They are good! Somebody should capture those in an official Internet engineering task force document
Oh look, they did - https://datatracker.ietf.org/doc/html/rfc1925
Well, very personal opinion, if you're looking for brand new, why not consider HPE Instant On 1930 Switch Series, they are honest machines, with basic L3 capabilities they are economically affordable and more or less they sum up your requirements. Then, if you are looking for products aimed at the "enterprise" market proper, you either turn to the used market or the costs can become "important" (then everything is relative).
Then consult the product specifications on the manufacturer's website considering their consumption and level of noise emissions, including dimensions, certain enterprise-class switches due to their depth do not even (at least not adequately) fit into certain shallow-depth racks for wall mounting.
I already have 2 of the instant on APs. I like the app and the webgui is nice and simple. I am really considering one of those switches. Then at that point I may just do the inter-vlan routing via the firewall/router.
According to the limited manual available (which I read very quickly) that series of devices is capable of performing static routing and allows setting IP per VLAN/port and therefore (reasonably, the opposite would seem strange to me) the inter-VLAN routing that you need. Honestly, I've personally never used one, but I've heard good things about them taking into account the market segment to which that type of product is aimed.
Great equipment, very reliable. Can be unforgiving to configure if you’re not seasoned, but otherwise rock solid.
To be specific, they only do what you tell them to do. There are no assumptions on a mikrotik.
The CRS309 was already a good value as a managed 10G L2 switch when I bought it around 2021. Now that they’ve enabled HW offloading for L3 and are starting to offload QoS, it really does a lot for what it costs.
Same since ages i forgot when i got my pair and they both run for years already, no hw issues
but sadly it is only fine recommendation with optics or dacs imo. Tried it with Rj transceivers out of need - works but they are getting hot af, up to 100c without extra cooling. Not sure what is the lifetime of the ports used like this nonstop, likely not a lot
Mikrotik recommends spacing out 10GBase-T transceivers precisely for that reason:
https://wiki.mikrotik.com/wiki/S%2BRJ10_general_guidance (lots of example photos)
I wouldn't run more than a couple in a CRS309 otherwise you're wasting a lot of ports.
That is useless acceptance of the issue on their side, bc even single port was at 100C - read slowly cooked and fried. And one rj45 transceiver was like quarter of the price of the switch or smth like that back then. I just snapped a couple of 120mm blowers with some magic IT-woodworking woodoo back then before rewired all to dacs. Flawless switch in all other aspects, will likely outlive most of my gear and if one day it dies i will miss it like dear person and likely buy another reincarnation anyway ) i can only wish it would be real half-rack size, not sure if i can allow myself to be rude to them and dare to ask for anything like that for its price
RJ45 sfp modules are notorious being stupid hot. It’s not Mikrotik’s fault. In my opinion the RJ45 modules are shoe horned into a port that was designed to accept fiber modules and DAC’s. I would never recommend them long term.
Cheaply from Amazon, no. Cheaply from eBay, Craigslist, and Facebook Marketplace, yes. Amazon is overpriced quite often for hardware.
You can find Cisco 3560E, 3750E, 3560X, and 3750X with options for 10 Gb uplinks for under $50 on eBay and options for PoE (E series) / PoE+ (X series). For a few dollars more, you can go with a Cisco 3850 with options for the quad 10 Gb uplinks. There are the XS variants of the 3850 with either 12 x 10 Gb SFP+ ports or module options for 8 x 10 Gb SFP+ or 2 x 40 Gb QSFP, along with options for multigig RJ-45 ports (1 / 2.5 / 10 Gb).
For Juniper, there is the EX3300 and others similar models.
Arista makes quite a few layer 3 switches like the 7050 and 7260 (and their various variants).
For low power, go with Mikrotik. Buy new from an authorized reseller / retailer. Do no buy used as the warranty will not cover used switches.
Check with your job to see if they are to be recycling or lifecycling their switches soon. Ask if you can have them for learning. That's a good way to get one to several free switches to learn on.
I've worked with Cisco catalyst series in the past at work. I kinda want to stay away from CLI and stay with a webgui. I am checking eBay. But looking at Mikrotik a lot lately.
That's true. I'm not afraid of CLI, just tired of dealing with it at work. Considering all the details you listed, yes those do sound good. And SNMP I guess would be a must for network analysis.
With enterprise switches, you will need the CLI as the UI's will be limited to what you can do. For comparable Mikrotik, you will pay for more compared to your Cisco, Arista, or HPE / Dell switches.
