Quanta LB6M (10GbE) -- Discussion

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

Lone Striker

New Member
May 14, 2016
1
1
3
54
Thanks much for the post Sleyk. I followed your recommendations and did both the 3x case fan swap, as well as the 2x powersupply fan swap. I ended up using the higher RPM fans for the powersupply to get a bit more air flow (they're still almost completely silent).

The powersupply fans did indeed have the pins completely jumbled up from standard 3-pin fan headers. My fix to this was to take a very small precision flathead screwdriver and pop the pins out from the header and order them correctly for the Quanta LB6M.

Finally both my 24-bay 4U server as well as the Quanta LB6M switch are quiet!

Thanks again!

--LS

Quanta LB6M fan/silence modifications: Complete with pictures friends!

So... I just wanted to post my modding idea for a quieter switch. Well, actually, the switch is now completely silent. Well, I kinda am trading off noise for heat, but the switch can take it. It is an industrial/enterprise piece of equipment, and I'm sure (well, somewhat, just kidding, i'm sure) that it can handle some more heat. The cool thing about this mod is that you can reverse it easily if you don't like it. Now onwards to the fan/silence mod:

[...]

Enjoy the silence my friends.

P.S. My friends, lets also discuss heat ratio to life expectancy when we get a moment. Curious to hear your take on this.
Yeah, i was looking at these on Amazon too: They might be a better compromise, Airflow:noise ratio: http://www.amazon.com/Case-40x40x10mm-Ball-Bearing-3-pin/dp/B002OFL1J8/ref=pd_sim_147_9?ie=UTF8&dpID=31QcP5MD5LL&dpSrc=sims&preST=_AC_UL160_SR160,160_&refRID=1MEEBG99NGD6R4SFAKFZ

They also look like they come in 3 pin connector form
 
  • Like
Reactions: LeeSter

LeeSter

New Member
Jun 25, 2016
6
0
1
54
Hi everybody. I really like messing around with this thing. I have a networking newbie question. (a couple)
Do I have to set an IP for an interface if I'm never going to route? Specifically on this switch, but switches in general.
My thoughts are, all I have to do is add the VLAN and associate the VLAN with the port. Speaking of... how to I change the port from trunk to access?
The command set on this thing is certainly odd. I find myself going back and forth between the quanta mesh and FASTPATH guides. Thankfully, I'm making full use of "?". :D
 

josh

Active Member
Oct 21, 2013
615
190
43
Does anyone know how to set an access port on this switch? There's no switchport mode access command.
 

Ub3r

New Member
Jun 16, 2016
4
0
1
38
Has anyone here successfully configured any sort of VLAN routing? I'm having a hell of a time getting it to work.

Edit/Update: It seems like a lot of the commands simply don't do what they're supposed to. I've got a ton of experience with Cisco and the syntax differences aren't a big deal, however the switch seems to just not want to route. There's a pretty big chance I'm just stupid and forgetful so I figured I'd ask if anyone else has the same issue.
 
Last edited:

PGlover

Active Member
Nov 8, 2014
499
64
28
58
Need help...

I am redesigning my home network with the approach of a small (100 or less people) size business network design in mind.

I have posted a preliminary network design for reconfiguring my network in the link below.
Router on a Stick -vs- Layer 3 Routing with Switch

I have a number of switches already:
1. Two Quanta LB4M
2. One Quanta LB6M
3. Three Juniper EX3300-24T

The goal is to have a DMZ zone and an internal network zone with VLANs. In the DMZ zone and internal network zone, there will be virtual machines. I only have 1 VM host and 1 SAN Server that needs to be shared with the DMZ zone and my internal network zone.

Additionally I want computers/servers in the DMZ zone and in the internal network zone to have direct access to file shares located on the SAN server.

Should I have the Quanta LB6M as my core switch and 2 of the Juniper EX3300-24T hanging off it. One to serve the DMZ zone and the other to server the internal network zone. Then my VM host and Storage server would be directly connected to the LB6M (core switch).

With this approach what are some of the security risks? Is there a chance that someone would be able to hack into the VM host and SAN server?
 
