Most users don’t think too much when they need a network switch for their home network. In fact, most of them just make do with the LAN ports on their broadband router. I needed something more complicated, a managed network switch with VLAN support in particular, and I found a very affordable one. It’s the TP-Link TL-SG108E Easy Smart Switch.
I run a network in my day job, so enterprise-type network equipment is not unfamiliar to me. I want to run multiple VLANs, or Virtual LANs. In the past, an affordable consumer solution would be something from, say, MikroTik. A 5-port Gigabit Ethernet switch from MikroTik costs about US$40. An 8-port switch would start to get somewhat expensive. I want 8 ports, and I want cheaper.
The TP-Link TL-SG108E seems like a pretty good deal. Selling at around S$45, depending on which seller, this is a 8-port Gigabit Ethernet managed switch that offers VLAN features, traffic prioritisation, and network monitoring.
With an all-metal body, the TL-SG108E is very well-built too.
I was really excited to start using this switch. Unfortunately, as someone with a background running enterprise networks, the actual capabilities of the TL-SG108E turns out to be, to put it bluntly, very crappy. But of course, for just S$45, I can’t seriously expect it to be anywhere like the real enterprise product lines.
Basically, if you need a VLAN-capable switch, the TL-SG108E will do that. This switch, however, is not designed for security. Some of the configuration details reveals weirdness in how it handles traffic. For example, the PVID setting, applied on a per-port basis, determines which VLAN an ingress packet is assigned to if it is untagged. You’d think this should already be determined by the port’s VLAN membership. It turns out this behaviour also applies to other cheap VLAN-capable switches.
In fact, I am told that tagged ingress packets are deposited into their indicated VLANs, regardless of the port’s VLAN membership. I’ve not tested this myself, but I certainly intend to.
VLAN 1, the default VLAN, cannot be edited, and it has to be a member in every port. The switch’s management interface is in VLAN 1. In essence, the switch management interface is reachable via every port, certainly not a very good security setup.
While security may not be it’s forte, the TL-SG108E does have other cool features, such as IGMP snooping (up to 32 groups), Link Aggregation (up to two groups, up to four ports per group), port mirroring (one to one, many to one), Jumbo Frame (15 kB), 4K MAC address table, and 1.5 MB packet buffer. It’s capable of 16 Gbps, 11.9 Mpps switching capacity. The switch also supports cable test and loop prevention.
Here’s some screenshots of the Web UI. Note that the Web UI is available only in hardware version 2 and upward. The current model sold in shops is at hardware version 3.
The switch supports auto MDI/MDI-X and auto-negotiation as one would expect nowadays.
The TL-SG108E supports a variety of VLAN types: MTU (multi-tenant unit), port-based, and 802.1q. The data sheet lists support for 32 VLANs (out of 4K-ish 802.1q VLAN IDs).
QoS is port-based, 802.1p, or DSCP, with up to 4 priority queues supported.
There is no support of any sort of Spanning Tree Protocol (STP).
All things considered, for S$45, this is a really good, affordable, “smart” switch if you need some VLAN capability. It probably suffices for home users who have slightly more complicated requirements for their home network.
Update (2017-07-04): Post has been updated with some Web UI screenshots and more details on the switch’s capabilities.