Product Name: JetStream™ 8-Port Gigabit L2 Lite Managed Switch with 2 SFP Slots
Product Code: TL-SG3210
This is a cheap 8-port Gigabit switch if you consider its capabilities. It can be configured in many ways via the web interface or (in an automated way) via a CLI interface (Telnet / SSH like). It comes in a sturdy metal case and has a 5 years limited warranty.
As shown on the product web site:
- Layer 2 Features
- 4K VLAN
- Quality of Service
- Security Strategies
SFP stands for Small form-factor pluggable transceiver. These modules allow connecting the switch to other switches or network interfaces via optical fibers. The following modules are available from TP-Link:
Gigabit SFP module, Single-mode, LC interface, Up to 10km distance
Gigabit SFP module, Multi-mode, LC interface, Up to 550m distance
Gigabit WDM Bi-Directional SFP Module, single-mode, LC connector, TX:1550nm/RX:1310nm, 10km
Gigabit WDM Bi-Directional SFP Module, single-mode, LC connector, TX:1310nm/RX:1550nm, 10km
The most interesting SFP module for me is the TL-SM311LM for multi-mode fibers. According to Geizhals (German) it costs 33 EUR.
TP-Link TL-SM311LM SFP Module
Buying optical fibers:
- In Germany:
- Search Amazon.de for
lwl lc 20mfor example.
- Search Reichelt.de for
- Search Amazon.de for
These are the settings for the RS232 serial terminal:
|Bits per second||Data bits||Parity||Stop bits||Flow control|
You can use the screen command to connect:
screen /dev/tty.usbserial 38400
How I'm using it
- Don't enable the Blat Attack DoS Protection when you want SIP VoIP packages to be forwarded by the switch. I enabled all the DoS protection methods and wasn't ably to make any calls anymore. It took me some time to debug the problem and find out that this was due to the fact that the switch silently discarded all my UDP SIP packages. (I saw them on my local network but I used two ports of the switch to filter my uplink uplink internet connection where the packages got lost). The description of the Blat Attack protection says: "The attacker sends the illegal packet with its source port and destination port on Layer 4 the same and its URG field set to 1. Similar to the Land Attack, the system performance of the attacked Host is reduced since the Host circularly attempts to build a connection with the attacker." In my case the source and destination ports were the same (5060 / SIP) but not the src and dest IPs. Anyway... Now it works.
Missing IPv6 support
The switch doesn't really know about IPv6. It forwards IPv6 packets and respects the configured VLANs but other than that it is pretty dumb.
The feature I'm missing most on the TL-SG3210 (and the whole product line) is IPv6 management (such as ACLs). One of the most important features is rogue router advertisements prevention via ACL. Only a few very expensive (>1000 USD) switches have these features as of now. And then it's still not very save. Here is a thread about configuring router advertisement blocking with a custom ACL on D-Link switches.
The linux kernel module
bonding implements LACP when loaded with the parameter
Resources on LACP:
- I use LACP with this switch with my Intel Gigabit ET Dual Port Server Adapter. This blog post contains setup help for LACP on Linux.
- There is a good HowTo in German on Ubuntuusers.de
- A German explanation with pictures on how to connect a Synology DS214+ NAS ↔ TPLink Switch TL-SG3210 with LACP can be found here.
To enable SNMPv1 with read-only access without password for the 'community'
enable config snmp-server snmp-server community public read-only viewDefault exit show snmp-server exit
enable config no snmp-server community public exit exit
snmpwalk -v 1 -c public -O e IP.OF.SWITCH # or snmpwalk -v 2c -c public -O n -O e IP.OF.SWITCH
- English Product Site: http://www.tp-link.com/en/products/details/?categoryid=222&model=TL-SG3210
- A toolkit to use the Telnet CLI interface to get switch settings and status information: TP-Link_TL-SG3210_CLI
- A Review that I found on the web: http://pastebin.com/aK5s0ryh (German) from the German computer magazine c't
- Review in a German blog: http://www.routerblog.de/tp-link-managed-8-port-gigabit-switch/
- Another German review: Leistbarer Managed Gigabit Switch: TP-Link TL-SG3210 (German)
- T-Entertain IP-TV Multicast with the TP-Link SG3210
- Review: $90 TP-Link switch – wow
- If you want to buy it in Germany: http://geizhals.at/de/677622
If you need more ports, you can consider these switches:
- Alternative 8-Port Switches: