Wednesday, August 31, 2016

Brocade Network Advisor

I have been getting into BNA quite a bit lately.  I really think this is a value add for the Network Admin/Engineer.  I'm working my way through the ins and outs of it, as time permits, but I see some things that are real game changers for the network admin/engineer.
I was talking to one of the guys here at Brocade, and one of the things he said really caught my attention.  He said he was talking to a group of CLI guys, and one of the things he asked them was that in five years from now, do you think you will be still doing things in CLI?  Well, I have to say, as a CLI guy myself, the answer is NO.  I'm seeing a lot of really cool stuff from Brocade that is driven to make the stress and headache of the network guy less and less.  Which, in reality, is what we all want.  Im setting up BNA to monitor a few switches, but with that, BNA also does config work for you.  Im pushing the following commands to change the two switches I have in a lab:
default-vlan-id 3000
vlan 200
tagg eth 1/1/1
int eth 1/1/1
vlan 1
tagged eth 1/1/1
int eth 1/1/1
dual-mode 1

So, lets look at a screenshot of what happened:

If you will notice, I push the commands on the left (in the square) to the two switches on the right.  Imagine if you have 100 switches in the network.
Below, just to check, is the config off one of the switches.  I cut and pasted and edited the stuff that was not part of this config:
vlan 1 by port
 tagged ethe 1/1/1
vlan 200 by port
 tagged ethe 1/1/1
vlan 3000 name DEFAULT-VLAN by port

default-vlan-id 3000

interface ethernet 1/1/1
 dual-mode  1

Now image you typing in the config in the box on the left (all as if in CLI) and then pushing to the 100 switches in your network?  Wouldn't that be cool?  Well, it is.  It saves time.  It saves money.  It saves you from being at work so late.  It frees you up to do other things you need to do.  Man, I'm telling you, this is nothing compared to what is in BNA now and what is coming in other Brocade products.
Here is another feature that allows you to see the changes made to a config.  Just a quick screenshot, shows you the below (I made another untagged eth 1/1/35 in some testing):

I'm seeing a lot of cool things within Brocade.  Things I didnt get to see at the VAR level.  And I'm excited about the direction that things are going.

Tuesday, August 30, 2016

Brocade VDX: Resetting VCS Back To Default Settings

Just a quick post about resetting VCS back to the default on the VDX.  The command is "no vcs logical-chassis enable rbridge-id all default-config".  Sorry for the lack on content here, but you know what you want to do, so here is the command to do it.

Monday, August 29, 2016

Sunday, August 28, 2016

Friday, August 26, 2016

Thursday, August 25, 2016

Brocade ICX7450

As an FCX replacement, the ICX 7450 is a nice switch. With 336 Gbps switching capacity (line rate) and up to 250 Mpps of forwarding rate, this is a good small business core.  You can also stack up to 12 units together.
Not that this model has three modular slots. One in front, and two in back.

Monday, August 22, 2016

Brocade VDX: Adding A 40Gig License For Two Ports

Just a quick post about how to add a 40Gig license to a VDX.  Ill be adding it to the second unit of the VDX fabric (RBridge 2).  I had to generate this in the software portal.

VDX1# license add rbridge-id 2 licStr "*BXXXXXXXXXXXX"

License Added "*BXXXXXXXXX"

For license change to take effect, it may be necessary to enable ports...

Sunday, August 21, 2016

Friday, August 19, 2016

Thursday, August 18, 2016

Brocade VDX: Adding An Untagged Port (Access Port) To A VLAN

If you need to assign an untagged port to a specific vlan, you will notice that the VDX line is the same as Cisco.  See below.  With the VDX, it truly is a "if you know Cisco, you will know the VDX product CLI".

sw0(config)# interface TenGigabitEthernet 2/0/17
sw0(conf-if-te-2/0/17)# switch access vlan 2
sw0(conf-if-te-2/0/17)# exit

