Looking for a vlan-capable switch with GUI looking like OpenWrt

Hello,

I am not sure if this question belongs to this forum, but I think it's related. I would like to find a switch with a user-interface looking like "switch" page on luci: namely, in one direction there are ports, and in the other direction vlans. You get to choose tagged/untagged/off at (x,y) coordinate, i.e. for a vlan and a port. It's not allowed to assign more than one untagged VLAN, and if you try to do it, you get an error message. There is no PVID.

I have TP-Link SG108PE for about 2 months, and I can somewhat live with it. But it's a bit stressful each time when I have to think about what kind of VLANs a port in question got. And I have to set PVID: I understand that it's necessary if you have more than one untagged VLANs on a port, so that incoming traffic knows where to go, but I never need more than one untagged VLAN for a port. I don't want to think about PVID.
So there are many causes for mistakes.

I need a switch for another site with a lot of ports (perhaps 24) next yer, I don't think I can deal with it if the interface is like that. I haven't been doing networking long and SG108PE is the first managed switch in my life (it claims itself to be "unmanaged smart switch", but I call any switch with VLAN "managed".)

I live in Germany and on Amazon I see netgear, Zyxel, Cisco, TP Link. If you could please recommend me something I would appreciate very much. I use Unifi APs so Unifi switch would be an obvious option, but it supposedly configures ports automatically, I'm not sure if I like that. (well, perhaps better than me making mistakes, may be I should consider that as well...) I also read about security risk with switch being configured automatically: like a fake frame sneaking in. My setting will be

Router (OpenWRT)--switch--APs, LAN devices, Fritzboxes in IP client mode for telephones.
I use Macbook pro mid 2012 for management.

I will appreciate very much your help !

https://downloads.openwrt.org/snapshots/targets/realtek/generic/

Although it will look slightly different, more like

I bought a few of Mikrotik's smallest switches (RB-260P), and though the SwOS user interface still splits VLAN related settings across two pages, it is possible to understand, and it's a company that seems to know networking and care about security. Definitely consider used Cisco as well they can be really cheap for what they do.

Some of the Netgear and Zyxel switches are now supported by OpenWrt. Please see https://openwrt.org/docs/techref/targets/realtek for a list of the currently supported switches.

How about
a) Virtualization of OpenWRT in x86?
b) Misusing an old laptop and put Gigabit - USB ethernet on it + install ipfire/vyos/opnsense (all FreeBSD based)

Or just OpenWRT x86. Although it has not the wide range of (direct) hardware support, you can make that work most of the time. Either way, as far as I understand this is unconventional but I think you would be cheap off and good to go.

c)
A Pi can do this as well.

In either case you can then use a standard unmanaged 10Gbit switch for twenty bucks from Amzn, you will find two (decent) ones very prominantly.

One is TP-Link, one Netgear. The Netgear costs the same, but has better visable lights and overall the quality is better, at least in this price-class. All others I tested were worse than these two. Including more expensive ones.

Can you tell me how either of these recommendations apply to the problem at hand?

The OP isn't happy about the their ~80 USD 8-port smart-managed (L2) switch, with a switching capacity of 16 GBit/s and they're looking for >=24 ports with a switching capacity of 48 GBit/s.

Neither x86, nor a RPi can provide that functionality, even if you add USB hubs and (USB-) ethernet cards like a hedgehog. Desktop-/ server class x86 hardware might just barely cope with 8 ports, but tough luck at- or above 12 ports.

3 Likes

Thank you very much for your infos ! I didn't know that openWRT supports switches, too ! Perhaps D-link 28 or 16 are good options for me... the others seem to have fewer ports generally. I will look into it, or perhaps wait till more supported switches will be available. (I need one next year). I will keep checking !
I will also look into Mikrotik and cisco: if the UI is good enough from the beginning, that's also good.

I forgot to explain why SG108PE gives me stress in checking what VLANs a port has:

I think it's not just me who gets stress out of this....? i don't need VLAN1 but it can't be deleted. The page for setting PVID is elsewhere, and it does have to be set correctly.

Thank you again for your help !

+1 for Mikrotik managed switches using SwOS
See here some images of the web interface for setting VLANs
https://help.mikrotik.com/docs/pages/viewpage.action?pageId=76415036#CRS3xxandCSS32624G2S+seriesManual-VLANConfigurationExample

1 Like

Not only is this off-topic, it's wrong as well. IPfire is based on Linux from Scratch. VyOS is based on Debian (Linux). And OPNsense is currently based on HardenedBSD (which is a fork of FreeBSD), although they recently announced that they will move to FreeBSD as their base in the near future again.

And aside from that, putting VyOS in the list is also odd because its configuration is commandline-based and doesn't include a GUI – which the author specifically asked for.

1 Like

Neither IPFire nor VyOS are FreeBSD based. Also, OPNSense is HardenedBSD based. Oh, and OPNSense has a major issue in the current release with iflib that results in throughput speeds cut to around 1/4 of the port bandwidth. I was barely managing 200-250Mbps on a gigabit port with a fresh install of OPNSense.

Also none of your solutions actually covers OP's request.

