This blog will describe the steps required to configure a Ruckus / Commscope ICX switch to:
Enable web server and login credentials
Upgrade primary and secondary flash code
Connect to a Ruckus "Controller" either Cloud - Unleashed - Smart Zone
Equipment used -
ICX7150-24P-4X10GR - 24x 10/100/1000 PoE+ ports, 2x 1G RJ45 uplink-ports, 4x 10G SFP+ uplink-ports, 370W PoE budget, L3 features (OSPF, VRRP, PIM, PBR)
-MacBook Pro
-Local TFTP server (Transfer)
-Controller Tested using Unleashed but applies to Ruckus Cloud, Smart Zone physical, and virtual controller solutions.
-Serial cable and application (Serial)
At the time of this writing, ICX switches ship with a code version that does not allow management via a controller.
These procedures will be performed using the Command Line Interface (CLI) on the ICX switch. I use a USB-2 to USB-C serial cable to directly connect to the CLI port on the switch's front panel to access the CLI. This cable is shipped with the ICX switch.
If the switch is booted while it is connected to an existing LAN with DHCP, it will pull an IP address, however, the switch will still need to be setup through CLI; the GUI is not accessible yet.
Using a MacBook Pro, connect the provided serial adapter cable directly from the laptop to the serial port on the switch. Once the cable is connected, and the serial terminal application is open, press Enter a few times, and a command prompt should appear. It should look something like this ICX-7150-24P>. You are now in the CLI.
Basic CLI info:
The device CLI prompt has the following access levels:
• User EXEC: This is the level you enter when you first start a CLI session. You can view some system information at this level, but you cannot configure system or port parameters.
Looks like - ICX-7150-24P>
• Privileged EXEC: This level is also called the Enable level and can be secured by a password. You can perform tasks such as managing files on the flash module, saving the system configuration to flash, and clearing caches at this level.
ICX-7150-24P>en - at the default command prompt enter 'en' (enable) to get to the privileged EXEC prompt.
Looks like - ICX-7150-24P#
• CONFIG: The configuration level. This level allows you to configure the system IP address and configure switching and routing features. To access the CONFIG mode, you must already be logged in to the privileged EXEC level.
ICX-7150-24P#config t - enter configure terminal (conf t) to enter configure mode.
Looks like - ICX-7150-24P(config)#
1. Enable web server and login credentials
The following commands will enable access to the switch via the web management interface and set the administrator username and password.
ICX7150-24P Switch> enable
ICX7150-24P Switch#
ICX7150-24P Switch# configure terminal
ICX7150-24P Switch(config)#
Attempting to enable SSL for SCI
ICX7150-24P Switch(config)#crypto-ssl certificate generate
Creating certificate, please wait...
ssl-certificate creation is successful
crypto-ssl certificate generate secret_data
ICX7150-24P Switch(config)#username ruckus password ruckus (enter unique info here)
ICX7150-24P Switch(config)#aaa authentication login default local
ICX7150-24P Switch(config)#aaa authentication web-server default local
ICX7150-24P Switch(config)#write memory
The GUI will now be accessible using the username and password created in this step.
2. Upgrade primary and secondary code flash partitions
Primary flash is the "default boot partition" used each time the switch is booted. It may or may not contain the running code.
Secondary flash is a container that holds a second version of bootable system code. Secondary flash may contain a backup of the current primary or the last known good run version. It is up to the admin what version is contained here.
# Show what code version is contained in both primary and secondary flash.
ICX7150-24P Switch(config)#show flash
Stack unit 1:
Compressed Pri Code size = 23946048, Version:08.0.60T211 (SPS08060.bin)
Compressed Sec Code size = 23946048, Version:08.0.60T211 (SPS08060.bin)
Compressed Boot-Monitor Image size = 786944, Version:10.1.09T225
Code Flash Free Space = 1307017216
# Show the running code version, the version of code that is currently running on the switch.
ICX7150-24P Switch(config)#show version
Copyright (c) 1996-2017 Brocade Communications Systems, Inc. All rights reserved.
