Weird behavior with XikeStor 10Gb SFP+ switches

[dtremit]

I took advantage of a good deal to get two XikeStor L3 managed SFP+ switches off AliExpress — it's the same model that's on Amazon here. I ended up paying about $85 each which I figured was cheap enough to take a chance. The model number appears to be SKS8300-8X .

I was able to do some testing with them yesterday — I can't get the web GUI to work (logging in with the correct username/password just returns you to the login screen), but I was able to console and telnet in and there's a very complete, Cisco-like CLI. The one issue I did note is that while it does support SSH, it's only an older algorithm (SHA1 I think? — same as the ICX6xxx in this respect) and although I saw some references to enabling https I wasn't able to figure out how to turn it on. In my case I would probably have just disabled the web GUI since it wasn't working.

The xikestor.com web domain redirects to seekswan.com which is only in Chinese but has English docs for some stuff at this link — "switch" is the first item in the first dropdown, and from there you can pick the model. (I have no idea of the legitimacy of this website, so I'm not sure I would trust the linked firmware.)

In any case — I thought I was in good shape, as I had four systems connected via DAC yesterday to the first of the switches and was getting 9.44Gb/s throughput in iPerf, and the CLI was pretty adaptable for anyone comfortable with the interface.

With that out of the way, I added in two optical SFPs and hooked up the second switch identically. Everything seemed fine, but then I tried testing switch #2 and got nothing. Hmm, power off. Figured that one was bad.

This morning I disconnected everything and plugged it in on its own — and it came back. So I figured maybe I'd had a loose power connection. Plugged everything back in, and the minute I hooked up the console cable, it powered down.

Then I swapped the (known working) console cable from the other switch — same issue. And when I put it back in the "working" switch — it shut down.

Finally, I powered it up on its own, and connected *only* the console cable. And it stayed on.

In any case, I've initiated a return as I don't have a lot of time to figure things out on an AliExpress purchase, and I can't keep them powered up with everything I need to connect (which isn't even all the ports). I'm curious, though, if it might have come with an inadequate power adapter — that's the only reason I can think of that it seems to power down with *everything* connected, but not with partial connectivity.

 

[nexox]

This class of switch has had issues reported here and elsewhere with electrical isolation of the various ports, sounds like you may be hitting something similar, current is flowing where it should just be data and it's causing a fault.

 

[dtremit]

@nexox that makes a lot of sense, thank you. I think I had missed those reports (hard to keep up with so many brands and models).

It's a pity; it seems like it would be a pretty capable switch if it...stayed on.

ETA: unless I can find some similarly priced switches that are "known good" I suspect I will probably end up exchanging for the Mikrotik CRS309 or similar.

 

[Markess]

This class of switch has had issues reported here and elsewhere with electrical isolation of the various ports, sounds like you may be hitting something similar, current is flowing where it should just be data and it's causing a fault.

Interesting to note. Mine was working perfectly until this morning, when I swapped existing connections to different ports while adding more devices to the switch. I couldn't get into the web interface afterwards to troubleshoot why one device wasn't connecting. Found this string when I was looking for a solution.

I restarted a couple times and moved the two active cables back where they were previously (ports 1 and 8) and filled the passive DACs into the middle ports to separate the active connections as much as possible. I don't know if/how that fixed it, but all the devices connected after I restarted.

However...

My Network is 192.168.50.xxx. Logging into the switch's console it appears it's gone back on 192.168.10.12 and the user/password I set is back to admin/admin. So, something reset itself along the way.

I can't get into the web interface at all, but I assume its because the management IP is back on "10.12" and my network is "50.xxx"? Even though all the devices with "50.xxx" addresses are still accessible. Weird? Or is that how these things work? I'm not well versed in "network stuff"

 

[dtremit]

@Markess I am pretty sure I saw something about management IPs resetting on one of the switches I was looking at, but I can't remember if it was this one!

But yes, that's probably why you can't get in. Your gear and the switch management IP are on the same physical network, but your gear thinks anything on 192.168.10.xxx is beyond the gateway.

If you have some kind of hypervisor connected (directly) to it, you can probably just change the IP in one VM to 192.168.10.xxx and get access through that. Or if you have a Windows host, you can go to "advanced" in TCP/IP settings and add an additional IP to an existing adapter.

 

[Sorandict]

Interesting to note. Mine was working perfectly until this morning, when I swapped existing connections to different ports while adding more devices to the switch. I couldn't get into the web interface afterwards to troubleshoot why one device wasn't connecting. Found this string when I was looking for a solution.

I restarted a couple times and moved the two active cables back where they were previously (ports 1 and 8) and filled the passive DACs into the middle ports to separate the active connections as much as possible. I don't know if/how that fixed it, but all the devices connected after I restarted.

However...

My Network is 192.168.50.xxx. Logging into the switch's console it appears it's gone back on 192.168.10.12 and the user/password I set is back to admin/admin. So, something reset itself along the way.

I can't get into the web interface at all, but I assume its because the management IP is back on "10.12" and my network is "50.xxx"? Even though all the devices with "50.xxx" addresses are still accessible. Weird? Or is that how these things work? I'm not well versed in "network stuff"

Can you briefly describe your network topology diagram? Are you accessing the management interface to change the IP address of the switch? (DHCP function?) It is recommended that you use a standard ethernet cable to connect any SFP+ port to enter the management interface for the first time, and don't forget to click the Save button to save the settings after the management interface is set up, otherwise the factory settings will be restored after power failure.

Interesting to note. Mine was working perfectly until this morning, when I swapped existing connections to different ports while adding more devices to the switch. I couldn't get into the web interface afterwards to troubleshoot why one device wasn't connecting. Found this string when I was looking for a solution.

I restarted a couple times and moved the two active cables back where they were previously (ports 1 and 8) and filled the passive DACs into the middle ports to separate the active connections as much as possible. I don't know if/how that fixed it, but all the devices connected after I restarted.

However...

My Network is 192.168.50.xxx. Logging into the switch's console it appears it's gone back on 192.168.10.12 and the user/password I set is back to admin/admin. So, something reset itself along the way.

I can't get into the web interface at all, but I assume its because the management IP is back on "10.12" and my network is "50.xxx"? Even though all the devices with "50.xxx" addresses are still accessible. Weird? Or is that how these things work? I'm not well versed in "network stuff"

Ever gone into the admin interface and changed the configuration? For example, changing the IP address or assigning an IP address to the switch by default? You can use SFP+ module and standard RJ45 cable to make the initial connection with your computer (and change the IP address of IPV4 of your network to 192.168.10.99), then enter the management interface by typing 192.168.10.12 in the browser, and don't forget to click the Save button after the configuration of the switch is finished (otherwise it will reset after power failure).

 

[blunden]

@nexox that makes a lot of sense, thank you. I think I had missed those reports (hard to keep up with so many brands and models).

It's a pity; it seems like it would be a pretty capable switch if it...stayed on.

ETA: unless I can find some similarly priced switches that are "known good" I suspect I will probably end up exchanging for the Mikrotik CRS309 or similar.

Do they work if you avoid using the DACs (and console cable)? I know that it doesn't make it very cost effective to have fiber transceivers for everything, but just curious.

 

[nexox]

Do they work if you avoid using the DACs (and console cable)? I know that it doesn't make it very cost effective to have fiber transceivers for everything, but just curious.

I believe that's the theory, haven't hit this issue myself so I haven't tested.

 

[Markess]

and don't forget to click the Save button to save the settings after the management interface is set up, otherwise the factory settings will be restored after power failure.

Thank you! That seemed to be the issue. In rerouting cables in the rack and repositioning things, I'd unplugged it to move it.

You can change things in the config menu, "apply" them, then log out and back in with a different IP, different VLANs, and with new credentials, all without the changes being "saved" and without the device warning you that after you "apply" you need to "save" or your changes will be lost. Then, as you said above, it reverts to default after losing power. Very different behavior from my Cisco and Dell switches, that tend to whine at you to save. So, I appreciate the reminder on clicking save. You probably saved me hours of diagnostics.

I'd last used the ethernet port on my laptop to configure the switch the first time, so I just plugged it back in and made the necessary changes...including clicking "Save". Easy peasy.

Do they work if you avoid using the DACs (and console cable)? I know that it doesn't make it very cost effective to have fiber transceivers for everything, but just curious.

I believe that's the theory, haven't hit this issue myself so I haven't tested.

I'd done some research before buying, and here's what I found/think about it. Most was comments on similar spec 8 port switches, including the TP-Link previously reviewed by STH: https://www.servethehome.com/cheapest-10gbe-8-port-switch-tp-link-tl-st1008f-review/2/ A lot of what I found on Reddit, etc., was about the TP-Link one, but I'd think probably applies to other 8 port SFP+ models that are passively cooled and come with a 12v, 2A power supply. Maybe they all use the same Realtek chip? Sadly, I didn't bookmark all those pages, but the gist was:

- I got my hands on two of these, both from Amazon. The first came with a power supply what wasn't UL Listed (same as in the STH article). The warranty page in the manual had already been filled out by someone else several months before though , so I sent it back for replacement. The replacement had much nicer and more complete documentation, better packaging, and a UL Listed Power supply. So maybe they're stepping up their game?

- I'd read (specifically about the TP-Link model, but probably applies here too) that putting multiple active powered transceivers next to each other generated a LOT of heat. Where people could spread the actively powered connections out , the units apparently ran much cooler.

- One person reported that running 8 active transceivers at once pushed the power draw close to 20w. That's a lot for a PSU rated at 24w, max right? So, I think the rule of thumb here is probably more passive DACs? or AOCs if you need medium length runs? Save the fiber for if it's really necessary? Guess that's a tradeoff for being passively cooled and drawing so little power.

- I'm at about 11w right now with a Transceiver+OM3 Fiber in Port 1, an SFP to RJ45 adapter in Port 8, and 3 passive DACs in between. Each DAC seems to add about .5w, so maybe 12.5w total if I fill the rest of the ports with passive DACs.

 

[Sorandict]

Do they work if you avoid using the DACs (and console cable)? I know that it doesn't make it very cost effective to have fiber transceivers for everything, but just curious.

The first time to use the DAC cable for the connection will not be automatically recognized, need to first use the fiber optic module to connect to the management background settings can be

 

[Sorandict]

Thank you! That seemed to be the issue. In rerouting cables in the rack and repositioning things, I'd unplugged it to move it.

You can change things in the config menu, "apply" them, then log out and back in with a different IP, different VLANs, and with new credentials, all without the changes being "saved" and without the device warning you that after you "apply" you need to "save" or your changes will be lost. Then, as you said above, it reverts to default after losing power. Very different behavior from my Cisco and Dell switches, that tend to whine at you to save. So, I appreciate the reminder on clicking save. You probably saved me hours of diagnostics.

I'd last used the ethernet port on my laptop to configure the switch the first time, so I just plugged it back in and made the necessary changes...including clicking "Save". Easy peasy.




I'd done some research before buying, and here's what I found/think about it. Most was comments on similar spec 8 port switches, including the TP-Link previously reviewed by STH: https://www.servethehome.com/cheapest-10gbe-8-port-switch-tp-link-tl-st1008f-review/2/ A lot of what I found on Reddit, etc., was about the TP-Link one, but I'd think probably applies to other 8 port SFP+ models that are passively cooled and come with a 12v, 2A power supply. Maybe they all use the same Realtek chip? Sadly, I didn't bookmark all those pages, but the gist was:

- I got my hands on two of these, both from Amazon. The first came with a power supply what wasn't UL Listed (same as in the STH article). The warranty page in the manual had already been filled out by someone else several months before though , so I sent it back for replacement. The replacement had much nicer and more complete documentation, better packaging, and a UL Listed Power supply. So maybe they're stepping up their game?

- I'd read (specifically about the TP-Link model, but probably applies here too) that putting multiple active powered transceivers next to each other generated a LOT of heat. Where people could spread the actively powered connections out , the units apparently ran much cooler.

