I needed to update the firmware on a Ruckus ICX 7150, but could not remember the file name of the firmware I was updating. I looked through the commands for a dir: flash, or dir:usb and really couldn’t find much. After some googling didn’t come up with anything either.
To display the the files use the “Show files {Device}” for example to show files on flash “show files flash”
ICX7150-24P Switch#show files?
ASCII string dir name
ICX7150-24P Switch#show files flash
F 33554432 primary
F 32539748 secondary
F 256 primary.sig
F 162204 poe-fw
F 1576 $$ssh8rsahost.key
F 256 secondary.sig
66258472 bytes 6 File(s) in FI root
1135529984 bytes free in FI root
Below show getting the files on the USB drive.
ICX7150-24P Switch#show files disk0
F 60783027 SPR08095dufi.bin
D 4096 [—-] disk0/System Volume Information
60783027 bytes 1 File(s) in disk0
I needed to find out what type of Optic was installed into a switch, and if it read up correctly. In most vendors its “show interface transceivers” or some other command. I struggled to find Ruckus’s – so I thought I would share.
To find the media type of the port – just use the “Show media” command – so easy!
For instance, I need to find out what type SFP is on eth 1/2/8, and if it read correctly. Check out the below:
Then, if I just want to check what all ports are: “Show media” by itself. Notice ports 1/2/1 and 1/2/3 are my stack ports – and I have DACs (twinax) in these ports.
This entry shows how I have been setting up ICX switches with Fortinac.
In this scenario my Fortinac is located at 192.168.226.248, the switch is 192.168.226.53, and my SNMP community is “snmp”. I know very secure. The switch I am working with is a Ruckus 7250 running SPR08092a.bin
These are the settings that I am putting into my switch:
logging host 192.168.226.248
snmp-server host 192.168.226.248 version v2c snmp
snmp-server enable traps mac-notification
snmp-server enable traps link-up
snmp-server enable traps link-down
On the NAC we have to add the switch, and make sure we have a CLI user account, and SNMP creds that work. We can test this within NAC to make sure things are up and going.
After we add the device, we can validate the settings
After the device has been added you should see your interfaces/devices/status all show up.
I refer back to these commands a lot and thought they might help someone else. This will allow the Ruckus or Brocade ICX switches to authenticate to a radius server for logins to the device.
radius-server host 1.1.1.1 auth-port 1812 acct-port 1813 default key $aWdAblUmc3JuVSY9Z1k= dot1x
A few things to note about this. I am setting the web-server login and SSH logins to use radius, then if radius is not available use local authentication settings.
The login privilege-mode command bypasses the enable password and logs be straight in a privileged.
I have been working with Brocade ICX and now Ruckus ICX for a few years now. They are awesome switches.
I was asked a couple of times about something that was happening when someone would try and set the untagged or access vlan on a port. They would get this error:
error – port ethe x/x/x are not member of default vlan
The reason we were getting this error is because other vlans were attached to port as either untagged or tagged. To put a port into a vlan other than default as ‘untagged’ we need to make sure no other vlans are bound to that port. To do this we can check what vlans are attached to the port. In this scenario my default vlan is 999. It would be 1 on a switch that it was not manually changed on.
switch#show vlan br eth 1/1/3
Port 1/1/3 is a member of 2 VLANs
VLANs 32 48
Untagged VLAN : 999
Tagged VLANs : 32 48
Great, so now we know its untagged 999 (default) but tagged those 2 other ports. We need to remove the tags of 32 and 48 on this port before we can add it untagged into vlan 16 – which is the goal
switch#config t
switch(config)#vlan 32
switch(config-vlan-32)#no tag eth 1/1/3
switch(config-vlan-32)#vlan 48
switch(config-vlan-48)#no tag eth 1/1/3
Voice-vlan is cleared on port 1/1/3
switch(config-vlan-48)#
switch(config-vlan-48)#exit
switch(config)#vlan 16
switch(config-vlan-16)#unt eth 1/1/3
Added untagged port(s) ethe 1/1/3 to port-vlan 16.
switch(config-vlan-16)#exit
switch(config)#exit
switch#show vlan br eth 1/1/3
Port 1/1/3 is a member of 1 VLANs
VLANs 16
Untagged VLAN : 16
Tagged VLANs :
Thats it! now we are untagged or access in vlan 16. But wait! what if we wanted to have it be a trunk port to allow vlans 32/48 and be native 16. Then we would use the ‘Dual port’ command with the modification of the untagged vlan like this:
dual mode 16 — means untagged 16, but allow whatever vlans are tagged to pass. Of course vlans 16,32,48 would need to be tagged on the port first. I will write another entry about that.
Recent Comments