Last edited:
  • Like
Reactions: fvanlint

wildchild

Active Member
Feb 4, 2014
389
57
28
What i would do :
Quanta seperated as 10g storage, internal lan and dmz as vlan;l3 lan routing done by junipers, dmz vlanned, but routed by fw
 

PGlover

Active Member
Nov 8, 2014
499
64
28
58
What i would do :
Quanta seperated as 10g storage, internal lan and dmz as vlan;l3 lan routing done by junipers, dmz vlanned, but routed by fw
Wildchild... Can you provide a quick drawing on you proposal. A visual for me would make things easier as this network stuff is all new to me...
 

whmcr

New Member
Jan 29, 2013
5
2
3
What i would do :
Quanta seperated as 10g storage, internal lan and dmz as vlan;l3 lan routing done by junipers, dmz vlanned, but routed by fw
This is almost exactly what I've got being done, except with a number more vlans.

The L2 Layout is the below:





I've got a number of devices off the LB6M

NAS1 - LACP with 2x DACs (FS.com 30awg DAC - Intel vedor code) to the 10GB SFP Nic on a X10SDV-4C-7TP4F
Hyp1 - LACP with 2x DACs (FS.com 30awg DAC - Intel vendor code) to a Intel x520-DA2 on a X10SDV-TLN4F
CCR - LACP with 2x DACs (FS.com 30awg DAC - Generic Vendor code) to a Mikrotik CCR1036-8g-2s+ <-- this is routing between the VLANs
CRSCAB - Static LAG with 2x DAC (FS.com 30awg DAC - Generic Vednor code) to a Mikrotik CRS226-24G-2S+RM
CRSOffice - Static LAG with 2x SFP+ (FS.com 10g 850nm SR (300m) - Generic vendor code) to a Mikrotik CRS226-24G-2S+RM
TPSW1 - Single Ethernet to TPLink SG2210P

My Config on the LB6M is as follows
Code:
vlan database
vlan 2,4,6,8,10,12,14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48
vlan 50,52,54,56,58,60,1000-1005,1010,3000-3001,3996-4000
vlan name 2 "Name Removed"
!.....
!..... Vlan names removed
!.....
vlan name 4000 "Name Removed"
exit
configure
interface 0/1
no auto-negotiate
addport 1/1
exit
interface 0/2
no auto-negotiate
addport 1/1
exit
interface 0/3
no auto-negotiate
addport 1/2
exit
interface 0/4
no auto-negotiate
addport 1/2
exit
interface 0/5
no auto-negotiate
addport 1/3
exit
interface 0/6
no auto-negotiate
addport 1/3
exit
interface 0/7
no auto-negotiate
addport 1/4
exit
interface 0/8
no auto-negotiate
addport 1/4
exit
interface 0/9
no auto-negotiate
addport 1/5
exit
interface 0/10
no auto-negotiate
addport 1/5
exit
!
interface 0/1
description 'Hyp1-vmnic0'
snmp-server enable traps violation
exit

interface 0/2
description 'Hyp1-vmnic1'
snmp-server enable traps violation
exit

interface 0/3
description 'NAS-ix0'
snmp-server enable traps violation
exit

interface 0/4
description 'NAS-ix1'
snmp-server enable traps violation
exit

interface 0/5
description 'CCR-SFP1'
snmp-server enable traps violation
exit

interface 0/6
description 'CCR-SFP2'
snmp-server enable traps violation
exit

interface 0/7
description 'CRSOffice-SFP1'
snmp-server enable traps violation
exit

interface 0/8
description 'CRSOffice-SFP2'
snmp-server enable traps violation
exit

interface 0/9
description 'CRSCAB-SFP1'
snmp-server enable traps violation
exit

interface 0/10
description 'CRSCAB-SFP2'
snmp-server enable traps violation
exit

interface 0/28
description 'TPLSW1'
vlan participation include 8,12,18,20,22,24,28
vlan tagging 8,12,18,20,22,24,28
snmp-server enable traps violation
exit

interface 1/1
description 'Hyp1-lag0'
no port-channel static
vlan participation include 14,3999
vlan tagging 14,3999
snmp-server enable traps violation
exit

interface 1/2
description 'NAS-lagg0'
no port-channel static
vlan pvid 3999
vlan acceptframe admituntaggedonly
vlan participation include 3999
snmp-server enable traps violation
exit

interface 1/3
description 'LACP-CCR'
no port-channel static
vlan participation include 2,4,6,8,10,12,14,16,18,20,22,24,26,28,60,1000-1005
vlan participation include 1010,3000-3001,3997-3998
vlan tagging 2,4,6,8,10,12,14,16,18,20,22,24,26,28,60,1000-1005,1010,3000-3001
vlan tagging 3997-3998
snmp-server enable traps violation
exit