- One person reported that running 8 active transceivers at once pushed the power draw close to 20w. That's a lot for a PSU rated at 24w, max right? So, I think the rule of thumb here is probably more passive DACs? or AOCs if you need medium length runs? Save the fiber for if it's really necessary? Guess that's a tradeoff for being passively cooled and drawing so little power.

- I'm at about 11w right now with a Transceiver+OM3 Fiber in Port 1, an SFP to RJ45 adapter in Port 8, and 3 passive DACs in between. Each DAC seems to add about .5w, so maybe 12.5w total if I fill the rest of the ports with passive DACs.

It looks like the design concept of this switch is mainly optical port use, small and quiet, so there is no fan, more suitable for home or environment for switch size limitations. Considering that 10 Gigabit electrical modules generate more heat on their own, their recommendation is not to use more than 4 electrical modules, and they need to take good corresponding cooling measures. Fiber optic modules are certainly fine to use on it. I think that's the point. For the price, I think it's a good enough deal

 

[Sorandict]

I took advantage of a good deal to get two XikeStor L3 managed SFP+ switches off AliExpress — it's the same model that's on Amazon here. I ended up paying about $85 each which I figured was cheap enough to take a chance. The model number appears to be SKS8300-8X .

I was able to do some testing with them yesterday — I can't get the web GUI to work (logging in with the correct username/password just returns you to the login screen), but I was able to console and telnet in and there's a very complete, Cisco-like CLI. The one issue I did note is that while it does support SSH, it's only an older algorithm (SHA1 I think? — same as the ICX6xxx in this respect) and although I saw some references to enabling https I wasn't able to figure out how to turn it on. In my case I would probably have just disabled the web GUI since it wasn't working.

The xikestor.com web domain redirects to seekswan.com which is only in Chinese but has English docs for some stuff at this link — "switch" is the first item in the first dropdown, and from there you can pick the model. (I have no idea of the legitimacy of this website, so I'm not sure I would trust the linked firmware.)

In any case — I thought I was in good shape, as I had four systems connected via DAC yesterday to the first of the switches and was getting 9.44Gb/s throughput in iPerf, and the CLI was pretty adaptable for anyone comfortable with the interface.

With that out of the way, I added in two optical SFPs and hooked up the second switch identically. Everything seemed fine, but then I tried testing switch #2 and got nothing. Hmm, power off. Figured that one was bad.

This morning I disconnected everything and plugged it in on its own — and it came back. So I figured maybe I'd had a loose power connection. Plugged everything back in, and the minute I hooked up the console cable, it powered down.

Then I swapped the (known working) console cable from the other switch — same issue. And when I put it back in the "working" switch — it shut down.

Finally, I powered it up on its own, and connected *only* the console cable. And it stayed on.

In any case, I've initiated a return as I don't have a lot of time to figure things out on an AliExpress purchase, and I can't keep them powered up with everything I need to connect (which isn't even all the ports). I'm curious, though, if it might have come with an inadequate power adapter — that's the only reason I can think of that it seems to power down with *everything* connected, but not with partial connectivity.

Not quite sure if you hit Save after applying the settings, but it sounds more like an issue that happens regularly？

 

[blunden]

Very different behavior from my Cisco and Dell switches, that tend to whine at you to save.

The concept of a running config and a startup config is the same. More premium switches do a better job of reminding you to actually store your config though, that's true.

I'd done some research before buying, and here's what I found/think about it. Most was comments on similar spec 8 port switches, including the TP-Link previously reviewed by STH: https://www.servethehome.com/cheapest-10gbe-8-port-switch-tp-link-tl-st1008f-review/2/ A lot of what I found on Reddit, etc., was about the TP-Link one, but I'd think probably applies to other 8 port SFP+ models that are passively cooled and come with a 12v, 2A power supply. Maybe they all use the same Realtek chip?

Yes, many of the switches with the same port configuration use the same switch chip. The RTL9303 is used by at least the following name brand switches from brands like TP-Link, Xyzel and Ubiquiti:

tl-st1008f [Switches]

svanheule.net

usw-aggregation [Switches]

svanheule.net

zyxel_xgs1210_series [Switches] (multiple models)

zyxel_xgs1250-12 [Switches]

svanheule.net

I'm sure there are many more, besides all the Chinese brands. HP and Dell also use Realtek switch chips in some of their switches for instance.

- I got my hands on two of these, both from Amazon. The first came with a power supply what wasn't UL Listed (same as in the STH article). The warranty page in the manual had already been filled out by someone else several months before though , so I sent it back for replacement. The replacement had much nicer and more complete documentation, better packaging, and a UL Listed Power supply. So maybe they're stepping up their game?

That's an interesting progression for sure. Do note that there might be PSUs with fake regulatory markings though.

- I'd read (specifically about the TP-Link model, but probably applies here too) that putting multiple active powered transceivers next to each other generated a LOT of heat. Where people could spread the actively powered connections out , the units apparently ran much cooler.

10GBASE-T transceivers generate a lot of heat in most cases, yes. Fiber transceivers usually much less so. Passive DACs even less of course.

So, I think the rule of thumb here is probably more passive DACs? or AOCs if you need medium length runs? Save the fiber for if it's really necessary? Guess that's a tradeoff for being passively cooled and drawing so little power.

As long as the DACs work fine, that's probably the best choice, yes. Note that AOC cables are just fiber cables with transceivers fused to each end, so they should be essentially identical to separate transceivers and fiber cables.

 

[dtremit]

Do they work if you avoid using the DACs (and console cable)? I know that it doesn't make it very cost effective to have fiber transceivers for everything, but just curious.

I don't think I have enough optics on hand to test this (or at least, not enough to match the number of DACs and also have something connected on the other end).

It wouldn't have been that much extra cost to go with AOCs if I hadn't just ordered a 10 pack of DACs (which I can't return at this point). D'oh.

Even so, the cost difference would be at least $50-75 per switch — not enormous, but at the same time it's nearly the price difference between one of these and the cheapest name brand switches with rack ears and a warranty.

It looks like the design concept of this switch is mainly optical port use, small and quiet, so there is no fan, more suitable for home or environment for switch size limitations. Considering that 10 Gigabit electrical modules generate more heat on their own, their recommendation is not to use more than 4 electrical modules, and they need to take good corresponding cooling measures. Fiber optic modules are certainly fine to use on it. I think that's the point. For the price, I think it's a good enough deal

As @blunden notes, that warning is likely for 10GBase-T modules, which are indeed power hungry. Passive coaxial DACs typically use less power than optics, and that's mainly what I had connected when it started dying.

All that being said, the thing that seems to have killed it most frequently for me was connecting the console cable — and I've yet to see an optical version of those

ETA: I also think "design concept" is giving more credit than is probably due. These are in this form factor because every other switch the company makes (including some with 10GBase-T) is shipped in the same case, and because fans and heatsinks are expensive.

Also, IME 10Gbase-T SFP+ transceivers are quite rare in the enterprise, and when they are used it's in very small numbers (e.g., to connect some kind of appliance with 10Gbase-T ports to an otherwise all-SFP network). They are a last resort when you can't afford a switch and also can't replace a HBA. Many manufacturers won't support them, and if I recall correctly, the power usage is actually outside the SFP+ spec.

 

[dtremit]

The first time to use the DAC cable for the connection will not be automatically recognized, need to first use the fiber optic module to connect to the management background settings can be

I've heard people report this for other switches, but this particular switch (XikeStor) recognized DACs out of the box.

 

[Markess]

I don't think I have enough optics on hand to test this (or at least, not enough to match the number of DACs and also have something connected on the other end).

It wouldn't have been that much extra cost to go with AOCs if I hadn't just ordered a 10 pack of DACs (which I can't return at this point). D'oh.

Even so, the cost difference would be at least $50-75 per switch — not enormous, but at the same time it's nearly the price difference between one of these and the cheapest name brand switches with rack ears and a warranty.

