![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Cisco SG500 Line
- Thread starter Burnout01
- Start date
They show in stock from a couple vendors but they're probably too new for many people to really know much about them, this is the only thread that comes up if you search for SG500. That said 2 of the 28 port versions with a couple of MGBT1's so I can put half the stack upstairs and the other half downstairs over ethernet sounds like it might be fun.
I've been looking into these a lot more lately, looks to be a good management benefit with the 500's since you can manage them all from one interface, additionally 2 of the SFP ports support 5Gbit and the 5Gbit cables aren't too bad, it's not those 30+Gbit interconnects like some stackable switches have but then again these things are only like $700 each.
gabi_cavaller
n00b
- Joined
- Apr 10, 2012
- Messages
- 42
I managed to find a bug with QoS counters within the first 48 hours of owning them which would cause the stack master to hard crash and require me to console in via the serial port and a terminal client and wipe the config then re-add it back to the stack. Opened a case with Cisco and they were able to reproduce it right off and recently released the first firmware update for them which supposedly fixed the issue, but since I didn't really care about the QoS counters I had just left them disabled, I had only found the problem because I was randomly clicking shit just to see what it did.
Cisco Small Business support was as good as my experience with Cisco Enterprise support, once I told them the problem and sent them my config the tech assigned to my case quickly found the problem in their lab and passed it along to the software guys and I recieved several updates along the way letting me know things like "issue found", "issue fixed in next firmware", and "new firmware released", additionally they found a work around to keep the master switch from crashing (disable the QoS counter which I wasn't really using anyway). So while I wasn't overly thrilled to find a hard crash bug so soon, these switches came with the necessary hardware to resolve the issue (serial port), and technical was exceptionally responsive and compitent to resolve the issue properly. Shit happens with equipment like this, especially when new, and vendor support resolving issues is in some ways more important than just not having issues (because issues not ever happening never happens).
I have one switch upstairs and one downstairs because I need more than 26 ports for gear and I wanted to spread out my severs some to spread the heat load around the house, better for a few rooms to get a little warm than one room really hot. I use a SFP-H10GB-CU5M to stack them, the switches support a 5Gbit stack link if you use the right SFPs in ports 27 or 28. I could have saved money and gone with a SG300-52 but then I'd lose out on playing with stacking and I'd have to run a cable bundle downstairs instead of a single stack cable.
I really should play around with them more to figure out some of the DNS and static routing features as I mentioned in that another thread but so far I've managed to create ACL's and QoS to prioritze certain applicatitons by port and/or IP both on the LAN and WAN connections (I run my cable modem through a VLAN to a VM, so I can move my firewall between VM hosts without having to move the modem cable, and I can use the switch to apply ACLs to the modem connection). Currently I give max prioritization to online games, then to skype/VoIP, then web access, then anything that's not any of those. I put games over VoIP because sometimes I like to share screen with skype while gaming and I found that skype video would eat up all my bandwidth and the game would go to shit, but with the ACL and game QoS set higher, skype sometimes goes to shit but the game still works. Additionally I use some outbound ACLs to increase security, for example it's impossible to request DNS resolution from the internet from anywhere other than OpenDNS. I set an inbound ACL for my modem to further re-enforce my firewall, all ports below 1024 are blocked except SMTP and HTTPS ports for my mail and web servers. I learned a lot more about ACLs and QoS in a week or so with these things than I ever did at my old job. All around Advanced QoS with IPv4 ACLs is a lot of fun.
GUI is great as you know from your SG200 when you want to just see what's available, the SG300 and SG500 also come with a IOSish CLI which is great when you know what's available and how to do it, and want to do a lot of it really fast (like creating a bunch of ACLs, which is a chore from the GUI). As I mentioned before there is a console port on it where you can watch it boot up and such if you do somehow manage to break it, something the SG200 lacks.
I setup a log server for this (it REALLY hates using my domain controllers as NTP servers), and setting up an SNMP server is on my (quite long) list of things I still want to do. I'd love to get something like cacti working to see what kind of traffic my VMs actually pass to each other.
Overall I'm quite pleased with them, total overkill for what I need really but then again that's half the fun.
Cisco Small Business support was as good as my experience with Cisco Enterprise support, once I told them the problem and sent them my config the tech assigned to my case quickly found the problem in their lab and passed it along to the software guys and I recieved several updates along the way letting me know things like "issue found", "issue fixed in next firmware", and "new firmware released", additionally they found a work around to keep the master switch from crashing (disable the QoS counter which I wasn't really using anyway). So while I wasn't overly thrilled to find a hard crash bug so soon, these switches came with the necessary hardware to resolve the issue (serial port), and technical was exceptionally responsive and compitent to resolve the issue properly. Shit happens with equipment like this, especially when new, and vendor support resolving issues is in some ways more important than just not having issues (because issues not ever happening never happens).
I have one switch upstairs and one downstairs because I need more than 26 ports for gear and I wanted to spread out my severs some to spread the heat load around the house, better for a few rooms to get a little warm than one room really hot. I use a SFP-H10GB-CU5M to stack them, the switches support a 5Gbit stack link if you use the right SFPs in ports 27 or 28. I could have saved money and gone with a SG300-52 but then I'd lose out on playing with stacking and I'd have to run a cable bundle downstairs instead of a single stack cable.