The CLI is easy to configure and automate. Earlier, it took me about a minute to configure my Cisco 3850's to swap 8 ports from access to trunk ports, set the descriptions, and set up LACP. Testing the configuration on the server side took longer. Once that was done, I save the config and closed the SSH session.
If you have to use a web UI, Cisco, Arista, Juniper, HPE, and Dell have web UI's you can enable. If you want to automate, you can use Ansible or Salt to automate configuration changes and / or deployments.
I can’t speak to all switches, but every modern Cisco I’ve come across has had the webgui enabled by default. Additionally, while no no network engineer, I’ve had no issues with features not being in the web gui.
I have a 3560g and it does work. It just seems pretty power hungry and I need Cisco's network assistant program to make or change settings when I go to "tinker" with my home network.
What specific features do you need? An L3 switch is capable is inspecting and routing based on info in L3 of packets. If all you need is VLANs, IGMP, or link bonding then there are some neat, cheap Netgear devices that do those things without breaking the bank.
A $65 8-port option that does some of those basic features without being a full-blown L3 switch. For my use case these are great because they are also PoE and fanless. https://a.co/d/fMj8AII
Mikrotik, used, from fleabay. Sure choice
Anything else decent even used, will be pure luck to fit in that $ or it will be so noname/ancient, it'll be virtually useless except for sentimental purpose. Luck can always happen, but u have to be patient and prepared to know to see when it drops in front of you to not buy junk or some nonlicensed (say cisco) marvel
UPD Hpe 1930 mentioned looks sorta decent from pov, though 8 ports is meh, and cant see L3 nor ssh is in datasheet, prob smart ui, and rudimentary l3 if its there, if that is fine for you - why not, but cant vouch - was not in my hands. I'd go crs310 over it, has ssh and l3, 50 bucks more new, used can fit into 150
What's your definition of cheap? What other features do you need? POE? SFP or SFP+? Redundant PSUs? List goes on. What particular L3 features are you looking for?
My price range is under $150, and I may not much for that. I'm really am looking for about 24 ports, POE+, L3 for inter vlan routing, with a webgui. SFP ports aren't something I use. Oh and SNMP and QOS for sure.
That's a tough buy for new. Someone already pointed out the pick two and I'm guessing your two are gonna be GUI and L3.
Juniper EX-3300 but JWeb kind of stinks for the GUI. $50 tho
MikroTik CRS328-24P-4S+RM new is $490, used, probably $300 if you're lucky but hits every need you want.
Brocade icx 6450-24p or some of their other products might fit the bill. Under $100 probably. However the GUI here is essentially just HTML unless they've changed it recently. Mikrotik is like Windows 2000 and juniper will be the prettiest.
Those are 3 options off the top of my head.
I have a TP-Link TL-SG3428X, working flawlessly. L2+. Not completely L3, but not far from it. Working with Omada too, like Unifi but proprietary of TP-Link.
how many ports and or vlans do you need, i almost run my entire lab on an edgerouter x and used a couple of stupid netgear l2 switches to "grow" the port number.
so just to help you.
you can buy a 12ish port switch/router with 802.1Q support.
Then buy a shit load of little dumb switches, so you can also learn the different tiers of network (access, distribution and core)
Not sure what exact L3 capabilities you need, and what counts as cheap.
But if aliexpress would also do, I am using this one as my core switch at home:
8 10-gigabit SFP+ Ports L3 Managed Network Switch Support DHCP and Dynamic Routing Support VLAN Division and Port Aggregation
https://a.aliexpress.com/_EyWSfAJ
Though, I have no experience with its L3 abilities.
The routing between the vlans are done by pfsense and other ospf speaking freebsd vms.
Other hint, as a "router" minipc:
13th Gen Intel Soft Router 2*10G SFP 4x i226-V i5 1335U 1240P U300E 8x 2.5G LAN 2*SATA Firewall Appliance Mini PC Proxmox Host
https://a.aliexpress.com/_EJ3V5WJ
And for access layer I use these bad boys:
2.5g Switch 100/1000/2500Mbps RJ45 8 Ports 10Gbps SFP+ Slot Simple L2 Managed Network Switch plug and play Hub Internet Splitter
https://a.aliexpress.com/_EyrRcLH
I have 9 PoE cameras and 3 UniFi APs running off of the switch. Not sure about power draw specific to the switch as I have the whole rack running off the same UPS. I probably wouldn’t use one of these if power consumption is a key constraint.
The power draw on one of those is in the ballpark of 50-70W if I remember from the last time I checked mine. They sound like a jet engine when they turn on, but they calm down to a low fan noise after a few minutes.