Tuesday, August 16, 2016

Monday, August 15, 2016

Brocade ICX7750: Stack Trunk Configuration For More Throughput/Redundancy

I was working with one of the local engineers in a ICX7750 stack configuration for a core install.  We were easily able to stack the two together without any issue with two stacking cables.  But, we decided we wanted all six of the 40Gig ports for stacking.  Since the default only uses two ports (1/2/1 and 1/2/4), we had to do some config work to get both port groups (3 in one port group, 3 in the other) to work.
This is how it looked when we had the two cables in place.  With a "show stack" command, here is what we saw:
ICX7750-48F Router#sh stack
T=2m48.4: alone: standalone, D: dynamic cfg, S: static
ID   Type          Role    Mac Address    Pri State   Comment
1  S ICX7750-48XGF active  609c.9f23.a380 255 local   Ready
2  S ICX7750-48XGF standby 609c.9f7f.5100 254 remote  Ready

    active       standby
     +---+        +---+
 -2/4| 1 |2/1--2/4| 2 |2/1-
 |   +---+        +---+    |
 |                                |
Standby u2 - protocols ready, can failover
Current stack management MAC is 609c.9f23.a380

#  Stack-port1                                  Stack-port2
1   up (1/2/1)                                   up (1/2/4)
2   up (2/2/1)                                   up (2/2/4)

Notice above the highlighted.  It shows a -- between connections.  This means there is one cable connecting in each port group.  Just something to notice.
Now, lets change the config for 6 ports total for stacking.
Core(config)#stack unit 1
Core(config-unit-1)#multi-stack-trunk 1/2/1 to 1/2/3 and 2/2/1 to 2/2/3
Core(config-unit-1)#multi-stack-trunk 1/2/4 to 1/2/6 and 2/2/4 to 2/2/6
Error! 1/2/4 has no connection. Please use "stack-trunk".
Core(config-unit-1)#multi-stack-trunk 1/2/4 to 1/2/6 and 2/2/4 to 2/2/6
Core#sh stack conn
ID   Type          Role    Mac Address    Pri State   Comment
1  S ICX7750-48XGF active  609c.9f23.a380 255 local   Ready
2  S ICX7750-48XGF standby 609c.9f7f.5100 254 remote  Ready
    active       standby
     +---+        +---+
 =2/4| 1 |2/1==2/1| 2 |2/4=
 |   +---+        +---+    |
 |                                |

trunk probe results: 2 links
Link 1: u1 -- u2, num=3
  1: 1/2/1 (T0) <---> 2/2/1 (T0)
  2: 1/2/2 (T0) <---> 2/2/2 (T0)
  3: 1/2/3 (T0) <---> 2/2/3 (T0)
Link 2: u1 -- u2, num=3
  1: 1/2/4(T1) <---> 2/2/4(T1)
  2: 1/2/5(T1) <---> 2/2/5(T1)
  3: 1/2/6(T1) <---> 2/2/6(T1)
CPU to CPU packets are fine between 2 units.

Now, notice that above there are == signs instead of -- signs.  This is to show you there are multiple cables plugged into one port group.  Just something to notice.
Also, there is plenty of bandwidth between the two units and plenty of redundancy.

Saturday, August 13, 2016

Friday, August 12, 2016

Brocade VDX6740: Creating A Local Username

At a minimum, you need local security for logging in apart from the regular admin login.  I recommend you at least change the admin password for security.  If you want to create another username, here is how you go about it:

Lets create a user named "skillen":
sw0(config)# username skillen role admin pass 12345678
2016/08/05-20:10:32, [SEC-1180], 10801, SW/0 | Active, INFO, VDX6740, Added account skillen with admin authorization.
2016/08/05-20:10:33, [SEC-3501], 10802, SW/0 | Active, INFO, VDX6740, Role 'admin' is changed.
sw0(config)# exit

Lets show th attributes of the userID of skillen:
sw0# show running-config username skillen
username skillen password "FcW6mugljsWgKERrJHA7RQ==\n" encryption-level 7 role admin

Lets logoff, then log back in with the new username:
sw0 login: skillen
2016/08/05-20:12:34, [SEC-1206], 10805, SW/0 | Active, INFO, sw0, Login information: User [skillen] Last

Successful Login Time : Fri Aug  5 20:12:34 2016
Welcome to the Brocade Network Operating System Software
skillen connected from using console on sw0
sw0# sh users

ID    Username Role     Host IP      Method   Time Logged In       TTY
1     skillen  admin    Cli      2016-08-05 20:12:40  ttyS0
ID      Username
no locked users

Thursday, August 11, 2016

Wednesday, August 10, 2016

Brocade Training: A Great ICX YouTube Channel For Configurations And How-Tos

I highly recommend you check this YouTube channel out for Brocade configurations on the ICX line.  This Brocade SE (Terry Henry) has done a great job at putting together 5 to 10 minute "how-tos" together for your benefit.  Check out the YouTube channel here.

