Any downsides to old(er) Layer 2/3 switches?

Markess

Well-Known Member
May 19, 2018
926
572
93
Finally getting around to learning about/setting up VLANS on my (all Gigabit) home network. Currently, I'm both short on ports and two of my three existing switches are unmanaged. Used prices on Ebay (U.S.) are all over the place, with newer switches seemingly going for a LOT. So I'm wondering....

Assuming fairly recent firmware updates are available, is there any downside to using older switches vs newer? Any generational security or other "gotchas" that apply across the board for everything past a certain age? I recognize that older will obviously have more wear and tear, and I think I'd want to avoid anything that still requires Java. I'd also assume that individual models may have their own "quirks". But, as a "group" is there any reason to avoid older switches?

I'm looking for one 8-10 port and one 24-28 port fanless switch, and seeing decent prices on Cisco SG200/300 and some of the older HP models (Procurve 1810G, etc.). I'm not specifically asking for brand/model recommendations (although I'd certainly welcome them). Just looking to see if I'm barking up the wrong "generational tree".

Thanks!
 

klui

Well-Known Member
Feb 3, 2019
552
250
63
Just more power usage and lack of multi-gig interfaces. Enterprise switches don't have the greatest webUI nor is that their area of strength. Make a couple of changes to thousands of switches within a maintenance window and see how much you enjoy using a webUI.

The only issues are:
1. If a switch has PoE and have been used extensively with that feature enabled, especially if deployed in a lightning-rich location.
2. If the fans are changed then the thermals would invalidate the switches' environmental designs. Non-POE enterprise switches used in the home shouldn't stress them at all, unless the fans are swapped.
 
  • Like
Reactions: altmind and Markess

BlueFox

Well-Known Member
Oct 26, 2015
1,653
1,010
113
Power usage isn't always the best and you will miss out on some features (namely security will generally be outdated), but on the higher quality fanless models, lifespan seems to be good. I'm still running an HP 1800-24G and plan on making the most of that lifetime warranty should it ever fail.
 
  • Like
Reactions: Markess

Markess

Well-Known Member
May 19, 2018
926
572
93
Thank you both!

Power consumption (well..heat actually) is always a concern where I live. Researching what is for sale cheap, there's definitely some models that will run a lot warmer than others. Looking at 24 port, fanless, non-PoE switches for example, the "worst case consumption" value ranged from a low of ~15 watts (TP-Link) up to 46 watts (some of the HP models), with Cisco, the rest of HP, and some others various places in tbetween. Big range! Maybe I'm just really conservative when it comes to cooling, but I'm not sure I'd want anything in a 1U form factor, capable of drawing almost 50 watts on an internal power supply, and with no fan.

Power usage isn't always the best and you will miss out on some features (namely security will generally be outdated), but on the higher quality fanless models, lifespan seems to be good. I'm still running an HP 1800-24G and plan on making the most of that lifetime warranty should it ever fail.
I was hoping to mitigate the security question somewhat by restricting my search to models that had "recent" firmware updates available. But, I suppose there's only so much you can jam into a firmware update when the hardware gets pretty old and many of the current threats didn't exist when it was manufactured.
 

Railgun

Member
Jul 28, 2018
30
10
8
Security other than at the edge shouldn’t be that big of a concern. If you don’t let the threat in to begin with, you don’t need to worry about it.

I presume this is a home network, so it’s not going to be that large of an issue. And a switch won’t be that much of an attack vector in that context.
 
  • Like
Reactions: Markess

discoeels

Member
May 8, 2013
42
8
8
I suggest one of these, the 10 port Catalyst ws-c2960-cg for your 10 port if all you care about is gigabit. The ability to configure static routes and virtual interfaces is really nice and you get Cisco IOS with all the other bells and whistles. I have two sg200s and they work fine, but I'm not a fan of the UI.
The 3560cgs are a bit spendy unless you're going to use the POE and L3 capabilities.
 
  • Like
Reactions: Markess

i386

Well-Known Member
Mar 18, 2016
3,118
996
113
33
Germany
I recognize that older will obviously have more wear and tear, and I think I'd want to avoid anything that still requires Java.
I've never heard that java was required for any network stuff. Care to elaborate?
 

Markess

Well-Known Member
May 19, 2018
926
572
93
Security other than at the edge shouldn’t be that big of a concern. If you don’t let the threat in to begin with, you don’t need to worry about it.

I presume this is a home network, so it’s not going to be that large of an issue. And a switch won’t be that much of an attack vector in that context.
Okay, that makes complete sense. I tend to worry too much about stuff, plus I've realized that I only know enough about networking to know that there's a lot I don't know about networking. So, advice like this helps to focus my attention!

