Updated 1/13/2011: Rate Limiting and Voice VLAN
|At a Glance|
|Product||LG-Ericsson Layer 2 Smart Switch (ES-2026)|
|Summary||24 10/100Base -TX & 2 Gigabit combo uplink port smart switch|
|Pros||• 802.1q support for up to 128 VLANs
• Intuitive GUI
• Passively cooled = quiet
|Cons||• Relatively expensive
• Rate limiting isn’t accurate
• Voice VLAN automatic function didn’t work
LG-Ericsson is a new networking brand in the United States, launched in August, according to this press release. The company is the result of a flurry of spinoff, joint venture and merger activity among SMC Networks, Accton, Edgecore Networks, LG-Nortel and Ericsson. The new LG-Ericsson offers IP PBX systems, VoIP devices, multimedia terminals, and “a host of smart, fully-managed and unmanaged switches”.
Toward that end, LG-Ericsson announced its switching products in November. Two of the three announced switch lines are available now—the ES-2000 series and ES-3000 series. The ES-2000 series are a line of Layer 2 "smart" switches, while the ES-3000 series is a line of more advanced Layer 2 fully-managed switches.
Smart switches fall between unmanaged switches and fully managed switches. Unmanaged switches have no configurable options (like these we reviewed awhile back), while fully-managed switches have more features than "smart" models and are more suited for large enterprise networks.
LG-Ericsson shipped an ES-2026 for review, which has (24) 100Mbps ports and (2) 1000Mbps ports. But its feature set applies to the entire ES-200 line that includes the ES-2026P (ES-2026 with PoE), and fully-Gigabit ES-2024G and ES-2024GP (without and with PoE).
Under The Covers
Physically, the ES-2026 is pretty basic. All the ports are on the front and the AC power cable connects to the back. It is passively cooled, so it is completely silent, which is nice. Figure 1 shows the front of the device with 24 10/100 ports, and next to them two combination Gigabit Ethernet / SFP ports.
Figure 1: ES-2026 Front panel
Figure 2 shows the rear of the device. Nothing to see other than a standard power cable connector and a reset port. There is no power switch.
Figure 2: ES-2026 rear panel
The CPU and Ethernet chips are all Marvell. There are three Marvell 88E3083 8 port Ethernet controllers for the 100 Mbps ports and one Marvell 88E1322 for the 1000 Mbps ports. In addition, the switch has 16 MB of flash storage, plus 128 MB of SDRAM.
Figure 3: ES-2026 board
The ES-2026 is a highly customizable layer 2 switch. There are ten menus, each with up to nine sub-menus for displaying status and configuring the device (Table 1).
Table 1: Menu tree
LG includes a detailed manual on the disk with the switch. There are many configuration options, but the web-based menus are intuitive and I didn’t have to consult the manual very often as I changed configurations.
One thing I found out the hard way is that configuration changes are active once applied, but they’re not saved to flash memory and will be lost on a power cycle if you don’t perform an explicit configuration save. For those of you familiar with Cisco IOS, this is similar to a copy run start operation. Figure 4 is a screen shot showing a configureation save. I wish I had done this before I power cycled the switch!
Figure 4: Don’t forget to save changes
The ES-2026 supports simple port-based VLANs, but it also supports 802.1q VLAN tagging. Up to 128 different VLANs can be statically defined on the switch.
To test VLANs, I set up two VLANs and a VLAN trunk between the the ES-2026 and the NETGEAR GS108T. I assigned several ports on the ES-2026 to VLAN1 and several others to VLAN2. I like that the ES-2026 allows you to assign a range of ports to a VLAN, speeding up the configuration process as shown in Figure 5.
Figure 5: VLAN port range assignment
VLAN1 on the ES-2026 was connected to a DHCP server providing IP addresses in the 192.168.1.0/24 network, and VLAN 2 on the ES2026 was connected to a DHCP server providing IP addresses in the 192.168.2.0/24 network.
