Hasivo switches

So I am a newb when it comes to networking in general so I probably can't contribute much since this seems to be low level operating type stuff yall are doing... but I figured I would at least throw a link to the firmware from mine in case it's one you don't have.

I actually have the MokerLink 8 Port 2.5G Ethernet Web Managed Switch (2G080GM), from what I saw on YouTube these appear to just be rebranded ones that are the same as the hasivo units.

Here is my version info:
Loader Version : 3.6.6.55087 (shows as HS_3.6.6.55087 in the web gui)
Loader Date : Dec 11 2021 - 18:17:40
Firmware Version : 1.0.0.0 (shows as HS_1.0.0.0 in the web gui)
Firmware Date : Apr 22 2023 - 20:03:41

Link to a copy of firmware.

Edit: The manual for the device on the mokerlink site has a reference to 天工iSpirit 5616, not sure if that would help at all either.

I have been trying to boot the S1100WP-8GT-SE from tftp.
I have attached the serial console
entered u-boot (version 2011.12(3.6.6.55007) dec 11 2021)
used password Hs2021cfgmg on the next prompt I used XXXX to enter the u-boot prompt.

I connected my tftp server with IP 192.168.0.111 to the most left eth port on the hasivo switch, I try to ping 192.168.0.111 from u-boot and it fails.

I entered rtk network on and tried again and the ping fails again. It throws some timeouts.

I try to ping 192.168.0.1, which is the default ipaddr of the switch and it fails.

What do I need to do in the u-boot to enable networking? Obviously just rtk network on is not enough in my case

I would appreciate any suggestions.

Ping isn't a reliable proof of life, when dealing with uboot.

tftpboot does timeout for me... so ping is the best diagnostics I have

firewall on the tftpd host ?

no, that would be tcpdump / wireshark..

If I remember correctly ping is not working after the rtk network on but if you issue tftp command it should download. I have some oold logs

RTL9300# # tftp 0x84f00000 test.bin
Using rtl9300#0 device
TFTP from server 192.168.0.111; our IP address is 192.168.0.1
Filename 'test.bin'.
Load address: 0x84f00000
Loading: *^H#################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         #################################################################
         ###########################################################
done
Bytes transferred = 6580152 (6467b8 hex)
RTL9300# # bootm 0x84f00000
## Booting kernel from Legacy Image at 84f00000 ...
   Image Name:   MIPS OpenWrt Linux-5.15.98
   Created:      2023-03-07  13:05:02 UTC
   Image Type:   MIPS Linux Kernel Image (gzip compressed)
   Data Size:    6580088 Bytes = 6.3 MB
   Load Address: 80100000
   Entry Point:  80100000
   Verifying Checksum ... OK
   Uncompressing Kernel Image ... OK

Starting kernel ...

My S1100WP-8GT just arrived. It has newer version of U-Boot. Unfortunately, I couldn't get U-boot prompt with "ESC" key. I also tried "Ctrl-Z", "Space", none of them worked. Anyone knows the magic key? Here is the part of U-Boot log:

U-Boot 2011.12.(3.6.8.55120) (Oct 19 2022 - 13:38:49)

Board: RTL9300 CPU:800MHz LX:175MHz DDR:600MHz
DRAM:  256 MB
SPI-F: MXIC/C22019/MMIO32-4/ModeC 1x32 MB (plr_flash_info @ 83f9b968)
Loading 65536B env. variables from offset 0xe0000
Net:   Net Initialization Skipped
No ethernet found.
 0
## Booting image from partition ... 0
## Booting kernel from Legacy Image at 81000000 ...
   Image Name:   RTK_SDK
   Created:      2023-03-15   9:47:08 UTC
   Image Type:   MIPS Linux Kernel Image (lzma compressed)
   Data Size:    5902427 Bytes = 5.6 MB
   Load Address: 80000000
   Entry Point:  802931a0
   Verifying Checksum ... OK
   Uncompressing Kernel Image ... OK

Starting kernel ...

If you have a dump of the firmware I can have a look...

I finally received my S1300W-8XGT-SE/RTL-8XGT-SE/S1100-8XGT which I got during 11.11 sales for around $220US shipped and here is the firmware/pictures.
https://drive.google.com/drive/folders/1f8WhrOcZ8uLa881B9C_aNwD3-Ijl8meE?usp=sharing

S1300W-8XGT-SE pcb1687×2891 683 KB

The PCB shows It's just a rebadged Hasivo.

