TP-LINK Smart Switches anyone?



  • @mikeisfly:

    When you connect to switches together via a tagged port (Cisco call it trunk port, but more proper to call it a tagged port) you should not put untagged traffic on the same port. If you have untagged traffic on a tagged port then make sure that both switches have the same pvid on both sides otherwise you will have traffic from one vlan getting onto another.

    I didn't find a way to avoid that. As I wrote, it seems you can't have a port with tagged-only traffic, a PVID must be set. That means you'd have to sacrifice a (dummy) VLAN number to catch the untagged traffic. Not a big problem as you can have up to 512 VLANs simultaneously (on the Smart series).


  • Netgate Administrator

    They can't use VTP since that's a proprietary Cisco protocol. Wikipedia suggests the standards based equivalent is GVRP or MVRP. Neither appear to be supported.  :(

    Steve



  • @stephenw10:

    They can't use VTP since that's a proprietary Cisco protocol. Wikipedia suggests the standards based equivalent is GVRP or MVRP. Neither appear to be supported.  :(

    Steve

    Then next model up, ie, full layer 2 managed switch like TL-3216, do appear to support GVRP.  Haven't read deep enough to see what else you get with those over their 'smart switch' line.  Seems like the TL-SG2216 is pretty capable.



  • Just my experience with GVRP and MVRP, they don't compare to VTP. With that being said VTP can get you in big trouble so it might be a good thing not to have it. Sounds a little crazy that you can't have a port without a pvid but a way to get around that would be not to assign that vlan to that port. On most every switch except Cisco there are a couple of things that you need to know about vlans.

    1. When you add a vlan to a port it can be tagged or untagged.
        a. Tagged is like a trunk port in cisco using the command switchport trunk allowed vlan x only the vlans specified by x will be on the trunk
        b. untagged is like a access port in cisco
    2. You then need to assign a pvid to a port which tells the switch what vlan to put the traffic on when untagged traffic enter that port. The similar command in Cisco would be switchport trunk native vlan x

    Hope this helps :)



  • @robi:

    I didn't find a way to avoid that. As I wrote, it seems you can't have a port with tagged-only traffic, a PVID must be set. That means you'd have to sacrifice a (dummy) VLAN number to catch the untagged traffic. Not a big problem as you can have up to 512 VLANs simultaneously (on the Smart series).

    Can't you just set the PVID to 4095 (the "discard" VLAN)?



  • No because the PVID appears as a dropdown box in the GUI, and it contains only the defined VLANs. Could work in CLI though, but I guess that may cause unpredictable results when looking at the GUI…



  • Here purchased two of the TP-Link Easy switches (24 ports each).

    That said one is mounted inside of a Leviton can which replaced a small 24 port generic switch.

    I haven't had much time to play other than I am over port capacity on the two switches and had to add my old non managed Gb switches back into play (also 24 port).



  • I was looking for a 16port smart switch aswell and ended up getting a Cisco SG300 20 port and have not looked back, I was initially looking at the 200 series but then decided to get the best i could afford. most cisco equipment costs an arm and a leg but surprisingly the SG-200 18 port was cheaper here than most of the 16port competitors(TPlink did not have a gigabit smart switch with the same features available here at the time). Now with the 300 series i got 2 more ports (having 4 uplink ports ontop of the 16 ports i was looking for has been very helpful and gives me more room to grow) and more features than i needed at the time and firmware upgrades keep adding more. The one feature the hp pro-curve had cisco did not was that you could turn off the link LEDs to save power, upgraded the firmware on my cisco before i started using it and the feature was now added.

    Ive had mixed experences with TP-Link equipment, i find that in basic operation it works well but start doing anything complex and performance goes down. You will not get full gigabit thoughput on every port at once but then in a home enviroment do you really need to. if it works for you then great but price up all the options, you might be surprised as i was.



  • @aus_guy:

    I was looking for a 16port smart switch aswell and ended up getting a Cisco SG300 20 port and have not looked back

    I've been looking at it too, but unfortunately the price for it in my area is almost 4x the price of the TL-SG2216. And I needed 2 of them.



  • @robi:

    @aus_guy:

    I was looking for a 16port smart switch aswell and ended up getting a Cisco SG300 20 port and have not looked back

    I've been looking at it too, but unfortunately the price for it in my area is almost 4x the price of the TL-SG2216. And I needed 2 of them.