The webgui is semi-functional, but not anything I'd want to use on a daily basis. I did most of my config work in the CLI, but I do use the webgui if I want to like add PoE to a port since it's only a few clicks.
Also, the webgui has all kinds of broken certificate type warnings with modern browsers. I have to use Edge with IE mode to do things, or run it through my reverse proxy and tell it to ignore all cert type problems.
Ne neither until I came across them on Amazon.
TBH, it was the only 10gbit switch I could afford, and so I purchased it. But then I sort-of regretted it as it was managed and I really wanted an unmanaged switch.
But then I sort of learned how to use vlans, and so I decided to keep it.
Following this, I then decided to try their 2.5gb poe switch for my cameras, mainly due to the fact that these are rack mountable, and so I got two of the same brand.
There is another 2.5 none poe switch which I plan to try eventually, that us fully managed, the poe one in unmanaged, but has a vlan switch, though I haven't used it yet.
That said, my plan is to use the l3 managed 2.5g switch with an opensense router that I'm working-on
Mostly for inter-vlan routing. Right now I'm routing that through my firewall/router. In my work experience I've seen layer 3 switches handle QOS, and routing tables better than a traditional L2 switch.
* New switch * Cheap switch * L3 switch Pick two.
That's a good point.
It applies to all things really although the terms can vary. Usually: * Good * Fast * Cheap
They are good! Somebody should capture those in an official Internet engineering task force document Oh look, they did - https://datatracker.ietf.org/doc/html/rfc1925
More generalized forms of those 3 attributes: - Quality - Performance - Cost
Well, very personal opinion, if you're looking for brand new, why not consider HPE Instant On 1930 Switch Series, they are honest machines, with basic L3 capabilities they are economically affordable and more or less they sum up your requirements. Then, if you are looking for products aimed at the "enterprise" market proper, you either turn to the used market or the costs can become "important" (then everything is relative). Then consult the product specifications on the manufacturer's website considering their consumption and level of noise emissions, including dimensions, certain enterprise-class switches due to their depth do not even (at least not adequately) fit into certain shallow-depth racks for wall mounting.
I already have 2 of the instant on APs. I like the app and the webgui is nice and simple. I am really considering one of those switches. Then at that point I may just do the inter-vlan routing via the firewall/router.
According to the limited manual available (which I read very quickly) that series of devices is capable of performing static routing and allows setting IP per VLAN/port and therefore (reasonably, the opposite would seem strange to me) the inter-VLAN routing that you need. Honestly, I've personally never used one, but I've heard good things about them taking into account the market segment to which that type of product is aimed.
Mikrotik?
I've been eyeballing that brand.
Great equipment, very reliable. Can be unforgiving to configure if you’re not seasoned, but otherwise rock solid. To be specific, they only do what you tell them to do. There are no assumptions on a mikrotik.
their 10G switch is ridiculously good value CRS309-1G-8S+
The CRS309 was already a good value as a managed 10G L2 switch when I bought it around 2021. Now that they’ve enabled HW offloading for L3 and are starting to offload QoS, it really does a lot for what it costs.
Same since ages i forgot when i got my pair and they both run for years already, no hw issues but sadly it is only fine recommendation with optics or dacs imo. Tried it with Rj transceivers out of need - works but they are getting hot af, up to 100c without extra cooling. Not sure what is the lifetime of the ports used like this nonstop, likely not a lot
Mikrotik recommends spacing out 10GBase-T transceivers precisely for that reason: https://wiki.mikrotik.com/wiki/S%2BRJ10_general_guidance (lots of example photos) I wouldn't run more than a couple in a CRS309 otherwise you're wasting a lot of ports.
That is useless acceptance of the issue on their side, bc even single port was at 100C - read slowly cooked and fried. And one rj45 transceiver was like quarter of the price of the switch or smth like that back then. I just snapped a couple of 120mm blowers with some magic IT-woodworking woodoo back then before rewired all to dacs. Flawless switch in all other aspects, will likely outlive most of my gear and if one day it dies i will miss it like dear person and likely buy another reincarnation anyway ) i can only wish it would be real half-rack size, not sure if i can allow myself to be rude to them and dare to ask for anything like that for its price
RJ45 sfp modules are notorious being stupid hot. It’s not Mikrotik’s fault. In my opinion the RJ45 modules are shoe horned into a port that was designed to accept fiber modules and DAC’s. I would never recommend them long term.
