Solved: Brocade ICX 6450 - Intra-VLAN Switching Not Occurring

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

NateR

New Member
Feb 10, 2022
28
20
3
FINAL EDIT: After many hours of digging, finally figured it out: It was the Uplink-switch configuration. I don't know what that is supposed to do (when setting up the VLAN, I'd thought it was just telling the switch which port the default gateway would be accessed through), but it was preventing communication from occurring between devices on the same VLAN/subnet.

-----------------

Hello all,

After implementing VLANs on a Brocade ICX6450-24P (which I'd previously been using without VLANs, just layer 2 switching, without any issues), I'm running into some difficulties getting layer 2 communication to happen between any nodes on the same VLANs (both Linux and Windows). There are no issues with any of them reaching the subnet's default gateway, but they cannot communicate with each other. Devices in other subnets can ping them. I've been beating my head on this for a few hours now - the only setting I've been able to find that could cause it would be "route-only," but that is not enabled on here. Does anything jump out at you as obviously wrong with my config, or have any ideas why this isn't working?

Additional notes:
1. Moved them out of the VLAN (to the default VLAN), and they could the ping each other. Moved them back into VLAN 20, and they could still ping each other. Saved the configuration and restarted the switch. Back to them being unable to ping each other.

2. Disabled Windows Firewall on a couple of Windows devices I've got on the subnet. Still no responses. Note: These two Windows devices were not the ones configured with LAG, so it wouldn't be related to that configuration.

3. Definitely an issue specific to the Brocade. As soon as I plug one or both devices into a VLAN 20-configured port on the Mikrotik that the Brocade uplinks to, communication starts right up. Do I need to somehow create a bridge across all these interfaces on the Brocade, like you have to do on the Mikrotik to have communication happen?

4. I'm not seeing the devices show up in the ARP cache on the switch, but it sounds like this would only be populated on the router?

Code:
SSH@sw-01#show conf
!
Startup-config data location is flash memory
!
Startup configuration:
!
ver 08.0.30uT313
!
stack unit 1
  module 1 icx6450-24p-poe-port-management-module
  module 2 icx6450-sfp-plus-4port-40g-module
!
!
!
lag proxmox-02 dynamic id 2047
ports ethernet 1/1/5 to 1/1/6
primary-port 1/1/5
lacp-timeout long
deploy
!
lag proxmox-03 dynamic id 1
ports ethernet 1/1/7 to 1/1/8
primary-port 1/1/7
deploy
!
!
vlan 1 name DEFAULT-VLAN by port
router-interface ve 1
!
vlan 2 name Management by port
tagged ethe 1/2/1
untagged ethe 1/1/24
uplink-switch ethe 1/2/1
router-interface ve 2
!
vlan 10 name Clients by port
tagged ethe 1/2/1
uplink-switch ethe 1/2/1
router-interface ve 10
!
vlan 20 name Servers by port
tagged ethe 1/2/1
untagged ethe 1/1/1 to 1/1/23 ethe 1/2/2
uplink-switch ethe 1/2/1
router-interface ve 20
!
!
!
!
!
inline power ethernet 1/1/5 to 1/1/8 power-limit 1000
aaa authentication web-server default local
aaa authentication login default local
enable telnet authentication
hostname sw-01
ip dhcp-client disable
ip dns server-address 10.0.2.1
ip route 0.0.0.0/0 10.0.2.1
!
username root password .....
snmp-server community ..... ro
!
!
clock summer-time
clock timezone gmt GMT-07
!
!
ntp
disable serve
server 216.239.35.0
server 216.239.35.4
!
!
web-management https
!
!
!
interface management 1
ip address 192.168.88.10 255.255.255.0
!
interface ethernet 1/1/2
inline power power-limit 1000
!
interface ethernet 1/1/3
inline power power-limit 1000
!
interface ethernet 1/1/4
inline power power-limit 1000
!
interface ethernet 1/1/9
inline power power-limit 1000
!
interface ethernet 1/1/10
inline power power-limit 1000
!
interface ethernet 1/1/11
inline power power-limit 1000
!
interface ethernet 1/1/12
inline power power-limit 1000
!
interface ethernet 1/1/13
inline power power-limit 1000
!
interface ethernet 1/1/14
inline power power-limit 1000
!
interface ethernet 1/1/15
inline power power-limit 1000
!
interface ethernet 1/1/16
inline power power-limit 1000
!
interface ethernet 1/1/17
inline power power-limit 1000
!
interface ethernet 1/1/18
inline power power-limit 1000
!
interface ethernet 1/1/19
inline power power-limit 1000
!
interface ethernet 1/1/20
inline power power-limit 1000
!
interface ethernet 1/1/21
inline power power-limit 1000
!
interface ethernet 1/1/22
inline power power-limit 1000
!
interface ethernet 1/1/23
inline power power-limit 1000
!
interface ethernet 1/1/24
inline power power-limit 1000
!
interface ethernet 1/2/1
dual-mode  10
!
interface ve 1
!
interface ve 2
ip address 10.0.2.3 255.255.255.0
!
interface ve 10
ip address 10.0.10.3 255.255.255.0
!
interface ve 20
ip address 10.0.20.3 255.255.255.0
!
!
!
!
!
!
!
!
!
end
Thank you

EDIT: Flushed the ARP cache on the OPNSense router for the lulz. No dice.

EDIT2: Does anyone know of a good example configuration I can reference to see what a working multi-VLAN configuration would look like?
 
Last edited:
  • Like
Reactions: eptesicus

eptesicus

Active Member
Jun 25, 2017
151
37
28
35
Would you mind sharing your current/working config? I'm configuring the 48-port variant now and am curious what your config looks like, especially with the multi-VLANs.