Tuesday, August 9, 2016

Brocade ICX Equivalent CLI Commands For Cisco "spanning-tree portfast"

This question came up yesterday, and thought I would address it:
Question:  What is the Brocade ICX equivalent CLI command for Cisco "spanning-tree portfast"?
Answer: On the port interface, "spanning-tree 802-1w admin-edge-port".
               For uplink ports to other switches, use "spanning-tree 802-1w admin-pt2pt-mac"

Monday, August 8, 2016

Brocade VDX: How To Create A VLAN On A VDX6740

Just a quick walk-through on creating a VLAN on the VDX.  First, lets see what VLANs are on the 6740 by default:
sw0# sh vlan brie
Total Number of VLANs configured    : 2
Total Number of VLANs provisioned   : 2
Total Number of VLANs unprovisioned : 0
VLAN             Name            State                      Ports           Classification
(F)-FCoE                                                    (u)-Untagged
(R)-RSPAN                                                   (c)-Converged
(T)-TRANSPARENT                                             (t)-Tagged
================ =============== ==========================
1                default         INACTIVE(no member port)
1002(F)          VLAN1002        INACTIVE(no member port)

Now, lets create VLAN 2:
sw0(config)# int vlan 2
2016/08/05-20:00:34, [NSM-1004], 10800, SW/0 | Active | DCE, INFO, VDX6740,  Interface Vlan 2 is created.

sw0(config)# do sh vlan brie
Total Number of VLANs configured    : 3
Total Number of VLANs provisioned   : 3
Total Number of VLANs unprovisioned : 0
VLAN             Name            State                      Ports           Classification
(F)-FCoE                                                    (u)-Untagged
(R)-RSPAN                                                   (c)-Converged
(T)-TRANSPARENT                                             (t)-Tagged
================ =============== ==========================
1                default         INACTIVE(no member port)
2                VLAN0002        INACTIVE(no member port)
1002(F)          VLAN1002        INACTIVE(no member port)


Friday, August 5, 2016

Brocade ICX: Some Quick Facts To Look At About The ICX Line

I wanted to put up some quick facts for the small core down to the access closet in the ICX line.  This doesn't include the powerful 1U ICX7750 or the VDX line. I'll post more about the 7750 and the VDX in the future.
Highlighted is the ICX7250, a good access switch.  ICX6610s still a good core for medium and small businesses, although the ICX7450 is a good core for the small business also.

Thursday, August 4, 2016

Wednesday, August 3, 2016

Tuesday, August 2, 2016

How To Form A VCS Data Center Fabric With Brocade VDX6740s


I've already started this with THIS POST about why Brocade VDX in the data center over the Cisco Nexus.  Ill continue as time goes on as to why I believe Brocade is the best answer as opposed to Cisco.
I want to pass on to you guys just how easy it is to setup the VDX environment.  I have three VDX6740s in a lab right now, and Im working with them to provide you guys some good information.  Lets get going on this post to show you just how easy it is to setup a VCS (Virtual Cluster Switching) environment with the VDX product.  Keep in mind, VDX is geared for data centers, and Ill get into the reasons why as I post more on this subject.
Below, Im cutting and pasting in the config I did to get the cluster formed and ready.  I did do a firmware upgrade to 6.0.2, as you saw in a post this earlier this week.  All I have to do to get the cluster formed is ONE command.  Yes, thats right.  Only one command in CLI on each VDX6740 to tie all VDXs together to form the VCS cluster.

