Web Managed Switch Recommendations? (USED)
I didn't think this was appropriate in the Hardware section since it is not pfSense specific.
I was wondering what your experienced recommendations were for an entry-level (semi)-managed switch?
I just picked up a TP-Link SG-108E to get access to VLANs, but it is getting (what seems to me like) a lot >1% of "Bad Rx Packets" on VLAN tagged ports.
I'm all for buying used networking gear to get quality stuff at a discount.
Looking for:
All full duplex gigabit ports
Supports 802.1Q VLANs
Web/GUI managed (or CLI if it is very well documented for beginners) just not looking to learn switch CLI for my home network
L2 (L3 switch doesn't seem necessary for a small home network and I'd like something pretty cheap)
Some PoE would be a big plus
~8 ports
Preferably passively cooled, definitely very quiet if active cooling
Can be had used for <$75, the cheaper the better
Obviously the TP-Link SG-108E fits the bill other than PoE, but I'm betting there's something better out there that can be had for cheap if bought used.
" lot >1% of "Bad Rx Packets" on VLAN tagged ports"
And why are you blaming that on the switch? Where are you seeing this exactly?
I'm guessing it's the switch but could certainly be wrong.
When I enable 802.1Q VLANs I see bad Rx Packets on the ports using VLANs, if I disable them then no more bad Rx Packets.
I'm seeing this on the switch WebGUI. It's inter-LAN traffic so (as I understand it) isn't even being seen by pfSense.
So far what looks like the best used switch in the price range is the Zyxel GS1900-8HP using RTL8380M-CG.
Anyone have any experience or thoughts on these?
EDIT: I also could not get LACP LAG working on this switch, it's very possible I screwed it up but it doesn't seem very complicated?
Per your other thread.. I ordered that same switch - and will be able to duplicate your config in a couple of days. I really doubt your issues are related to that switch.. But will see for myself in a few days once the switch shows up.
But if your looking for a higher end switch to get.. I love my cisco sg300, and would highly recommend it. Or you could go with their new 350 line.. Or if your using unifi AP, why not get their switches.. You can get a 8 port for $99 NEW from from unifi..
Or poe for 110$
https://store.ubnt.com/collections/routing-switching/products/unifi-switch-8-60w-betaOr for 200$ you can get the 16 porter that does full poe, even their 24 volt passive
https://store.ubnt.com/collections/routing-switching/products/unifi-switch-8-150wI have their switches on my list of new toys to buy ;)
I wouldn't be surprised if his NICs are sending baby giant frames. I have Intel NICs and HP switch and I never had to set jumbo-frames when enabling VLAN tagging and still able to send 1500byte IP datagrams without fragmentation, which was unexpected. Anyway, if the NICs are sending 1508 byte frames and the switch is not expecting anything past 1500, frame errors.
Thank you for the recommendations!
I'm looking to get something used for <$75.
Anyone know anything about these?
There are some available in my area for $50-60.
how many ports do you want/need for your $75 price point? You can get a brand unifi 8 port gig for 100$
Ideally 8 gigabit ports, web gui managed with at least some Poe.
I'm not entirely sure if it meets your requirements but I (a humble home user) use these:
Netgear GS110TP and GS108Tv2
I got my tplink switch last night, plugged it in this morning.. Not seeing any rx bad packets, but have not connected my AP to it yet. I put it on my wlan 20, but it is a bit concerning that you can not remove vlan 1 from ports. I don't think its anything you can not work around - but I think it means that the management IP is listening on any vlan that is untagged. So while if you change the pvid of a port you would be able to hit the management IP from any port on the switch.. Not really a security concern in a home or smb, etc. but would be an issue in a enterprise setup for sure.
I want to make sure there is no cross traffic being seen on other ports, etc. I changed the pvid of each port to 20.. So even if I send vlan 1 traffic to the switch it should not be seen on any of the ports since their pvid is 20. So it should not send say vlan 1 broadcast traffic to those ports even though its according to the web gui in vlan 1 untagged and vlan 20 untagged.
