Xikestor SKS3200-8E2X - avoid these 'MxL86282S' chipset models!

[OP_Reinfold]

Thought it being the MxL86282S SoC, and with all the trumpet blowing regarding this SoC over a year ago, grabbed the SKS3200-8E2X model which comes with the latest firmware as of 15th Feb 2025 at v1.0.0.4.

Palm-slap-face moment:

1. This Xikestor model has no support for Jumbo Frames in the web-ui, even though the MaxLinear chip does support it. However it is disabled in this switch.
2. Totally unable to create VLANs on this, one look at the configuration and you would immediately presume the firmware dev just released it without finishing it, or maybe he/she couldnt' understand how the hell to convert a dev-platform-ui to production 'user' ui. Never seen this mess in all the years I've been grazing web-ui based switch configs.
3. Daylight time saving does not work at all, not a biggy, but just can't get the damn clock to set properly.
4. Forgot to add, it sporadically soft-reboots when saving/configuring various aspects other than IP addresses, I fear it just has one of those 'catch-all' code block statements and just restarts the codebase LMFAO

Also a close colleague has advised that this one looks like they pushed it out the door quick, so basically the early adopters are the beta-testers, but highly unlikely there will be any new firmwares this side of 2025...

So my advice, avoid it, I'm throwing mine in the bin.

 

[OP_Reinfold]

The VLAN screens:

 

[OP_Reinfold]

Another issue is that you cannot disable IPv6 (yes this one actually has an IPv6 address entry page, good for when we need it yes, but not so good that you cannot disable it)

Also, it will not allow you to change the IPv6 default gateway, which seems to want to stick to '2001:db8::2' - something to be aware of I guess.

 

[blunden]

Is there a CLI as well, or just a web GUI?

Also, any particular reason you feel the need to disable IPv6?

 

[OP_Reinfold]

For those keen on deciphering foreign PDFs... found this floating around. I managed to get VLAN working, but damnnnnn is it a slap in the face, horrible! Plus you're limited to 111 entries of vlan configuration WTF!, and you effectively lose most of those entries very rapidly when configuring tagging, nasty.

Still going in the bin.

PDF guide to how VLANs are configured on this switch

 

[OP_Reinfold]

Is there a CLI as well, or just a web GUI?

Also, any particular reason you feel the need to disable IPv6?

No cli, just a web gui, would have been so much easier if there were a cli (well that is if it followed industry norms).

Many reasons I like to disable IPv6 in 'devices' running in my networks. Off topic to open that conspiracy bible.

 

[gaplek]

I hear that switch have bug software when 2 sfp port is ocupied

 

[kitor]

Isn't that a first commercially available MxL86282S switch? I wonder about it's firmware... I found on non-management variant of Mxl switches that there's internal UART with CLI that allows to do some management if you know what to do.

And that PCB of that switch (Tenda) highly suggest 5 and 8 port ICs both in managed and non-managed config are drop-in replacements - so likely ICs are just binned to drop down "management UI" core while switch part is likely the same.

Thank you for that Vlan configuration document... I see some similarities to what I've seen on that unmanaged switch CLI, it may be a good time for me to revisit it. On xikestor website (at least the English one) I see no mentions of this switch model yet, and thus no downloads

I hear that switch have bug software when 2 sfp port is ocupied

What bug? Can you elaborate more?

[edit]
Hey, on they chinesee website there's some kind of firmware update, user manual and that vlan doc in downloads.
Go to https://seekswan.com/user/pages/download-center.html, use google translate to select switch -> lightly managed switch ->SKS3200-8E2X.
They list firmware v1.0.0.4 from January with "Optimize VLAN rules and port rate adjustment" description

[edit2]
I did quick initial analysis and it seems ZephyrOS on Xtensa, just like the unmanaged variant. That's interesting

 

[jamesn]

As a quick FYI there's now English documentation published for this switch. http://visit.xikestor.com:6555/app/file-en/new_download.html
The new firmware version doesn't seem to be on the English language site for some reason.

 

[Shonk]

Isn't that a first commercially available MxL86282S switch? I wonder about it's firmware... I found on non-management variant of Mxl switches that there's internal UART with CLI that allows to do some management if you know what to do.

And that PCB of that switch (Tenda) highly suggest 5 and 8 port ICs both in managed and non-managed config are drop-in replacements - so likely ICs are just binned to drop down "management UI" core while switch part is likely the same.

