Network switch upgrade recommendations


(Jeremy Hein) #1

I would like to upgrade to inexpensive PoE gigabit network switches and would like recommendations. I currently have HP J9660A and HP J9803A. I am good with buying used on eBay or somewhere else. Thanks!


(Richard D Phillips) #2

If cost is an issue I’d first ask if you need PoE on all of the ports or just a handful. If you just need a handful you could pick up rack mount, multi port PoE injectors.

I used them in a case where I needed power for 2-4 APs on a floor so that idea of PoE switches would be expensive, but the rack mount injector was cheaper, cleaner and more manageable than individual injectors.

As to switches, I’m a big fan of HP.


(Jeff Wilson) #3

Cisco has a new SMB line out that I’m considering if/when we change out our current switches. Depending on the number of ports that you need you might consider those as well. They also offer non-profit pricing through CDW (that’s where I first saw these particular switches).


(Jeremy Hein) #4

Thanks for the responses. I’m replacing/upgrading for a few reasons. All of which can wait. 1) Do away with multiple PoE injectors for APs 2) Do away with phone power adapters 3) Potentially increase performance. A multi-port PoE injector would help me clean up the racks, but I think I would prefer to leave the individual injectors until I am able to get a PoE switch.


(Joe Benson) #5

Make sure your APs and phones use standard PoE. I would imagine most do, but older Ubiquiti APs do not, which I’ve found out the hard way.

I’ve got the Netgear M4100 series as relatively inexpensive edge switches. The M4100-50G-POE+ (GSM7248P) has 48 gig ports with PoE (380W) plus 4 SFP ports. It was around $1200 when I bought it, now down to maybe $800? It comes with lifetime tech support, which is just so-so, and lifetime NBD advance hardware replacement, which I’ve used and which was super easy to claim. For anything at the edge or which doesn’t need very high switch fabric capacity and stacking, these work great.

The Ubiquiti EdgeSwitch 48 clocks in at around the same price, with a slightly higher PoE budget and slightly lower throughput and without the warranty. I can’t vouch for their switches but I’ve been very happy with their APs and point-to-point hardware.


(Richard D Phillips) #6

Good, you’ve thought this out. I saw there was a response suggesting the SMB Cisco switches, just be cautious of the ones that don’t provide a CLI. Also, be careful of warranty claims. Some extend only to the original owner, some require a valid maintenance contract. Some are actually lifetime, with no maintenance contract required and firmware as easy as downloading from their website.

Just curious how large is your network?


(Mike Hazelwood) #7

Not sure what your budget is, but I bought J9729A HP 2920-48G-POE+ Switch on Ebay and been happy with it. I have seen used ones for under $1,000 for HP lifetime warranty, gigabit, and 48 ports seems inexpensive to me.


(Alex Conner) #8

Officially, there is no HP Warranty coverage for devices bought from non-authorized resellers (i.e. used off eBay) so buyer beware on that one.


(Jeremy Hein) #9

I know there are advantages to a CLI, but I haven’t seen a need for it so far. My network is relatively small and my remaining budget for the year is even smaller. I only need two 48 port and two 24 port switches. I was planning to upgrade next year with new budget dollars, but I saw Cisco 3560 series gigabit PoE switches on eBay for really cheap (i.e. $200). So I thought I’d ask to see what other Church IT professionals recommended to see if I could squeeze the upgrade into the few remaining dollars available in this year’s budget. The general recommendation appears to be for HP or Netgear, so I’ll look that way first. At least that helps narrow down my options.


(Alex Conner) #10

The Catalyst 3560 is a way end of life switch with no warranty or support. But if that’s the budget, they’re not bad just be sure to buy a spare since it may be tough to source them later on if you have a failure.


(Jeremy Hein) #11

Yeah, I haven’t used any warranty or support for the existing switches. I don’t understand the specs, but it seems that the Cisco 3560 series would be slower than my existing switches.


(Jeremy Hein) #12

How do I figure out if a switch will perform better than what I already have?


(Joe Benson) #13

Depends what you mean by “perform better”. More features? Higher throughput?

What kind of traffic will you be running through it? Other than PoE, when you referenced increasing performance, what problems are you observing with your existing switches that you hope to solve with the upgrade?

Your port speed will determine how fast data can travel on each port. 10/100 will be 10 or 100Mbps per port each way in full-duplex operation depending on how you configure the port or how the switch and end device negotiate the connection. Gig will be 1Gbps each way. Your switch fabric capacity will tell you how much data (in bits per second) your switch as a whole can handle. E.g. a 48 port Gig switch with 96Gbps switch fabric or higher can support full wire speed on every port simultaneously. With 50Gbps, it could only support half the ports at full speed, or all the ports at half speed. You’ll probably also have a similar metric in packets per second that tells you the same info but on a packet rather than bit level. The switch has to inspect each packet to a certain extent so it’s limited not just by how many bits it can move but how many packets it can move. Since most of your packets will not be the maximum size, this metric may be more applicable than the bps metric.

A lot of the details of how a switch performs can be abstracted away by looking at these higher level specs. If you have a very specific use case, other specs come into play.


(Jeremy Hein) #14

Higher throughput. I already have more features than I use or need. Thanks for the info. I believe I looked at some of those numbers and it appeared that the Cisco 3560 didn’t have as high numbers as my existing switches.


(Jeremy Hein) #15

No problems, but it’s easier to convince management to upgrade for performance than to clean up the appearance of the rack a little. Thanks!


(Joe Benson) #16

Here are some other thoughts based on my personal experience:

  • You can buy old used Cisco gear online for pretty darned cheap. Support contracts go with the buyer, not the hardware, so you can’t transfer those and if they’re EOL you can’t reinstate them. In addition, strictly speaking, you don’t buy the software with the hardware. You just buy the hardware, and you get a license to use the software. Which is non-transferrable, because Cisco wants to kill the secondary market. I would just ignore that fact.
  • I was once asked to add 96 PoE ports of switching that was certified by QSC for Q-LAN (audio networking) and was given a budget of $0. So I bought two used EOL 10/100 Catalyst 3750s on eBay. It wasn’t my ideal solution but it worked. Total cost $180. I promised myself that I’d get something better in the budget for next year. Two years now and I’m still running the Cisco stuff. ¯_(ツ)_/¯
  • A little-known fact is that with Cisco you can open a TAC case and get a free firmware upgrade to any version that fixes a major security vulnerability, regardless of your support contract status. They won’t do this for releases that just have bug fixes, but it isn’t hard to get a copy of the last version of the firmware produced on EOL products as long as it included significant security fixes. I did this on those two 3750s I bought.
  • Once a product is EOL, or even if it’s still supported but older and no longer being sold new, you’re increasing the amount of time you’ll be running with software that won’t be getting bug fixes or security patches. If you’re lucky, the majority of your vulnerabilities will be DoS-style attacks that while inconvenient won’t result in security breaches. But if you’re unlucky, who knows what risks you’ll be exposing your network to? It’s a hard cost to quantify, but it is a cost of buying / running old gear. Firewalls and ACLs are your friend here.
  • The temptation to spend money now that may not be available in the future is high. I feel it myself. To work around that, I spoke with our XP and business director and arranged to put money into a prepaid account each year for the next few years so that when our core switches and firewall are EOL in 2019, we have money appropriated for replacement. I thought this would be a tough sell, but in reality everyone was on board as soon as I suggested it. There’s always the possibility this rainy day fund gets raided for something else, but there’s only so much I can do.

I’d still try to get new stuff if you can, that would be best in the long run. Good luck with your upgrade!


(system) #17

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.