[SOLVED] Help Needed - Brocade ICX 6450 + Ruckus R720

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

Vesalius

Active Member
Nov 25, 2019
252
190
43
@Vesalius I owe you a beverage of your choice! thank you!
Another FYI the Ruckus interface bonding instructions on page 7 of that document work on unleashed firmware 200.7, but not 200.8. The commands I gave earlier are now the way to set it up with new unleashed firmware.
 

itronin

Well-Known Member
Nov 24, 2018
1,234
793
113
Denver, Colorado
Another FYI the Ruckus interface bonding instructions on page 7 of that document work on unleashed firmware 200.7, but not 200.8. The commands I gave earlier are now the way to set it up with new unleashed firmware.
@Vesalius hmm... wondering if the .7 instructions will work with .6 am thinking of downgrading as I have fruity devices. Unless the performance issue has been worked out in the latest .8 release... then again its easy enough to move up and down so might as well try them all and see what happens! :)
 

Vesalius

Active Member
Nov 25, 2019
252
190
43
@epicurean did you set up DHCP servers for each vlan on the pfsense side? Also how is your switch connected the pfsense device? If it is only connected with a single Ethernet patch cable you will need to tag that 6610 port with both vlans as well as untagged for vlan 1 with dual mode like @itronin showed you earlier.

 
Last edited:

epicurean

Active Member
Sep 29, 2014
785
80
28
My ruckus r710 is on firmware 200.4 . I read that any newer and there are download speed issues. Is that still true for 200.8?
@Vesalius - Yes I did setup DHCP server for each vlan. my 6610 switch is connected to the pfsense machine on port 1.
Sorrry, please explain what you mean by tag "that 6610 port with both vlans as well as untagged for vlan 1 with dual mode"
My 6610-48 is not the POE variant. I have a POE injector to power the r710.
er...assume I can ignore everything about LLDP and LACP with regards to my issue? highly confusing.

Update - did the vlans for the port from pfsense (port 3 actually). Still cannot get ip address from wifi
 
Last edited:

K D

Well-Known Member
Dec 24, 2016
1,439
320
83
30041
Are you using pfsense or the 6610 to route between VLANs ? If it's the 6610, you will need to set up the static routes in pfsense. Also, for some reason, I have to reboot my pfsense box after most configuration changes.

pf1.png
P2.png

Check if you have set the VLAN correctly for the SSID in the 710
Image 1.png
 

itronin

Well-Known Member
Nov 24, 2018
1,234
793
113
Denver, Colorado
My ruckus r710 is on firmware 200.4 . I read that any newer and there are download speed issues. Is that still true for 200.8?
@Vesalius - Yes I did setup DHCP server for each vlan. my 6610 switch is connected to the pfsense machine on port 1.
Sorrry, please explain what you mean by tag "that 6610 port with both vlans as well as untagged for vlan 1 with dual mode"
My 6610-48 is not the POE variant. I have a POE injector to power the r710.
er...assume I can ignore everything about LLDP and LACP with regards to my issue? highly confusing.

Update - did the vlans for the port from pfsense (port 3 actually). Still cannot get ip address from wifi
@epicurean, how many ethernet cables do you have plugged into your pfsense system? maybe a picture will help? would you post your 6610 config please?
 

Vesalius

Active Member
Nov 25, 2019
252
190
43
Unleashed 200.8 has the same bug as 200.7 and to some degree 200.6. Mostly seems to affect Apple devices running ios.

@epicurean, yes ignore my digression into LACP, lldp, and POE commands completely.

Agree with @itronin, a picture might help. To clarify what port # on the 6610 connect are you using to connect to the pfsense box?
 

itronin

Well-Known Member
Nov 24, 2018
1,234
793
113
Denver, Colorado
@epicurean: I'm guessing you only have 2 ethernet cables hooked up to your pfsense box ... Since you were asking about how to set up vlans on the 710 I'm going out on a limb and thinking you do not have vlans configured on the switch to your pfsense box.
 

epicurean

Active Member
Sep 29, 2014
785
80
28
Pfsense provides DHCP and created vlan routing , my 6610 does not do that.
There is only 1 cable from the LAN port of the Pfsense, goes into port 3 of the 6610. Port 42 of the 6610 goes to my r710

only vlans I configured on the 6610 is on port 3 and port 42 to enable vlan 30 and vlan 50.