I also ordered some RJ45 connectors so I can solder as the console port so I'll see how that goes in a couple of weeks.

For anyone buying this beware that the fans can be quite loud. I made the mistake of ordering what was supposed to be two Sunon HA40201V4-D000-C99 with a supposed noise raiting of 12.3dB(A) off AliExpress but those were actually louder than the stock Song Lian SDL4020S with a rating of 23.46db.
I now ordered the HA40201V4-1000U-A99 fans off Digikey to see if they're any better.
If they're not then you should probably factor in the cost for the Noctua NF-A4x20 fans which is $30 for two and makes this switch much less attractive in price.

Some updates:

• These RJ45 connectors from aliexpress were the right fit: https://www.aliexpress.com/item/4000323077907.html
• Removing the board when everything is unscrewed feels sketchy due to the massive amount of thermal "tape" holding the PCB to the case, just be careful when doing this
• The legitimate Sunon HA40201V4 fans from Digikey are a night and day difference in terms of quietness than fakes on Aliexpress. No more overpriced mini Noctua fans for me, the Sunon are 1/3 the price
• The Digikey fans came without connectors, so I soldered them to the empty fan headers for the 3rd & 4th fans on the PoE unit
• The Sunon fans don't have holes the right size for existing screws, I just hot glued them in place
• I totally failed (text is garbled) at getting serial access (38400 baud rate) using a makeshift cable. I'll have to order a premade cable and see if it changes anything. Crimping "Dupont" connectors to Ethernet was annoying and maybe I just messed up there.

Did anyone try getting OpenWrt running on the Hasivo S600WP-5GT-2S+_SE (also known as the Hasivo S600WP-5GT-2SX-SE)? It's also sold under the at least the MokerLink, POEPLUS, ONTi and OMAY brands, but I think Hasivo is the true OEM.

Board images were uploaded earlier in this thread, although more detailed ones might possibly be needed to identify some of the chips.

I think it's using Hasivo's own PoE chip, possibly the one described here.

hasivo-switch# show tech-support board
!

------------------ Board Configuration ------------------

****************************
 RTL9301-5X2P5GE_2XGE
****************************
============================
 Board GPIO
============================
Device  Pin  Direction  Default  Current  Purpose
------- ---- ---------- -------- -------- --------
INT     0    OUT        0        0
INT     1    OUT        0        0
INT     8    IN         0        0
INT     9    IN         0        0
INT     10   OUT        0        1
INT     11   IN         0        1
INT     12   IN         0        0
INT     14   OUT        0        1
INT     19   IN         0        0
INT     20   IN         0        0
INT     21   IN         0        1
INT     22   IN         0        1
INT     23   IN         0        1
EXT     0    IN  (IN  ) 0        0
EXT     1    IN  (IN  ) 0        0
EXT     3    IN  (IN  ) 0        0
EXT     4    IN  (IN  ) 0        0
EXT     5    IN  (IN  ) 0        0
EXT     6    IN  (IN  ) 0        0
EXT     7    IN  (IN  ) 0        0
EXT     8    IN  (IN  ) 0        0
EXT     9    IN  (IN  ) 0        0
EXT     12   IN  (IN  ) 0        0
EXT     13   IN  (IN  ) 0        0
EXT     14   IN  (IN  ) 0        0
EXT     21   IN  (IN  ) 0        0
EXT     24   IN  (IN  ) 0        0
EXT     25   IN  (IN  ) 0        0
EXT     26   IN  (IN  ) 0        0
EXT     33   IN  (IN  ) 0        0

============================
 Board Configuration
============================
====== Port ==================
Type        Usr  Phy     Media       Speed          Duplex   Attr
----------- ---- ------- ----------- -------------- -------- -------
10G         1    (0) 0   Copper                     Auto     1
10G         2    (0) 8   Copper                     Auto     1
10G         3    (0) 16  Copper                     Auto     1
10G         4    (0) 20  Copper                     Auto     1
10G         5    (0) 24  Copper                     Auto     0
LAG         6    (0) 26  Fiber                      Auto     0
LAG         7    (0) 27  Fiber                      Auto     0


====== Fiber =================
Fiber Port Number: 2

------------ Fiber Detect
LPort  Present  MediaChg  OE Status              LOS Status
------ -------- --------- ---------------------- ----------------------
5      LOS      None      DisabledEnabled (GPIO:INT_0 ) Enabled  (GPIO:INT_9 )
6      LOS      None      DisabledEnabled (GPIO:INT_12) Enabled  (GPIO:INT_13)