    The price is way more because the SG300 series is L3. The best comparable would be the SG200 series, which is the L2 series. I guess the one that comes closest is the SG200-18; It will be still more expensive than a TP-Link, but that is what I would consider normal.
    As most of the time; you get what you pay for, and there's rarely such a thing as free lunch.
    FWIW: I'm using a couple SG200 series @home instead of the TL-SG2216 I had previously, and am also very satisfied. But that's not because the TP-link had issues, I just needed other kind of setup over time.

    my €0.02 -> YMMV.  ;)



  • @bennyc:

    @robi:

    @aus_guy:

    I was looking for a 16port smart switch aswell and ended up getting a Cisco SG300 20 port and have not looked back

    I've been looking at it too, but unfortunately the price for it in my area is almost 4x the price of the TL-SG2216. And I needed 2 of them.

    The price is way more because the SG300 series is L3. The best comparable would be the SG200 series, which is the L2 series. I guess the one that comes closest is the SG200-18; It will be still more expensive than a TP-Link, but that is what I would consider normal.
    As most of the time; you get what you pay for, and there's rarely such a thing as free lunch.
    FWIW: I'm using a couple SG200 series @home instead of the TL-SG2216 I had previously, and am also very satisfied. But that's not because the TP-link had issues, I just needed other kind of setup over time.

    my €0.02 -> YMMV.  ;)

    layer 2/3 modes are actually switchable to get MAC based vlans I run mine in layer 2 mode and do the routing in pfsense. However I agree that the 200 series is more comparable to the tl-SG2216. I had budgeted for the SG200-18 but after selling my netgear 8 port for about the difference i could afford the SG300-20, I didn't really need the extra features at the end of the day i like having things to be able to play with but my going upto the best i could afford it also provided a future proof solution. While no one has a crystal ball i advise you to look beyond what you need right now and try and look into what you may need in the future or else the cheaper solution may end up being more expensive when you have to augment it or replace it. Im going through this with my TPlink access point at the moment, i thought it would be ok for what i needed at home but now im finding I just have to bite the bullet and spend the money, doing this twice has costed me more in the long run.

    I certainly know that in the right situation tplink gear can be dead on for price/performance/features, however that use case is small so know what your getting into. same thing goes for any brad/manufacturer.



  • Cisco SG200-18 also costs more than twice of the price of TL-SG2216.

    I've done some further testing with my TL-SG2216 pair, and I must say I'm perfectly satisfied of the results. Soon they will be installed to their final location. I admit that Cisco as a brand is much more respected one than the others - but for my needs, I'll be perfectly fine with my TP-Links. I really don't see the reason to just pay for the brand name, while in my setup they would perform equally well.



  • Yup here I come from using Cisco in a "work" environment; work was an airline for many many years.

    Cisco is embedded/ingrained in my head; it is a good product.

    My PFSense firewall is at home.

    I did initially use Cisco stuff at home; then went to downsizing the stuff to smaller footprint non managed switches, then to unmanaged "el cheapo" Gb switches; then to the TP-Link Managed switches which have worked fine for me.

    I was just looking for a reasonably priced product for my home and that would work with my automation stuff.

    I push the two 24 port switches and they are at port capacity such that I have more switches in place today (well and POE stuff).  I have little Aopen DE's connected to the GB network running XBMC. (well in every room that has an LCD TV).  I have tested all of the streaming HD stuff and they do fine.  I also have some 20 touchscreens connected via Gb connectivity; they have multiple CCTV streaming video streams plus TV streaming and an assortment of other stuff to manage my automation.  I have not broken the two switches yet.  My home is sort of a sandbox and I have filled up about 1/2 of a class c subnet with a variety of connected do whats; well need to go to a full class c as I am running of of IPs.

    I do side stuff stuff related to my hobbies. Helping (well forum moderation) a new company in Taiwan called Securifi which has a neato product that I am playing with called the Almond +.

    This is a plug for the Almond plus as it is a combo router, firewall, Wireless Gb (well AC) and automation touch screen about 4" square and maybe 1.5" thick that talks Zigbee and Z-Wave and wireless automation protocols.

    That said Securifi just installed a few of the TP-Link managed switches in their offices in Taiwan and they are really happy with them.



  • I've got a TL-SG2216 at home, it works fine with pfSense using VLAN's setup with a Trunk to pfSense and my Hyper-V Server, also you can check out a copy of the web interface here http://www.tp-link.com/en/support/emulators/?pcid=204



  • My experience with TP-Link products, not only switches, is that you get what you pay for. Generally it works, but biggest downside is firmware. It tends to be very buggy. I wouldn't use it in any mission critical or business environment, but for home use it's fine and excellent value. Honestly, I don't have much better experience with Cisco small business line of products.



  • @deltix:

    Honestly, I don't have much better experience with Cisco small business line of products.

