TP-LINK Smart Switches anyone?



  • Can you confirm if the Easy Smart range have a webgui? There seemed to references to one in the manual for the 16port version but not the 8port.

    No cuz I only have the 24 port Easy Smart Switches.

    Thinking I purchased the two of them for less than $150 USD each with free shipping.

    Wow; just looked at the 8 port Easy Smart Switch and features.  Amazing.

    $72 USD is a bit high right now for it.  $50 USD sounds better though.

    I do not see why the OS would be much different than the 24 port Easy Smart Switch.

    Centrally manage all Easy Smart Switches with Easy Smart Configuration Utility

    This offered Easy Smart Configuration Utility looks just like the built in GUI.  (I have played with it).

    It doesn't look though like the GUI is built into the device itself from the description I am reading on the TP-Link Website.

    I prefer to have it built in; especially for a small 8 port managed switch; then again I guess this makes it a bit more secure?

    http://www.tp-link.us/products/details/?categoryid=2878&model=TL-SG108E#over




  • Also you could clear up the original question from this thread: can you do a trunked VLAN connection such that you can use it to get more interfaces with pfSense?

    will do



  • @stephenw10:

    Can you confirm if the Easy Smart range have a webgui? There seemed to references to one in the manual for the 16port version but not the 8port.
    Also you could clear up the original question from this thread: can you do a trunked VLAN connection such that you can use it to get more interfaces with pfSense?

    Yes - it works with pfSense trunked, you can create as many as 512 VLANs in the switch and give them all to pfSense on one interface as tagged packets. In pfSense you can create then virtual interfaces for them. I've tested this successfully with two VLANs.
    That's why I finally bought two TP-Link TL-SG2216. They both are Easy Smart and have webgui and cli interfaces. I'm planning to use about 5-6 VLANs at the beginning.



  • So you guys got me playing this morning with the TP-Link TL-SG1042DE with just the Easysmart GUI interface (no CLI).


  • Netgate Administrator

    @robi:

    That's why I finally bought two TP-Link TL-SG2216. They both are Easy Smart and have webgui and cli interfaces.

    Erm… am I missing something here.  :-\  Forgive me Robi if I am. The TL-SG2216 is not in the Easy Smart range hence it has all the features you might expect from an entry level managed switch like webgui and CLI etc. The Easy Smart, such as the one Pete has, is cut right back to allow them to offer it as cheaply as possible. It appears to me that they are directly competing with Netgears 'Prosafe Plus' range, GS105E, GS108E etc, which offer some entry level management features, including VLANs, but do not have a webgui. You have to use their Windows only utility, boo! If TP-Links competing range does have a webgui then that's a distinct advantage. I huge advantage in my house where I have no Windows boxes.  ;)

    Pete's screenshot appears to show that at least the 24port model does have a webgui. Unfortunately it's the entry level 8 port model I'm most interested in.

    Edit: Or is that a screenshot of the utility?

    Steve



  • Actually the Web GUI on the switch is a bit simpler looking than the management application.

    Yeah from the description it appears that the EasySmart 8 and 16 port switches do not have a built in Web GUI.

    The EasySmart managment application might run in Linux as its Java.

    \TP-LINK\Easy Smart Configuration Utility\jre\lib

    05/25/2014  04:58 PM

    <dir>          .
    05/25/2014  04:58 PM

    <dir>          ..
    05/16/2013  11:38 AM              155 accessibility.properties
    05/16/2013  11:38 AM          123,547 alt-rt.jar
    03/16/2014  02:40 PM

    <dir>          applet
    05/16/2013  11:38 AM            1,232 calendars.properties
    05/16/2013  11:38 AM        3,605,930 charsets.jar
    05/16/2013  11:38 AM            75,075 classlist
    03/16/2014  02:41 PM

    <dir>          cmm
    05/16/2013  11:38 AM            5,483 content-types.properties
    05/16/2013  11:38 AM            4,200 currency.data
    03/16/2014  02:41 PM

    <dir>          deploy
    05/16/2013  11:38 AM        4,230,196 deploy.jar
    03/16/2014  02:41 PM

    <dir>          ext
    05/25/2014  04:58 PM                0 EZ.txt
    05/16/2013  11:38 AM            3,928 flavormap.properties
    05/16/2013  11:38 AM            3,670 fontconfig.bfc
    05/16/2013  11:38 AM            10,479 fontconfig.properties.src
    03/16/2014  02:41 PM

