant page 301. The new guide is finally out, 112 git commits later. There's too many changes for me to list them all but I'll list the big ones. The big "surprise" is licensing information for the EoL icx6xxx series is now public, and integrated into the guide. Changes I can think of offhand:

  • Changed color theme to orange for halloween (most important & most arduous change)

  • The big one: Integrated licensing/unlock information for all models into the guide, so it's no longer necessary to contact me. I've generated a "master set" of licenses for all models, tied to a custom serial and license ID of my choosing, so it will be incredibly easy to see if these pop up on ebay etc. There's a bit of an easter egg in the serial, see if you can find it after updating your chassis and then viewing your licenses

  • The other big one: Came up with a set of instructions to get ICX7xxx series models onto the latest 8095 UFI images. This one took some poking around on some lab switches, but I believe I found the cleanest method that doesn't require a massive list of "if" statements. The 8090 train can be flashed from *any* version bootloader, older or newer. The 8090 train is also capable of flashing the new UFI image types. So, the guide has you drop into the bootloader of your new switch, and flash 8090m. Then do a quick boot into 8090m, and flash the 8095d UFI image

  • If your switch happens to already be on an 8090+ version, this could be seen as an extra step, but it's the only method that will work *regardless* of the state your switch comes in. If it comes with 8040, 8050, 8060, 8070, 8080, 8090, 8092, 8095, no OS, all these combinations can follow the same guide page without traversing down a list of "if this version, then go here and do this" options. The other big advantage here is once you flash the 8095 UFI image, it automatically handles updating the bootloader and PoE firmware to the latest on first boot, so it's not necessary to have the user touch these at all, so the overall update guide for ICX7xxx is now shorter. If you already have a switch updated and configured using the old guide (so probably version 8080), you can just follow the new guide starting from the "Load The Latest UFI Image" section, as the 8080 image you're on supports UFI firmware upgrades.

  • So, as mentioned above, the ICX7xxx guides have been updated to the latest stable codetrain Ruckus now recommends, which is 8095d

  • ICX6xxx guides have been updated to the latest release for these, 8030u

  • The other other big one: Split all the switch guides into two parts: the model-specific firmware update stuff, and then a separate page for further configuration, setup etc. That stuff is all common to the entire switch line, so this allowed me to aggregate all that into a single "further configuration" page. So, each switch guide page has the basic wipe/update/give it an IP instructions. Then you switch to a common "ICX6xxx Config" page for ssh etc setup. There's a common ICX7xxx config page for that series as well. Two different common setup pages were required as there's quite a lot of differences between the 8030 and 8095 firmware. For example, the 8095 firmware has a mandatory default login, has smartzone crap enabled by default that you want to disable usually, etc. Having common pages for config stuff makes it much easier for me to:

  • Add a lot of info and config options. HTTPS webserver setup, PoE configuration and monitoring, LACP setup, helpful commands, optics info, etc. I will be adding more to these sections in the following week (VLANs, interVLAN routing, stacking, etc)

  • Migrated all switch upgrade methods to occur in the bootloader. Most were already like this (and of course now the ICX7xxx series is, as described above). However a couple ICX6xxx models still had you boot whatever mystery OS your switch came with and update from there. This led to a lot of "if" statements to handle weird situations like your switch coming with layer 2 firmware, in a stack configuration, etc. None of this is necessary and has been cleaned up now that the guide has you just drop into the bootloader, wipe everything, and flash a known latest L3 image

  • Removed the split "if access protection is required / if access protection is not required" option sections for the icx6xxx guides. In the newer ICX7xxx images it's no longer optional, as it comes by default secured with the super user. This means the ICX7xxx config guide does not have the choice of "if no access protection is required", and I wanted the icx6xxx config guide to match, as there's really no reason to not have a basic user/password set

  • Integrated all firmware packages, license files, etc into a single zip download - same single download regardless of what series switch you have. This means when new firmware is pushed I just have one zip to update. this also allowed me to do the following:

  • Add a "Brocade Overview" landing page, with the main firmware/licensing zip download. This is the new "starting point" regardless of what model you have. On this page, I've added decently detailed info/instructions on setting up a TFTP server on both windows and *nix. Having this in a single starting page allowed me to remove all the extraneous tftp instructions/notes from every single switch guide page

  • Added a ready to go portable copy of Tftpd64 to the main firmware zip, it's even set to the correct directory. Windows users can just launch this and have a TFTP server properly configured and running (assuming your windows firewall doesn't interfere)

  • Split the old combo icx6430/icx6450 config page into two distinct pages for each switch - the icx6430 cannot run the layer3 image, so the combo guide with layer3 instructions for the icx6450 was not very easy to follow (impossible, really)