------------ Fiber Optical Connect by I2C Hardware Controller 0
LPort  I2C DEV  I2C TYPE  ID    Delay   SCK    SDA
------ -------- --------- ----- ------- ------ ------
5      0        8 BITS    0x50  50      INT_7  INT_6
6      1        8 BITS    0x50  50      INT_11 INT_10


====== Led ===================
SYS (GPIO Blink)
ALARM (REG)


====== WatchDog ==============
Type: REG

hasivo-switch# show tech-support mtd
!

------------------ MTD Information ------------------

mtd0: 0xbd000000-0xbd0dffff "LOADER"
mtd1: 0xbd0e0000-0xbd0effff "BDINFO"
mtd2: 0xbd0f0000-0xbd0fffff "SYSINFO"
mtd3: 0xbd100000-0xbd1fffff "JFFS2
mtd4: 0xbd200000-0xbd2fffff "JFFS2
mtd5: 0xbd300000-0xbdefffff "RUNTIME"
mtd6: 0xbdf00000-0xbdffffff "OEMINFO"

Hey guys, new here. I'm looking to purchase the Hasivo S1100WP-8XGT-SE As anyone tried getting openwrt on this device? This was reviewed by ServeTheHome on his youtube channel

Picked up an "ONTI ONT-S207CW-72TS" (The L2 version of S600W-5GT-2S, minus console port - soldered one on now though).

Decided to have a poke around the stock firmware.

There's a debug interface that can be accessed through a choice of keys after logging in:

  rl_bind_key(0x14,vtysh_diagDebug);
  rl_bind_key(0xf4,vtysh_diagDebug);
  rl_bind_keyseq("\\C-\\M-t",vtysh_diagDebug);

These being CTRL+T, F4 or CTRL+META+T.

This prompts for a password (found in defdb.ko) - "switchrtk"

Switch#
Diagnostics: *********

If _access_flag == 0 (access over console) then you'll be presented with:

Press ENTER to continue


[D] Diag
[E] Engineering
[S] Shell
Enter Selection: s
~ # uname -a
Linux 3.18.24 #569 Sat Apr 22 20:02:05 CST 2023 mips GNU/Linux

If _access_flag != 0 (i.e telnet/ssh) then you'll be presented with the "diag" shell:

Press ENTER to continue

RTK.0>

Don't get too excited as these images are compiled with many listed features disabled and/or unsupported on this SoC.

RTK.0> ?
exit             - exit diag shell
unit             - unit configure
terminal         - terminal configuration
sdk              - sdk configuration
nic              - NIC configuration
mpls             - MPLS configuration
oam              - OAM configuration
stack            - stack configuration
tunnel           - tunnel configuration
vxlan            - VXLAN configuration
openflow         - openflow configuration
bpe              - bpe configuration
rtl8231          - rtl8231 configuration
uart1            - uart1 configuration
l2-ntfy          - L2-notification configuration
acl              - ACL configuration
range-check      - range check configuration
debug            - debug configuration
diag             - diag configuration
serdes           - serdes interface
eee              - EEE configuration
eeep             - EEEP configuration
flowctrl         - flowctrl configuration
l2-table         - l2 table configuration
l3               - l3 configuration
led              - LED configuration
mib              - mib configuration
mirror           - mirror configuration
rspan            - RSPAN configuration
sflow            - sFlow configuration
port             - port configuration
qos              - QoS configuration
bandwidth        - bandwidth configuration
storm-control    - storm-control configuration
register         - register configuration
vlan             - VLAN configuration
security         - security configuration
stp              - stp configuration
switch           - switch configuration
sys              - system
time             - time configuration
trap             - trap configuration
trunk            - trunk configuration
ipmcast          - ipmcast configuration
mcast            - mcast configuration
pie              - PIE configuration
field-selector   - field selector configuration
gpio             - generalCtrl GPIO configuration
spi              - SPI configuration
i2c              - I2C configuration

We can get _access_flag = 0 by spawning the the login process again (/bin/login is a symlink to cli):
RTK.0> sys command sh

This kicks you out back to the login screen - login and enter the debug key sequence and password again, except this time you'll get the menu choice:

Username: admin
Password: *****
Switch#
Diagnostics: *********
Press ENTER to continue


[D] Diag
[E] Engineering
[S] Shell
Enter Selection: s
~ # uname -a
Linux 3.18.24 #569 Sat Apr 22 20:02:05 CST 2023 mips GNU/Linux

So I just received my Hasivo switch model S1100WP-8GT-1XGT-SE and it appears to have died or is failing to boot. When I originally plugged it in I saw all the lights come on, and the power led was blinking. Once the LED was done blinking I plugged in some non-POE wires, and I saw the lights come on on those two ports. After a few minutes, not sure what I was doing, I noticed that all the leds on the switch were off, and only the power LED remained on (solid).