    <dir>          fonts
    03/16/2014  02:41 PM

    <dir>          i386
    03/16/2014  02:41 PM

    <dir>          images
    05/16/2013  11:38 AM                29 javafx.properties
    05/16/2013  11:38 AM          894,198 javaws.jar
    05/16/2013  11:38 AM          109,196 jce.jar
    05/16/2013  11:38 AM          462,133 jfr.jar
    05/16/2013  11:38 AM        15,092,678 jfxrt.jar
    05/16/2013  11:38 AM          580,526 jsse.jar
    05/16/2013  11:38 AM            4,226 jvm.hprof.txt
    05/16/2013  11:38 AM            39,840 launcher.exe
    05/16/2013  11:38 AM            2,455 logging.properties
    03/16/2014  02:41 PM

    <dir>          management
    05/16/2013  11:38 AM              385 management-agent.jar
    05/16/2013  11:38 AM            2,196 meta-index
    05/16/2013  11:38 AM            3,070 net.properties
    05/16/2013  11:38 AM        1,905,758 plugin.jar
    05/16/2013  11:38 AM            2,796 psfont.properties.ja
    05/16/2013  11:38 AM            10,393 psfontj2d.properties
    05/16/2013  11:38 AM        2,466,336 resources.jar
    05/16/2013  11:38 AM        60,008,624 rt.jar
    03/16/2014  02:41 PM

    <dir>          security
    03/16/2014  02:41 PM

    <dir>          servicetag
    05/16/2013  11:38 AM            1,210 sound.properties
    05/16/2013  11:38 AM            8,138 tzmappings
    03/16/2014  02:41 PM

    <dir>          zi</dir>

    </dir>

    </dir>

    </dir>

    </dir>

    </dir>

    </dir>

    </dir>

    </dir>

    </dir>

    </dir>

    </dir>

    </dir>






  • Installed Java and the TP-Link application in Wine on a little tablet I have running Ubuntu 12.10.

    Looks to work fine except its not seeing the switches.

    Never really used Wine before.  I installed the configuration utility using the wine installer.

    Its still not seeing the switches.



  • @pete:

    Installed Java and the TP-Link application in Wine on a little tablet I have running Ubuntu 12.10.

    Looks to work fine except its not seeing the switches.

    Never really used Wine before.  I installed the configuration utility using the wine installer.

    Its still not seeing the switches.

    I don't think you should need Wine at all. Install the java package un Ubuntu as described here (that's jut one way to do it, but you can search for many other installation alternatives), and try to run javaws.jar or othe other .jar files directly. Maybe you could do some little hacking by finding how the launcher.exe is calling the app, you can similarly call it in linux then.



  • @stephenw10:

    The TL-SG2216 is not in the Easy Smart range hence it has all the features you might expect from an entry level managed switch like webgui and CLI etc.

    Oops, sorry indeed. I remember now. On the OP I was also asking whether should I buy an Easy Smart version or a Smart version, and indeed, I finally bought the TL-SG2216 Smart one. The naming of these switch models is so confusing. Almost as worse as Ciscos, lol.

    In my area, the TL-SG1016DE easy smart costs 123USD while the TL-SG2216 smart costs 144 USD. It's worth the 21 bucks difference at 16 ports both, to be platform independent and have CLI too.
    I also have a couple of TL-SG1016 unmanaged dumb swithces (not the'DE' version) - these are the ones I'm going to replace with the TL-SG2216s. The final kick to choose this model was the fact that the TL-SG2216 is exactly the same size (physically - width/height/depth) as the TL-SG1016, so I don't need to replace my special mounting solution in one of the locations. That's just a bonus for me.



  • Thank you guys; this discussion has been enlightening for me.

    Yeah the first test was just to try the management application with Wine.  It does work but doesn't see the switches.  Will try playing around with the jar files as I have java installed on the Ubuntu side of things.

    Here too one TP-Link EasySmart switch was a swap out of another switch in the Leviton media panel.  It does fit just right.  I do have many LV wires running on either side of the switch.  No fan vents help in the mounting of the switch.  The basic EasySmart 24 port switch with just the GUI interface is smaller than the next up version of the switch.  One of the two switches has been up over a year; fully populated and barely warm to the touch.  Most of the volume of traffic is relating to streaming HD stuff from multiple sources to multiple clients (+ 20 touchscreens) plus now some CCTV HD IP traffic. Price was right too.  'bout hitting around the end of that initially installed /25 subnet.  Sort of related I have a similar setup in another location with the cover on the media panel now running for some 4 years 24/7; simple and functional and not seen.



  • One more interesting observation related to TP-Link TL-SG2216.

    Configuration can be backed up and restored from the web interface. The .cfg file generated is nothing else, than a list of cisco-style console commands which build up the functions of the switch. Very sweet. One could edit the file before restoring…
    It contains commands like below:```
    interface gigabitEthernet 1/0/6
      switchport general allowed vlan 222 untagged
      switchport pvid 222
      no switchport general allowed vlan 1


  • Netgate Administrator

    That is interesting. Makes you wonder if it's possible to achieve some configuration that might not be possible via the webgui. Hidden options etc.

    Steve



  • That's what I was thinking too. The complete CLI guide is downloadable in PDF from their site.



  • There's a new firmware available for TL-SG2216. Updating the device automatically restores it to factory default so a double-check is needed that a config backup has been done before the operation. Don't know how the other models behave, but I guess it's similar.

    Unfortunately it also returns to the 192.168.0.1 IP address without gateway set, so if you have to do it remotely make sure you have a telnet-capable machine somewhere connected close, . A good idea would be to keep the default '1' vlan as it is just for management later (keep it as untagged 'native' vlan on the 'trunk' ports between the switches and pfSense), and when it returns to factory defaults, you only need to telnet in, set a default gateway by CLI and you can access the web interface from other networks if that's the case, to restore the config.
    But I think copying the entire contents of the config file to clipboard and pasting it to the telnet window would do the same.

    If 'trunking' vlans to pfSense, as I said above I suggest to keep vlan 1 untagged on that port. In pfSense assign the IP address 192.168.0.254 to the physical port which connects to the switch. This way, you can always telnet in your switch wihout any routing from an SSH window on pfSense.



  • It's worth upgrading, as I see the firmware contains lots of new multicast and IPv6 features (like MLD snooping).



  • http://www.tp-link.com/en/products/details/?categoryid=2878&model=TL-SG108E

    New owner of a TL-SG108E here.

    The device has no way to configure other than windows program.

    The device is currently operating in the following fashion:

    Port 1 is plugged into a Staff router (Asa 5505) - Vlan 1
    Port 2 is plugged into a Public use router (WRT54gV2) - Vlan 50 - PVID 50
    Port 8 is plugged into a Ubiquiti AP - PVID 1 - Public Wifi sent through VLAN 50, Staff through VLAN 1

    I've attached an image.

    If you want to know why this abomination was necessary, read this: http://goo.gl/WTv0ah

    Hopefully this helps with some of the questions presented here.



  • Netgate Administrator

    Well at least that's an answer to the earlier question, there is no web interface on the cheapest model. Disappointing.

    Steve



  • You don't have to buy the cheapest one, really. Price difference is very minimal - pfSense's average user base should really avoid the cheapest models because they are not intended as target market for them.


  • Netgate Administrator

    That's certainly true for many but not everyone. One thing that makes pfSense, and its community, different from other projects is the very widely varying user base. Some are using it to replace $10K commercial routers and others with hardware gathered from scrap. The latter group are often asking about the cheapest way to add interfaces and using VLANs can be that especially as VLAN capable switches become ever cheaper.
    Netgear seem to be threatening to put a webgui on their GS105e so that may remain the cheapest and easiest way to add VLANs.

    Steve



  • @robi:

    You don't have to buy the cheapest one, really. Price difference is very minimal - pfSense's average user base should really avoid the cheapest models because they are not intended as target market for them.

    As a smart man once said, "Nobody puts Baby in a corner."  :)

    $30 for vlan support could come in handy for a number of situations. In my case, it is just a stop gap. I wont feel bad about it going unused later on because it was so cheap.



  • I agree, but in that case, it's unfair to be disappointed that there's no CLI or webif available for it.


  • Netgate Administrator

    That's true. Doesn't stop me hoping to be pleasantly surprised though.  ;)

    Steve



  • I bought a TL-SG2424 and finally got several vlan's setup and working using the web gui only. Robi's posts helped me figure out what I was doing wrong.

    To help others I am posting the steps which worked for me.