I suggest one of these, the 10 port Catalyst ws-c2960-cg for your 10 port if all you care about is gigabit.
I can't saturate gigabit for any length of time, even when I try. I'll switch to multigig as I replace things, but that will take a while. In the mean time, looks like this ticks all the boxes and won't break the bank. Thanks for the recommend!

I've never heard that java was required for any network stuff. Care to elaborate?
In researching options, I found some HP and Dell models with documentation specifying Java for web GUI/firmware updater (these were models with web GUI only and no CLI). I just assumed that it was similar to servers of the same generation that have Java based OOB KVM consoles. I've still got a couple systems like that and they are pain enough. Did I misunderstand?
 
Last edited:
  • Like
Reactions: discoeels

discoeels

Member
May 8, 2013
42
8
8
In researching options, I found some HP and Dell models with documentation specifying Java for web GUI/firmware updater (these were models with web GUI only and no CLI). I just assumed that it was similar to servers of the same generation that have Java based OOB KVM consoles. I've still got a couple systems like that and they are pain enough. Did I misunderstand?
I'm pretty sure that the web GUI on the Cisco SG-2/3/500 switches is Java-based, but I've never had a problem with it. One upside to those is they're supported by Cisco until October 2023.
 
  • Sad
Reactions: Markess

BlueFox

Well-Known Member
Oct 26, 2015
1,653
1,010
113
60W power consumption on the Dell is really high. Given that similar HPE switches are similarly priced, I can't think of compelling reason to get one.
 

Markess

Well-Known Member
May 19, 2018
926
572
93
I'm pretty sure that the web GUI on the Cisco SG-2/3/500 switches is Java-based, but I've never had a problem with it. One upside to those is they're supported by Cisco until October 2023.
Oh man, I hope not! I ran across an Ebay auction on a SG300-28 that was ending with 0 bids last night, and got it for what I thought was a good price.

I'd previously checked the documentation and there was no mention of Java anywhere. Plus the supported browser range for Chrome included versions that didn't come out until a couple years after Java support had been dropped/disabled. But, then again, about all I know of Java is that I just can't get it to work on IPMI for my Supermicro X9 and Asus Z9 boards :rolleyes:
 

discoeels

Member
May 8, 2013
42
8
8
Oh man, I hope not! I ran across an Ebay auction on a SG300-28 that was ending with 0 bids last night, and got it for what I thought was a good price.

I'd previously checked the documentation and there was no mention of Java anywhere. Plus the supported browser range for Chrome included versions that didn't come out until a couple years after Java support had been dropped/disabled. But, then again, about all I know of Java is that I just can't get it to work on IPMI for my Supermicro X9 and Asus Z9 boards :rolleyes:
You're fine, I think I read an old doc or something. It will work fine and those support SSH and console access anyway.
Just an FYI, On my SG200-26 my firmware and bootloader were really old, so I had to install newer versions before the latest. I also have to explicitly add VLANs to trunk ports. They take a long time to boot.
Nice kit, though. Underloved IMO.
 
  • Like
Reactions: Markess

Markess

Well-Known Member
May 19, 2018
926
572
93
Just an FYI, On my SG200-26 my firmware and bootloader were really old, so I had to install newer versions before the latest. I also have to explicitly add VLANs to trunk ports. They take a long time to boot.
Thanks for the tips! They'll probably keep me from beating my head on the wall at some point.

I can understand the lack of love from purists and IT pros. The CLI apparently isn't IOS command compliant and a GUI really is cumbersome when you've got a lot of hardware. OTOH, I don't know IOS, so nothing to relearn there, and a GUI ought to be OK for my modest home? The lack of love made them comparatively inexpensive, a definite plus when you're as cheap as me. And since the rack is in my home office/workroom with me, fanless and under 20 watts max is a definite plus!

Cheers!
 

nabsltd

Active Member
Jan 26, 2022
140
82
28
In researching options, I found some HP and Dell models with documentation specifying Java for web GUI/firmware updater (these were models with web GUI only and no CLI). I just assumed that it was similar to servers of the same generation that have Java based OOB KVM consoles. I've still got a couple systems like that and they are pain enough. Did I misunderstand?
I've got Netgear switches that require Java if you want to see the "virtual front panel" display. But, I don't need to see those blinkin-lights remotely, so I don't care. This is similar to the older SuperMicro IPMI web interfaces, where you can do everything but the remote console without Java.

It could be the same for other switches...where critical functionality works fine, but you lose something that isn't really required.