So far I have unplugged it many times, plugged into different ports, and hit the reset button many times with no improvement. Only the power led comes on and stays on when turned on, with the POE lights flashing once on startup. I hope that it didnt die just now as I was excited to get into my first networking project!

I have also tried to connect to the switch using its IP but its not even getting picked up by my router as connected. I used this troubleshooting step, and also tried other IPs it may be listening on: 192.168.1.1 and 192.168.2.1. The reset switch does nothing either. Only the solid power LED. I believe that the switch is stuck booting or the boot process got corrupted. If anyone here has an idea of how to forcefully reset this switch that would be great!

I tried shorting IN1 and IN2 (separately) but that just caused sparks. Not sure if Im doing it wrong lol...

PCB Images

At which point is OpenWrt involved in this (keeping in mind that there is no OpenWrt image for these devices yet)?

Up to this point it looked like a clear cut RMA case, dead on arrival happens…

…and here you voided your warranty and the RMA is out of the window, so man up to it. Either you have the electrical knowledge and equipment to fix it yourself (there is no three-step-guide-to-profit, every fault is unique) or know the way path to the nearest E-waste recycling centre.

here is the firmware I have if anyone wants it. I believe the link will be good for 7 days. Feel free to share. This firmware fixes the issue such that you can set the IP address to something other then default and then login to it via a web browser. However once you remove power the update is gone.

I tried the 1x4 sockets on the front right, where the rj45 connector would go, but I can only get gibberish output so far. This is my first time doing anything like this. I soldered on the 4 pins (are only three needed, though?) and jumped to the GND, TXD and RXD on this adapter: https://www.amazon.com/dp/B07WX2DSVB. Then I tried connecting with baud rate 38400 and a bunch of others. The output is always garbled. I'd be grateful if anyone has suggestions.

I wanted to avoid the RJ45 connector, but now I'm also wondering - how are you all dealing with that connector in the way? Do you leave the case off, de-solder the connector after you're done, modify the case, or are there other options?

Does not compute...
I've never seen an RJ45 connector (which has 8 pins, as a 2x4 with an offset typically) use a 1x4 socket (which has 4 pins, in a single line).

If you soldered in an RJ45, or otherwise had an RJ45 connector unpopulated on the board. Then it's likely an RS232 console port, using Cisco 'rollover cable' pinouts, ala https://www.amazon.com.au/Serial-Console-Cable-Express-Routers/dp/B07TNYNDHQ/

Baud rate would normally be 38400 8N1, but at boot up it should spit out ASCII stuff that an auto-baudrate system should pick up pretty easily.

You probably want to look at the pinout of such a typical cable, and confirm that on the switch TX pin to GND you do indeed get some RS232-like voltages before hooking something up to it though. It's possible some might not have the RS232 level shifter, and expect TTL/CMOS inputs..

PXL_20240728_225417788~3750×480 57.4 KB

The four holes here, is what I meant. I saw that the traces from the middle two holes went to a chip labeled "3PEAK 3232E", which seems to be an RS232 chip. So I figured those two are RX and TX.

They're almost certainly RS232 signals... your TTL adapter won't like them.

Depending on how well that TTL adapter has been made (whether it has series current limiting resistors, maybe some bypass diodes..) it might not be a good idea to trust what it tells you anymore... its inputs might be cactus.

Best idea will be to source matching RJ45 connector, source Cisco rollover cable, and then just plug it in.

My case already had a hole for the connector in the metal. Just needed a sharp knife to cut open the sticker covering the hole.

A Dremel or similar would likely make short work of creating a hole for the connector. If you take the sticker off before you make the hole, the sticker could cover up any non-ideal hole making..

PS: OEM baudrates might be whatever the firmware developer liked to look at. 9600 / 19200 / 38400 / 57600 / 115200... auto-baud is the best first go-to