    Setup vlan/s on pfsense. There are many tutorials on how to accomplish this task, so I will not cover that.

    Plug cable from pfsense into port #1

    Login using the default

    1.  VLAN –> 802.1Q --> Create  a new vlan

    2.  Enter VLAN ID number and description.
                  Select the ports which will be members of the vlan. Include port #1
                  Click on Apply to create the vlan

    3.  In the top of the web page, click on Port Config
                  Select port #1. Change "Link Type" to General
                Click on Apply

    4.  In the VLAN table, select your newly created vlan, click on Edit
                  Change Egress type of port #1 to TAG
                  Click on Apply

    5.  Save Config

    Now, connecting an ethernet cable to any of the ports assigned to that vlan will provide an ip address for that VLAN

    To create a second VLAN repeat steps 1, 2 & 4

    Traffic for VLAN 2 will now flow to the designated ports for that VLAN.

    After creating my first VLAN, I went to System --> System Info --> System IP
    Changed the Management VLAN and IP address to match. Doing this allows me to manage the switch from my LAN.



  • I enabled yesterday SNMP on the 2216 switch, and got very nice graphs for each interface in my munin-monitoring system.

    On the switch, all I had to do is enabled SNMP in the web interface, on the "SNMP Community" tab added a new read-only community with the name "public" and that's all.

    On the system running munin, it was as simple as running```
    munin-node-configure --shell --snmp switch_name | sh

    
    Added to /etc/munin/munin.conf an entry like this:```
    [switch_name]
        address 127.0.0.1
        use_node_name no
    ```and restarted the munin-node service.
    
    Getting great graphs with traffic and errors for each interface, netstat and switch uptime. Each measured parameter has detailed description and current port speed specified. This all works with Munin version 2.0.19-2 out of the box, and the default standard SNMP MIBs from the system (Ubuntu 12.04). From TP-Link's website extra MIBs can be downloaded for the switch which allow for polling even more details from the device, but I didn't try those out yet.


  • Another yummy feature I just noticed is that if you add descriptions to the interfaces on the switch, they will appear as graph titles in Munin.



  • @robi:

    I agree, but in that case, it's unfair to be disappointed that there's no CLI or webif available for it.

    You can use the config software with any JRE enabled system (Pure Java). See info at http://pastebin.com/DwB4uaPR

    These switches don't have any internal CPU to execute a server (like CLI, Web, etc.) or execute monitoring tasks (like STP), just the plain switch silicon. The software only set/get register from the internal switch silicon… like home routers do with the internal hardware switch (with tools like swconfig, http://wiki.openwrt.org/doc/techref/swconfig=). No more, no less!  ;)



  • Hi,

    We use in the company I work in about 10 Smart switches TL-SG2424  and even non manage 48 port for over a year and haven't had any issues regards performance and stability.
    They are cheep and cheer-full.

    VLANs are fine and working with pfSense for us no problem.



  • dumb tp-link switches are:

    | | idle | load |
    | TL-SL2218WEB | 6 W | 8 W |
    | TL-SG1024 | 8 W | 8 W |
    | TL-SG1016D green | 6 W | 8 W |

    source: http://diit.cz/clanek/spotreba-porovnani-zaver

    TL-SG1016DE is max 12.55W (220V/50Hz) (source: tech. spec)

    but what is the TL-SG2216 power consumption, can you measure it?



  • +1 for robi, you have pretty much saved my life with that excellent explanation about vlan setup on the TP Link.
    Mine's a TL-SL2428 and I couldn't figure out how to setup the trunk port.
    Even the manual didn't help.
    With your guide I was up running in minutes after hours of fiddling.

    Also, as you stated, I have left the default vlan as empty as possible.
    I've changed the switch management vlan so it will be less vulnerable.

    Cheers.



  • Cheers!  ;)

    But keep in mind that if you do later a firmware upgrade, it's going to return to factory defaults, with all ports and management in VLAN1 and factory IP address. To save from headaches if you want to upgrade remotely, I suggested to keep the default IP address range on VLAN1, and leave VLAN1 as default on the trunks, and also leave the management in VLAN1. That way, if you need to upgrade from remote location, after it reboots with factory defaults, all you have to do is telnet in, set the new IP address and gateway, and bang! you're able to restore the config without having to move from your seat.