I really should play around with them more to figure out some of the DNS and static routing features as I mentioned in that another thread but so far I've managed to create ACL's and QoS to prioritze certain applicatitons by port and/or IP both on the LAN and WAN connections (I run my cable modem through a VLAN to a VM, so I can move my firewall between VM hosts without having to move the modem cable, and I can use the switch to apply ACLs to the modem connection). Currently I give max prioritization to online games, then to skype/VoIP, then web access, then anything that's not any of those. I put games over VoIP because sometimes I like to share screen with skype while gaming and I found that skype video would eat up all my bandwidth and the game would go to shit, but with the ACL and game QoS set higher, skype sometimes goes to shit but the game still works. Additionally I use some outbound ACLs to increase security, for example it's impossible to request DNS resolution from the internet from anywhere other than OpenDNS. I set an inbound ACL for my modem to further re-enforce my firewall, all ports below 1024 are blocked except SMTP and HTTPS ports for my mail and web servers. I learned a lot more about ACLs and QoS in a week or so with these things than I ever did at my old job. All around Advanced QoS with IPv4 ACLs is a lot of fun.
GUI is great as you know from your SG200 when you want to just see what's available, the SG300 and SG500 also come with a IOSish CLI which is great when you know what's available and how to do it, and want to do a lot of it really fast (like creating a bunch of ACLs, which is a chore from the GUI). As I mentioned before there is a console port on it where you can watch it boot up and such if you do somehow manage to break it, something the SG200 lacks.
I setup a log server for this (it REALLY hates using my domain controllers as NTP servers), and setting up an SNMP server is on my (quite long) list of things I still want to do. I'd love to get something like cacti working to see what kind of traffic my VMs actually pass to each other.
Overall I'm quite pleased with them, total overkill for what I need really but then again that's half the fun.
As an Amazon Associate, HardForum may earn from qualifying purchases.
gabi_cavaller
n00b
- Joined
- Apr 10, 2012
- Messages
- 42
Dragon,
Thank you for such an in-depth reply. I am thinking of purchasing a couple of the SG500-28's, like yours for a small ESXi infrastructure of 3 hosts with a maximum of 15 vm's with low usage.
The stacking facility is one of the reasons why I am looking at these over the SG300's as well as some of what you have mentioned.
You have a very good setup for a home infrastructure, what are you using as your firewall?
I too find the GUI excellent, creating Vlans isn't as clear as I was hoping but nevertheless, it works really well.
There are some strange quirks that I am finding on the SG300, for instance, this is my setup.
Router>Firewall>GS724>SG300
When I reboot my SG300, it knocks off the internet for around 10 seconds, even though my workstation is patched ot the GS724.
Overall, they appear to be an excellent product, an added bonus is they are fanless unless you go to POE.
Excellent stuff.
Thanks,
G.
Thank you for such an in-depth reply. I am thinking of purchasing a couple of the SG500-28's, like yours for a small ESXi infrastructure of 3 hosts with a maximum of 15 vm's with low usage.
The stacking facility is one of the reasons why I am looking at these over the SG300's as well as some of what you have mentioned.
You have a very good setup for a home infrastructure, what are you using as your firewall?
I too find the GUI excellent, creating Vlans isn't as clear as I was hoping but nevertheless, it works really well.
There are some strange quirks that I am finding on the SG300, for instance, this is my setup.
Router>Firewall>GS724>SG300
When I reboot my SG300, it knocks off the internet for around 10 seconds, even though my workstation is patched ot the GS724.
Overall, they appear to be an excellent product, an added bonus is they are fanless unless you go to POE.
Excellent stuff.
Thanks,
G.
@gabi: the 10 seconds isnt spanning tree / port fast listening for bpdu?
@dragon: are these switches noisy? do they have fans?
ive not heard of 5 gig links before. Is this watered down 10gig? or stacking cable only?
im a bit wary of cisco small biz.
saw a heap of earlier product reviews on amazon with blown caps or something.
@dragon: are these switches noisy? do they have fans?
ive not heard of 5 gig links before. Is this watered down 10gig? or stacking cable only?
im a bit wary of cisco small biz.
saw a heap of earlier product reviews on amazon with blown caps or something.
gabi_cavaller
n00b
- Joined
- Apr 10, 2012
- Messages
- 42
To be honest, I don't know. I need to mess around with it a bit more.
The none POE are fanless, thus no noise.
5gig links, yes basically a watered down version of the 10gig, as for stacking cable only, not sure.
Why are you way of the cisco small business stuff as a whole, like with anything, there are some good and back products, but generally people seem to be quite happy with this line.
The none POE are fanless, thus no noise.
5gig links, yes basically a watered down version of the 10gig, as for stacking cable only, not sure.
Why are you way of the cisco small business stuff as a whole, like with anything, there are some good and back products, but generally people seem to be quite happy with this line.
The 5gig links are stacking only, requires 10gig SFP's though. Not sure about older cisco SB lines but I haven't heard anything bad about the SG series, they seem to be solid switches. Like I said their support when I did have a problem was very responsive, so not really too worried there.
DonFromCanada
n00b
- Joined
- Dec 18, 2013
- Messages
- 1
For those that own these, can you please comment on how they do with little-to-no ventilation? I want to place one in a closet with no ventilation and only use about 12 ports worth of light traffic.
Thank you!
Thank you!