Connecting my PC to any of the ports in VLAN1, I got an IP in the 192.168.1.0/24 network. Connecting my PC to any of the ports in VLAN2, I got an IP in the 192.168.2.0/24 network, verifying simple VLAN capability.
I also verified VLAN tagging over a trunk between the ES-2026 and the NETGEAR. Frames passed between the two switches were appropriately tagged with the correct VLAN ID.
The ES-2026 has an easy method to display port configuration and VLAN membership for all 26 ports. The Edit Member by VLAN menu was a useful and quick tool to examine my configurations. As you can see in Figure 6, ports 1-6 are all set up as access ports, have a PVID of 1, and are untagged members of VLAN1. Ports 7-10 are also access ports, have a PVID of 2, and are not members of VLAN2.
Figure 6: VLAN editing
Spanning Tree Protocol
Spanning Tree Protocol (STP) is a standard technology used to prevent traffic looping over redundant connections between switches. The basic concept of STP is for every group of redundantly connected switches, one of the redundant links between the switches is automatically put into an idle state, preventing traffic from looping between switches. The value of STP is if one of the active links fail, the idle link will automatically become active, thus allowing both redundancy and loop prevention.
The 2026 supports a faster version of STP called Rapid Spanning Tree Protocol (RSTP). RSTP works the same as STP, it simply converts the idle link to active faster.
To test RSTP on the ES-2026, I set up a redundant network between the ES-2026, a Linksys SRW2008 and a NETGEAR GS108T, which all support RSTP. I connected the Linksys to the NETGEAR, the NETGEAR to the ES-2026, and the ES-2026 to the Linksys, forming a redundant network among the three switches.
I connected port 3 on the ES-2026 to the NETGEAR and port 4 on the 2026 to the Linksys. Notice in Figure 7 that port 4 on the ES-2026 shows a status of Discarding. This means that RSTP has determined port 4 on the ES-2026 is the redundant port and thus port 4 will sit idle until a port failure activates it.
Figure 7: Rapid Spanning Tree Protocol (RSTP) config
To simulate a port failure, I disconnected port 3 on the ES-2026, which is the link connecting the ES-2026 and the NETGEAR. All three switches should now detect that a link between them has failed and RSTP should force a change. That means port 4 on the ES-2026 should go from a Discarding state to a Forwarding state, which it did (Figure 8).
Figure 8: RSTP failover to Port 4
RSTP is more complicated than this little test, but I covered the basic functionality. My goal here was to verify RSTP worked on the ES-2026 with other switches, and it does. For more advanced RSTP configuration, the ES-2026 has menu options to enable/disable STP, choose STP or RSTP, adjust the timers used by STP/RSTP, and edit settings on the switch that control which port becomes the idle port.
Although the majority of the ports on the ES-2026 are only 100 Mbps, the switch does support passing jumbo frames up to 10,240 bytes in size on the 1000 Mbps ports. Jumbo frame support is off by default, but enabled with a check box in the System > Switch menu.
I enabled jumbo frames and tested it with two devices connected to the 1000 Mbps ports. One of my devices supported 4088 byte frames, the other 7936 byte frames, so I expected 4000 byte frames to pass. Figure 9 shows I was able to pass up to 4046 byte frames over the ES-2026’s Gigabit ports.
Figure 9: Jumbo frame test
The 2026 also supports trunking or Link Aggregation Groups (LAG) between switches. Trunking allows combining multiple physical links between switches into a single path for load balancing, redundancy, and increased bandwidth. Trunking can be set up statically or dynamically using Link Aggregation Control Protocol (LACP). Up to 12 trunks can be configured.
I set up a trunk with two ports between the ES-2026 and my GS108T. Static trunk setup was easy; simply create the trunk and assign the appropriate ports to be members of the trunk. Dynamic trunk setup is even easier. Assign the ports to the trunk on both switches, connect the ports, and let the LACP protocol detect the connection and set up the trunk.
