D-Link DGS-1510-28X – cheap 10G switch

Some months ago, I built a small VSAN home lab. Gradualy I expanded the setup – e.g. I moved from a hybrid setup (HDDs and SSDs) to all-flash (SSDs only) to utilize deduplication. Because errors might occur during testing, my NAS is still used as shared storage for the cluster.

The HDDs of my NAS were unable to meet those requirements anymore – therefore I replaced them with faster ones. Quickly I found out, that now the network was slowing down the setup. A benchmark of the RAID volume resulted in about 300 MB/s in read mode – the Gigabit network only offers up to 125 MB/s due to physical limitations. Leveraging LACP for spreading load also did not help as single sessions are not spread among multiple interfaces. Every server only has up to 125 MB/s for storage communication – for all VMs that are running on that host. It would be better to have a dedicated 10 Gigabit connection for the storage. I’m already using comparable network cards for VSAN – those NICs are quite affordable now (ca. 60 Euros per NIC).

So I really needed a new switch to connect up the three hosts. In the meanwhile, many vendors offer SoHo switches with 10G ports – but the most are quite expensive. I was really satisfied with my Cisco SG300-200 and so I wanted to stay with Cisco. The SG500X-24 would have been a successor for me as it offers four SFP+ ports. But unfortunately the price would have been 1200 Euros – way too much for my budget.

On Twitter, Dominik recommended a D-Link alternative: the DGS-1510-28X. Like the Cisco SG500, this switch also offers four SFP+ ports with 10 Gigabit each – but the price is much lower.

Sounds very interesting for a home lab – indeed, the details are quite small on the data sheet:

DGS-1510-28X SG500X-24
Layer L2 + L3
Ports (1G/10G) 24/4
Acoustic Noise / temperature-controlled 42dB / Yes 40dB / No
Power consumption (max.) 24 watts 36 watts
Backplane 128 Gbit/s
LLDP/CDP Yes / No Yes / Yes
LACP up to 32 groups, 8 ports per group
Jumbo Frames Yes
Management Web / Telnet / SSH Web / SSH
CPU kA 800 MHz ARM
RAM kA 256 MB
Flash 32 MB
Price ca. 400 Euros ca. 1200 Euros

By the way, an interesting review of the D-Link switch with numerous photos can be found here: [click me!]

Finally, I decided to go for the D-Link switch because of the price.

First sight

DGS-1510-28X and SG300-20

DGS-1510-28X and SG300-20

The look and feel can be compared to Cisco – the case is stable and feels high quality. Beside the manual, a CD-ROM, mounting brackets and also a console cable is part of the set. Unlike the Cisco SG series, a RJ45-to-RS232 cable is used. The fan is on the right side of the switch – during power-on it is quite noisy, but after some time the noise decreases.

Unfortunately, the web interface was not satisfying me at all. In comparison to the Cisco SG switch, it is not intuitive – the design is dowdy and Adobe Flash is required for monitoring CPU and memory. The menus are way too long and some settings are placed in a puzzling way. The translation that is loaded automatically is errorneous.

During the initial configuration, a wizard defining basic parameters such as username and password is started. You really need to be careful here if you don’t want to loose access to your new switch. When defining the administrator it is required to select a privilege level from 1 to 15. An explanation about the meaning of these numbers is missing in the user interface and also in the manual the switch is shipped with. 1 stands for the lowest set of permissions while 15 grants full permissions. Of course, I selected the wrong number in the first place and had to hard-reset the switch. Later, I found out that the permissions are explained in the command line (CLI) documentation: [click me!]

I also had problems with specifying the password – my switch did not want to accept any other password than the pre-defined default password. Any other password specified is marked as incorrect. By default, the switch also stores passwords in plain text – seriously, that’s terrible.

User management

Maintaining users or changing passwords is not working at all using the web interface. Every time I try to change/create passwords, an error message is displayed:

ERROR: Password input incorrect.

The only possibility for maintaining accounts is to use the Telnet or SSH CLI – e.g. to create a new admin user:

                  DGS-1510-28X Gigabit Ethernet SmartPro Switch

                             Command Line Interface
                            Firmware: Build 1.30.B017 
           Copyright(C) 2015 D-Link Corporation. All rights reserved.

switch#enable
switch#conf term
switch(config)#username giertz password cl4pp1n6M4ch1n3
switch(config)#username giertz privilege 15
switch(config)#exit
switch#copy running-config startup-config

Destination filename startup-config? [y/n]:  y

Saving all configurations to NV-RAM.......... Done.
Password encryption

Password encryption

It is also a mess that deleting particular characters on the CLI is not working as the terminal does not recognize the key. If one character of a command was mistyped, you need to enter the whole new line. But – this way you will really learn the commands by heart. 🙂

Make sure to enable password encryption before creating users. Using the web interface, you can change this setting by accessing Management > Password Encryption in the menu. For encrypting passwords, the SHA-1 and MD5 algorithms can be used.

I don’t know why such an essential functionality is not enabled by default. 🙁

Firmware update

Updating the firmware is also tricky as it requires additional sub-steps to be taken. The first step is to upload the .had file over HTTP or TFTP. To utilize HTTP, click Tools > Firmware Upgrade & Backup > Firmware Upgrade from HTTP. This step also requires your to enter the file name once again – otherwise the file will not be stored on the internal flash – this step could be automated.

Afterwards, the firmware is uploaded but not active – even though the interface tells you something different. To enable the new firmware, you will need to mark the file for the next boot manually. This is dont by accessing System > Management > File System. Select drive c: and the file by clicking Boot Up:

Flash file system

Flash file system

SSH

By default, Telnet is used for controlling the switch remotely – from a security perspective, this is just horrible as Telnet is not encrypted at all. To enable SSH, it is required to create a RSA key. Afterwards the Telnet service can be replaced by SSH:

switch#crypto key generate rsa

Choose the size of the key modulus in the range of 360 to 2048. The process may take a few minutes.
Number of bits in the modulus [768]: 2048
Generating RSA key...<Done.

switch#configure terminal
switch(config)#no ip telnet server
switch(config)#ip ssh server
switch(config)#exit
switch#show running-config
...
# SSH

configure terminal
 ip ssh server
 ssh user admin authentication-method password
...
end

It is very uncomfortable that this needs to be done on the CLI. If the user interface offers the possibility to enable SSH it should also be possible to configure it in a senseful way.

Conclusion

I really have mixed feelings about the switch. The hardware and price are quite okay – but D-Link really needs to correct the software up. In comparison with the Cisco SG series, the web interface’s usability is not good at all – there are plenty of things that only can be configured in a uncomfortable way. It really takes some time to configure the switch in a senseful way – this could be much easier. But, once the switch has been configured the user interface is not required, anymore.

On the other hand, you need to keep in mind that the D-Link DGS-1510-28X’s price is only a third of the Cisco SG500X-24 – so it might be clear that the quality is not comparable. So, you could say, that the price/performance ratio is okay.

For professional setups such as in datacenters I would go for a differenct product – but for small setups such as homelabs, the siwtch might be an affordable alternative. 🙂

Leave a Reply