    Agree with this statement.



  • Yup; here installed one TP-Link 24 port Easy Smart switch inside of a Leviton 42" media cabinet.

    Its quiet, cool and fits nicely inside of my media cabinet.

    The second TP-Link 24 port Easy Smart switch is sitting on a rack and just dedicated to servers and to date has not caused me any issues.

    Personally I see TP-Link pushing on the commercial side and honestly now providing some quality stuff at reasonable prices.

    The above noted I would recommend the TP-Link line of commercial stuff for that typical SOHO office with some 20 or so desktop clients and one server type of environment running on a tight IT budget.


  • Netgate Administrator

    Can you confirm if the Easy Smart range have a webgui? There seemed to references to one in the manual for the 16port version but not the 8port.
    Also you could clear up the original question from this thread: can you do a trunked VLAN connection such that you can use it to get more interfaces with pfSense?

    Steve



  • Can you confirm if the Easy Smart range have a webgui? There seemed to references to one in the manual for the 16port version but not the 8port.

    No cuz I only have the 24 port Easy Smart Switches.

    Thinking I purchased the two of them for less than $150 USD each with free shipping.

    Wow; just looked at the 8 port Easy Smart Switch and features.  Amazing.

    $72 USD is a bit high right now for it.  $50 USD sounds better though.

    I do not see why the OS would be much different than the 24 port Easy Smart Switch.

    Centrally manage all Easy Smart Switches with Easy Smart Configuration Utility

    This offered Easy Smart Configuration Utility looks just like the built in GUI.  (I have played with it).

    It doesn't look though like the GUI is built into the device itself from the description I am reading on the TP-Link Website.

    I prefer to have it built in; especially for a small 8 port managed switch; then again I guess this makes it a bit more secure?

    http://www.tp-link.us/products/details/?categoryid=2878&model=TL-SG108E#over




  • Also you could clear up the original question from this thread: can you do a trunked VLAN connection such that you can use it to get more interfaces with pfSense?

    will do



  • @stephenw10:

    Can you confirm if the Easy Smart range have a webgui? There seemed to references to one in the manual for the 16port version but not the 8port.
    Also you could clear up the original question from this thread: can you do a trunked VLAN connection such that you can use it to get more interfaces with pfSense?

    Yes - it works with pfSense trunked, you can create as many as 512 VLANs in the switch and give them all to pfSense on one interface as tagged packets. In pfSense you can create then virtual interfaces for them. I've tested this successfully with two VLANs.
    That's why I finally bought two TP-Link TL-SG2216. They both are Easy Smart and have webgui and cli interfaces. I'm planning to use about 5-6 VLANs at the beginning.



  • So you guys got me playing this morning with the TP-Link TL-SG1042DE with just the Easysmart GUI interface (no CLI).


  • Netgate Administrator

    @robi:

    That's why I finally bought two TP-Link TL-SG2216. They both are Easy Smart and have webgui and cli interfaces.

    Erm… am I missing something here.  :-\  Forgive me Robi if I am. The TL-SG2216 is not in the Easy Smart range hence it has all the features you might expect from an entry level managed switch like webgui and CLI etc. The Easy Smart, such as the one Pete has, is cut right back to allow them to offer it as cheaply as possible. It appears to me that they are directly competing with Netgears 'Prosafe Plus' range, GS105E, GS108E etc, which offer some entry level management features, including VLANs, but do not have a webgui. You have to use their Windows only utility, boo! If TP-Links competing range does have a webgui then that's a distinct advantage. I huge advantage in my house where I have no Windows boxes.  ;)

    Pete's screenshot appears to show that at least the 24port model does have a webgui. Unfortunately it's the entry level 8 port model I'm most interested in.

    Edit: Or is that a screenshot of the utility?

    Steve



  • Actually the Web GUI on the switch is a bit simpler looking than the management application.

    Yeah from the description it appears that the EasySmart 8 and 16 port switches do not have a built in Web GUI.

    The EasySmart managment application might run in Linux as its Java.

