|At a Glance|
|Product||NETGEAR GS510TP ProSafe 8-port 10/100/1000 PoE Smart Switch with 2 Gigabit SFP Ports [Website]|
|Summary||Full-featured 8-port Gigabit PoE Smart Switch with 2 SFP and 130 W PoE capacity.|
|Pros||• 130W total PoE capacity
• Quiet fan for a PoE switch
• Decent configuration examples in manual
• Green Power Saving modes
|Cons||• No IPv6 support
• Relatively high price
• Slow menu performance
In this review, I’m looking at the new NETGEAR GS510TP, a feature-rich Layer 2 switch with eight copper Power over Ethernet (PoE) 10/100/1000 ports and two 1000 Mbps SFP (small form-factor pluggable) Gigabit ports. Note, the GS510TP is essentially the same as the equally-new GS110T, except the GS110T doesn’t support PoE.
First, a quick overview on NETGEAR switch models. NETGEAR’s website divides their products into three categories; those targeted for home use, those targeted for business use, and those targeted at service providers. The GS510TP falls into the business category. (Note, even though the GS510TP is targeted at business users, it can still be a useful switch in a home and other small network environments.)
Within NETGEAR’s business products, specifically switches, they have four different lines. The four lines from highest to lowest capability are Fully Managed switches, Smart switches, ProSafe Plus switches, and Unmanaged switches. The GS510TP falls into the Smart switch line but is labeled with the ProSafe brand.
Physically, the GS510TP is housed in a metal case measuring 12.9”w x 6.65”d x 1.7”h. All the network ports are on the front of the device, as shown in the product shot above.
The NETGEAR GS510TP can be placed on a shelf, desktop, or rack mounted. It comes with adhesive rubber feet for desktop placement and brackets for rack mounting. The power supply is internal, thus it only requires a standard AC cord with no external power brick. The back of the GS510TP has the power connector and a locking cable security slot, shown below.
The GS510TP is a PoE switch with a cooling fan, thus isn’t silent. However, I was pleasantly surprised at the low noise level of this switch! The GS510TP’s internal fan, even with PoE devices drawing power, is quiet. I could barely hear the hum of the GS510TP’s fan over the sound of two other laptop computers nearby.
A peek inside the switch isn’t too revealing, since the switch is covered by a heatsink, which I didn’t remove. Citing confidentiality, NETGEAR would tell us only that the GS510TP is Broadcom-based. Appendix A in the user manual was a bit more helpful, saying it has 64 MB of RAM and 16 MB of flash.
Inspection of the devices that are not heatsinked revealed two Broadcom BCM59111 Quad Integrated IEEE 802.3at-Compliant PSE controllers supporting PoE and a Nuvoton M058LAN ARM Cortex-M0 controller running the overall switch. The switch itself is covered by a firmly-attached heatsink, so we can only guess. So our guess is the same as we had for the GS110TP, a Broadcom BCM53312.
Inside the GS510TP
The GS510TP comes with NETGEAR’s Smart Control Center Utility, which I installed on a laptop. The Smart Control Center Utility provides a simple way to discover the GS510TP on your network and perform some basic configuration, such as changing the device IP, uploading or downloading configuration files or launching the device’s web GUI for full configuration access.
The web GUI is where you’ll configure the GS510TP. I’ve been using a NETGEAR GS108T as a desktop switch for some time, and found the GS510TP to have nearly identical menus as the GS108T. Tim covered the NETGEAR GS110TP a few years ago, which also shares quite a few similarities with the GS510TP. I found the GS510TP’s menus a bit more sluggish than the GS108T’s, but functional.
Configuration menus on the GS510TP are organized in seven menu tabs. Within each menu are two to nine configuration options. Once a configuration option is selected, additional options are available on the left side of the screen. Table 1 shows the seven menus in the far left column and the configuration options available in each menu.
Table 1: Menu summary
I am impressed with NETGEAR’s software administration manual for the GS510TP. Perhaps I’m used to reading NETGEAR manuals, but I found the explanations relatively easy to understand. I also liked that the manual includes an appendix with configuration examples for VLANs, ACLs, DiffServ, 802.1x and MSTP. I often point out poor documentation and lack of examples, so kudos to NETGEAR for this inclusion!
An major omission in the GS510TP is support for IPv6. IPv6 would have been a clear differentiator between the older models it looks to be replacing. I’m surprised it was left out.
The GS510TP has a graphical device view, shown below, which provides a real time display of the ports and indicator lights, as well as a launching place for many of the port configuration menus. Port speed, STP, VLANs, PoE, and various security configuration options are all accessible by clicking on a port in the device view.
The GS510TP is a Layer 2 switch with a solid list of supported protocols and features. Here is a summary of the more significant features.
