TP-LINK Smart Switches anyone?
-
There's a new firmware available for TL-SG2216. Updating the device automatically restores it to factory default so a double-check is needed that a config backup has been done before the operation. Don't know how the other models behave, but I guess it's similar.
Unfortunately it also returns to the 192.168.0.1 IP address without gateway set, so if you have to do it remotely make sure you have a telnet-capable machine somewhere connected close, . A good idea would be to keep the default '1' vlan as it is just for management later (keep it as untagged 'native' vlan on the 'trunk' ports between the switches and pfSense), and when it returns to factory defaults, you only need to telnet in, set a default gateway by CLI and you can access the web interface from other networks if that's the case, to restore the config.
But I think copying the entire contents of the config file to clipboard and pasting it to the telnet window would do the same.If 'trunking' vlans to pfSense, as I said above I suggest to keep vlan 1 untagged on that port. In pfSense assign the IP address 192.168.0.254 to the physical port which connects to the switch. This way, you can always telnet in your switch wihout any routing from an SSH window on pfSense.
-
It's worth upgrading, as I see the firmware contains lots of new multicast and IPv6 features (like MLD snooping).
-
http://www.tp-link.com/en/products/details/?categoryid=2878&model=TL-SG108E
New owner of a TL-SG108E here.
The device has no way to configure other than windows program.
The device is currently operating in the following fashion:
Port 1 is plugged into a Staff router (Asa 5505) - Vlan 1
Port 2 is plugged into a Public use router (WRT54gV2) - Vlan 50 - PVID 50
Port 8 is plugged into a Ubiquiti AP - PVID 1 - Public Wifi sent through VLAN 50, Staff through VLAN 1I've attached an image.
If you want to know why this abomination was necessary, read this: http://goo.gl/WTv0ah
Hopefully this helps with some of the questions presented here.
-
Well at least that's an answer to the earlier question, there is no web interface on the cheapest model. Disappointing.
Steve
-
You don't have to buy the cheapest one, really. Price difference is very minimal - pfSense's average user base should really avoid the cheapest models because they are not intended as target market for them.
-
That's certainly true for many but not everyone. One thing that makes pfSense, and its community, different from other projects is the very widely varying user base. Some are using it to replace $10K commercial routers and others with hardware gathered from scrap. The latter group are often asking about the cheapest way to add interfaces and using VLANs can be that especially as VLAN capable switches become ever cheaper.
Netgear seem to be threatening to put a webgui on their GS105e so that may remain the cheapest and easiest way to add VLANs.Steve
-
You don't have to buy the cheapest one, really. Price difference is very minimal - pfSense's average user base should really avoid the cheapest models because they are not intended as target market for them.
As a smart man once said, "Nobody puts Baby in a corner." :)
$30 for vlan support could come in handy for a number of situations. In my case, it is just a stop gap. I wont feel bad about it going unused later on because it was so cheap.
-
I agree, but in that case, it's unfair to be disappointed that there's no CLI or webif available for it.
-
That's true. Doesn't stop me hoping to be pleasantly surprised though. ;)
Steve
-
I bought a TL-SG2424 and finally got several vlan's setup and working using the web gui only. Robi's posts helped me figure out what I was doing wrong.
To help others I am posting the steps which worked for me.
Setup vlan/s on pfsense. There are many tutorials on how to accomplish this task, so I will not cover that.
Plug cable from pfsense into port #1
Login using the default
1. VLAN –> 802.1Q --> Create a new vlan
2. Enter VLAN ID number and description.
Select the ports which will be members of the vlan. Include port #1
Click on Apply to create the vlan3. In the top of the web page, click on Port Config
Select port #1. Change "Link Type" to General
Click on Apply4. In the VLAN table, select your newly created vlan, click on Edit
Change Egress type of port #1 to TAG
Click on Apply5. Save Config
Now, connecting an ethernet cable to any of the ports assigned to that vlan will provide an ip address for that VLAN
To create a second VLAN repeat steps 1, 2 & 4
Traffic for VLAN 2 will now flow to the designated ports for that VLAN.