The Partner Oper System ID in Figure 10 has the MAC address of the GS108T switch, showing that the ES-2026 has detected the GS108T and set up a trunk between the two switches.
Figure 10: Link Aggregation
There are five means of controlling traffic on the ES-2026. First, every port on the switch can have a rate limit applied to traffic coming into or leaving the switch. Rate limits can be set anywhere from 64 Kbps to 100 Mbps.
I tested this feature using iperf to send traffic streams between ports. With no rate limit, I could pass traffic between two ports at 93 Mbps, which is pretty close to the 100 Mbps port speed. However, if I set an inbound port limit, my speeds were much lower than expected, indicating the rate limit slowed performance more than its setting.
For example, I set an inbound rate limit of 50,000 Kbps (50Mbps) shown in Figure 11.
Figure 11: Rate limiting configuration
I would have expected my iperf test to return about 40-50 Mbps. But instead, my test showed a speed of 1.52 Mbps, as shown in Figure 12.
Figure 12: Rate limiting throughput check
As usual, I ran iperf using default TCP settings, with a TCP window size of 8KB and no other options. Running an iperf throughput test between two PCs to test throughput requires the command iperf -s on one PC and and iperf -c (ip) on the other PC.
I tried a few different combinations of rate limits on the ES-2026. Each time I applied a rate limit, the resulting speeds on the configured port dropped significantly more than the applied limit. I reported the issue to LG and they are looking into it.
According to LG, TCP traffic rate limiting will only work with an output rate limit. This is due to the architecture of the switch, as there is no buffer on the switch ingress to store and forward the traffic at the lower rate. However, once traffic has entered the switch fabric, it can buffer the traffic, thus an output rate limit can be effective on TCP traffic. Further, LG said that rate limits applied to UDP traffic should work on both inbound and outbound traffic, since retransmission isn’t required for UDP traffic.
I was able to verify both claims. I set an outbound rate limit of 50 Mbps and saw my TCP throughput capped at 54.6 Mbps. I set an inbound rate limit of 50 Mbps, configured iperf to pass UDP traffic and saw my UDP throughput capped at 48.0 Mbps.
A second method of traffic control is storm control. Storm control can be applied to each port to limit the amount of bandwidth consumed by unicast, multicast, or broadcast traffic. This could be useful to control misbehaving devices by applying a broadcast bandwidth limit per port.
A third method of traffic control is by prioritization. The ES-2026 supports defining Class of Service (CoS) values by port, and traffic controls based using strict and weighted round-robin queuing. Traffic marking and prioritization can be applied via Differentiated Service Code Point (DSCP) values, CoS values, Per Hop Behavior (PHB) values, and egress queues.
A fourth method of traffic control is via classes and policies. This involves setting up a class-matching rule based on traffic characteristics such IP addresses, DSCP values, Precedence values, or VLAN IDs. Once the desired traffic is matched based on the traffic characteristics, bandwidth limits can be set for that traffic in a policy. The policy is then applied to an interface to implement the traffic control.
The last method of traffic control is for VoIP traffic. The ES-2026 allows for assigning devices to a Voice VLAN based on device MAC address or by Link Layer Discovery Protocol (LLDP). I attempted to test this feature by MAC address, but kept getting a Data is invalid error message when I applied my configuration (Figure 13). Again, I reported the issue to LG and they are looking into it.
LG acknowledged there is a gap in the instructions. There are three port modes on the ES-2026: Access (default), Hybrid, and Trunk. Access is for untagged frames, Hybrid is for untagged or tagged frames, and Trunk mode is for tagged frames. Apparently, auto Voice VLAN functionality requires the ports connected to the VOIP device are set in Hybrid mode instead of Access mode.
Sure enough, once I set the port to Hybrid mode, the auto Voice VLAN functionality worked. My VOIP device was correctly detected and its port was automatically assigned to the Voice VLAN. LG informed me they are likely going to change the default mode on all ports on the ES-2026 to Hybrid mode in a future firmware release.