  • Reorganized the left-hand menu to make more sense, and group common stuff

  • Add note to ICX6xxx config page about them not supporting 4096 bit SSH key pairs, which caused some issues with users in here before

  • Moved the ICX6610 stack ports page into its own section in the fcx/6610 update/config page

  • Add all the up to now private reverse engineering info I had on my old private site most of you had. It's all under the "brocade fun" section

  • Went through and updated all URLs, file links, etc, to relative paths to a folder within the docs folder. This allowed me to:

  • Add an archive download of the entire guide site with all files, zips, etc, so if something happens, you can use the site and all downloads entirely offline. you'll find it under the "Home" menu


There's ~100 other small changes that I don't recall offhand or aren't worth listing out, but I think the guide is pretty clean now, covers more use cases, leaves less room for error, and answers more common questions that we repeatedly answer in here. Some stats from the past 3 years of this thread for fun:

  • 780,000 thread views (most viewed thread on STH)
  • 6,000 thread replies (most replied thread on STH)
  • 1,392 private messages to my STH inbox (license requests, questions that should have been asked in the thread)
  • 1,102 emails to my email inbox (license requests, questions that should have been asked in the thread)
  • 282 commits to the documentation github repo
  • 5 contributors to the github repo other than me (thank you guys!)
  • 900 billion million switches bought by all of you nerds

Please let me know if you find any typos etc in the new guide, it was thousands of new lines so I'm sure I missed just one somewhere. I'm now hopping on the midnight train out of beeftown and I think I can consider my duty done. this whole time I was the brocade CEO and you've all pumped up my stock numbers enough, thanks!

Big thanks to @Patrick for allowing this monster of a thread to operate "hands off" for three years, and providing a site with a mature enough user base to make it to 300 pages without a meltdown

Lastly a huge thanks to the handful of STH members in here who have stuck around in this thread and helped users over and over for hundreds of pages now. I wanted to list you all by name but then realized I'd forget someone then feel like an asshole, so: you know who you are, thank you!
 
Last edited:

RoachedCoach

Member
Feb 4, 2020
35
41
18
So when I said page 300, I meant page 301. The new guide is finally out, 112 git commits later. There's too many changes for me to list them all but I'll list the big ones. The big "surprise" is licensing information for the EoL icx6xxx series is now public, and integrated into the guide. Changes I can think of offhand:

  • Changed color theme to orange for halloween (most important & most arduous change)

  • The big one: Integrated licensing/unlock information for all models into the guide, so it's no longer necessary to contact me. I've generated a "master set" of licenses for all models, tied to a custom serial and license ID of my choosing, so it will be incredibly easy to see if these pop up on ebay etc. There's a bit of an easter egg in the serial, see if you can find it after updating your chassis and then viewing your licenses

  • The other big one: Came up with a set of instructions to get ICX7xxx series models onto the latest 8095 UFI images. This one took some poking around on some lab switches, but I believe I found the cleanest method that doesn't require a massive list of "if" statements. The 8090 train can be flashed from *any* version bootloader, older or newer. The 8090 train is also capable of flashing the new UFI image types. So, the guide has you drop into the bootloader of your new switch, and flash 8090m. Then do a quick boot into 8090m, and flash the 8095d UFI image

  • If your switch happens to already be on an 8090+ version, this could be seen as an extra step, but it's the only method that will work *regardless* of the state your switch comes in. If it comes with 8040, 8050, 8060, 8070, 8080, 8090, 8092, 8095, no OS, all these combinations can follow the same guide page without traversing down a list of "if this version, then go here and do this" options. The other big advantage here is once you flash the 8095 UFI image, it automatically handles updating the bootloader and PoE firmware to the latest on first boot, so it's not necessary to have the user touch these at all, so the overall update guide for ICX7xxx is now shorter. If you already have a switch updated and configured using the old guide (so probably version 8080), you can just follow the new guide starting from the "Load The Latest UFI Image" section, as the 8080 image you're on supports UFI firmware upgrades.