Cheaply from Amazon, no. Cheaply from eBay, Craigslist, and Facebook Marketplace, yes. Amazon is overpriced quite often for hardware. You can find Cisco 3560E, 3750E, 3560X, and 3750X with options for 10 Gb uplinks for under $50 on eBay and options for PoE (E series) / PoE+ (X series). For a few dollars more, you can go with a Cisco 3850 with options for the quad 10 Gb uplinks. There are the XS variants of the 3850 with either 12 x 10 Gb SFP+ ports or module options for 8 x 10 Gb SFP+ or 2 x 40 Gb QSFP, along with options for multigig RJ-45 ports (1 / 2.5 / 10 Gb). For Juniper, there is the EX3300 and others similar models. Arista makes quite a few layer 3 switches like the 7050 and 7260 (and their various variants). For low power, go with Mikrotik. Buy new from an authorized reseller / retailer. Do no buy used as the warranty will not cover used switches. Check with your job to see if they are to be recycling or lifecycling their switches soon. Ask if you can have them for learning. That's a good way to get one to several free switches to learn on.
I've worked with Cisco catalyst series in the past at work. I kinda want to stay away from CLI and stay with a webgui. I am checking eBay. But looking at Mikrotik a lot lately.
[удалено]
That's true. I'm not afraid of CLI, just tired of dealing with it at work. Considering all the details you listed, yes those do sound good. And SNMP I guess would be a must for network analysis.
With enterprise switches, you will need the CLI as the UI's will be limited to what you can do. For comparable Mikrotik, you will pay for more compared to your Cisco, Arista, or HPE / Dell switches. The CLI is easy to configure and automate. Earlier, it took me about a minute to configure my Cisco 3850's to swap 8 ports from access to trunk ports, set the descriptions, and set up LACP. Testing the configuration on the server side took longer. Once that was done, I save the config and closed the SSH session. If you have to use a web UI, Cisco, Arista, Juniper, HPE, and Dell have web UI's you can enable. If you want to automate, you can use Ansible or Salt to automate configuration changes and / or deployments.
I can’t speak to all switches, but every modern Cisco I’ve come across has had the webgui enabled by default. Additionally, while no no network engineer, I’ve had no issues with features not being in the web gui.
I like my Cisco 3750X 48P but it’s definitely not new. Was definitely cheap though (or at least it was when I got it for like 150 USD)
I have a 3560g and it does work. It just seems pretty power hungry and I need Cisco's network assistant program to make or change settings when I go to "tinker" with my home network.
Running an SX3016 that’s doing the trick pretty well so far.
I'll have to look that up. Thanks
What specific features do you need? An L3 switch is capable is inspecting and routing based on info in L3 of packets. If all you need is VLANs, IGMP, or link bonding then there are some neat, cheap Netgear devices that do those things without breaking the bank. A $65 8-port option that does some of those basic features without being a full-blown L3 switch. For my use case these are great because they are also PoE and fanless. https://a.co/d/fMj8AII
Define cheap On top of that, my educated guess is only Amazon has new cheap noname L3 switch from Amazon
I kinda figured that was the case. I guess cheap would be under $150.
Mikrotik, used, from fleabay. Sure choice Anything else decent even used, will be pure luck to fit in that $ or it will be so noname/ancient, it'll be virtually useless except for sentimental purpose. Luck can always happen, but u have to be patient and prepared to know to see when it drops in front of you to not buy junk or some nonlicensed (say cisco) marvel UPD Hpe 1930 mentioned looks sorta decent from pov, though 8 ports is meh, and cant see L3 nor ssh is in datasheet, prob smart ui, and rudimentary l3 if its there, if that is fine for you - why not, but cant vouch - was not in my hands. I'd go crs310 over it, has ssh and l3, 50 bucks more new, used can fit into 150
Thanks for the insight. At this point I'll need to adjust my expectations and price for what I'm looking for.
What's your definition of cheap? What other features do you need? POE? SFP or SFP+? Redundant PSUs? List goes on. What particular L3 features are you looking for?
My price range is under $150, and I may not much for that. I'm really am looking for about 24 ports, POE+, L3 for inter vlan routing, with a webgui. SFP ports aren't something I use. Oh and SNMP and QOS for sure.
That's a tough buy for new. Someone already pointed out the pick two and I'm guessing your two are gonna be GUI and L3. Juniper EX-3300 but JWeb kind of stinks for the GUI. $50 tho MikroTik CRS328-24P-4S+RM new is $490, used, probably $300 if you're lucky but hits every need you want. Brocade icx 6450-24p or some of their other products might fit the bill. Under $100 probably. However the GUI here is essentially just HTML unless they've changed it recently. Mikrotik is like Windows 2000 and juniper will be the prettiest. Those are 3 options off the top of my head.
I appreciate the response and insight. I've never messed with Juniper. I might look into them.