interface 1/4
description 'LACP-CRSOffice'
vlan participation include 8,12,18,26,60,3997-3998
vlan tagging 8,12,18,26,60,3997-3998
snmp-server enable traps violation
exit

interface 1/5
description 'LACP-CRSCab'
vlan participation exclude 60,3996-4000
vlan participation include 2,4,6,8,10,12,14,16,18,20,22,24,26,28,1000-1005
vlan participation include 1010,3000-3001
vlan tagging 2,4,6,8,10,12,14,16,18,20,22,24,26,28,1000-1005,1010,3000-3001
snmp-server enable traps violation
exit

My CRSes are similar to below

Code:
/interface ethernet
set [ find default-name=sfpplus2 ] master-port=sfp-sfpplus1
/interface vlan
add interface=sfp-sfpplus1 name=MGMT-Networking vlan-id=##############
/interface ethernet
set [ find default-name=ether2 ] master-port=sfp-sfpplus1
set [ find default-name=ether3 ]  disabled=yes master-port=sfp-sfpplus1
set [ find default-name=ether4 ] master-port=sfp-sfpplus1
set [ find default-name=ether5 ] master-port=sfp-sfpplus1
set [ find default-name=ether6 ] master-port=sfp-sfpplus1
set [ find default-name=ether7 ] master-port=sfp-sfpplus1
set [ find default-name=ether22 ] master-port=sfp-sfpplus1
set [ find default-name=ether23 ] master-port=sfp-sfpplus1
set [ find default-name=ether24 ] master-port=sfp-sfpplus1
set [ find default-name=sfpplus2] master-port=sfp-sfplus1
/interface ethernet switch trunk
add member-ports=sfp-sfpplus1,sfpplus2 name=trunk1
/interface ethernet switch egress-vlan-tag
add tagged-ports=trunk1,switch1-cpu vlan-id=######
add tagged-ports=trunk1 vlan-id=#####
add tagged-ports=trunk1 vlan-id=#####
add tagged-ports=trunk1 vlan-id=#####
add tagged-ports=trunk1,ether3 vlan-id=#####
add tagged-ports=trunk1 vlan-id=####
add tagged-ports=trunk1 vlan-id=####
/interface ethernet switch ingress-vlan-translation
add new-customer-vid=#### ports=ether23 sa-learning=no
add new-customer-vid=#### ports=ether22 sa-learning=no
add new-customer-vid=#### ports=ether2 sa-learning=no
add new-customer-vid=##### ports=ether4 sa-learning=no
add new-customer-vid=##### ports=ether7 sa-learning=no
/interface ethernet switch vlan
add ports=trunk1,switch1-cpu vlan-id=#####
add ports=trunk1,ether23 vlan-id=#####
add ports=trunk1,ether22 vlan-id=#####
add ports=trunk1,ether2 vlan-id=#####
add ports=trunk1,ether3 vlan-id=######
add ports=trunk1,ether4,ether7 vlan-id=#####
add ports=trunk1,ether4 vlan-id=#####
/ip dhcp-client
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no interface=MGMT-Networking
The CCR is as follows

Code:
/interface bonding
add comment="Uplink to LB6M Switch" lacp-rate=1sec mode=802.3ad name=bonded_lb6m slaves=sfp-sfpplus1,sfp-sfpplus2 transmit-hash-policy=layer-2-and-3
 
  • Like
Reactions: fvanlint

PGlover

Active Member
Nov 8, 2014
499
64
28
58
whmcr... Thanks for the drawing. I have a few questions:

1. In your design, which switches are considered the "core" switch and which ones are the "edge/access" switches.
2. What device are you using as your firewall?
3. What is the part numbers of the 10G DAC purchased for FS.com?
4. Do you have a DMZ zone? If yes, how is it incorporated in your setup? If no, how would you incorporate it in your setup?
 
Last edited:

whmcr

New Member
Jan 29, 2013
5
2
3
whmcr... Thanks for the drawing. In your design, which switches are considered the "core" switch and which ones are the "edge/access" switches. What device are you using as your firewall? What is the part numbers of the 10G DAC purchased for FS.com?
The LB6M would be at the core, as all of the other switches that devices are connecting to connect to that. The oddity is the CCR which is the router which has one of the internet connections directly connected, as there is a bit of a firmware bug on the modem (Virgin Media Superhub 3 doesn't work well in Modem mode if you're in a region with an Arris CMTS) and i've got it plumbed in directly to rule out some things.