- 802.1q VLANs
- STP, RSTP, MSTP
- LAG: manual and LACP (802.3ad)
- LLDP, LLDP-MED
- QoS: 802.1p CoS, DSCP, DiffServ, port-based queues, port-based ingress and egress rate limiting
- VoIP: Voice VLAN and Auto-VoIP
- Security – DHCP Filtering, DoS protection, Port based, IP and MAC ACLs, storm control, 802.1x
- RADIUS and TACACS+
- SNMP v1, v2c, v3
- IGMP snooping
- 8 Ports PoE, 802.3af and 802.3at
- Link down power saving mode
- Port Mirroring
You can grab the data sheet to see the full set. Suffice it to say that NETGEAR has all the basic smart switch features covered including mirroring, VLAN, QoS, rate limiting, link aggregation, etc. I’ll go into more detail on some of these features next.
The GS510TP supports up to 64 VLANs, with three VLANs already defined. VLAN 1 is the default VLAN and VLAN 2 and 3 are pre-defined for voice and video, respectively.
Configuring the GS510TP for VLANs is the same as on the GS108T. Instead of defining trunks or access ports, all you do is define whether a port is a tagged or untagged member of one or more VLANs. To create a trunk, you make that port an untagged member of the VLAN you wish to be the native VLAN, and a tagged member of all the rest of the VLANs you wish it to carry. To create an access port, you simply make that port an untagged member of the desired VLAN and remove it from all other VLANs.
I added three screenshots below, showing the output from the GS510TP as I created a VLAN trunk for VLANs 1-3 on port 1. I also created a VLAN 2 access port on port 7 and a VLAN 3 access port on port 8. In the figure below, you can see ports 1-6 are all untagged members of VLAN 1. Ports 7-8 are not members of VLAN 1.
VLAN 1 configuration example
Next, you can see port 1 is a tagged member and port 7 is an untagged member of VLAN 2.
VLAN 2 configuration example
Finally, you can see port 1 is a tagged member and port 8 is an untagged member of VLAN 3.
VLAN 3 configuration example
I tested the NETGEAR’s ability to trunk and separate traffic by VLAN with a Cisco SG500-28P switch. I set up a trunk on the Cisco with the same VLAN assignments and connected it to the NETGEAR trunk port. I also created access ports on the Cisco switch in the same VLANs as on the NETGEAR. My tests were successful. I was able to successfully ping between devices within VLAN 2 and 3 from the NETGEAR to the Cisco switch, validating 802.1q tagging functionality.
Spanning Tree Protocol (STP) is an important technology, even in a single switch network. For example, let’s say an end user plugs in an unmanaged switch into their network port so they can have more ports at their desk. Let’s say that end user then inadvertently connects two ports on that unmanaged switch together. The resulting loop can paralyze portions of a network until it is discovered and removed. (I’m not making this up, I’ve seen it happen!)
The GS510TP supports basic STP, as well as Rapid STP (RSTP) and Multiple STP (MST). STP is disabled by default on the GS510TP, so you have to enable the desired protocol globally, as well as enable it on each port.
I ran a simple test on the switch with STP disabled. I created a loop by connecting a single Ethernet cable to ports 5 and 6 on the switch. Without STP enabled, all the lights on the switch flickered rapidly and I was unable to access the Internet or get through the switch. (This is where end users say “The Internet is down!”)
I then enabled RSTP globally and on all ports. With RSTP enabled, the switch detected the loop and put port 6 is in a backup role, as shown in the screenshot below. This means the port is not forwarding packets due to a possible loop detected. The network remained up and unaffected by this loop.
RSTP loop detection in action
Link aggregation, or LAG, is the ability to configure multiple ports to perform as a single link. Up to four ports can be combined into a single LAG, and up to four LAGs can be defined on the GS510TP. LAG groups on the GS510TP can be set up statically or via Link Aggregation Control Protocol (LACP).
I set up a static LAG between the GS510TP (using ports 1,8) and my Cisco SG500-28P. As you can see in the screenshot below, LAG1 on the GS510TP is in a Link Up state.
Link Aggregation enabled
Jumbo frame configuration is in the Switching >Ports > Port Configuration menu, and is set by port instead of globally. Each port can be set to support frame sizes of 1518 to 9216 bytes. A nice touch is you don’t have to reboot for the configuration to be active! With jumbo frames enabled, I was able to pass 4046 bytes frames (4046 = my PC’s limit) through the GS510TP.
Link Layer Discovery Protocol is a nice tool for network discovery. Unlike Cisco’s proprietary Cisco Discovery Protocol (CDP), LLDP works on many different brands of devices. LLDP allows two directly-connected devices to discover information about each other, which helps network topology mapping and troubleshooting.
I enabled LLDP on the GS510TP and on a Cisco SG500-28P. As you can see in the screenshot below, the GS510TP detected another connected device. LLDP has determined that port g1 on the GS510TP is connected to port gi19 on the Cisco switch. This is useful information when you’re trying to remotely map out a network or troubleshoot.
