The Dell N1100 is a nice switch, but a relatively new product (<3 years old). Also, the article mentions how noisy the cooling fans can be in "enterprise" grade switches, but they are quite loud in the N series too (at least in the case of the N3048).
Early this year, I got contacted by DellEMC via a voicemail message, which I initially thought was spam or phishing because they should have used the email associated with my DellEMC support account. It turned out that the voicemail was legit, and the message was that I needed to update the firmware in all of our switches (including N1100) before 7/27/2021, or they would all stop working(!)
It turns out that the feature license management system had a root certificate that was due to expire, and all licensed features would cease to function if the switches were not upgraded.
I spent about a day on the phone with them upgrading our switches, and (almost) everything turned out okay in the end.
Below is my survey response to their support feedback request:
1) The products should not have a built-in time-bomb that causes them to stop working after only a few years.
2) Dell should have informed us of this issue by email. Instead they left a very "phishing" like voicemail on a manager's phone. (Not the phone of the registered point-of-contract for the cluster.) Perhaps this was done to avoid leaving evidence of #1 above?
3) I spent over an hour on hold when I returned the call, and was then disconnected. After trying again (to an extension other than the one given in the message), I reached somebody who confirmed the issue. I spent another four hours on the phone resolving it.
4) Shortly after all of the above, I discovered a new issue that severely impacted the cluster. The n3048 switch would no longer auto-negotiate a 100Mbps Ethernet link. Our network watchdog device (iBoot) was continuously cycling the power on our Internet Ingress (ONT+ASA).
5) I spent even more time troubleshooting and resolving this issue (by locking the iBoot port to 100Mbps instead of leaving it on Auto).
6) I did not waste any more of my time by reporting this issue. The technician I worked with to upgrade these switches assured me that the firmware releases we used were "stable".
The non POE N1100's are fanless, Thankfully don't really contain any features that would require licencing, that being said also has no hardware Layer 3 capability, so not really in the same class as the N3XXX or N2XXX's
The licencing thing does suck though, that's poor from Dell who normally (at least switches wise) do a reasonably good job for the price.
> The products should not have a built-in time-bomb that causes them to stop working after only a few years.
First Turtle Beach bricked my Audiotron by abandoning the web site required for it to function, then Grace Digital bricked my three GD streaming devices for the same reason.
> Grace Digital bricked my three GD streaming devices
If you are referring to a Reciva based internet radio the web site which powers them was shut down by the owner of that site, not by Grace Digital. Also, if it is similar to my CC Wifi Reciva based radio it is still possible to access existing presets on the radio although you can no longer add presets or modify them any more. When you power it on wait for the Network Error caused by the lack of the back end and then press Back twice and then a preset. The media server functionality also still works.
> If you are referring to a Reciva based internet radio the web site which powers them was shut down by the owner of that site, not by Grace Digital
I am referring to that. I'm reduced to 3 presets. The disaster is that:
1. the device was critically connected to a resource that GD does not control
2. GD offers no way to change this dependency, no way to redirect it elsewhere, no way to change the presets, no way to access radio stations, etc
3. I don't see any reason why they had to use Reciva to access Pandora
None of this was disclosed when I bought them. GD should offer a web interface to it, like my router has.
The media server does still work, but it can't read USB sticks with more than 32G of capacity.
But my Roku device can. Roku works fine when I hook up a 16T drive to its USB port. Pretty much all the streaming devices I looked at as replacement for GD have strange limitations on what can be connected (some USB sticks work, others do not), Roku does not.
I'm kinda shocked that 20 years after the Turtle Beach Audiotron, streaming devices are still mired in the stone age with bad user interfaces, poor device support, unusable displays, bricking, and very buggy (my GDs regularly locked up).
My GD display, for example, shows:
1. the title of the song
2. the bit rate
3. the elapsed time
When it should show:
1. title/album/band
2. time remaining
3. album cover art
The GD is like 90% towards being a good product. Why not go the last 10%?
At the time that CCrane, Grace and others started offering internet radios everyone was using Reciva and articles at the time referred to it as the Microsoft of internet radio so I don't think anyone at the time could have expected its downfall. This was really regarded as the safe bet. Also Grace has not offered a Reciva based radio for quite a few years so you must have quite an old one and have gotten many years of use out of it.
The CC Wifi 3 I got to replace my CC Wifi does have some anti-obsolescence features. It can be used as a bluetooth speaker and it has a built in web server that you can connect into from a browser and manually enter the URLs of streams so even if the Skytunes backend goes defunct like Reciva did the radio should still be somewhat usable.
If your radio can receive bluetooth you could put your media on a uPnP server, access it using vlc on a smartphone and then from there send it via bluetooth to the radio using it as a bluetooth speaker. That is probably more convenient than mucking with the radio to select audio files since you can do it on your smartphone with a better user interface. Anyways, that is what I do.
> put your media on a uPnP server, access it using vlc on a smartphone and then from there send it via bluetooth to the radio using it as a bluetooth speaker.
Hertzshaffnocheinmal! What a contraption. Here's what I want:
1. plug a USB device in that has all my media files on it
2. push "shuffle"
3. push "play"
Like how CD players work. In fact, even steps 2 and 3 should be optional. It should just work when the USB device is plugged in.
My main thought reading this as a non-network admin was of Mr Robot, and all the Linux installs on low level hardware used for hacks on that show.
Very interesting read and lots of upside to what is discussed, but the thought of the uncountable, almost invisible operating systems running in a large network give me a odd feeling in the pit of my stomach. So many potential places for malfeasance to hide.
Another fun one is the "EURion constellation", a set of features on printed currency that photoshop and color copiers will read and then refuse to operate on: https://en.wikipedia.org/wiki/EURion_constellation
Intel ME and cellular baseband are particularly worrisome. They are essentially separate and inaccessible (outside of very restricted APIs) systems with their own CPU, running their own OS and applications with the lowest level access to all hardware.
Cellular baseband modem is especially evil since lack of software freedom is mandated by law. It controls the phone's radiofrequency emissions which means it must only ever run government-approved software. There's just no telling what this thing does and the best we can hope for is isolation from the rest of the phone.
I think my favorite "you put cleverness where it didn't belong, and look what it got you" is the Xerox "oops we stored your scan compressed and our compression matched some characters as identical that weren't so the thing we scanned has characters substituted in the image". [1]
Honorable mention goes to:
- the Dell switch with the changelog note "if you had a device with a MAC starting with these bytes plugged in, the last N ports on the switch will stop working"
Keep that feeling in the pit of your stomach for a few years. Watch as a multitude of forces (mostly related to surveillance capitalism) foist billions of such devices on unsuspecting consumers. Tell anyone who'll listen, how shortsighted this is, how much of a fall it's setting us up for.
Watch it happen anyway. Watch it accelerate. Watch the devices grow in complexity, capability, connectivity, and vulnerability. Watch innumerable manufacturers go out of business with no software-update succession plan, no code escrow, no upgrade path for victi^H^H^H^H^H end users.
The pit of your stomach gets pretty damn sick of the state of things.
That feeling in the pit of your stomach when you realise you've been _building_ it hurts.
I still feel complicit.
I worked for a hardware startup in 2013/2014. Part of my role was to populate and run the private pacman server that the devices got their OS and software updates from (we ran ARCH, but didn't connect to the public ARCH pacman repos, because we had some hardware specific code and kernel mods we needed to work, so we tested everything that updated on there public pacman repos before letting the devices load them). The startup failed after the first batch of products were shipped - as they are wont to do. Much acrimony about who owned what. I kept the Linode instance running the pacman server on my own credit card for years, but eventually the domain name (or perhaps the dns hosting, I don't recall) expired and the only devices that still knew how to get to the repo were my own. If I'd have a heads-up that dns was going to die, I could have pushed a config change to use a domain name under my control, but it just unexpectedly switched off.