First, I want to show you what you should expect to see when you run the "show vcs" command, after you put a management IP address on the box.  I did that when I upgraded the firmware over FTP, as you saw in an earlier post this week.
sw0# sh vcs
Config Mode    : Local-Only
VCS Mode       : Fabric Cluster
VCS ID         : 1
Total Number of Nodes           : 1
Rbridge-Id       WWN                            Management IP   VCS Status       Fabric Status        HostName
1               >10:00:00:27:F8:C7:D2:56*     Online           Online               sw0

Keep in mind, this is VDX number 1, the first in the cluster.  Ill now set the vcsid and rbridge number for box number 1.  VCSID ID will be the same across the VCS cluster.  RBRIDGE ID will be different for each box, just FYI.
sw0# vcs vcsid 10 rbridge-id 1 logical-chassis enable
This operation will perform a VCS cluster mode transition for this local node with new parameter settings. This will change the configuration to default and reboot the switch. Do you want to continue? [y/n]:y

The VDX reboots.  When it comes back up, Ill run the "show vcs" again, and this is what you will expect to see below. 
sw0# sh vcs
Config Mode    : Distributed
VCS Mode       : Logical Chassis
VCS ID         : 10
VCS GUID       : c35843f9-d60d-4949-b27d-93338d51f692
Total Number of Nodes           : 1
Rbridge-Id       WWN                            Management IP   VCS Status       Fabric Status        HostName

1               >10:00:00:27:F8:C7:D2:56*     Online           Online               sw0

Notice that instead of "fabric cluster", we now have logical chassis.  Logical chassis is so that we can manage all VDXs with the primary VDX only.  It all looks like one box, no matter how many we add in.  Not to mention the technical details behind logical-chassis mode.

Now, lets add the second box.  Ive consoled into VDX number 2, and type in the following:
sw0# vcs vcsid 10 rbridge-id 2 logical-chassis enable
This operation will perform a VCS cluster mode transition for this local node with new parameter settings. This will change the configuration to default and reboot the switch. Do you want to continue? [y/n]:y

This unit reboots, and comes back up.  Next, I physically tie the first VDX and second VDX together with a 10gig twin-axe cable.  I then see the below to verify the fabric has formed.

sw0# sh vcs
Config Mode    : Distributed
VCS Mode       : Logical Chassis
VCS ID         : 10
VCS GUID       : c35843f9-d60d-4949-b27d-93338d51f692
Total Number of Nodes           : 2
Rbridge-Id       WWN                            Management IP   VCS Status       Fabric Status        HostName
1               >10:00:00:27:F8:C7:D2:56*     Online           Online               sw0
2                10:00:50:EB:1A:38:D7:DF     Online           Online               sw0

sw0# sh fabric isl

Rbridge-id: 1   #ISLs: 1

 Src       Src           Nbr       Nbr
Index   Interface       Index   Interface               Nbr-WWN           BW   Trunk  Nbr-Name
65      Te 1/0/2         65     Te 2/0/2        10:00:50:EB:1A:38:D7:DF   10G   Yes   "sw0"

Notice above, that the "show fabric isl" shows the physical connection, and that its 10gig.  I also ran the "show vcs" command, which shows both VDXs in the cluster.  Keep in mind, I did this with ONE command on each VDX.  Now, lets add the third VDX that I have.

sw0# vcs vcsid 10 rbridge-id 3 logical-chassis enable
This operation will perform a VCS cluster mode transition for this local node with new parameter settings. This will change the configuration to default and reboot the switch. Do you want to continue? [y/n]:y

VDX number 3 reboots, and now, when I physically connect the 10Gig twin-axe cable in to the first VDX and type in "show vcs" on the primary VDX, I get the following:
sw0# sh vcs
Config Mode    : Distributed
VCS Mode       : Logical Chassis
VCS ID         : 10
VCS GUID       : c35843f9-d60d-4949-b27d-93338d51f692
Total Number of Nodes           : 3
Rbridge-Id       WWN                            Management IP   VCS Status       Fabric Status        HostName
1               >10:00:00:27:F8:C7:D2:56*     Online           Online               sw0
2                10:00:50:EB:1A:38:D7:DF     Online           Online               sw0

3                10:00:50:EB:1A:1D:8B:0B     Online           Online               sw0