    \TP-LINK\Easy Smart Configuration Utility\jre\lib

    05/25/2014  04:58 PM

    <dir>          .
    05/25/2014  04:58 PM

    <dir>          ..
    05/16/2013  11:38 AM              155 accessibility.properties
    05/16/2013  11:38 AM          123,547 alt-rt.jar
    03/16/2014  02:40 PM

    <dir>          applet
    05/16/2013  11:38 AM            1,232 calendars.properties
    05/16/2013  11:38 AM        3,605,930 charsets.jar
    05/16/2013  11:38 AM            75,075 classlist
    03/16/2014  02:41 PM

    <dir>          cmm
    05/16/2013  11:38 AM            5,483 content-types.properties
    05/16/2013  11:38 AM            4,200 currency.data
    03/16/2014  02:41 PM

    <dir>          deploy
    05/16/2013  11:38 AM        4,230,196 deploy.jar
    03/16/2014  02:41 PM

    <dir>          ext
    05/25/2014  04:58 PM                0 EZ.txt
    05/16/2013  11:38 AM            3,928 flavormap.properties
    05/16/2013  11:38 AM            3,670 fontconfig.bfc
    05/16/2013  11:38 AM            10,479 fontconfig.properties.src
    03/16/2014  02:41 PM

    <dir>          fonts
    03/16/2014  02:41 PM

    <dir>          i386
    03/16/2014  02:41 PM

    <dir>          images
    05/16/2013  11:38 AM                29 javafx.properties
    05/16/2013  11:38 AM          894,198 javaws.jar
    05/16/2013  11:38 AM          109,196 jce.jar
    05/16/2013  11:38 AM          462,133 jfr.jar
    05/16/2013  11:38 AM        15,092,678 jfxrt.jar
    05/16/2013  11:38 AM          580,526 jsse.jar
    05/16/2013  11:38 AM            4,226 jvm.hprof.txt
    05/16/2013  11:38 AM            39,840 launcher.exe
    05/16/2013  11:38 AM            2,455 logging.properties
    03/16/2014  02:41 PM

    <dir>          management
    05/16/2013  11:38 AM              385 management-agent.jar
    05/16/2013  11:38 AM            2,196 meta-index
    05/16/2013  11:38 AM            3,070 net.properties
    05/16/2013  11:38 AM        1,905,758 plugin.jar
    05/16/2013  11:38 AM            2,796 psfont.properties.ja
    05/16/2013  11:38 AM            10,393 psfontj2d.properties
    05/16/2013  11:38 AM        2,466,336 resources.jar
    05/16/2013  11:38 AM        60,008,624 rt.jar
    03/16/2014  02:41 PM

    <dir>          security
    03/16/2014  02:41 PM

    <dir>          servicetag
    05/16/2013  11:38 AM            1,210 sound.properties
    05/16/2013  11:38 AM            8,138 tzmappings
    03/16/2014  02:41 PM

    <dir>          zi</dir>

    </dir>

    </dir>

    </dir>

    </dir>

    </dir>

    </dir>

    </dir>

    </dir>

    </dir>

    </dir>

    </dir>

    </dir>






  • Installed Java and the TP-Link application in Wine on a little tablet I have running Ubuntu 12.10.

    Looks to work fine except its not seeing the switches.

    Never really used Wine before.  I installed the configuration utility using the wine installer.

    Its still not seeing the switches.



  • @pete:

    Installed Java and the TP-Link application in Wine on a little tablet I have running Ubuntu 12.10.

    Looks to work fine except its not seeing the switches.

    Never really used Wine before.  I installed the configuration utility using the wine installer.

    Its still not seeing the switches.

    I don't think you should need Wine at all. Install the java package un Ubuntu as described here (that's jut one way to do it, but you can search for many other installation alternatives), and try to run javaws.jar or othe other .jar files directly. Maybe you could do some little hacking by finding how the launcher.exe is calling the app, you can similarly call it in linux then.



  • @stephenw10:

    The TL-SG2216 is not in the Easy Smart range hence it has all the features you might expect from an entry level managed switch like webgui and CLI etc.

    Oops, sorry indeed. I remember now. On the OP I was also asking whether should I buy an Easy Smart version or a Smart version, and indeed, I finally bought the TL-SG2216 Smart one. The naming of these switch models is so confusing. Almost as worse as Ciscos, lol.

    In my area, the TL-SG1016DE easy smart costs 123USD while the TL-SG2216 smart costs 144 USD. It's worth the 21 bucks difference at 16 ports both, to be platform independent and have CLI too.
    I also have a couple of TL-SG1016 unmanaged dumb swithces (not the'DE' version) - these are the ones I'm going to replace with the TL-SG2216s. The final kick to choose this model was the fact that the TL-SG2216 is exactly the same size (physically - width/height/depth) as the TL-SG1016, so I don't need to replace my special mounting solution in one of the locations. That's just a bonus for me.



  • Thank you guys; this discussion has been enlightening for me.

    Yeah the first test was just to try the management application with Wine.  It does work but doesn't see the switches.  Will try playing around with the jar files as I have java installed on the Ubuntu side of things.