For the firewall, the CCR1036 is being used with ACLs being applied for inter vlan traffic.

The DACs are #21254 for the generics, for the Intel's I ordered #40144 but I get the same results with the 21254's, so I'm not using the 40144's.
 

PGlover

Active Member
Nov 8, 2014
499
64
28
58
The LB6M would be at the core, as all of the other switches that devices are connecting to connect to that. The oddity is the CCR which is the router which has one of the internet connections directly connected, as there is a bit of a firmware bug on the modem (Virgin Media Superhub 3 doesn't work well in Modem mode if you're in a region with an Arris CMTS) and i've got it plumbed in directly to rule out some things.

For the firewall, the CCR1036 is being used with ACLs being applied for inter vlan traffic.

The DACs are #21254 for the generics, for the Intel's I ordered #40144 but I get the same results with the 21254's, so I'm not using the 40144's.
whmcr... Got it.. As you mentioned before, the CCR is performing all the routing between Vlans. You have no Layer3 switches performing the routing. I noticed that CCR router has 2 SFP+ ports. I am using Pfsense and only have 1GbE ports on the WatchGuard X515 box. If I use your design with Pfsense performing all the routing between my Vlans and my DMZ zone, I would need to build a custom Pfsense box with 10GbE ports on it. I would think that the Pfsense box (1GbE ports) would be a bottleneck in the routing to the 10G core switch.

Additionally, why are you using a static LAG connection rather than a LACP connection to the LB6M from the CRS-CAB and CRS-Office switches?
 
Last edited:

whmcr

New Member
Jan 29, 2013
5
2
3
Got it.. As you mentioned before, the CCR is performing all the routing between Vlans. You have no Layer3 switches performing the routing. I noticed that CCR router has 2 SFP+ ports. I am using Pfsense and only have 1GbE ports on the WatchGuard X515 box. If I use your design with Pfsense performing all the routing between my Vlans and my DMZ zone, I would need to build a custom Pfsense box with 10GbE ports on it. I would think that the Pfsense box (1GbE ports) would be a bottleneck in the routing to the 10G core switch.
It's been a while since I was working with ACLs on L3 switches, but the last time I did, the main vendors were not doing stateful firewalls on L3 switches, as that would eat into their firewall markets :)

I'm not sending the storage networking via the router, so this cuts down a bit on the traffic.

If you're wanting to have SPI it's either going to be a lot of money on switching, or have a bit of a bottle neck on the router. For the CCR its able to be doing about 20-22 gbit of firewalling which gives a hard line of the maximum intervlan routing, but this is fine for me, as realistically, thats a very high number :)
 
  • Like
Reactions: fvanlint

PGlover

Active Member
Nov 8, 2014
499
64
28
58
Thanks for the information whmcr.. I plan to post another design later today using the LB6M as the core switch. Using the LB6M as the core switch will definitely cut down on the 10G connections I need based on the original design.

Additionally, why are you using a static LAG connection rather than a LACP connection to the LB6M from the CRS-CAB and CRS-Office switches?
 

whmcr

New Member
Jan 29, 2013
5
2
3
Additionally, why are you using a static LAG connection rather than a LACP connection to the LB6M from the CRS-CAB and CRS-Office switches?
The CRS doesn't implement 802.3ad so only static LAGs can be used rather than LACP.
 

PGlover

Active Member
Nov 8, 2014
499
64
28
58
I have a new layout using the Quanta LB6M as the core switch; however, I have a few basic network questions based on the design. Once again, I am not a network guru, so please be patience with me.

1. Do I really need a separate Juniper EX3300-24T switch for the DMZ zone? Can I just use the DMZ vlan on the core switch? The goal is to have virtual servers running in the DMZ and maybe up to 4 physical servers.
2. How will the LAN network talk to vlan 10, 20. and 30 on the core switch? I understand how the LAN network with talk to vlan 1 on the core switch because of the direct 10G connection to the vlan 1 port.
3. How will vlan 1, 10, 20, and 30 talk to each other on the core switch (Quanta LB6M)?

Also I am still fuzzy on how pfsense will do the DMZ traffic routing and filtering.

Thanks for all the comments so far...



Glover Home Data Center_New_v1_Layer 3 Routing_Quanta Core Switch.jpg
 
Last edited: