58

Since I'm not a hardware expert, I don't know what features make a network switch a good network switch. What should I pay attention, when I'm comparing the different models from different vendors?

splattne
  • 28,348
  • 19
  • 97
  • 147

12 Answers12

48

It is all about features, and the quality of the device.

You can usually check the quality of the device by looking for reviews for that particular device.

Features you want to look at

  • Port count, and link speed for each port
  • Remote administration features. How will you configure the switch, http, https, ssh, telnet, proprietary tool.
  • The bandwidth of the backplane. A switch should be able allow for lots of simultaneous conversations. For a 1GB, you might expect to see a 10GB backplane.
  • VLAN support, this allows you to have multiple virtual networks.
  • Etherchannel/Bonding/Link Aggregation. It is possible to merge many ports into a single trunk.
  • Routing/Firewalling L3 features. These days, many advanced switches including routing functionality.
  • Quality of Service (QoS), if you will be using Voip, having QoS is pretty much required.
  • Stackability, Many switches can be stacked using a special cable which allows them to be managed as a single unit.
  • POE, some types of devices like phones can be powered by a switch.

If you have a small network, you probably don't really need most of the features, and a simple inexpensive switch will be fine. If you have high security demands, a VoiP system, a complex network, you'll need more features.

Zoredache
  • 128,755
  • 40
  • 271
  • 413
  • 4
    Don't forget to look for power consuption! Switches are usually 'core critical' infrastructure so need UPS backups, etc that need to be power-budgeted for. Especially important for PoE switches. – pjz May 04 '09 at 01:26
  • 2
    Excellent list. On top of VLAN support, I would ensure that every switch you buy supports 802.1Q (dot1q) for VLAN tagging. This will allow you to greatly expand the complexity of your network without reimplementing it with new equipment. – Matt Simmons May 30 '09 at 13:31
  • 9
    A switch that "supports" VLANs and not 802.1q should be thrown in the trash. They are more trouble than they're worth. I've used some and they cost more than a "home" switch, but they are no better. You should either save your money and buy a home switch or pay 10% more and get a real VLAN capable switch. (yes, I realize that you didn't recommend them, but I just point out that they are garbage). – Thomas Jun 29 '09 at 07:23
14

Blocking vs. Non-Blocking Switches

Take a switch's specifications and add up all the ports at theoretical maximum speed, then you have the theoretical sum total of a switch's throughput. If the switching bus, or switching components cannot handle the theoretical total of all ports the switch is considered a "blocking switch". There is debate whether all switches should be designed non-blocking, but the added costs of doing so are only reasonable on switches designed to work in the largest network backbones. For almost all applications, a blocking switch that has an acceptable and reasonable throughput level will work just fine.

Consider an eight port 10/100 switch. Since each port can theoretically handle 200 Mbps (full duplex) there is a theoretical need for 1600 Mbps, or 1.6 Gbps. But in the real world each port will not exceed 50% utilization, so a 800 Mbps switching bus is adequate. Consideration of total throughput versus total ports demand in the real world loads provides validation that the switch can handle the loads of your network.<

Taken from: http://www.lantronix.com/resources/net-tutor-switching.html

They have some other good things on that page to look for too.

JakeRobinson
  • 2,886
  • 17
  • 26
  • Uhm... shouldn't you count just 100 Mbps per port since for every 100 Mbps sent into the switch it will have to come out somewhere? If you send in 8*100Mbps then that will have to come out, meaning all 8 ports arr fully saturated in both directions? Sounds like the article author made an error and then went "oh just divide by two" to get the right number. – Thomas Jun 29 '09 at 07:30
  • Yup, 800Mbps in all 8 ports would also have to come out all 8 ports at once, therefore 200Mbps full duplex * 8 = 1600Mbps. Traffic won't just "die" in the switch. In fact if the target NIC isn't in the ARP table the switch will broadcast the packets out of all ports. Purely theoretical of course. – tomfanning Jun 29 '09 at 08:21
  • No, you're missing my point. 800Mbps into the switch means all ports use 100 Mbps in one direction, then the 800 Mbps goes over the switching bus, and then the 800 Mbps goes out on every port. That means only 800Mbps through the switching bus will fully load 200Mbps (100Mbps in and then 100Mbps out from another "in") on every port. – Thomas Jun 29 '09 at 10:50
  • A 32port gigswitch will therefore only need 32Gbps of switching capacity. Not 64. Because it will never be able to OUTPUT that 64Gbps anywhere! – Thomas Jun 29 '09 at 10:52
  • I see what you mean - you're saying essentially the same packets are getting counted twice using the author's methodology: once each time they traverse a port. Surely then the author had it right - divide by two to counter this effect? – tomfanning Jun 29 '09 at 11:43
  • No. "Since each port can theoretically handle 200 Mbps (full duplex) there is a theoretical need for 1600 Mbps, or 1.6 Gbps". That is not true. There is no point in the system where 1600Mbps will have to traverse. Only 800Mbps will traverse the backplane, counting all data in all directions, correctly. – Thomas Jun 29 '09 at 13:38
  • 4
    It's 200 * 4 (four two-directional flows between pairs of ports) or 100 * 8 (eight unidirectional flows, one per port). Either way it's 800Mbps. – Thomas Jun 29 '09 at 13:43
11

Some other things to consider:

  • Size of the per-port buffer. Consumer switches have only a few kilobytes per port. That's enough to hold one or two regular-sized ethernet frames. But throw some larger frames at it and the buffer will overflow. The switch will either croak or revert to "hub mode." Enterprise switches (and even some high-end consumer ones) have 100K or more devoted to each port, allowing them to buffer more frames and increase throughput.

  • Warranty. Some switches (HP, off the top of my head) come with lifetime warranties. Nice.

Barry Brown
  • 2,392
  • 4
  • 22
  • 23
  • 2
    +1 for mentioning warranty, I'm actually kind of amazed that nobody else lists it. Shame on you sysadmins! – pauska Jun 29 '09 at 08:00
  • Buffering in networking gear is a complex issue. Bigger buffers are not necessarily better. See https://en.wikipedia.org/wiki/Bufferbloat – mbello Nov 06 '17 at 14:46
10

For a good switch I think there are only two options: Cisco and HP. (and I'm not talking about Linksys)

Objective differences:

  • Cisco are more expensive. Much more expensive.
  • HP have a lifetime warranty. Nice.
  • HP give you free firmware upgrades even without a service contract. Nice.
  • Cisco has a firmware jungle, with HP you simply get the latest release
  • HP has switches that can only be configured via web, Cisco does not (I think). (IMO the cli/menu switches are worth the little extra money)

Lots and lots of subjective differences.

Most importantly: NEVER buy the cheapest thing from the expensive (managed, rack-mounted) shelf. A managed Dlink will NOT be worth it. They are unstable, slow, and horrible to configure. Netgear will probably be the same. For managed switches, just go HP or Cisco.

... or possibly from the Juniper EX-series.

Features that you may want that can affect your choice:

  • Routing. Don't expect it to be line rate on a switch. It could be, but don't expect it.
  • Routing protocols (OSPF, BGP, ...). You probably know if you need it.
  • IPv6 (access lists, routing, telnet, radius, ...)
Thomas
  • 1,446
  • 11
  • 16
  • HP ProCurve series have nice cli interface – SaveTheRbtz Jun 29 '09 at 10:51
  • Gartner seem to concur about going with HP and Cisco: Magic Quadrant for Enterprise LAN (Global) http://mediaproducts.gartner.com/reprints/3com/166799.html – SteveBurkett Jun 29 '09 at 13:10
  • @SaveTheRbtz If you cheap out enough they only have web management interfaces, even on ProCurves :( – David Gardner Jul 19 '10 at 15:44
  • The world has changed since 2009. Cisco is generally overpriced and unnecessary these days. HP no longer offers firmware upgrades without a service contract. Quanta, Juniper, Huawei, Mellanox all offer very solid products. Cheaper brands such as Dell and Zyxel also have decent offerings. – mbello Nov 06 '17 at 14:50
9