Here are some other good commands to verify connection and get information:
sw0# sho fabric isl

Rbridge-id: 1   #ISLs: 2

 Src       Src           Nbr       Nbr
Index   Interface       Index   Interface               Nbr-WWN           BW   Trunk  Nbr-Name
64      Te 1/0/1         64     Te 2/0/1        10:00:50:EB:1A:38:D7:DF   20G   Yes   "sw0"
79      Te 1/0/16        69     Te 3/0/6        10:00:50:EB:1A:1D:8B:0B   20G   Yes   "sw0"

Notice above, that I have 20Gig for each connection to the VDXs.  I put two 10Gig twin-axe cables to each VDX, giving me 20Gig for each.  I can do 8 (80Gig) for each VDX if I want, but I didnt have the cables to do that for my lab.

Now, lets look at exactly what ports are connected.
sw0# sho fabric islports
Name:           sw0
Type:           131.7
State:          Online
Role:           Fabric Principal
VCS Id:         10
Config Mode:    Distributed
Rbridge-id:     1
WWN:            10:00:00:27:f8:c7:d2:56

 Index   Interface      State   Operational State
 64     Te 1/0/1         Up     ISL 10:00:50:eb:1a:38:d7:df "sw0" (downstream)(Trunk Primary)
 65     Te 1/0/2         Up     ISL (Trunk port, Primary is 1/0/1 )
 66     Te 1/0/3         Down
 67     Te 1/0/4         Down
 68     Te 1/0/5         Down
 69     Te 1/0/6         Down
 70     Te 1/0/7         Down
 71     Te 1/0/8         Down
 72     Te 1/0/9         Down
 73     Te 1/0/10        Down
 74     Te 1/0/11        Down
 75     Te 1/0/12        Down
 76     Te 1/0/13        Down
 77     Te 1/0/14        Down
 78     Te 1/0/15        Up     ISL (Trunk port, Primary is 1/0/16 )
 79     Te 1/0/16        Up     ISL 10:00:50:eb:1a:1d:8b:0b "sw0" (downstream)(Trunk Primary)
 80     Te 1/0/17        Down
... (cut for brevity)

You can do any topology you like that makes sense for your customer.  In this example, I have two VDX6740s hanging off of the first VDX6740.  You can get as redundant as you like.
That is literally all there is to forming your VCS fabric.  Lets recap.  The CLI command on each VDX to form the cluster is "vcs vcsid (#) rbridge (#) logical-chassis enable".  The VCSID ID # must be the same for all VDXs in the VCS cluster.  The RBRIDGE ID # will be different for each VDX in the cluster.  Also keep in mind that the firmware version for each VDX6740 must be the same.
When I compare this to the Cisco Nexus, the Brocade data center solution is much easier to form a data center fabric.  You can refer to my Cisco Nexus posts for configuring 5Ks and FEXs and getting redundancy setup into the data center.  Post 1  Post 2
Also, here is another config post for the Cisco Nexus.  Post 3

Monday, August 1, 2016

Brocade VDX6740 Firmware Upgrade From 5.X To 6.X

I got three VDXs in a lab to learn and play with recently.  The first thing I wanted to do was to upgrade the firmware on them all to a good version to be on.  Based on another SE recommendation, I went to version nos6.0.2a2.
I setup my FTP server on my laptop and ran the following commands on the first VDX:

sw0# config t
sw0(config)# int man 1/0
sw0(config-Management-1/0)# ip add
sw0(config-Management-1/0)# exit
sw0(config)# exit
sw0# firmware download ftp host coldboot directory /nos6.0.2a2 user anonymous
Password: ****
Performing system sanity check...

This command will cause a cold/disruptive reboot and will require that existing telnet, secure telnet or SSH sessions be restarted.

Do you want to continue? [y/n]:y
Checking conditions for downloading to 6.0.2

Ive taken out the rest of what happens, but after the reboot, it comes back up with the new code, and then deletes the old code off the box.  There are options, in that you dont have the delete the old code if you dont want to.  You can also revert back to the old code if you like.
So that is it.  You put an IP address on the management interface, then download the firmware on the box.  It does the rest.