Posts Tagged ‘icx6610’

Brocade ICX/VDX firmware update cheatsheet

Wednesday, July 11th, 2018

Kind of a cheatsheet for updating firmware on Brocade’s ICX (nowadays Ruckus Networks) and VDX (nowadays Extreme Networks) switches.


– Make sure to check the release notes to ensure that your model is supported. For example, with ICX6xxx switches (which are EOL though) 08.0.30 branch is the highest you can go. 08.0.60 or 08.0.80 don’t support ICX6xxx.

copy scp flash /home/brcdsup/fastiron/08030/ICX64S08030s.bin primary

– If you immediately get ‘Connecting to remote host… Connection Closed’ error, then check whether your SSH server config includes legacy options (to be added into sshd_config file):

KexAlgorithms diffie-hellman-group1-sha1,,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
Ciphers 3des-cbc,blowfish-cbc,aes128-cbc,aes128-ctr,aes256-ctr


– Version upgrades such as 6.0 to 7.0, or 7.0 to 7.1 are considered as major upgrades hence destructive. Be prepared for ~30 minutes of outage + ~10 minutes for fabric recovery (with data traffic being forwarded).

firmware download logical-chassis scp directory /home/brcdsup/nos/nos7.1.0b host user brcdsup password xxx rbridge-id all coldboot

Configuring static lag on Brocade ICX switches to be used with Check Point bond

Monday, April 14th, 2014

As we’re slowly (but surely) moving towards replacing our Cisco gear with Brocade I’m going to publish a set of articles related to ICX 6610 configuration. Bear with me since I’m still learning it. By the way, if you spot any mistakes please let me know.

In comparison with the Cisco 3745 the Brocade’s ICX 6610 wins by miles, both in terms of performance and price (big time!), so here we go.

The first article will be related to the configuration of LAG (Link Aggregation Group) on ICX 6610 to be used with Check Point’s bond interfaces. The idea is to aggregate two or more physical links into a virtual one, so in case there is an issue with one of the links (faulty cable or NIC) the connection is still operational. To summarize, on Brocade you configure LAGs and on Check Point you configure bonds. Initially, when I first started working on it, my main goal was all about redundancy and I didn’t really care about load distribution. At the end it came out that the traditional active/backup setup cannot be implemented with the bond where both legs are terminated on the same switch, so I ended up with the active/active implementation. It’s a mix of load balancing + redundancy so should be fine.