Ruckus ICX 7150-C12p Primer
I bought my ICX 7150-c12p before my EX2200-c12p, but it's PSU broke so it lived in a box until I could bother researching and buying a new PSU for it.
PSU replacement
The original PSU seems to be very easy to break - not sure if it's a PSU or a switch issue.
After some research I eventually concluded that the FSP200-P35-A54 (link to digikey.com) should be a nice PSU to try, as it would deliver more power than needed, even in a fanless environment.
Replacing the PSU was trivial - I just took the case apart, removed the original and placed the new one in it's place. The only caveat was that I had to invert the power cables to avoid frying the rest of the switch.
The above is taken after inverting the power cable and replacing the PSU.
Configuration
As with the EX2200-c12p I've used a serial connection to configure the switch. There's a USB-C connection on the switch for management, which is handy. The webui is very…oldschool, which I guess some people will like. :-)
Basic settings
My 7150-c12p is running the routing firmware (as opposed to the switching-only firmware). I've been too lazy to change it or even update it yet.
I'm not using the dedicated management switch interface, as I don't have any OOB network to use with it.
# Become a privileged user and enable the configuration mode enable config t # Enable PoE on all ports interface ethernet 1/1/1 to 1/1/12 inline power exit # Show PoE statistics show inline power detail # Create a management vlan, add 1/1/6 untagged and tagged on 1/1/1 vlan 3 name management-vlan untag ethernet 1/1/6 tagged ethernet 1/1/1 # Create a routed interface for this vlan router-interface ve 3 exit # Configure routed interface for vlan 3 interface ve 3 ip address 192.168.3.2/24 exit ip route 0.0.0.0/0 192.168.3.254 ip dhcp-client disable vlan 150 name clients-vlan untag ethernet 1/1/2 tagged ethernet 1/1/1 # Enable spanning-tree for these vlans vlan 3 100 150 200 250 spanning-tree 802-1w
LACP
Below creates a LACP interface. 1/2/1 and 1/2/2 are the non-PoE 'uplink' ports on the right hand side of the switch. I haven't tried creating a LACP interface on the SFP+ interfaces yet, but it Should Work™ as well.
It seems you can assign vlans to either all the LACP member ports, OR to the LACP interface itself. I haven't tried the latter (or both simultaneously) myself.
lag uplag dynamic id 1 ports ethernet 1/2/1 to 1/2/2
SNMP
I use SNMPv3 so the SNMPv2c is more or less untested. Being able to create views to limit what each SNMP group can see is nice!1
### version v2c # create a community string for read only usage snmp-server community hello-world-change-me-please ro ### version 3 # create a group for read only access snmp-server group readers v3 priv read all # create a user, with sha & aes snmp-server user change-me-please readers v3 auth sha asdfasdf priv aes adsfasdf # only allow connections from one address for this user snmp-server host 192.168.3.1 version v3 auth change-me-please
Dual mode ports
When using a 'trunk' line from the switch to a computer, like my router, I set the interface on the switch in a dual mode configuration. I typically use an unique VLAN for each port as untagged, and then assign all other 'real' VLANs to the port - this way I don't really have a 'default' VLAN.
This is a quirk with the FastIron OS, you first have to assign the vlan as tagged to the port, then configure the interface as dual mode using the tagged interface again.
vlan 3113 tagged ethernet 1/1/11 exit interface ethernet 1/1/11 dual-mode 3113
Making SSH work in 2023
I typically use the serial port for configuring this switch, but in case you want to use SSH you have to add some configuration to allow the old algorithms needed for this switch.
Host 192.0.2.1
User root
KexAlgorithms +diffie-hellman-group1-sha1
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes +ssh-rsa
One initial idea was to use this with my home automation software, so I can power cycle or schedule on/off times for PoE devies.