I have a theory that the rxbadpkts your seeing my be tagged packets for a vlan that is not setup on the switch - be easy enough to test once I hook up a AP to it tonight.
Interesting, I found other users posting on forums that they had issues with the switch and VLANs.
The only VLANs I have configured on my AP are the two VLANs I configured on the switch?
Any thoughts on this?
a lot of PoE and seems pretty cheap.
So just moved one of my AP to the tplink switch.. And yeah showing bad pkts on both the uplink to my other switch (port 1) and the AP port 4..
Hmmm.. Now to figure out what it is marking as the bad packets..
Very interesting, thank you again for taking your time to check this out!
I did not see any issues with any of my traffic on this switch.. It just seems to be cosmetic.. I think its marking tagged packets as bad or something but just passing them on anyway.
Seems to have been a cosmetic issue going all the way back to 2015.. V1 of the hardware.
http://forum.tp-link.com/showthread.php?83046-High-RxBadPkt-on-TL-SG108EThis weekend I can do some more testing, the lack of being able to remove vlan 1 from a port just seems wrong. But not like you can't work with it. vlan 1 is nothing but an untagged vlan, doesn't really matter what the ID of that vlan is if untagged ;) So in your network it could be any other vlan ID since its untagged.
I will connect a device to one of the ports and generate a specific number of tagged packets and see if matches up to the counter for rxbadpkt..
Well, I ultimately ended up spending a bit more and replacing my TPlink with a Zyxel GS1900-8HP (rev. B1). It was at the top of several review lists, has a lot of features and seems to be regularly maintained by zyxel.
Youtube Video$99 got me
70W PoE over all 8 ports
A whole lot more management options than the TPlink (apparently it even supports CLI if you prefer that).
No more errors with VLANs and AP's
Port security features
(haven't tried LACP yet but will tonight or tomorrow, that didn't work on the TPlink but might just have been my fault.)As far as packet errors go, it doesn't seem to have any errors although it does show a LOT more info about packets and I haven't found a list defining all of these things yet.
Port 3 Interface mib Counters ifInOctets 193064453 ifInUcastPkts 1040622 ifInNUcastPkts 25277 ifInDiscards 0 ifOutOctets 3580667467 ifOutUcastPkts 2662483 ifOutNUcastPkts 42464 ifOutDiscards 0 ifInMulticastPkts 13033 ifInBroadcastPkts 12244 ifOutMulticastPkts 40423 ifOutBroadcastPkts 2041 Port 3 Etherlike mib Counters dot3StatsAlignmentErrors 0 dot3StatsFCSErrors 0 dot3StatsSingleCollisionFrames 0 dot3StatsMultipleCollisionFrames 0 dot3StatsDeferredTransmissions 0 dot3StatsLateCollisions 0 dot3StatsExcessiveCollisions 0 dot3StatsFrameTooLongs 0 dot3StatsSymbolErrors 0 dot3ControlInUnknownOpcodes 0 dot3InPauseFrames 0 dot3OutPauseFrames 0 Port 3 RMON mib Counters etherStatsDropEvents 0 etherStatsOctets 193064453 etherStatsPkts 1065899 etherStatsBroadcastPkts 12244 etherStatsMulticastPkts 13033 etherStatsCRCAlignErrors 0 etherStatsUnderSizePkts 0 etherStatsOverSizePkts 913897 etherStatsFragments 0 etherStatsJabbers 0 etherStatsCollisions 0 etherStatsPkts64Octets 87730 etherStatsPkts65to127Octets 851661 etherStatsPkts128to255Octets 18500 etherStatsPkts256to511Octets 21092 etherStatsPkts512to1023Octets 18395
If your going to spend 100$ and you have unifi AP why would you not just have gotten the unifi switch? Even though looks like nice price point and way more features than the tplink stuff, looks to support syslog and snmp and lldp.. Nice..
This is weekend was Derby - so didn't get to do anything on the switch.. But sure just looks to be cosmetic errors is all.. Have seen zero issue with anything..
I'll second the Cisco SG300/500 lineā¦..Have several hundred of them in our network and little to no issues.