There were only a few hundred devices I was keeping software updates flowing to. But the feeling of despair when I was no longer able to do that and finally decommissioned that Linode server was heartbreaking.
My favorites are TP-Link's WDR3600/4300, AC1200 and AC1750. Yeah, not switches per se, but $20-40, Gigabit Ethernet, dual band Wifi, very stable and fast with OpenWRT, can do anything. You can daisy chain a few of them if you need more ports, it's rather fun.
If you really are futureproofing, note that most AX (Wifi 6) equipment today doesn't support the new 6ghz frequencies recently allocated to wifi. For that you need "Wifi 6E". Of course, 6E stuff is quite expensive right now. (Expect to pay $400+ per node)
Heh, I only have 4 of them and they're not going out of use anytime soon. Bought all of them used, of course.
One works as a main router for a fiber Internet connection (via a dumb SFP-Ethernet D-Link switch), 2 handle the "Intranet" 1 house + 1 workshop (Wifi bridge via one band) computers, printer and NAS, and one is with me, acting as a repeater bridge.
If I buy anything new it'll habe to support OpenWrt or I stick with AC1750s lol.
Even Wifi N 300 is enough for my needs, computers are wired and my phone doesn't need AC speeds.
The EAP660 is pretty good. I replaced a few mesh routers with a single EAP660 on a second floor ceiling. I like that they allow you to run a single one without a controller. I'm happy to no longer tie my router to my access point as it was getting to be a bit too much effort to make changes or upgrade before I split their roles. No WRT support, but I don't think that's a concern for just an access point.
The AX series is the current TP-Link offering for most use cases starting at ~$80: https://www.newegg.com/p/pl?N=50012120%20100158096%206013568... In addition, the AX3200 Belkin (RT3200) is $100, and the $140 Linksys (E8450) are both listed as supporting OpenWRT.
Yeah, I found the same thing on the prices - but interestingly looking at completed sales, prices are more like ~£100. I'm assuming something has recently changed to make people mark them up more, and no-one's biting yet.
£3k for just a managed access switch seems a bit high, you should be able to get a 48 port 1G juniper ex3400 with 4x10 uplinks for about £1500 (of course proper switch prices are always hidden in layers of mystery, which really pisses me off. Fortigate nearly lost a sale when they couldn't even give us a ballpark figure upfront)
I have had these jump outside of my house. I realize how crazy it sounds, but I had a pair (they were not encrypted - this was long ago, and I don't even know if encrypted ones existed) and my neighbor had a pair. I would, very occasionally, end up getting DHCP answered by the router in their network.
It took forever to figure out what was causing this, and I eventually figured it out by doing a (very slow) IP scan of every device on the network I was connecting to and finding a machine named with their first and last name. Unplugged the thing, and the problem went away forever.
If it hadn't happened to me, it's something I would have thought impossible!
Doesn't sound crazy at all, there's not really anything in your breaker panel or your meter or the outside wiring designed to stop these signals, it's just that there's also nothing designed to help the signals make it through all that, so you wouldn't expect it to continue beyond your house. Just like they tend not to work very well when used on different circuits, they shouldn't work very well outside your house, which is certainly not on the same breaker at all.
I think the newer ones all have some sort of encryption/pairing system which at least helps you ignore your neighbors transmissions.
There are phase bridges to ensure powerline signals are on both phases in the typical US house, and phase filters available that filter the powerline frequencies - they were originally conceived not so much for leaking out, but preventing noise from leaking in and interfering with powerline stuff.
X10 users have used them for years - you can find them with vendors that specialize in dealing with the X10 community or home automation; although with the wireless mesh networks like Zwave or Zigbee a lot of the powerline stuff has (thankfully) fallen by the wayside.
Another way to get wired internet without possibly running new cable is with MOCA - ethernet over coax. You can find cheap DirecTV branded MOCA adapters all over the place. Most are 100Mbps but if you watch the newer ones are gigabit capable.
Ethernet over coax? That’s some OG networking. Break out those 10base5 adapters from ur possibles box. I guess this is also the time to bring up the obligatory Ethernet over barbed wire solution: http://www.sigcon.com/Pubs/edn/SoGoodBarbedWire.htm
Personally, I've had much better luck with MOCA than with powerline. Full gigabit speeds in an older 1940s house using basic Motorola adapters off of Amazon.
Same. Plugged in the device-side one of a pair and the device started working before I plugged in the router-side one. It'd connected to a house two or three doors down.
I've used these for over a decade with limited success. Their performance is very specific to your wiring and can be fouled up with lots of things. Mine was sometimes no faster than WiFi. MoCA (Ethernet over coax wiring like for cable/satellite TV) seems to work better.
I had a lot more success with them after popping my electrical panel open and rearranging the relevant outlet circuits to all be on the same AC phase (making sure not to unbalance the amperage load since some were 15As and some were 20)
I'm using a pair of TPLinks to feed a wifi router on the opposite side of my house. The outlets are definitely on opposite phases, but the powerline adapters still work reasonably well. (~80Mbps). Now I'm realizing I should probably swap a couple of circuits and improve that connection.
It would be more practical in many places now to use leftover "hardline" phone plugs, especially because when they are disconnected from service they are sometimes quite literally disconnected and you have much fewer concerns about bleedover into neighbors.
Speeds won't be great for that sort of ethernet-over-phone wire, especially because most landlines used awful, cheeap wires, but in some cases it is faster than powerline adaptors.
Unfortunately all the companies that produce such equipment for "phone line adaptors" sell only to the phone companies and never directly to consumers.
So many houses today have vestigial phone wires that no one is using for anything.
Even if you could manage to find some ADSL+ equipment, you are going to tap out at around 48Mbps, I'm not sure if you can push unshielded, twisted 2-pair wire any faster. One downside would be that all of the phone jacks in the house are tied together, it would be a A->B kind of connection. I regularly get much faster speeds with my powerline adapters and if you have multiples paired, they create an actual network on the powerlines.
If you've got two pair, you can probably run 100BaseTx, even if the cable is not up to cat5 spec, especially if the runs are short and separated from other lines; Ethernet specs are for 100 meter distances most of which is in a tight conduit with other high frequency data transmissions. Old in-home phone wiring is likely not tightly packed or very long.
If you've got an old house with old telephone wiring, it's probably wired as a bus, if you want to re-use that for ethernet, you'll want to split it up so each phone jack gets wired as two ethernet jacks; one in each direction. If you're using ethernet in the room, you'll need a (small) switch, and you'll want to be careful to buy 10/100 switches if you've only got two pair as Ethernet autonegotiation can easily do the wrong thing and you don't want to pay for managed switches in each room. If there's no ethernet use in a room, still wire it up for two ports, but put a small patch cable between the two.
If you've got star topology phone wiring, there's a better chance of cat5 cabling and 4-pair and you can run gigE. GigE will sometimes run on cat3 for small distances too though. The only question is if the central location where the star wires meet is convenient for a switch. In a pinch, you can use a PoE powered switch and power it from one of the other ends of the star.
Of course, some houses are a mix of star and bus or generally some form of tree. Anywhere that there's a branch, you want to put one ethernet port for each direction. And hopefully all the branches are accessible.
There's really no need for DSL equipment in your own home, unless you've only got one pair wiring.
>If you've got two pair, you can probably run 100BaseTx
Well, 100BASE-TX will also run on single pair in half-duplex mode.
Alternatively you can also use powerline adapters over any cabling (twisted pair/coax/whatever). Just instead of connecting adapter prongs to power socket, connect to your cable and feed there enough power to supply the adapters. Around 50V DC (as commonly used by PoE supplies) will probably be enough.
