Tag Archives: switch

Brocade Switch Type Matrix

I recently performed an inventory of all of our Brocade switches and stumbled upon this list of switch types that allows you to identify the Brocade model number.  Simply go to http:///SwitchInfo.html, do a search for “switchType” in the report, and compare that number to the table below to identify your model.

12

3900

2 Gb 32-port switch

16

3200

2 Gb 8-port value line switch

21

24000

2 Gb 128-port core fabric switch

26

3850

2 Gb 16-port switch with switch limit

27

3250

2 Gb 8-port switch with switch limit

29

4012

2 Gb 12-port Blade Server SAN I/O Module

34

200E

2 Gb 16-port switch with switch limit

37

4020

2 Gb 20-port Blade Server SAN I/O Module

43

4024

4 Gb 24-port Blade Server SAN I/O Module

44

4900

4 Gb 64-port switch

45

4016

2 Gb 16-port Blade Server SAN I/O Module

51

4018

2 Gb 16/18-port Blade Server SAN I/O Module

61

4424

2 Gb 24-port Blade Server SAN I/O Module

62

DCX

8 Gb 798-port core fabric backbone

64

5300

8 Gb 80-port switch

66

5100

8 Gb 40-port switch

67

Encryption Switch

8 Gb 16-port encryption switch

70

5410

8 Gb 12-port Blade Server SAN I/O Module

71

300

8 Gb 16-port switch

72

5480

8 Gb 24-port Blade Server SAN I/O Module

73

5470

8 Gb 20-port Blade Server SAN I/O Module

75

M5424

8 Gb 24-port Blade Server SAN I/O Module

77

DCX-4S

8 Gb 192-port core fabric backbone

83

7800

8 Gb 16-FC ports, 6 GbE ports extension switch

86

5450

8 Gb 26-port Blade Server SAN I/O Module

87

5460

8 Gb 26-port Blade Server SAN I/O Module

92

VA-40FC

8 Gb 40-port switch

109

6510

16 Gb 48-port switch

117

6547

16 Gb 48-port Blade Server SAN I/O Module

118

6505

16 Gb 24-port switch

120

DCX 8510-8

16 Gb 512-port core fabric backbone

121

DCX 8510-4

16 Gb 256-port core fabric backbone

124

5430

8 Gb 16-port Blade Server SAN I/O Module

125

5431

8 Gbit 16-port stackable switch module

129

6548

16 Gb 28-port Blade Server SAN I/O Module

130

M6505

16 Gbit 24-port Blade Server SAN I/O Module

133

6520

16 Gb 96-port switch

134

5432

8 Gb 24-port Blade Server SAN I/O Module

148

7840

16 Gb 24-FC ports, 16 10GbE ports, 2 40GbE ports extension switch

Advertisements

Disabling Telnet on Brocade Switches

We were recently directed by audit requirements to disable telnet access on all of our brocade switches.  We’re going to use ssh only for remote access.   The steps for disabling telnet aren’t obvious although it’s not difficult to do.  I’ve outlined two different procedures below for disabling telnet on FOS, as it’s different if you’re running an FOS version below 5.3.x.

Commands for disabling telnet for ipv4 and ipv6

For FOS 5.3.x and above:

You cannot change the default filter sets,  you have to clone the default_ipv4 and default_ipv6 to new sets.  While logged on to the switch using ssh enter the following command:

ipfilter –clone BlockPort23 -from default_ipv4 ipfilter –clone BlockPort23ipv6 -from default_ipv6

A filter set is built on a list of numbered rules.   You need to verify the number of the rule for the telnet port (23). This can be done with this command:

ipfilter –show  

The default rule for telnet is 2.

The next step is to delete the old rule and create a new one.  Change the -rule 2 to the appropriate rule number from the previous step, if needed.

ipfilter –delrule BlockPort23 -rule 2

ipfilter –delrule BlockPort23ipv6 -rule 2

ipfilter –addrule BlockPort23 -rule 2 -sip any -dp 23 -proto tcp -act deny

ipfilter –addrule BlockPort23ipv6 -rule 2 -sip any -dp 23 -proto tcp -act deny

Next you need to save the new filter set and activate it:

ipfilter –save BlockPort23 ipfilter –save BlockPort23ipv6

ipfilter –activate BlockPort23 ipfilter –activate BlockPort23ipv6

Now all traffic on port 23 is blocked.  You can verify it by typing in  ipfilter –show again:

Name: BlockPort23ipv6, Type: ipv6, State: active
Rule    Source IP                               Protocol   Dest Port   Action
1     any                                            tcp       22     permit 
2     any                                            tcp       23     deny 
3     any                                            tcp      897     permit 
4     any                                            tcp      898     permit 
5     any                                            tcp      111     permit 
6     any                                            tcp       80     permit 
7     any                                            tcp      443     permit 
8     any                                            udp      161     permit 
9     any                                            udp      111     permit 
10    any                                            udp      123     permit 
11    any                                            tcp      600 - 1023     permit 
12    any                                            udp      600 - 1023     permit 

For FOS 5.2.x and below:

It’s a bit simpler for the older FOS versions.  Simply type “configure” at the prompt, type yes for system services, then ‘off’ for telnetd.

switchname:admin> configure
Not all options will be available on an enabled switch. To disable the switch, use the “switchDisable” command.
Configure…
  System services (yes, y, no, n): [no] y
    rstatd (on, off): [off]
    rusersd (on, off): [off]
    telnetd (on, off): [on] off
    ssl attributes (yes, y, no, n): [no]
   http attributes (yes, y, no, n): [no]
   snmp attributes (yes, y, no, n): [no]
   rpcd attributes (yes, y, no, n): [no]
   cfgload attributes (yes, y, no, n): [no]
   webtools attributes (yes, y, no, n): [no]