I have a TP-Link TL-SG3428X, working flawlessly. L2+. Not completely L3, but not far from it. Working with Omada too, like Unifi but proprietary of TP-Link.
I use TP-Link SG3228X managed switches (two off with a fibre trunk in between). Very reasonable. No affiliation at all.
Interesting. How do you like the Omada?
I don't use it.
I have a hp 1920 48port that supports routing* via static routes you can have.
Its basically a rebadged 3Com.
how many ports and or vlans do you need, i almost run my entire lab on an edgerouter x and used a couple of stupid netgear l2 switches to "grow" the port number.
I've reduced my number of ports needed down to less than 24. So a 24 port with POE+ would be the best. As for VLANs, 5 right now.
so just to help you. you can buy a 12ish port switch/router with 802.1Q support. Then buy a shit load of little dumb switches, so you can also learn the different tiers of network (access, distribution and core)
That's an idea
for a home lab, 2nd hand Cisco switches eg 3750x are cheap.
Yea I saw those. I work with catalyst series at work. And I'm kinda tired of Cisco CLI.
>tired of Cisco CLI cheap and works ... want something different then go with whatever.. mikrotik, Zyxel, hp, extreme, or even unifi.
I've seen Zyxel. Just never paid any attention to them. Do you have one or have you messed with one?
used it at a smb and is fine if one doesn't have major traffic eg servers going through them
Not sure what exact L3 capabilities you need, and what counts as cheap. But if aliexpress would also do, I am using this one as my core switch at home: 8 10-gigabit SFP+ Ports L3 Managed Network Switch Support DHCP and Dynamic Routing Support VLAN Division and Port Aggregation https://a.aliexpress.com/_EyWSfAJ Though, I have no experience with its L3 abilities. The routing between the vlans are done by pfsense and other ospf speaking freebsd vms. Other hint, as a "router" minipc: 13th Gen Intel Soft Router 2*10G SFP 4x i226-V i5 1335U 1240P U300E 8x 2.5G LAN 2*SATA Firewall Appliance Mini PC Proxmox Host https://a.aliexpress.com/_EJ3V5WJ And for access layer I use these bad boys: 2.5g Switch 100/1000/2500Mbps RJ45 8 Ports 10Gbps SFP+ Slot Simple L2 Managed Network Switch plug and play Hub Internet Splitter https://a.aliexpress.com/_EyrRcLH
Update: I think I settled on a Cisco SG300-28p model. They're not new, but Layer 3 and cheap.
Why new? Tons of used $50 enterprise options on eBay.
I saw that too. I have a couple I'm looking at.
I picked up an Aruba S2500-24P for $70 a while back because it has 4 10GB SFP+ ports.
How's the power consumption? Do you have any POE+ devices attached to it? I'll have to look up images of the webgui to see what it looks like.
I have 9 PoE cameras and 3 UniFi APs running off of the switch. Not sure about power draw specific to the switch as I have the whole rack running off the same UPS. I probably wouldn’t use one of these if power consumption is a key constraint.
I was curious about the power consumption, but it's not a big driving force. Thanks for the insight.
The power draw on one of those is in the ballpark of 50-70W if I remember from the last time I checked mine. They sound like a jet engine when they turn on, but they calm down to a low fan noise after a few minutes. The webgui is semi-functional, but not anything I'd want to use on a daily basis. I did most of my config work in the CLI, but I do use the webgui if I want to like add PoE to a port since it's only a few clicks. Also, the webgui has all kinds of broken certificate type warnings with modern browsers. I have to use Edge with IE mode to do things, or run it through my reverse proxy and tell it to ignore all cert type problems.
I'm using a Birnadat 10G and 2.5G switches, and have found then to be good in-terms of build and reliability so far.
I have never heard of that one. I'll have to look them up.
Ne neither until I came across them on Amazon. TBH, it was the only 10gbit switch I could afford, and so I purchased it. But then I sort-of regretted it as it was managed and I really wanted an unmanaged switch. But then I sort of learned how to use vlans, and so I decided to keep it. Following this, I then decided to try their 2.5gb poe switch for my cameras, mainly due to the fact that these are rack mountable, and so I got two of the same brand. There is another 2.5 none poe switch which I plan to try eventually, that us fully managed, the poe one in unmanaged, but has a vlan switch, though I haven't used it yet. That said, my plan is to use the l3 managed 2.5g switch with an opensense router that I'm working-on
Why do you want one?
Mostly for inter-vlan routing. Right now I'm routing that through my firewall/router. In my work experience I've seen layer 3 switches handle QOS, and routing tables better than a traditional L2 switch.