> Well, 100BASE-TX will also run on single pair in half-duplex mode.
I mean, kind of, but I don't know how you get network cards to run on a single pair? I'm actually interested, because if it works for 100BaseTx, it probably also works for 10BaseT, and I've got 10BaseT half duplex device I'd like to network, but only one pair available (there's a 3-pair cable run, but two are used for voice communication). I've tried a commercial product (ETSLAN Monoline Balun), but while I can get it to work a bit when testing on parts of the line, it doesn't work across the whole line; if I can just wire something more simple, that'd be worth a try too.
You just connect single pair, it should auto-negotiate if other device supports it, otherwise you need to set mode in network card settings manually. https://i.imgur.com/xIsJJiN.png
So just connect pin one and three to the white wire and two and six to the solid color wire on both ends and it should work as long as both ends are half-duplex?
I would think the NICs would sense their own transmissions and declare a local collision?
I'm sorry, I got things mixed up. You're right there would a collision with their own transmission. So there needs to be circuit that cuts offs their RX port while it is transmitting.
Oh, you can push old aluminum phone wire faster than 48 Mbps! The VDSL2 service I use can reach up to 135 Mbps, and while the wiring in my apartment is new, the building's isn't at all.
It is nice if you are lucky and the installers weren't cheap. I've seen a few of the places that use Cat 5 to service phone cabling do crazy things in the walls like split twisted pairs to different wall plates and bad cheap phone transformers (that grossly bleedover noise across the twisted pairs, entirely removing the benefits of twisted pairs in the first place in some cases) in long Cat 5 runs.
There's a lot of things that made Cat 5 cheap for running phone lines in houses and most of them make Cat 5 useless for Ethernet, unfortunately.
You can actually use old-fashioned four conductor phone wiring for Ethernet, but it's limited to 10 mbps. Still useful in a few situations if it's all you have available.
In practice, my problem with these is reliability. They can have noticeable issues with maintaining an uninterrupted, low latency connection suitable for real time use, in my experience; and this was with a fairly high end powerline adapter. This is unfortunate, because it would be very convenient if you didn’t have to deal with making ethernet cable runs all over the place…
They are excellent solution where you cannot run Ethernet to, and do not want to use WiFi.
I used it in home automation (Thank you Home Assistant) for mostly sensors, and less important actuators, where I had power, but could not get Ethernet, or WiFi.
Anything else, very unstable and too much latency.
These are useful, but they add ~16 ms of latency, and depending on the quality of wiring and appliances in your building they can be very unreliable. A better option if you have RG-6 wiring is MoCA.
Can confirm, these are legit. Make sure you're aware of any outlets on the outside of your building though, as these could be plugged into with malicious intent.
> Make sure you're aware of any outlets on the outside of your building though
I guess this also means inside your neighbor's home, if you live in an apartment building, right? That's why those devices typically use AES for encrypting the signal between the paired ones.
You can also get these for running ethernet over coax as well. Can't speak of the experience, though I'd bet it would be better than over power because it is isolated.
My apartment has some places that have coax runs but not ethernet runs.
> Off-topic, but I just learned about another, practical networking utility, yesterday. "powerline adaptors"
Their performance depends on the electrical wiring in your house.
Ironically for me I’ve only managed to make them work on older electrical installations, and even then it was at best 802.11n speeds.
In my current house (newly built 2018), I can’t even get them to handshake. I suspect it’s due to improved electrical standards and better isolation between different circuits internally in the house, but I honestly don’t know.
The author mentioned that 10gig switches were expensive and loud, but these days you can get fanless 10gig switches for pretty cheap. I have a fanless mikrotik switch at home with 4 10Gb SFP+ ports that cost like $130 (and has excellent industrial design).
Sadly since the majority of these [ONIE] switches are aimed at datacenter deployments they are generally unsuitable for use on my desk. ... On top these switches would be aggressively priced out of my budget ... That was until I found the Dell N1100 series, ... And I found a cheap vendor that sold refurbished ones for around 85 GBP.
