For the full recording of this webinar please go to https://youtu.be/HRWv128Ps90 or visit purdi.com for more information on Purdicom

1. CommScope RUCKUS
ICX Configuration Webinar
Alex Claro
Solutions Architect

2. Agenda
• Ruckus ICX Switching Overview
• Q&A with Live Demo
Please feel free to ask questions as we go
This is an interactive format
2

3. CommScope RUCKUS
ICX Switching Overview
3

4. 44
Price/Performanc
e
Function and Scalability
Price/Performance
ICX 7250
Access
ICX 7450
Access-Aggregation
ICX 7750
Aggregation-Core
ICX 7150
Entry-Level Access
PoE/PoE+ or non-PoE
ICX 7150 Z-Series
High Availability
Multi-gigabit (2.5 GbE)
ICX 7650
Premium
Access-Aggregation
Access
Aggregation/Core
ICX 7850
Premium Aggregation-Core
+ Higher Performance
+ L3: VRF/GRE
+ EEE
+ Higher Performance
+ Hot-swap PSU & Fans
+ L3: IPv4/IPv6, Multicast
+ 1G Aggregation
+ Highest Performance
+ Campus Fabric CB
+ MCT
+ 10G/40G Aggregation
+ Medium-to-Large Core
+ Higher Performance
+ 40G/100G Uplinks
+ Multigigabit 2.5/5/10G
+ 10G Aggregation
+ Highest Performance
+ Campus Fabric
+ MCT
+ 10G/25G/40G/100G
Aggregation
+ 6.4 Tbps Switching
Capacity
Ruckus ICX 7000 Switch Portfolio – Overview

5. Traditional Core and Access Layers
Access
Core
Aggregation
Problems:
• Complex network
architecture, with too
many layers and inactive
links
• Many points of
management
• High upfront and
maintenance costs
• Underutilized chassis
• Forklift upgrades only

6. Collapsed Core & Aggregation
Access
Core
Aggregation
Core &
Aggregation
Benefits:
• Lower up-front capital
investment
• Scale-out, “pay as you
grow” networking
• Increased scalability
• Distributed chassis with
long distance stacking
• Reduced power, cooling
and footprint

7. Collapsed Access Layer
Benefits:
• Scale-out, “pay as you
grow” networking
• Greater scalability
• Flexible network
deployment options
• Lower power
consumption
Access
Aggregation
Core &
Aggregation

8. Campus Fabric
• Collapses multiple network layers into a single logical switch
• Flattens the network
• Eliminating deployment complexity
• Simplifies network management
• Spanning-Tree free design
• Creates large management domain
• Eliminates individual switch touch points
• Reduces configuration errors
• Manage over 1700 ports via one switch
• Combines premium and
entry-level switches together
into a single logical switch
• Shares advanced Layer 2 and
Layer 3 (L2/L3) services

9. 9
• Providing switch level redundancy in addition to
the link level redundancy provided by LAGs
• Provides an active-active connection of connected
devices for increased capacity and forwarding
• Expands the features of LAGs by:
• Eliminates single point of failure
• Integrated loop detection
• Easy deployment without fundamentally changing
the existing architecture
• Sub second failure detection and allocation of traffic
• Currently supported on ICX 7750 and 7850
Multi-Chassis Trunking

10. ICX Stacking Advantages
10
• Standard DAC Cables / SFP Modules (not
proprietary)
• Long-distance stacking—Up to 40 km
• Up to 12 units per stack
• In Service Software Upgrade (ISSU)
• Hitless failover of management
• Simple setup and deployment
• Guided step-by-step walkthrough
• Zero Touch provisioning
• No additional cost
• No optional modules required
• No dedicated stacking-only ports
• No license add-on required
Why Do You Care?
• Greater scalability
• Reduced costs
• Stacking cables
• Stacking modules/licenses
• Simpler management
• Flexible deployment
• High availability

11. Long Distance Stacking
11
• In a Ruckus distributed chassis topology, members are physically
separated
• Distance between stacking members depends on the platform and type of
media used and can be up to 40Km
11

12. ICX 7450 IPsec VPN Module
• 1 module per switch
• Multiple modules per stack for redundancy
(1 active per stack)
• Hardware assisted AES-128, AES-256 and IKEv2
encryption
• Up to 100 tunnels per module
• IPSec Support
• 10Gbps total throughput, max 10G per tunnel
• FIPS certification and Suite-B compliant
• Interoperates with any standard IPsec
implementation
12

13. IPsec VPN Use Case 1
13
ICX 7450 stacks in wiring closet
with IPSec Service Module
Community A IPSec tunnel
Campus Network
Community C IPSec tunnel
Community B IPSec tunnel Headquarters Office:
IPSec Termination
Path isolation in a campus network for communities of interest

14. IPsec VPN Use Case 2
14
ICX 7450 stacks in branch offices; IPSec termination in central office
IPSec
tunnel
Branch Offices:
ICX 7450 stacks with
IPSec Service Module
Public Network
IPSec
tunnel
IPSec
tunnel
Branch offices need to access resources
in central site securely
Central Office:
IPSec
Termination
IPSec tunnel enables secure
connectivity from branch to
private or public clouds

15. Virtual Router Redundancy Protocol Enhanced
• VRRP is a standard protocol that provides the ability to provide IP
gateway redundancy for edge devices
• Secondary routers will monitor and take over routing if master gateway fails
• VRRP-E is a Ruckus enhanced version of VRRP that addresses the
limitations in the standard protocol
• Features VRRP-E provide over standard:
• Default gateway is always pingable
• Even when master gateway fails secondary routers will respond to ICMP requests
• More granular control of trunk port management
• Unlike the standard, multiple trunk ports (uplinks) can be monitored
• Provides the ability to configure a failover when a threshold has been reached
• Additional security is available allowing MD5 authentication
15

16. ICX Guide Zip Package
• Grouping of the most common documentation for the ICX family of switches
supporting the given release
• Documents are broken into logical guides providing details on a specific subject
• Examples:
• Layer 2 features
• Command References
• Security
• Stacking
• Monitoring
• Management
• Release notes along with a Feature Support Matrix are included
• Release notes are independent of the zip filea
16

17. Licensing
• Software licensing provides increased scalability and rapid deployment of
hardware
• Permanent license can be ordered pre-installed in a Ruckus device
• Ordered separately after delivery
• Self-Authenticated Upgrade Licensing provides a “pay-as-you-grow” capabilities
• SAU licensing allows you to upgrade or downgrade to a licensed feature set with a single
command
• License options include:1
• Ports on Demand (PoD)
• Layer 3 Base Features (L3-BASE)
• L3 Premium Features (L3 PREM)
• Media Access Control Security (Prem-MACsec)
17

18. Q&A
Based on your recently
submitted questions
18

19. “Is it all CLI or is there a web
GUI?”

21. “Interested to see what the Virtual
SmartZone can do and how you
would configure/manage them”

22. “Please showcase the new
feature in the latest SmartZone
release”

23. “Interested in PF/ZP switches”

24. ICX-7150-48PF ICX-7150-48ZPVS
• 4x SFP+ Ports
• 48x 10/100/1000 PoE+ Ports
• Single Power Supply
• 740Watt PoE Capable
• Fixed Fans
• 8x SFP+ Ports
• 16x Multi-Gig Ports / 802.3bt / PoH
• 32x 10/100/1000 PoE+ Ports
• Redundant Power Supplies
• 1480Watt PoE Capable
• Hot Swappable Fans

25. “How does it compare against
Netgear HP and Cisco?”

26. “I would like to know about the
firmware upgrade process.”

27. “Can you stack different
models in the same range?”

28. “General instruction on how to
configure ICX products”

29. “Do you have a demo of what the
ICX configuration will look like
when supported on the Cloud?”

31. “How do I configure port
channel LACP on switch ports?”

32. LACP Port Channel Configuration
Configuration
lag [LAG NAME] dynamic id [ID Number]
ports ethernet [Interface ID] to [Interface ID]
You can then treat the interface as a normal
port, for example should you wish to tag all
VLANs
Interface lag [LAG ID]
vlan-config add all-tagged
Example
lag lacp-lag dynamic id 10
ports ethernet 1/1/1 to 1/1/2
Interface lag 10
vlan-config add all-tagged

33. “Can you configure a Voice
VLAN using LLDP”

34. Voice VLAN using LLDP
Configuration
Configuration
lldp run
lldp med network-policy application voice tagged vlan XX priority 7 dscp 46 ports ethernet
1/1/1 to 1/1/2
lldp med network-policy application voice-signaling tagged vlan XX priority 7 dscp 26
ports ethernet 1/1/1 to 1/1/2

35. “Can QoS be set for VOIP”

36. QoS Configuration
Configuration
interface ethernet 1/1/1 to 1/1/2
voice vlan xx
Trust dscp

37. “Can the configuration to be
visible by unleashed software”

38. “What is the difference in
configuration between ICX 7150
and ICX 7250 switches”

39. “Will the latest versions obtain an
IP address on an ethernet network
out of the box, or do they require
console config”

40. “By default, can a DHCP-obtained
address on an ICX (router-facing)
port be accessible from any other
port on the same ICX?”

41. “What is the difference
between the switch firmware
ufi and non-ufi”

42. Unified Firmware Image Upgrade
Unified FastIron Image (UFI) was introduced in 08.0.80 which simplifies the
upgrade process of ICX switches
Combines both the FastIron application image and boot code along with the FI
signature
Application image also now includes the PoE firmware
From 08.0.80, it is now possible to update all the necessary software components in
a setup using one command
The UFI is recommended for all image upgrades
Provides redundant bootrom
A stack can be upgraded using a UFI bundle, and all stack members are also
upgraded
The manifest Image will use the UFI to upgrade images in future releases

43. “What’s the benefits of having
Ruckus switches & AP’s?
Features, benefits, performance
and/or troubleshooting tools?”

44. Thank you for watching
44
If you have any questions or would like to speak to us about
RUCKUS products, drop us an email to: ruckus@purdi.com