Thank you for that Vlan configuration document... I see some similarities to what I've seen on that unmanaged switch CLI, it may be a good time for me to revisit it. On xikestor website (at least the English one) I see no mentions of this switch model yet, and thus no downloads



What bug? Can you elaborate more?

[edit]
Hey, on they chinesee website there's some kind of firmware update, user manual and that vlan doc in downloads.
Go to 下载中心, use google translate to select switch -> lightly managed switch ->SKS3200-8E2X.
They list firmware v1.0.0.4 from January with "Optimize VLAN rules and port rate adjustment" description

[edit2]
I did quick initial analysis and it seems ZephyrOS on Xtensa, just like the unmanaged variant. That's interesting

I have the non managed XikeStor SKS1200-8GPy2XF 8+2 (MaxLinear MxL86282) would love to be able to manage it
you should do a post on what you can do and how

 

[kitor]

I have the non managed XikeStor SKS1200-8GPy2XF 8+2 (MaxLinear MxL86282) would love to be able to manage it

I said there's a management CLI available on internal UART. I never said I know how to use it, in fact I hope the managed one will give me some clues. Reverse engineering this firmware is a bit hard since it uses Xtensa architecture with instructions that Ghidra doesn't support (yet).
In fact, by comparing strings I'm sure they originate from the same code base but unmanaged ones not only lack web interface, but also some some CLI features. I think those may be enough to setup at least vlans, but I can't say until I get it working. Even if, doing this so it persists reboots might be a bigger challenge.

Anyway, I bought the managed model and waiting for it to arrive, to have a reference point

 

[emanuele74]

As a quick FYI there's now English documentation published for this switch. http://visit.xikestor.com:6555/app/file-en/new_download.html
The new firmware version doesn't seem to be on the English language site for some reason.

I'm not able to connect to this link; has the site address changed ?

 

[Shonk]

its down atm

 

[kitor]

Ok, my unit arrived. Already found a few problems:
Vlan setting is indeed interesting. You basically have 64 virtual switches (they call it bridges). Default switch is 0 (where mgmt UI is also connected, you can't change that. Those 64 virtual switches has total capacity of 111 (17-127) virtual ports, where "port" is a combination of physical port and vlan ID.
So you tell the device "connect me vlan ID 15 on port 7 to virtual switch 9". That's "tagged vlan" tab.
There are 10 extra slots only for setting VLAN IDs for untagged ports (1-9, 12) - That's Port VLAN tab.

Issues so far:
- when attempting to set 30 or more entries on Tagged VLAN tab, apply returns 400 error. Saving doesn't work either.
- If I assign any tagged vlan ID on any port to bridge 0, it doesn't work. Thus can't bridge device management to my management vlan.

1st probably can be work around by modifying config file, but it is a binary format so it would need some reverse engineering.
2nd is a deal breaker for me right now as I can't bind management UI to a tagged VLAN.

I bought this one via Aliexpress, there was some contact details provided so I dropped them e-mail with my complains.

If that's just a reskin of the reference firmware Mxl provides to OEMs, I'm not surprised we are waiting so long for any mgmt switches.

In other news:
Unmanaged Tenda switch has 4MB flash, this has 8MB There's easily accessible UART on PCB. As for now I had no time for any further investigation in that direction.

[e]
Just noticed that on Aliexpress listing page:
The maximum number of Bridges bound to a single port of the switch is 13.

So no more than 13 vlans per port Also fun.

BTW:

It seems this switch supports jumbo frames, just no UI options for that.

 

[OP_Reinfold]

I think you need to do a little more testing than just 'ping' between the 10G ports

If you wireshark or just tcpdump at the client end on any 2.5G port, you will notice that the switch has problems directing giant packets of TCP and UDP data towards its 2.5G section.

The best way to confirm all is working properly is to use an enterprise switch such as a Cisco/Aruba/Mellanox for ingress to the switch in test and then attempt to directly access services through the ports on clients using giant packets, pinging with do-not-fragment flag is only useful when you know for certain that all devices in the chain fully-respect the flag, many routers for example do not.

You will then notice the issues on firmware 1.0.0.4, unless they've opened up the giant frame size, indeed the SoC does support jumbo. What version firmware is on yours?