Some network devices and other kit became harder to find (or jumped in price) as people upgraded their home environments for working from home. While many buying for themselves would have stuck with even cheaper consumer-grade kit, companies that wanted to monitor/manage their remote workers' network would have wanted something that is possible to monitor/manage from afar (which a bog standard “dumb switch” wouldn't offer).
Yes, but rarely. Usually in "high security" businesses worried about exfiltration of client data or other company secrets & data assets, when it is done. Basically they give you a work network extension at home that piggy-backs on your connection but keeps itself segregated from the rest of your home network (so hopefully not monitoring that, but you never know!) via VPN and managed switch/router. Like a normal VPN-from-home scenario but with more careful control/monitoring as if your location were a fuller satellite office. Potentially useful for support too, though that is a beneficial side effect rather than a reason to go to the extra effort.
I love I can still unexpectedly find a post that reminds me of why I even decided to focus on tech-related career. Great article! For me, following you down the rabbit hole is better than the result. Thanks.
I just bought a Friendlyarm r4s two port gigabit rk3399 4GB linux SBC for $90 USD. It supposedly has hardware acceleration for networking. Though I see 910 Mbps vs the 950Mbps I was getting with the ATT router. I was able to acquire my EAP-TLS certs and can connect directly to the ONT. I even got ipv6 prefix delegation and wireguard working. Next up is transparent ad blocking a la pihole.
It's a fantastic device if all you need is 2 ports.
Normally, terrible. These systems are built with anemic, usually single-core CPUs usually in the low 100s MHz. The only way they can actually do gigabit switching is by hardware offload to dedicated ASICs. Anything going through the main CPU, even without encryption, will have terrible performance.
An interesting read, but I just don't understand why ONIE was even desirable. Cheap OpenWRT switches+routers can do Wireguard as easily as any Linux system.
TP-Link 5 port ethernet switch is cheap which is $12. The one in the article is not, which is $690. I know companies with server included budget less than this "cheap" switch. Nice tricks but clickbait title.
You don't need ONIE, nor any of that "Open" Compute stuff.
Linux has recently got native framework for control of switching chips called "Distributed Switch Architecture." This turns a lot of very cheap hardware with very basic hardware switching chips into high performance routers.
I don’t think there are any DSA drivers for Broadcom switch ICs (like the one in the device in the article) though? At least not in mainline last time I checked…
EDIT: No, actually, I was mistaken - there is one Broadcom series supported now I look again, BCM53xx, of which the one in the article does indeed appear to be. Looks like since the 4.8 kernel though, so not in the 4.4 kernel that comes with the device.
Their table of supported hardware for each of the platforms now using DSA probably includes all of the most affordable devices, since OpenWRT is mostly focused on consumer-grade equipment (and mostly routers/APs, but they support some purpose-built switches using Realtek CPUs).
Below is my survey response to their support feedback request:
1) The products should not have a built-in time-bomb that causes them to stop working after only a few years.
2) Dell should have informed us of this issue by email. Instead they left a very "phishing" like voicemail on a manager's phone. (Not the phone of the registered point-of-contract for the cluster.) Perhaps this was done to avoid leaving evidence of #1 above?
3) I spent over an hour on hold when I returned the call, and was then disconnected. After trying again (to an extension other than the one given in the message), I reached somebody who confirmed the issue. I spent another four hours on the phone resolving it.
4) Shortly after all of the above, I discovered a new issue that severely impacted the cluster. The n3048 switch would no longer auto-negotiate a 100Mbps Ethernet link. Our network watchdog device (iBoot) was continuously cycling the power on our Internet Ingress (ONT+ASA).
5) I spent even more time troubleshooting and resolving this issue (by locking the iBoot port to 100Mbps instead of leaving it on Auto).
6) I did not waste any more of my time by reporting this issue. The technician I worked with to upgrade these switches assured me that the firmware releases we used were "stable".