I agree that there must be something wrong inside the switch that powers down when you plug in the console cable. The console cable is just a serial RJ45 to USB cable. They're USB powered, so almost no power in them. I'd misplaced mine when I was trying to figure out what was wrong with my switch, and I grabbed a generic one out of my toolbox which worked just fine. So, I'm pretty confident that the XikeStor provided one is nothing special.

As for cabling: yeah, if you have to spend extra on cables plus a lot more time to make it work, then the value proposition starts to fade. The challenge of getting gear from different companies working together in a homelab setting was one of the reasons I gave up on 10Gb networking back a few years ago when the PCIe 2.0 gear had hit the secondary market for relatively cheap. Stuff from "Vendor A" was well tested and documented in "Vendor A"'s ecosystem, but you never knew if adding a component from "Vendor B" would result in the Zombie Apocalypse.

Recently, my friends were putting 25/40Gb home networks together so I thought I'd give it another try. More people are homelabbing with this stuff, so there's more resources from people who've already resolved interoperability issues. I got this XikeStor for the home office gear (where I value quiet and low heat), and a used HP rackmount switch for the stuff in the garage (where noise and heat aren't a problem).

Oddly, my first hurdle was connecting the XikeStor switch to the gigabit Cisco Switch I already had. Turned out the Cisco DACs I had on hand aren't compatible with my Cisco switch . Those Cisco DACs do, however, work with the XikeStor and Solarflare & Mellanox CX3 cards. Go figure.

 

[dtremit]

Oddly, my first hurdle was connecting the XikeStor switch to the gigabit Cisco Switch I already had. Turned out the Cisco DACs I had on hand aren't compatible with my Cisco switch . Those Cisco DACs do, however, work with the XikeStor and Solarflare & Mellanox CX3 cards. Go figure.

Yeah, certain vendors are really a pain when it comes to SFP compatibility, and pretty much all of it is just proprietary nonsense. Cisco is the worst, but iirc Intel will block non-Intel optics while allowing non-Intel DACs. I think the latter is mainly because the other end is likely to be connected to a Cisco switch, and they know they can't out-proprietary Cisco For home stuff I've heard Ubiquiti is obnoxious but I've never had gear faster than 1Gb from them.

FS.com actually sells a reprogramming device for their own "compatible" optics and DACs that will let you update them to impersonate different vendors if you need to move them around. Of course, it only updates FS.com modules...

 

[piranha32]

For home stuff I've heard Ubiquiti is obnoxious but I've never had gear faster than 1Gb from them.

My UI switches work with anything I throw at them. Problems may be with 2.5G modules in switches which do not support this speed natively, but I don't have any first-hand experience.

 

[MountainBofh]

I have a handful of Unifi XG-24 switches at work. I don't think they're vendor locked, but they sure are bitchy about working at 25gb speeds. I've not been impressed so far.

 

[Markess]

I don't think I have enough optics on hand to test this (or at least, not enough to match the number of DACs and also have something connected on the other end).

If you're still having issues with your DACs, here's a (relatively cheap?) alternative for optical+fiber.

Part of my troubleshooting issues turned out to be that the pretty common passive Cisco DACs that worked fine for me with all sorts of Mellanox cards (CX2, CX3, even Infiniband gear with QSFP+ to SFP+ converters) did not work with the CX4 LX cards I recently bought. Maybe because the backwards compatibility from SFP28 to SFP+ isn't working with these cables? Luckily for me, I'd only bought 4.

They did work with some cheap AOI A7EL-SN85-ADMA transceivers I had on hand (also tested to work with Solarflare SFN 7122 & 8522)

I bought a 20 pack of them (new) for $20.23 shipped here Lot Of 20 Aoi A7el-Sn85-Adma Sfp Sr 10g 300m 850nm Pin C-Temp Transceiver 37849876565 | eBay
And some 2M lengths of OM3 on sale at Amazon for $3.99 each shipped https://www.amazon.com/dp/B0BB174VR7

So, a little over $6 for two transceivers and a cable. I found transceivers used in small quantities for $1.50 each. But after shipping they were $14 for six, so I "splurged" and got the 20 pack of new ones.

Of course, now I'm crossing my fingers that the fiber I ordered works