Redundant power supplies

Chopper3
  • 100,240
  • 9
  • 106
  • 238
  • Note that many switches will fail over OK to the backup power, but will require a reboot to go back to the main one when it comes back. Cisco non-chassi-based are like this for example. – Thomas Jun 29 '09 at 13:33
6

On top of Zoredache's good list:

  • (R)STP - to make sure your network doesn't come to a crashing halt when someone plugs a switch port into another switch port...
Alnitak
  • 20,901
  • 3
  • 48
  • 81
  • 1
    A month or two ago I was in the cable testing facility of Cisco in SF and even they are moving away from RSTP (RSTP is Cisco proprietary) and moving on something else. I think it was OSPF... – Hofa Jun 07 '09 at 18:06
  • 1
    Actually PVST is Cisco proprietary, this is probably what you mean. RSTP is IEEE 802.1w. They are not competing protocols. What you are saying is that they're moving from a L2 ghetto to L3 routing (OSPF is a routing protocol). Good for them. – Thomas Jun 29 '09 at 07:27
6

My 2 cents: Select switches with passive cooling, in practice they are often more durable.

SaveTheRbtz
  • 5,621
  • 4
  • 29
  • 45
5

If a switch has the above features then it almost certainly has SNMP, but that should be a priority as well. Nice to know what's running through them pipes.

3

On top of 'features' and 'load' that everybody else here is thinking about, I would think very carefully about brand...

If you are putting it within easy reach and deploying 1-5, think about Netgear/Linksys, if you are deploying these to a location you don't want to go back to think about Cisco/HP. You pay a premium for the Cisco ones - and it only really makes sense to buy them if you have lots of other Cisco kit, otherwise I'd go for HP.

The other main consideration is management. Do you REALLY need to logon to it and look at the traffic running across it. Really..? It will cost you a hefty premium and if you just want to check connectivity/disable the occasional port, check temp/power, etc... Most decent ones (again, HP/Cisco) will give you that in the 'non-managed' version.

Avoid anything that looks cheap.

Mike

Mike McClelland
  • 810
  • 3
  • 10
  • 19
2

I would say that stability is a issue, especially the smaller and cheaper ones can sometimes be buggy and unstable... unfortunately I have never found any good number/statistics on stability/"mean time between failure".

The only solution I know of is to go with a known brand...

Johan
  • 795
  • 2
  • 7
  • 13
2

I can't believe no-one has mentioned size - often switch cabinets are small, and switches large - especially PoE ones.

We had a heck of a job finding a quiet, smallish, PoE switch for our cabinet that would allow the doors to close :) ended up with 2x12 ports of PoE (with 12 non PoE each) rather than one 24 port PoE. Gives a little less single point of catastrophic failure too.

Tom Newton
  • 4,021
  • 2
  • 23
  • 28
2

Some things that I look for that I haven't seen mentioned yet:

  • I find that support for TCP/IP flow monitoring (via SFlow or RMON) is incredibly useful when combined with a flow aggergator for just keeping an eye on your network's general health.
  • DHCP-Snooping is another very handy feature. It can really save your butt when some user decides to plug in their Linksys router/wap they brought in from home.
  • 802.1x authentication is also very useful for the reason mentioned above.
  • Centralized logging
  • A command line interface that doesn't suck. This makes administrating switching infrastructure so much easier.
  • IPv6 support for any Layer-3 capabilities and the management interface.

Things that others mentioned that I heartily concur with:

  • passive cooling, so much quieter and they last so much longer
  • size, not all of use have nice IDFs to work with...
  • 802.1q support. VLANs are very useful tool