Some months ago, I built a small VSAN home lab. Gradualy I expanded the setup – e.g. I moved from a hybrid setup (HDDs and SSDs) to all-flash (SSDs only) to utilize deduplication. Because errors might occur during testing, my NAS is still used as shared storage for the cluster.
The HDDs of my NAS were unable to meet those requirements anymore – therefore I replaced them with faster ones. Quickly I found out, that now the network was slowing down the setup. A benchmark of the RAID volume resulted in about 300 MB/s in read mode – the Gigabit network only offers up to 125 MB/s due to physical limitations. Leveraging LACP for spreading load also did not help as single sessions are not spread among multiple interfaces. Every server only has up to 125 MB/s for storage communication – for all VMs that are running on that host. It would be better to have a dedicated 10 Gigabit connection for the storage. I’m already using comparable network cards for VSAN – those NICs are quite affordable now (ca. 60 Euros per NIC).
So I really needed a new switch to connect up the three hosts. In the meanwhile, many vendors offer SoHo switches with 10G ports – but the most are quite expensive. I was really satisfied with my Cisco SG300-200 and so I wanted to stay with Cisco. The SG500X-24 would have been a successor for me as it offers four SFP+ ports. But unfortunately the price would have been 1200 Euros – way too much for my budget.
Sounds very interesting for a home lab – indeed, the details are quite small on the data sheet:
|Layer||L2 + L3|
|Acoustic Noise / temperature-controlled||42dB / Yes||40dB / No|
|Power consumption (max.)||24 watts||36 watts|
|LLDP/CDP||Yes / No||Yes / Yes|
|LACP||up to 32 groups, 8 ports per group|
|Management||Web / Telnet / SSH||Web / SSH|
|CPU||kA||800 MHz ARM|
|Price||ca. 400 Euros||ca. 1200 Euros|
By the way, an interesting review of the D-Link switch with numerous photos can be found here: [click me!]
Finally, I decided to go for the D-Link switch because of the price.
The look and feel can be compared to Cisco – the case is stable and feels high quality. Beside the manual, a CD-ROM, mounting brackets and also a console cable is part of the set. Unlike the Cisco SG series, a RJ45-to-RS232 cable is used. The fan is on the right side of the switch – during power-on it is quite noisy, but after some time the noise decreases.
Unfortunately, the web interface was not satisfying me at all. In comparison to the Cisco SG switch, it is not intuitive – the design is dowdy and Adobe Flash is required for monitoring CPU and memory. The menus are way too long and some settings are placed in a puzzling way. The translation that is loaded automatically is errorneous.
During the initial configuration, a wizard defining basic parameters such as username and password is started. You really need to be careful here if you don’t want to loose access to your new switch. When defining the administrator it is required to select a privilege level from 1 to 15. An explanation about the meaning of these numbers is missing in the user interface and also in the manual the switch is shipped with. 1 stands for the lowest set of permissions while 15 grants full permissions. Of course, I selected the wrong number in the first place and had to hard-reset the switch. Later, I found out that the permissions are explained in the command line (CLI) documentation: [click me!]
I also had problems with specifying the password – my switch did not want to accept any other password than the pre-defined default password. Any other password specified is marked as incorrect. By default, the switch also stores passwords in plain text – seriously, that’s terrible.
Maintaining users or changing passwords is not working at all using the web interface. Every time I try to change/create passwords, an error message is displayed:
ERROR: Password input incorrect.
The only possibility for maintaining accounts is to use the Telnet or SSH CLI – e.g. to create a new admin user:
DGS-1510-28X Gigabit Ethernet SmartPro Switch Command Line Interface Firmware: Build 1.30.B017 Copyright(C) 2015 D-Link Corporation. All rights reserved. switch#enable switch#conf term switch(config)#username giertz password cl4pp1n6M4ch1n3 switch(config)#username giertz privilege 15 switch(config)#exit switch#copy running-config startup-config Destination filename startup-config? [y/n]: y Saving all configurations to NV-RAM.......... Done.
It is also a mess that deleting particular characters on the CLI is not working as the terminal does not recognize the key. If one character of a command was mistyped, you need to enter the whole new line. But – this way you will really learn the commands by heart. 🙂
Make sure to enable password encryption before creating users. Using the web interface, you can change this setting by accessing Management > Password Encryption in the menu. For encrypting passwords, the SHA-1 and MD5 algorithms can be used.
I don’t know why such an essential functionality is not enabled by default. 🙁
Updating the firmware is also tricky as it requires additional sub-steps to be taken. The first step is to upload the .had file over HTTP or TFTP. To utilize HTTP, click Tools > Firmware Upgrade & Backup > Firmware Upgrade from HTTP. This step also requires your to enter the file name once again – otherwise the file will not be stored on the internal flash – this step could be automated.
Afterwards, the firmware is uploaded but not active – even though the interface tells you something different. To enable the new firmware, you will need to mark the file for the next boot manually. This is dont by accessing System > Management > File System. Select drive c: and the file by clicking Boot Up:
By default, Telnet is used for controlling the switch remotely – from a security perspective, this is just horrible as Telnet is not encrypted at all. To enable SSH, it is required to create a RSA key. Afterwards the Telnet service can be replaced by SSH:
switch#crypto key generate rsa Choose the size of the key modulus in the range of 360 to 2048. The process may take a few minutes. Number of bits in the modulus : 2048 Generating RSA key...<Done. switch#configure terminal switch(config)#no ip telnet server switch(config)#ip ssh server switch(config)#exit switch#show running-config ... # SSH configure terminal ip ssh server ssh user admin authentication-method password ... end
It is very uncomfortable that this needs to be done on the CLI. If the user interface offers the possibility to enable SSH it should also be possible to configure it in a senseful way.
I really have mixed feelings about the switch. The hardware and price are quite okay – but D-Link really needs to correct the software up. In comparison with the Cisco SG series, the web interface’s usability is not good at all – there are plenty of things that only can be configured in a uncomfortable way. It really takes some time to configure the switch in a senseful way – this could be much easier. But, once the switch has been configured the user interface is not required, anymore.
On the other hand, you need to keep in mind that the D-Link DGS-1510-28X’s price is only a third of the Cisco SG500X-24 – so it might be clear that the quality is not comparable. So, you could say, that the price/performance ratio is okay.
For professional setups such as in datacenters I would go for a differenct product – but for small setups such as homelabs, the siwtch might be an affordable alternative. 🙂