  • LAYER 8 Netgate

    @robi:

    Cheers!  ;)

    But keep in mind that if you do later a firmware upgrade, it's going to return to factory defaults

    Quality gear.



  • Life is always full of compromises. For that price, a 32GBps switch with SFP ports and all gigabit copper ports, it's worth the compromise.

    I wouldn't say they are of bad quality - got a pair of TL-SG2216s running for almost 4 months now without any single issue. And I must say, software bugs are present in much more expensive gear too - just remember the openssl heartbleed vulnerability… Many like Juniper or Cisco simply took it for free and incorporated it as it way in gear worthing 10s of 1000s of dollars...


  • LAYER 8 Netgate

    I wouldn't call resetting to factory defaults on every firmware upgrade a bug.


  • Netgate Administrator

    A feature then?  ;)

    Steve



  • Thanks for the insights, much appreciated.
    I was wondering, what is the behavior of the TP Link switch with both tagged and untagged traffic?

    Lets say, we create two vlans 10 and 20.
    Select vlan 10 and configure port 5 untagged and 16 tagged so it behavious as a trunk.
    On the same port, traffic arrives tagged with vlan 20.
    What will happen?

    • packet is dropped because it is tagged and port is set for untagged
    • packet is accepted but the tag is stripped and it gets the vlan 10 tag
    • packet is accepted and will be forwarded to the port with vlan 20 tag

    In essence, is it possible to configure the port for both tagged and untagged packets by selecting the vlan?

    Related to this is the second question.
    Let's say that apart from the pfsense box on port 16, I would like a file server on port 15.
    Logically the clients have to have access to both Internet and file server.
    Is it correct that we can configure "two trunk ports" by tagging port 16 and 15 for the corresponding vlan?

    Cheers.


  • LAYER 8 Netgate

    In both cases the frame should be dropped because the port is not configured to service VLAN 20, tagged or untagged.

    There are typically three different configurations for a switchport with regard to VLANs:

    1  untagged, or access port - traffic arriving on the port is placed on the configured VLAN.  Traffic for the VLAN is sent out the port with the tag stripped (untagged).  If the switch does anything with received tagged traffic it should drop it.  Else it should strip the tag and place it on the access VLAN.

    2. tagged, or trunk port - traffic arriving on the port should be tagged with a configured VLAN else dropped.  It's possible to configure a port to accept traffic for any VLAN.  Traffic for a configured VLAN on the port is sent out with the VLAN tag intact (tagged).  Traffic received for an unconfigured VLAN should be dropped.

    3. hybrid, or general, or dual-mode port.  Behaves like a tagged/trunk port except a Primary VLAN (PVID) is configured.  Untagged traffic received by the port is placed on the primary VLAN.  Tagged traffic for configured tagged VLANs is processed like a trunk port.  Traffic for configured VLANs is sent out the port with the VLAN ID intact (tagged) except for traffic on the Primary VLAN.  The switch strips the VLAN tag for the PVID before transmitting and sends it untagged.

    In my limited experience, you will be happier in the long run as your network grows if you stick with method 1 or 2, and should only resort to method 3 if absolutely necessary.



  • Thanks for the explanation.
    The PVID stands for Primary Vlan ID or Port Vlan ID?
    It appears TP-Link has their own definitions.

    Cheers.


  • LAYER 8 Netgate

    @Escorpiom:

    Thanks for the explanation.
    The PVID stands for Primary Vlan ID or Port Vlan ID?

    Primary VLAN ID.

    It appears TP-Link has their own definitions.

    Cheers.

    Why am I not surprised.



  • Sorry but I should rectify something.
    Elsewhere on this board I posted about my experience with TP-Link switches and the Gb port changing to 100Mbit sometimes.
    It appears now that the switch is not at fault, but the Ubuntu drivers for my server's Marvell nic.

    A few weeks ago there was a kernel update for Ubuntu 14.04.1 and since then the connection to the switch has been stable at Gb speeds.
    I hate it when a product gets a bad rap due to issues that are unrelated. So here's the correction.

    Cheers.



  • TP-Link Smart switches got a firmware update recently, v1.0.4 Build 20140811 Rel.50404(s). Changes:

    1. Improved stability of the system;
      2. Optimized management of Memory usage."

    Updating from v1.0.3 to v1.0.4 didn't require a settings restore anymore. Tested on two TL-SG2216 boxes.


Log in to reply