Another test you can do to confirm there are issues, is to attempt to access its UI via an enterprise switch upstream which your client connects to, set jumbo to the usual 9216 on the client and the enterprise switch, and then see how gloriously this switch throws a tantrum with connection issues just accessing its own UI.

PS. not being able to configure an actual frame size is a big no-no for those of us who like to run tightly controlled networks in our labs where giant frames are employed, obviously unless the switch is purely being used as an edge device and plays no central role in any network segment, in which case many unmanaged switches support wide-open giant packets.

 

[Shonk]

Here's something that may or may not be an issue on the managed one
but for sure is on the unmanaged

The unmanaged one doesnt like short cables to uplink via rj45
the problem is the MxL86282S for sure rather than the other switch
it can be fixed by either using a longer cable or really low quality cable

Quality 23awg Solid Copper Cat5E Cables
10cm nope
20cm nope
30cm nope
40cm nope
50cm nope
1m maybe sometimes
1.5m ok

really low quality 50cm usually works after about 5 seconds
suspect its cca..

 

[kitor]

You will then notice the issues on firmware 1.0.0.4, unless they've opened up the giant frame size, indeed the SoC does support jumbo. What version firmware is on yours?

A little misconception: That video I added is not mine. I never got into testing jumbo frames and so since those vlan issues with management interface / 30+ entries are a no-go for me to deploy it as is.
Mine runs 1.0.0.4, it was already preinstalled and that's the latest version as available on Chinese XikeStor website.

In this guys another vid I left a comment about my issues and he replied that he will try to replicate those... also that he's in contact with Xikestor "management" (whatever that means) so he can report the bugs. I saw his videos reposted by Xikestor account on X so there's a chance this is our gateway to get some issues solved.

it can be fixed by either using a longer cable or really low quality cable

That's fun. I don't see such issues on Tenda unmanaged ones (TEM2010x and TEM2007x).

 

[maxinuk]

Desktop nic set to jumbo 9014 (windows), i connect to my netgear, then this switch, ui doesnt work, just sits there and timesout or on the odd cance i might get a username and password box with no css styling applied. Reconfigure desktop nic to 1514 jumbo, xikestor ui now works. There are problems with this switch, time is money so didnt bother checking everything else with this switch, I returned for refund on ebay and bought a 8 port all 10g hassivo instead off another ebay seller.

Xikestor is a shoddy outfit, they have a lot of problems with a lot of their gear and firmware updates are only cosmetic in nature, I dont believe they have anyone inhouse knowledgable enough to bug fix/enhance the core firmware. You get what you pay for. I stick with tplink/zyxel/netgear/mikrotik when purchasing is influenced by a tight budget and energy efficiency, hassivo and horaco along with goodtop with a push, but Xikestor never again.

 

[Shonk]

That's fun. I don't see such issues on Tenda unmanaged ones (TEM2010x and TEM2007x).

Mine was a very early switch ordered as soon as MxL86282S came to market
the firmware on the unmanagd switch must be an early build

 

[OP_Reinfold]

In this guys another vid I left a comment about my issues and he replied that he will try to replicate those... also that he's in contact with Xikestor "management" (whatever that means) so he can report the bugs. I saw his videos reposted by Xikestor account on X so there's a chance this is our gateway to get some issues solved.

I no longer have my one so I can't really do anymore testing outside of what I discovered.

I do hope they up their 'firmware' game, it is one of the major let-downs of all these budget-friendly switches coming out of chinese small businesses.

However since I began this thread I've been informed by numerous individuals that these small companies simply rebrand hardware, the web-ui appearance etc, and have absolutely no ability to modify the base code, that is something they have to pay the manufacturer of the switches to do and that cost is simply not something they are generally willing to partake in unless the manufacturer can be convinced they have made a grave error in some way.

I purchased a handful of Mikrotiks for a job recently, absolutely phenomenal support, slightly dearer, however you get a lot more for your money and a whole lot less headaches plus the added reassurances around the topics of security and reliability.

Xikestor is a shoddy outfit, they have a lot of problems with a lot of their gear...

I think it is a little unfair to refer to them in a derogatory manner. The couple of occasions I spoke to them personally they were very helpful and positively caring although they were very limited in what they could do and kept refering to the fact that they have different switches for different budgets, which is a classic escape.

However yes they do need to invest in ongoing firmware support, the hardware is indeed capable, the software is often the root cause of annoying issues.