Figure 13: VoIP configuration error
The ES-2026 has many security options. Management access to the switch can be authenticated locally or via a RADIUS or TACACS+ server. The switch also supports HTTP or HTTPS access to its web interface.
Up to 64 Access Control Lists (ACLs) can be defined for filtering traffic. ACL construction is very similar to Cisco IOS ACL construction and both standard and extended ACLs can be configured for controlling specific traffic. A standard ACL can filter traffic based on source IP, where an extended ACL can filter traffic based on source or destination IP, as well as source or destination ports. ACLs on the ES-2026 can also be configured based on MAC address.
Finally, the switch can control which and how many devices can access the network based on ports and MAC address. Options for port security include the ability to statically define which MAC addresses can access which port, how many MAC addresses are permitted per port, and using an external authentication server based on the 802.1x standard.
The ES-2026 has a nice feature called Green Ethernet, which LG advertises as an “environmentally friendly design for power saving via link connection and cable length.” However, the manual points out this feature “only works when connection speed is 1 Gbps, and line length is less than 60 meters.”
I’m testing the ES-2026, which has 24 Fast Ethernet ports and only 2 Gigabit ports. I noticed the Green Ethernet feature was enabled on both the Gigabit ports, but I can’t imagine it is going to provide much power saving on just two ports. It would be nice if this feature worked on all 26 ports of the switch.
A feature I like to use on a switch is port mirroring. It is very useful for troubleshooting and monitoring network traffic. Port mirroring is a means to copy the traffic going to and from one port to another port.
Configuring port mirroring on the ES-2026 takes only a couple of clicks. Just select the port you wish to mirror and the port to view the traffic, typically the port you have your workstation or remote monitoring device (RMON). Figure 14 shows I’ve set up the switch to copy traffic from port 25 to port 5. I used Wireshark on my laptop on port 5 to see traffic from the PC connected to port 25.
Figure 14: Port mirroring
For Reporting, both the port and trunk menus provide statistical and graphical displays of traffic. Figure 15 shows a simple chart of traffic on one of the active ports on the ES-2026. The chart shows that the port is primarily sending and receiving unicast traffic, which would be expected for a PC used for typical web surfing and email.
Figure 15: Port traffic chart
The ES-2026 falls in the middle of the smart switch category. I looked at NETGEAR’s GS724TR smart switch awhile back The GS724TR is a bit smarter than the ES-2026, with a few more features such as inter-VLAN routing. But it also carries a much higher price tag ($568).
The ES-2026 is more comparable in features to the NETGEAR FS6726T and Cisco SLM224G. Table 2 shows a simple comparison among the three. As you can see, the ES-2026 is much more expensive than the other two products for essentially the same feature set. The ES-2026 isn’t widely available yet, so I used Amazon to price all three products (price shown includes shipping).
|Model||VLANs||10/100 Ports||1000 Ports||SFP Ports||Price|
Table 2: Competitive comparison
The other factor weighing against the ES-2026 is warranty. Both the NETGEAR and Cisco come with limited lifetime warranties, while the ES-2026 is warranteed for only two years. Since most business-grade switches now include lifetime warranties, LG-Ericsson will need to also offer this if they hope to win market share.
On a more positive note, I’m hopeful for the ES-2026’s reliability since it never crashed or hung during my testing. LG-Ericsson’s data sheet rates the Mean Time Between Failures on the device at 560,000 hours, which is pretty impressive if true. 560,000 hours equates to 63.9 years! (I wonder where networking will be in 63.9 years?)
I am concerned, however, about some of the options, such as the rate limiting accuracy and the Voice VLAN feature. I hope LG-Ericsson will be coming out with a firmware update to address these issues.
In all, the ES-2026’s configuration is intuitive, its silent and stable, and VLAN configuration was quick and easy. But I’d say a firmware update, price reduction and lifetime warranty will be needed to get it into the game against much more established names.