I did configure the r710 as K D advised on post #47. So I am still scratching my head why no success yet.
I have YET to reboot my pfsense. Should I do that?
 

itronin

Well-Known Member
Nov 24, 2018
1,234
793
113
Denver, Colorado
pfsense vlans.jpg... looks like you configured 300 and 500 as the tags. I have old eyes - I could be wrong. Should be 30 and 50 right?

Edit -
Yeah in the switch you have 30 and 50 and in your posts you've been talking about 30 and 50...

In your r710 config *and* your pfsense config you have 300 and 500...

You can either change your icx config or change r710 and pfsense...

given that you have a gui in pfsense and r710 I recommend you make the changes there.

btw, IMO you are using a good practice by using the vlan tag number as the subnet number for a home lab - easy to remember...
 
Last edited:

epicurean

Active Member
Sep 29, 2014
785
80
28
OMG! Yes I configured in pfsense the vlans to be 300 and 500 instead of 30 and 50.
Making the changes now


update: It all works now!! did not need to reboot pfsense :)

Now I need to figure what happened to my other setup which has a pfsense to a unifi switch and a unifi AP, but same problem - cannot get DHCP ip address
 

epicurean

Active Member
Sep 29, 2014
785
80
28
@PGlover . oops I think I may have deleted them all from my google drive. Lets see if I can find them another place. Is it not available on the forum anymore?
 

ViciousXUSMC

Active Member
Nov 27, 2016
264
140
43
41
Bookmarked this thread. Very good info and very similar setup to mine:
2x Ruckus R710 w/ Unleashed
Dell R210ii w/ PFSense
Brocade ICX 6450-48P

I actually had two VLANS for a long time, just the default VLAN 1 for all client traffic and a VLAN 10 for all Servers.

I broke it out into VLANS for two reasons.
1.) Security
2.) Performance
3.) Ok 3 Reasons, because I am a Nerd

The Performance bit was about enabling Jumbo Frames so every server has a 10gb interface and I enabled Jumbo Frames.
I had it all working but actually just last week flattened my network back to a single LAN again.

The main reason was to simply management and fix some issues with communication. Some devices just need to be on the same Layer 2 domain as your server to work. Trying to stream content on VLC from a FireTV for example it couldnt' see my Freenas Server for some reason. Or my Behringer Mixer connected to the network the application to control it just didn't work with auto discovery because it coudln't see broadcast.

The reason I keyed in though is more of a comment/question.

I did not have routing being done by PFSense I had all my routing done by my switch because thats kind of the point of a Layer 3 switch. So my default gateway for each VLAN was a virtual interface on the switch. This is supposed to be preferred for performance, but then of course I lose all the ability to inspect and use firewall rules on that traffic on PFSense.

I had issues with PFSense crashing on me every once in a while so I didn't want to send even more traffic at it (Some kind of interface panic with Suricata that I have tried every tweak I can imagine to fix, including adding an Intel NIC to the PFSense box in case it was the crappy Realtek interfaces)

I am watching this Video now:
So all the routing is going thru PFSense and for me that means I would lose my 10gb connection between my computer and my NAS unless I add 10gb to the Firewall (Currently it does not because its only really used for WAN access and my internet is only 150mb/s)

So I wonder when/if I decide to mix things up again if I want to route everything in PFSense or still use the switch to do the routing.
I also probably might like to do physical interfaces for the main VLANS instead of a trunk, or perhaps a bonded pair of trunks. So I am curious what kind of configuration differences I would need to make for that to work.
 
  • Like
Reactions: Ezekial