  • So, as mentioned above, the ICX7xxx guides have been updated to the latest stable codetrain Ruckus now recommends, which is 8095d

  • ICX6xxx guides have been updated to the latest release for these, 8030u

  • The other other big one: Split all the switch guides into two parts: the model-specific firmware update stuff, and then a separate page for further configuration, setup etc. That stuff is all common to the entire switch line, so this allowed me to aggregate all that into a single "further configuration" page. So, each switch guide page has the basic wipe/update/give it an IP instructions. Then you switch to a common "ICX6xxx Config" page for ssh etc setup. There's a common ICX7xxx config page for that series as well. Two different common setup pages were required as there's quite a lot of differences between the 8030 and 8095 firmware. For example, the 8095 firmware has a mandatory default login, has smartzone crap enabled by default that you want to disable usually, etc. Having common pages for config stuff makes it much easier for me to:

  • Add a lot of info and config options. HTTPS webserver setup, PoE configuration and monitoring, LACP setup, helpful commands, optics info, etc. I will be adding more to these sections in the following week (VLANs, interVLAN routing, stacking, etc)

  • Migrated all switch upgrade methods to occur in the bootloader. Most were already like this (and of course now the ICX7xxx series is, as described above). However a couple ICX6xxx models still had you boot whatever mystery OS your switch came with and update from there. This led to a lot of "if" statements to handle weird situations like your switch coming with layer 2 firmware, in a stack configuration, etc. None of this is necessary and has been cleaned up now that the guide has you just drop into the bootloader, wipe everything, and flash a known latest L3 image

  • Removed the split "if access protection is required / if access protection is not required" option sections for the icx6xxx guides. In the newer ICX7xxx images it's no longer optional, as it comes by default secured with the super user. This means the ICX7xxx config guide does not have the choice of "if no access protection is required", and I wanted the icx6xxx config guide to match, as there's really no reason to not have a basic user/password set

  • Integrated all firmware packages, license files, etc into a single zip download - same single download regardless of what series switch you have. This means when new firmware is pushed I just have one zip to update. this also allowed me to do the following:

  • Add a "Brocade Overview" landing page, with the main firmware/licensing zip download. This is the new "starting point" regardless of what model you have. On this page, I've added decently detailed info/instructions on setting up a TFTP server on both windows and *nix. Having this in a single starting page allowed me to remove all the extraneous tftp instructions/notes from every single switch guide page

  • Added a ready to go portable copy of Tftpd64 to the main firmware zip, it's even set to the correct directory. Windows users can just launch this and have a TFTP server properly configured and running (assuming your windows firewall doesn't interfere)

  • Split the old combo icx6430/icx6450 config page into two distinct pages for each switch - the icx6430 cannot run the layer3 image, so the combo guide with layer3 instructions for the icx6450 was not very easy to follow (impossible, really)

  • Reorganized the left-hand menu to make more sense, and group common stuff

  • Add note to ICX6xxx config page about them not supporting 4096 bit SSH key pairs, which caused some issues with users in here before

  • Moved the ICX6610 stack ports page into its own section in the fcx/6610 update/config page

  • Add all the up to now private reverse engineering info I had on my old private site most of you had. It's all under the "brocade fun" section

  • Went through and updated all URLs, file links, etc, to relative paths to a folder within the docs folder. This allowed me to:

  • Add an archive download of the entire guide site with all files, zips, etc, so if something happens, you can use the site and all downloads entirely offline. you'll find it under the "Home" menu


There's ~100 other small changes that I don't recall offhand or aren't worth listing out, but I think the guide is pretty clean now, covers more use cases, leaves less room for error, and answers more common questions that we repeatedly answer in here. Some stats from the past 3 years of this thread for fun:

  • 780,000 thread views (most viewed thread on STH)
  • 6,000 thread replies (most replied thread on STH)
  • 1,392 private messages to my STH inbox (license requests, questions that should have been asked in the thread)
  • 1,102 emails to my email inbox (license requests, questions that should have been asked in the thread)
  • 282 commits to the documentation github repo
  • 5 contributors to the github repo other than me (thank you guys!)
  • 900 billion million switches bought by all of you nerds

Please let me know if you find any typos etc in the new guide, it was thousands of new lines so I'm sure I missed just one somewhere. I'm now hopping on the midnight train out of beeftown and I think I can consider my duty done. this whole time I was the brocade CEO and you've all pumped up my stock numbers enough, thanks!

Big thanks to @Patrick for allowing this monster of a thread to operate "hands off" for three years, and providing a site with a mature enough user base to make it to 300 pages without a meltdown

Lastly a huge thanks to the handful of STH members in here who have stuck around in this thread and helped users over and over for hundreds of pages now. I wanted to list you all by name but then realized I'd forget someone then feel like an asshole, so: you know who you are, thank you!
You absolute monster. Bravo!
 

Drewy

Active Member
Apr 23, 2016
208
56
28
54
Thank You, you’re a star.

what’s the recommended method of upgrading a stack? Un-stack and do them one at a time?
ive got a pair of stacked 7250’s.
 
  • Like
Reactions: fohdeesha