    Here too one TP-Link EasySmart switch was a swap out of another switch in the Leviton media panel.  It does fit just right.  I do have many LV wires running on either side of the switch.  No fan vents help in the mounting of the switch.  The basic EasySmart 24 port switch with just the GUI interface is smaller than the next up version of the switch.  One of the two switches has been up over a year; fully populated and barely warm to the touch.  Most of the volume of traffic is relating to streaming HD stuff from multiple sources to multiple clients (+ 20 touchscreens) plus now some CCTV HD IP traffic. Price was right too.  'bout hitting around the end of that initially installed /25 subnet.  Sort of related I have a similar setup in another location with the cover on the media panel now running for some 4 years 24/7; simple and functional and not seen.



  • One more interesting observation related to TP-Link TL-SG2216.

    Configuration can be backed up and restored from the web interface. The .cfg file generated is nothing else, than a list of cisco-style console commands which build up the functions of the switch. Very sweet. One could edit the file before restoring…
    It contains commands like below:```
    interface gigabitEthernet 1/0/6
      switchport general allowed vlan 222 untagged
      switchport pvid 222
      no switchport general allowed vlan 1


  • Netgate Administrator

    That is interesting. Makes you wonder if it's possible to achieve some configuration that might not be possible via the webgui. Hidden options etc.

    Steve



  • That's what I was thinking too. The complete CLI guide is downloadable in PDF from their site.



  • There's a new firmware available for TL-SG2216. Updating the device automatically restores it to factory default so a double-check is needed that a config backup has been done before the operation. Don't know how the other models behave, but I guess it's similar.

    Unfortunately it also returns to the 192.168.0.1 IP address without gateway set, so if you have to do it remotely make sure you have a telnet-capable machine somewhere connected close, . A good idea would be to keep the default '1' vlan as it is just for management later (keep it as untagged 'native' vlan on the 'trunk' ports between the switches and pfSense), and when it returns to factory defaults, you only need to telnet in, set a default gateway by CLI and you can access the web interface from other networks if that's the case, to restore the config.
    But I think copying the entire contents of the config file to clipboard and pasting it to the telnet window would do the same.

    If 'trunking' vlans to pfSense, as I said above I suggest to keep vlan 1 untagged on that port. In pfSense assign the IP address 192.168.0.254 to the physical port which connects to the switch. This way, you can always telnet in your switch wihout any routing from an SSH window on pfSense.



  • It's worth upgrading, as I see the firmware contains lots of new multicast and IPv6 features (like MLD snooping).



  • http://www.tp-link.com/en/products/details/?categoryid=2878&model=TL-SG108E

    New owner of a TL-SG108E here.

    The device has no way to configure other than windows program.

    The device is currently operating in the following fashion:

    Port 1 is plugged into a Staff router (Asa 5505) - Vlan 1
    Port 2 is plugged into a Public use router (WRT54gV2) - Vlan 50 - PVID 50
    Port 8 is plugged into a Ubiquiti AP - PVID 1 - Public Wifi sent through VLAN 50, Staff through VLAN 1

    I've attached an image.

    If you want to know why this abomination was necessary, read this: http://goo.gl/WTv0ah

    Hopefully this helps with some of the questions presented here.



  • Netgate Administrator

    Well at least that's an answer to the earlier question, there is no web interface on the cheapest model. Disappointing.

    Steve



  • You don't have to buy the cheapest one, really. Price difference is very minimal - pfSense's average user base should really avoid the cheapest models because they are not intended as target market for them.


  • Netgate Administrator

    That's certainly true for many but not everyone. One thing that makes pfSense, and its community, different from other projects is the very widely varying user base. Some are using it to replace $10K commercial routers and others with hardware gathered from scrap. The latter group are often asking about the cheapest way to add interfaces and using VLANs can be that especially as VLAN capable switches become ever cheaper.
    Netgear seem to be threatening to put a webgui on their GS105e so that may remain the cheapest and easiest way to add VLANs.

    Steve



  • @robi:

    You don't have to buy the cheapest one, really. Price difference is very minimal - pfSense's average user base should really avoid the cheapest models because they are not intended as target market for them.

    As a smart man once said, "Nobody puts Baby in a corner."  :)

    $30 for vlan support could come in handy for a number of situations. In my case, it is just a stop gap. I wont feel bad about it going unused later on because it was so cheap.



  • I agree, but in that case, it's unfair to be disappointed that there's no CLI or webif available for it.


  • Netgate Administrator

    That's true. Doesn't stop me hoping to be pleasantly surprised though.  ;)

    Steve


Log in to reply