Link Layer Discovery Protocol discovery
The GS510TP has multiple Quality of Service (QoS) options. Ingress and Egress rate limits can be applied in 64 kbps increments from 16 to 16384. If you do the math, setting the rate limit at 16 is essentially a 1 Mbps limit. (16 x 64kbps = 1024kbps = ~ 1Mbps) As with the GS110TP, the lowest limit remains 1 Mbps.
I ran a simple download test from an Internet site and measured my download speed through one of the GS510TP’s ports at 12 Mbps. I then applied an ingress and egress rate limit of 16 to the switch port my PC was connected (port 4, see below) and re-ran the download test. My download speed was throttled to.98Mbps, closely matching the GS510TP’s 1 Mbps rate limit.
Ingress / Egress rate set
Additional QoS options include trusting CoS or DSCP values on packets and then mapping the CoS or DSCP values to one of four queues. Alternatively, the switch can be set globally or per port to untrusted mode with traffic queues applied per port. The four queues available are numbered 0-3, with queue 0 being “best effort” and queue 3 being high priority, intended for voice or video traffic.
The GS510TP also provides Differentiated Services (DiffServ) QoS options. Configuring DiffServ involves classifying incoming packets based on layer 2, 3 or 4 criteria, creating a policy on how to handle those packets (assign a queue, apply a rate limit, etc..), and then applying the policy to one or more interfaces. Diffserv configurations can be complex, but provide a means for controlling specific types of traffic. The GS510TP manual provides a decent DiffServ configuration example.
Traffic security options on the GS510TP include filtering for rogue DHCP servers, blocking six different known types of Denial of Service (DoS) attacks and applying storm control thresholds to limit broadcasts on the switch.
End user security options include 802.1x authentication with support for both RADIUS and TACACS+, filtering traffic based on MAC addresses, defining which MAC addresses are permitted per port, as well as isolating traffic from specific ports to others.
Further, traffic flows can be filtered with the creation of Access Control Lists (ACLs) that can match and control traffic based on source and destination MAC and/or IP addresses as well as Layer 4 Ports. Finally, management access to the switch can be configured for HTTPS and limited to specific source IP addresses or subnets.
The GS510TP supports up to 30W per port with a total power budget of 130W on the switch. All eight copper Ethernet ports support PoE and are 802.3af and 802.3at compliant. I connected a couple of PoE powered access points, as well as a PoE powered network monitoring appliance to the GS510TP. The three devices drew a total of 17.7W as shown in the summary page below.
Power can be controlled on the GS510TP in basically the same manner as the previously reviewed GS110TP with options to apply per-port power limits, as well as creating a schedule to turn power on and off to the PoE ports.
The GS510TP and GS110T also offer two general power saving features, referred to as Green Ethernet features. Sleep mode, when enabled, puts inactive ports in a down state, reducing the frequency they check for link activity and thus reducing overall power consumption. The ports will still come up when a cable is connected, they’ll just use less power when nothing is connected.
The second Green Ethernet feature on the GS510TP is short cable mode. When enabled, ports with less than 10m cables attached are placed in low power mode.
Comparisons, Pricing and Conclusion
In my introduction, I mentioned the GS510TP and GS110T are very similar switches, with the main difference between the two being the GS510TP supports PoE. These two switches even share the same manual.
It is useful to compare the newer GS510TP and GS110T with a pair of NETGEAR’s older switches, the GS108T (more specifically, the GS108T-200) and the GS110TP. These two older switches share the same features and also have their own common manual. The two main differences between the GS108T and GS110TP are the GS110TP supports PoE and has 2 SFP ports. The GS108T has neither.
I’ve included the Cisco SG200-08P and SG200-08 for comparisons in Table 2. Both are eight port Gigabit Ethernet Layer 2 smart switches, with the “P” indicating PoE. Neither have SFP ports. For more details on Cisco switch models, check out the beginning of my review of the SG500-28P. All prices below are taken from Pricegrabber.com.
|Model||Switching (Gbps)||MAC Table||VLANs||PoE||PoE Budget||Cooling Fan||SFP Ports||Price|
Table 2: Product comparison
*(The SG200-08P supports PoE on only four ports.)
You can see from the above table that the differences between the two newer models of NETGEAR switches and the two older models of NETGEAR switches are basically power and price. The two Cisco switches are rated at a lower switching capacity, have a lower PoE budget and are priced between the newer and older NETGEAR switches.
I’ve had better luck with small port density NETGEAR switches than I’ve had with small port density Linksys (now Cisco) switches. I’ve had good success with a GS108T that I’ve been using in my lab for several years. While writing this review, I found the GS510TP easy to configure, stable, and a solid performing switch and I expect it will be just as reliable as the GS108T. And of course, the NETGEAR ProSafe lifetime warranty is a big plus!
Interestingly, it seems the NETGEAR GS510TP’s biggest competition in small port density PoE switches is with older NETGEAR models. For an eight port smart switch with PoE, unless you need the 130W of power, it’s hard to justify the $175 price jump for the GS510TP over the older GS110TP.