After creating my first VLAN, I went to System --> System Info --> System IP
Changed the Management VLAN and IP address to match. Doing this allows me to manage the switch from my LAN. -
I enabled yesterday SNMP on the 2216 switch, and got very nice graphs for each interface in my munin-monitoring system.
On the switch, all I had to do is enabled SNMP in the web interface, on the "SNMP Community" tab added a new read-only community with the name "public" and that's all.
On the system running munin, it was as simple as running```
munin-node-configure --shell --snmp switch_name | shAdded to /etc/munin/munin.conf an entry like this:``` [switch_name] address 127.0.0.1 use_node_name no ```and restarted the munin-node service. Getting great graphs with traffic and errors for each interface, netstat and switch uptime. Each measured parameter has detailed description and current port speed specified. This all works with Munin version 2.0.19-2 out of the box, and the default standard SNMP MIBs from the system (Ubuntu 12.04). From TP-Link's website extra MIBs can be downloaded for the switch which allow for polling even more details from the device, but I didn't try those out yet. -
Another yummy feature I just noticed is that if you add descriptions to the interfaces on the switch, they will appear as graph titles in Munin.
-
I agree, but in that case, it's unfair to be disappointed that there's no CLI or webif available for it.
You can use the config software with any JRE enabled system (Pure Java). See info at http://pastebin.com/DwB4uaPR
These switches don't have any internal CPU to execute a server (like CLI, Web, etc.) or execute monitoring tasks (like STP), just the plain switch silicon. The software only set/get register from the internal switch silicon… like home routers do with the internal hardware switch (with tools like swconfig, http://wiki.openwrt.org/doc/techref/swconfig=). No more, no less! ;)
-
Hi,
We use in the company I work in about 10 Smart switches TL-SG2424 and even non manage 48 port for over a year and haven't had any issues regards performance and stability.
They are cheep and cheer-full.VLANs are fine and working with pfSense for us no problem.
-
dumb tp-link switches are:
| | idle | load |
| TL-SL2218WEB | 6 W | 8 W |
| TL-SG1024 | 8 W | 8 W |
| TL-SG1016D green | 6 W | 8 W |source: http://diit.cz/clanek/spotreba-porovnani-zaver
TL-SG1016DE is max 12.55W (220V/50Hz) (source: tech. spec)
but what is the TL-SG2216 power consumption, can you measure it?
-
+1 for robi, you have pretty much saved my life with that excellent explanation about vlan setup on the TP Link.
Mine's a TL-SL2428 and I couldn't figure out how to setup the trunk port.
Even the manual didn't help.
With your guide I was up running in minutes after hours of fiddling.Also, as you stated, I have left the default vlan as empty as possible.
I've changed the switch management vlan so it will be less vulnerable.Cheers.
-
Cheers! ;)
But keep in mind that if you do later a firmware upgrade, it's going to return to factory defaults, with all ports and management in VLAN1 and factory IP address. To save from headaches if you want to upgrade remotely, I suggested to keep the default IP address range on VLAN1, and leave VLAN1 as default on the trunks, and also leave the management in VLAN1. That way, if you need to upgrade from remote location, after it reboots with factory defaults, all you have to do is telnet in, set the new IP address and gateway, and bang! you're able to restore the config without having to move from your seat.
-
Cheers! ;)
But keep in mind that if you do later a firmware upgrade, it's going to return to factory defaults
Quality gear.
-
Life is always full of compromises. For that price, a 32GBps switch with SFP ports and all gigabit copper ports, it's worth the compromise.
I wouldn't say they are of bad quality - got a pair of TL-SG2216s running for almost 4 months now without any single issue. And I must say, software bugs are present in much more expensive gear too - just remember the openssl heartbleed vulnerability… Many like Juniper or Cisco simply took it for free and incorporated it as it way in gear worthing 10s of 1000s of dollars...
-
I wouldn't call resetting to factory defaults on every firmware upgrade a bug.