UNIT 1: compiled on Feb 17 2017 at 16:03:13 labeled as SPS08060
(23946048 bytes) from Primary SPS08060.bin
SW: Version 08.0.60T211
Compressed Boot-Monitor Image size = 786944, Version:10.1.09T225 (mnz10109)
Compiled on Sat Feb 18 00:15:43 2017
HW: Stackable ICX7150-24-POE
==========================================================================
UNIT 1: SL 1: ICX7150-24P-4X10GR POE 24-port Management Module
Serial #:F??####X??7
Current License: 4X10GR
P-ASIC 0: type B160, rev 11 Chip BCM56160_B0
==========================================================================
UNIT 1: SL 2: ICX7150-2X1GC 2-port 2G Module
==========================================================================
UNIT 1: SL 3: ICX7150-4X10GF 4-port 40G Module
==========================================================================
1000 MHz ARM processor ARMv7 88 MHz bus
8192 KB boot flash memory
2048 MB code flash memory
1024 MB DRAM
STACKID 1 system uptime is 4 hour(s) 8 minute(s) 9 second(s)
The system started at 00:01:40 GMT+00 Sat Jan 01 2000
Info:
UNIT = which unit in the stack - new out of the box will be UNIT 1
SL = Slot 1- is the ETH switch port module
Slot 2- is the ETH Uplink port module
Slot 3- is the optional SFP+ port module
The current code version running on this switch is SPS08060.bin. The minimum version that is required to allow controller management is SPS08090ufi.bin. The version that we ultimately want to run is SPS08091ufi.bin.
Unfortunately, the switch cannot upgrade directly from SPS08060.bin to SPS08091ufi.bin. First, the switch needs to be upgraded to a version that can be converted to a .ufi version. Then it can be upgraded to the final version. This example will require four separate 'upgrades.'
The following process will ensure that there is always a last known good flash version on the switch.
Boot switch to primary flash (default)
Load new firmware in secondary flash
Reload
Confirm switch runs on new code
Load next version in primary flash
Reload
Confirm switch runs on new code
Load final version in secondary flash
Reload
Confirm switch runs on new code
Copy final version from secondary to primary flash
Reload
Confirm switch runs on new code
ICX switches can run either base switch code (SPS) or licensed router code (SPR). The code designation will be in the file name. Download the correct code files from the Ruckus support site. Load files on a local TFTP server. In this example, the TFTP server is on 192.168.100.10.
From 'Privileged EXEC' prompt
ICX7150-24P Switch#copy tftp flash 192.168.100.10 SPS08090.bin secondary
ICX7150-24P Switch#boot system flash secondary yes
ICX7150-24P Switch(config)#show flash
# Confirm switch is running SPS08090.bin
ICX7150-24P Switch#copy tftp flash 192.168.100.10 SPS08090ufi.bin primary
ICX7150-24P Switch#boot system flash primary yes
ICX7150-24P Switch(config)#show flash
# Confirm switch is running SPS08090ufi.bin
ICX7150-24P Switch#copy tftp flash 192.168.100.10 SPS08091ufi.bin secondary
ICX7150-24P Switch#boot system flash secondary yes
ICX7150-24P Switch(config)#show flash # Confirm switch is running SPS08091ufi.bin
# While booted from secondary
ICX7150-24P Switch#Copy flash flash primary
ICX7150-24P Switch(config)#Show flash - primary and secondary should match
ICX7150-24P Switch#write mem
ICX7150-24P Switch#reload
3. Connect to SmartZone Controller
In this example, the SmartZone controller IP is 192.168.100.10. This can be either a physical or virtual SmartZone.
# From 'config' prompt
ICX7150-24P Switch(config)#sz active-list 192.168.100.10
ICX7150-24P Switch#write mem
ICX7150-24P Switch(config)#show sz status
============ SZ Agent State Info ===================
Config Status: None Operation Status: Enabled
State: SZ SSH CONNECTED Prev State: SZ SSH CONNECTING Event: NONE
*******************************************************************************************
Connecting an ICX switch to Ruckus Cloud or Unleashed is done from within the 'controller' management interface.
Next up, switch stacking.
--WirelessKahuna