@doremifajb based on the current support (https://git.openwrt.org/?p=openwrt/openwrt.git;a=tree;f=target/linux/realtek/dts;hb=HEAD) your best bet would be a D-Link DGS-1210 - however I'm not sure of the DGS-1210-28 support also includes the P/MP variants (which provide PoE)

Ubiquiti is also an option, but in my opinion if you go with one Ubi device, you oughta set your whole network up with it - it's just better that way. From my admittedly limited experience with Ubi stuff: they're expensive, but they just work. And the fact your can install a controller on a VM or even a Raspberry Pi and have a central control panel for all your network is a big pull.

Vyos GUI: https://github.com/vyos/vyatta-webgui. Just one example.

Wireguard works very well on OPNSense I had no problems, if this is OPNsense specific im the latest update there would be also pfSense.

You can also setup via both of them a WirelessAP and have many community packages. And yes, I did answer the question. The end result of this config is whats wanted plus more.

Also is hardened-BSD a hardened Freebsd. As @silentcreek stated is https://bsdmag.org/hardenedbsd-boosting-freebsd-security/ and therefore has access to FreeBSD ports.

Depending on what you want is Ubiquiti a not inexpensive but easy solution.

What I said is mirely that you can turn an old device which lays around with like 4Core /4GB can be easily turned into a powerful networking device for very little money, the feature seeked by OP included.

If you want to pay the price do Ubiquiti, I'd also say.

As long as you don't update the firmware, that is. Ubiquity has been changing UI and breaking things or even removing some features from devices.

For OpenWrt there is a similar central management software called OpenWISP.
It may not be as mature as Unify, but it's at least not doing shenanigans like that

There is also a very light serverless application called DAWN that allows the OpenWrt wifi access points to share the config and propagate changes, it has a Luci web interface module too so end users can do it with a GUI https://github.com/openwrt/luci/commit/9707acf72fd789b917c97f93ac0bb2fede9a86f4#diff-49c34b0ae79e1e9b54c5d8b5a520a0e9e6ed03c918a214ebeaf5213805969668

I've actually been trying to set up OpenWISP - it's definitely not as straightforward as Unify.

As for DAWN, I tried it, but it somehow managed to screw my whole wifi up from the get-go. I might try it again a bit later.

I also found a small, mostly abandoned project that mapped the Unify device API to uci calls, making it possible to use the Unify controller to manage OpenWrt devices in a very limited manner. Would be pretty cool if someone picked that up.

But we're getting quite off topic here :laughing:

2 Likes

Did you read the initial question or are you replying to the wrong topic? Because you're not answering the original question. The author asked for a switch with a configuration interface similar to OpenWrt/LuCI. And the switch should have lots of ports, possibly 24. How is a virtualized OpenWrt instance, or a Rasperry Pi or an old laptop with USB ethernet going to solve these requirements?

And what has Wireguard have to do with any of this? The author didn't mention Wireguard or VPN as a requirement. Sure, the distributions you mentioned are all interesting and they can be expanded to do many things. But your posts don't provide an answer to the original question.

Now, going back to the question at hand: I would go with one of those Realtek-based switches that are supported by OpenWrt. Not only do you get the known LuCI (or UCI) configuration interface/style, but very likely you will have a system that get's maintained (i.e. receives updates) much longer than what you usually get in commercially available switches, especially the lower priced ones.

Therefore I adressed that, I assumed he meant VPN connectivity because this much loss would be not acceptable. I simply didn't know about this issue in the (latest?) versions. Alternatively there is also pfSense, although its not as free as OPNSense. This discussion now helps nobody in any way. Bye.

You're still not answering the question, which was LITERALLY "recommend me a network switch that has OpenWrt support or OpenWrt-like interface".

I did. Summary: If you have an old laptop or a Pi or whatever you don't use, you will find that BSD firewall/routing solutions work more likely better due to high compatibility to many obscure hardware. And I also said if you are lucky or willing to spend much time on this you can get this working with OpenWRT x86, worth a try.

If OP doesn't want to spend time on it, he has to buy Ubiquiti or similar.

What is open now? Why do I have to answer your passive-agressive "questions" which are increasingly OT and factually incorrect? This is not your thread. I will stop your reply spam now. I am sorry that you can't run a switch with OPNsense, most people can. I even stated that there will be extra (but cheap) parts needed and of course that works.

None of my replies were passive aggressive, I stated facts. And you still failed to answer the question, because installing OPNSense/IPFire/VyOS, or anything else you recommended won't suddenly turn an old laptop into a 24+ port switch, even if you slap two dozen USB ethernet adapters on it.

Why is it so hard to understand that OP is looking for a PHYSICAL SWITCH that has an OpenWrt-like interface, and not a network gateway solution?

I have seen some email discussions about that in the maling list. Someone had a package/driver ready for using PoE functionality for 21.02 release but some core developers were complaining about something and didn't want to merge it.
I didn't follow that closely so I am not sure how it ended, but if you post/ask in the thread about that switch chipset they probably know better

I myself am not interested in PoE at the moment - the cabling in my home is strictly restricted from using it by the developer/owner (I specifically asked them to free up a few power sockets around the flat).

The next project I'm undertaking will be the complete rewiring of my parents' home, and for that I want to use a simple solution since they're a bit technologically challenged... So it will be a full Ubiquiti stack (Dream Machine Pro, 48 port PoE switch supplying power to all hotspots and cameras). The reason why I wouldn't recommend mixing Ubi and OpenWrt stuff is mainly the split in configuration management.